API Reference

The Curate-Me platform exposes three independent APIs that share the same backend codebase but serve different audiences and use cases.

Base URLs

API	Base URL	Purpose
Gateway	`https://api.curate-me.ai/v1`	AI gateway — LLM proxy with governance
B2B	`https://api.curate-me.ai/api/v1/admin`	Dashboard admin, runner management, costs
B2C	`https://api.curate-me.ai/api/v1`	Reference implementation features

For local development:

API	Local URL
Gateway	`http://localhost:8002/v1`
B2B	`http://localhost:8001/api/v1`
B2C	`http://localhost:8000/api/v1`

Triple API Architecture

The backend runs as three separate FastAPI applications:

Gateway API (main_gateway.py, port 8002) — LLM reverse proxy with governance chain (rate limiting, cost control, PII scanning, model allowlists, HITL approvals) and runner management endpoints.
B2B API (main_b2b.py, port 8001) — Dashboard admin features, agent management, cost tracking, workflow orchestration, and runner configuration.
B2C API (main_b2c.py, port 8000) — Reference implementation consumer features.

All three applications share the same codebase, database connections, and service layer, but have different route registrations and middleware configurations.

Request Format

All requests and responses use JSON. Set the Content-Type header on all requests that include a body:


Content-Type: application/json

Authentication

All authenticated endpoints require a JWT Bearer token in the Authorization header:


Authorization: Bearer {access_token}

For B2B multi-tenant requests, include the organization context header:


X-Org-ID: {organization_id}

For Gateway requests, use an API key:


X-CM-API-Key: cm_sk_xxx

See the Authentication page for details on obtaining and refreshing tokens.

Rate Limiting

All endpoints are rate-limited. The current limits are returned in the response headers:

Header	Description
`X-RateLimit-Limit`	Maximum requests allowed in the current window
`X-RateLimit-Remaining`	Requests remaining in the current window
`X-RateLimit-Reset`	Unix timestamp when the rate limit window resets

When rate-limited, the API returns a 429 Too Many Requests response.

Interactive Documentation

All three APIs expose interactive Swagger UI documentation:

Gateway: https://api.curate-me.ai/docs
B2B: https://api.curate-me.ai/docs
B2C: https://api.curate-me.ai/docs

Pagination

Endpoints that return collections support offset-based pagination:


GET /api/v1/resource?offset=0&limit=20

Parameter	Type	Default	Description
`offset`	integer	`0`	Number of items to skip
`limit`	integer	`20`	Maximum number of items to return (max 100)

Paginated responses include metadata:


{
  "items": [...],
  "total": 142,
  "offset": 0,
  "limit": 20
}

Error Format

All errors follow a consistent format:


{
  "error": {
    "code": "RATE_LIMIT_EXCEEDED",
    "message": "You have exceeded the rate limit. Try again in 30 seconds.",
    "details": {
      "retry_after": 30
    }
  }
}

HTTP Status Codes

Code	Meaning
`200`	Success
`201`	Resource created
`204`	Success with no content
`400`	Bad request — invalid parameters or body
`401`	Unauthorized — missing or invalid token
`403`	Forbidden — insufficient permissions
`404`	Not found — resource does not exist
`409`	Conflict — resource already exists
`413`	Payload too large — request body exceeds size limit
`429`	Rate limited — too many requests
`500`	Internal server error
`502`	Bad gateway — upstream service unavailable
`503`	Service unavailable — temporary maintenance