API overview
JSON APIs use verified sessions, problem responses, bounded payloads, and idempotency keys for mutations.
Documentation
Versioned API conventions, authentication boundaries, rate and idempotency guidance, and machine-readable OpenAPI.
Original English editorial content
JSON APIs use verified sessions, problem responses, bounded payloads, and idempotency keys for mutations.
Private APIs require a verified Supabase session. Service credentials never enter browser bundles.
Only explicitly selected public lesson resources may be cached; protected and private routes are network-only.