API Reference
The Curate-Me platform exposes two production APIs that share the same backend codebase but serve different audiences.
Base URLs
| API | Base URL | Purpose |
|---|---|---|
| Gateway | https://api.curate-me.ai/v1 | AI gateway — LLM proxy with governance |
| B2B | https://api.curate-me.ai/api/v1/admin | Dashboard admin, runner management, costs |
For local development:
| API | Local URL |
|---|---|
| Gateway | http://localhost:8002/v1 |
| B2B | http://localhost:8001/api/v1 |
API Architecture
The backend runs as two production FastAPI applications:
- Gateway API (
main_gateway.py, port 8002) — LLM reverse proxy with governance chain (rate limiting, cost control, PII scanning, model allowlists, HITL approvals), runner management endpoints, and 51 provider integrations. - B2B API (
main_b2b.py, port 8001) — Dashboard admin features, organization management, cost tracking, workflow orchestration, runner configuration, and billing.
Both applications share the same codebase, database connections, and service layer, but have different route registrations and middleware configurations.
Request Format
All requests and responses use JSON. Set the Content-Type header on all requests that include a body:
Content-Type: application/jsonAuthentication
All authenticated endpoints require a JWT Bearer token in the Authorization header:
Authorization: Bearer {access_token}For B2B multi-tenant requests, include the organization context header:
X-Org-ID: {organization_id}For Gateway requests, use an API key:
X-CM-API-Key: cm_sk_xxxSee the Authentication page for details on obtaining and refreshing tokens.
Rate Limiting
All endpoints are rate-limited. The current limits are returned in the response headers:
| Header | Description |
|---|---|
X-RateLimit-Limit | Maximum requests allowed in the current window |
X-RateLimit-Remaining | Requests remaining in the current window |
X-RateLimit-Reset | Unix timestamp when the rate limit window resets |
When rate-limited, the API returns a 429 Too Many Requests response.
Interactive Documentation
Both APIs expose interactive Swagger UI documentation:
- Gateway:
http://localhost:8002/docs - B2B:
http://localhost:8001/docs
Pagination
Endpoints that return collections support offset-based pagination:
GET /api/v1/resource?offset=0&limit=20| Parameter | Type | Default | Description |
|---|---|---|---|
offset | integer | 0 | Number of items to skip |
limit | integer | 20 | Maximum number of items to return (max 100) |
Paginated responses include metadata:
{
"items": [...],
"total": 142,
"offset": 0,
"limit": 20
}Error Format
All errors follow a consistent format:
{
"error": {
"code": "RATE_LIMIT_EXCEEDED",
"message": "You have exceeded the rate limit. Try again in 30 seconds.",
"details": {
"retry_after": 30
}
}
}HTTP Status Codes
| Code | Meaning |
|---|---|
200 | Success |
201 | Resource created |
204 | Success with no content |
400 | Bad request — invalid parameters or body |
401 | Unauthorized — missing or invalid token |
403 | Forbidden — insufficient permissions |
404 | Not found — resource does not exist |
409 | Conflict — resource already exists |
413 | Payload too large — request body exceeds size limit |
429 | Rate limited — too many requests |
500 | Internal server error |
502 | Bad gateway — upstream service unavailable |
503 | Service unavailable — temporary maintenance |