API Flows¶

Manual API testing workflows for the Dashtam platform, organized by domain and user journey. All flows use HTTPS with self-signed certificates in development environments, mirroring production usage.

Contents¶

End-to-end testing flows for authentication, token management, and provider integration. Each flow provides step-by-step curl commands for manual testing against a running development environment.

Directory Structure¶

api-flows/
├── auth/
│   ├── complete-auth-flow.md
│   ├── email-verification.md
│   ├── index.md
│   ├── login.md
│   ├── password-reset.md
│   └── registration.md
├── providers/
│   ├── index.md
│   ├── provider-disconnect.md
│   └── provider-onboarding.md
└── index.md

Documents¶

Authentication Flows¶

Complete authentication workflows for user management:

• User Registration - Register new user with email verification
• Email Verification - Verify email address with token
• User Login - Login, token management, and logout
• Password Reset - Forgot password workflow
• Complete Auth Flow - End-to-end authentication testing

Provider Flows¶

Financial provider integration workflows:

• Provider Onboarding - OAuth setup and connection
• Provider Disconnect - Provider disconnection

Quick Links¶

Related Documentation:

• Template for creating new API flows
• Complete template documentation
• Development Guide - Developer documentation
• Testing Strategy - Overall testing approach

External Resources:

• curl Documentation - HTTP client reference
• HTTP Status Codes - Status code reference
• JWT.io - JWT token decoder

Navigation¶

Parent Directory: ../index.md

Related Directories:

• Development Documentation
• Testing

Contributing¶

When adding new API flow documents:

1. Copy the
2. Place in appropriate subdirectory (auth/ or providers/)
3. Follow established conventions and structure
4. Update this index with link and description
5. Run markdown linting: make lint-md-file FILE="path/to/file.md"

Flow Creation Guidelines¶

• Organize by domain (auth, providers) not HTTP verb
• Each flow represents a complete user journey
• Include Purpose, Prerequisites, Steps, and Troubleshooting
• Use HTTPS-first approach with curl -k for dev TLS
• Include expected HTTP status codes for all responses
• Add token extraction guides for email-based flows
• Cross-reference related flows and prerequisites

Document Information¶

Template: index-section-template.md Created: 2025-10-15 Last Updated: 2025-10-21