Skip to main content

🌐 API Overview

This document provides an overview of the key API endpoints within the Inner Journey backend, which is built using FastAPI. These endpoints serve as the crucial link between our frontend applications and backend services, enabling core functionalities such as user onboarding, personalized AI-driven activations, journaling, and data insights. Understanding these endpoints is essential for seamless integration and development. 🌟

🛠️ Key Endpoints

The following sections detail the primary API endpoints and their specific functions:

Onboarding Process

Handles the initial user setup and configuration.

  • /onboarding/chat: Manages the interactive onboarding conversation flow. It collects user information (e.g., birth date, personal goals) and securely saves these responses to Firestore, contributing to the user's profile.
  • /config/firebase-config: Delivers the necessary Firebase client configuration details to the frontend, enabling client-side authentication setup with Firebase Auth.

AI-Powered Activations and Programs

Generates personalized content using AI models.

  • /gemini/getActivation: Leverages Google Gemini to generate tailored activations (like guided meditations or reflection prompts) based on the user's current mood and stated goals. The generated activation is then stored in Firestore for user access.

Data Processing and Insights

Analyzes user data to provide value and personalization.

  • /vertex/analyze-responses: Utilizes Vertex AI to analyze user-provided text responses (such as name interpretations, meaningful quotes, or desired contributions). This analysis helps generate personalized greetings and actionable insights for the user.
  • /api/github/project: Fetches project management data directly from a specific GitHub repository (Project 24). This is used internally for tracking development tasks and applying MoSCoW prioritization.

🔒 Security Principles

Security is paramount in Inner Journey. Our API adheres to the following principles:

  • 🔑 Authentication: Critical endpoints, including /onboarding/chat and /gemini/getActivation, require a valid Firebase Auth ID token passed in the Authorization: Bearer <id_token> header. The backend diligently verifies these tokens upon receipt.
  • 🛡️ Data Access Control: Firestore Security Rules are strictly configured to ensure that users can only access and modify their own personal data, maintaining data privacy and integrity.
  • 🤫 Secrets Management: Sensitive API keys and credentials (e.g., for Google Gemini, Firebase Admin SDK) are securely stored and managed using Google Cloud Secret Manager, preventing exposure in the codebase or environment variables.

For more in-depth details on the implementation of each endpoint, please refer to the backend source code: GitHub: backend/routes/