Version: 2.0.0
Last Updated: May 2026
| Environment | URL |
|---|---|
| Development | http://localhost:8000 |
| Production | https://api.interviewminds.com |
All protected endpoints require a valid Clerk JWT token in the Authorization header:
Authorization: Bearer <clerk-jwt-token>
Roles: candidate, interviewer, admin (with wildcard permissions).
| Header | Description |
|---|---|
Authorization |
Bearer token (Clerk JWT) |
Content-Type |
application/json |
X-Correlation-ID |
Auto-generated request trace ID (returned in response) |
Health check with service status and circuit breaker state.
Response:
{
"status": "ok | degraded | unhealthy",
"timestamp": "2026-05-01T00:00:00.000Z",
"services": {
"mongo": "connected | disconnected",
"redis": "connected | disconnected",
"groq": "connected | unreachable",
"piston": "connected | unreachable"
},
"circuitBreakers": { ... }
}Prometheus exposition format metrics.
Simple liveness probe.
Returns a CSRF token for form submissions.
Create a new interview session.
Auth: Required (candidate, interviewer, admin)
Rate Limit: General
Get interview details and history.
Update interview status or metadata.
Send a message in an interview chat session. Uses Groq LLM (Llama 3.3-70b) for AI responses.
Auth: Required
Rate Limit: AI (stricter)
Upload and parse a resume (PDF/DOCX).
Auth: Required
Rate Limit: Upload
Max Size: 10MB
Retrieve parsed resume with chunks and embeddings.
Verify resume claims against external data.
Execute code in a sandboxed environment via Piston API.
Auth: Required
Rate Limit: AI
Circuit Breaker: Yes (Piston service)
Request:
{
"language": "javascript",
"code": "console.log('hello')",
"stdin": ""
}Generate dynamic follow-up questions based on interview context.
Validate candidate answers using AI scoring.
Start an LLM-powered interview session.
Run multimodal analysis (voice tone, facial expressions, gestures, eye gaze, posture).
Request:
{
"audioText": "transcript of candidate speech",
"facialData": { "happy": 20, "neutral": 60, ... },
"gestureData": [100, 200, 150],
"eyePositions": [{ "x": 0.1, "y": -0.05 }],
"postureKeypoints": { "nose": { "x": 0.5, "y": 0.3 }, "shoulders": { "x": 0.5, "y": 0.6 } }
}Response:
{
"voice": { "confidence": 75, "nervousness": 20, "enthusiasm": 80, "clarity": 85, "pace": 60, "sentiment": "positive", "source": "groq" },
"facial": { "expressions": { ... }, "dominantEmotion": "neutral", "engagementScore": 70 },
"gestures": { "fidgeting": 20, "overallBodyLanguage": "positive" },
"eyeGaze": { "gazeDirection": "center", "lookingAtScreen": 85 },
"posture": { "posture": "upright", "engagementLevel": 90 },
"overallScore": 78,
"warnings": []
}AI-powered adaptive assessment with difficulty scaling.
Process a video frame for proctoring analysis.
Auth: Required
Request:
{
"frameData": "<base64-encoded-frame>",
"previousPositions": [{ "x": 0.5, "y": 0.3 }]
}Process audio frame for voice analysis.
Report screen monitoring state.
Evaluate complete proctoring session and generate risk score.
Create a collaborative editing session.
Join an existing collaboration session.
Update document with CRDT three-way merge.
Create a whiteboard session with MongoDB persistence.
Create a video call session with ICE server configuration.
Generate RSA-4096 keypair for E2E encryption.
Encrypt a message with AES-256-GCM.
Enroll biometric authentication data.
Analyze session for fraud indicators.
Verify candidate location against allowed regions.
List all users with roles. Auth: admin only.
Query audit log entries with filtering.
Assign or update user roles.
Export interview data as CSV/JSON.
Get dashboard analytics data.
Get detailed candidate report.
Register a webhook endpoint.
Request:
{
"url": "https://your-app.com/webhook",
"events": ["interview.completed", "score.generated"],
"secret": "your-webhook-secret"
}List registered webhooks with delivery tracking.
Rate Limit: GraphQL-specific
Auth: Via context (Clerk token)
type Query {
interviews(userId: String!): [Interview!]!
interview(id: ID!): Interview
analytics(timeRange: TimeRange!): AnalyticsData!
}
type Mutation {
createInterview(input: CreateInterviewInput!): Interview!
updateScore(interviewId: ID!, score: ScoreInput!): Interview!
}Sync with Applicant Tracking System.
SAML SSO authentication endpoint.
Check integration health for all connected services.
Create an interview schedule.
Get available time slots.
All errors follow a consistent format:
{
"error": "Human-readable error message",
"details": "Additional context (development only)",
"correlationId": "uuid-for-tracing"
}| Code | Meaning |
|---|---|
| 200 | Success |
| 201 | Created |
| 400 | Bad Request (validation error) |
| 401 | Unauthorized (missing/invalid token) |
| 403 | Forbidden (insufficient permissions) |
| 404 | Not Found |
| 429 | Too Many Requests (rate limited) |
| 500 | Internal Server Error |
| 503 | Service Unavailable (circuit breaker open) |
| Tier | Applies To | Notes |
|---|---|---|
| General | All routes | Standard request throttling |
| AI | /api/chat, /api/compiler, /api/tts, /api/llm-interviewer, /api/smart-assessment |
Stricter limits for expensive LLM calls |
| Upload | /api/resume |
File size + frequency |
| GraphQL | /graphql |
Query complexity aware |