> ## Documentation Index
> Fetch the complete documentation index at: https://docs.dolfinai.co/llms.txt
> Use this file to discover all available pages before exploring further.

# API Reference

> Complete reference for the Dolfin API

## Base URL

All API requests are made to:

```
https://api.dolfinai.co
```

## Authentication

The Dolfin API supports two authentication methods:

### API Key (server-to-server)

Pass your API key in the `x-dolfin-api-key` header. Used by client backends for provisioning and management operations.

```bash theme={null}
curl -X GET https://api.dolfinai.co/invoices \
  -H "x-dolfin-api-key: your-api-key" \
  -H "x-dolfin-organisation-id: your-org-id"
```

### Bearer Token (browser-to-API)

Pass a session JWT in the `Authorization` header. Used by end users after exchanging an auth code.

```bash theme={null}
curl -X GET https://api.dolfinai.co/invoices \
  -H "Authorization: Bearer eyJ..." \
  -H "x-dolfin-organisation-id: your-org-id"
```

## Organisation Context

Most endpoints require an `x-dolfin-organisation-id` header to scope the request to a specific organisation. Endpoints that operate across organisations (e.g. creating an organisation or listing industries) are exempt from this requirement.

## Errors

The API returns errors in [RFC 7807 Problem Details](https://datatracker.ietf.org/doc/html/rfc7807) format:

```json theme={null}
{
  "type": "https://tools.ietf.org/html/rfc7807",
  "title": "Bad Request",
  "status": 400,
  "detail": "Email address is required"
}
```

## Pagination

List endpoints support cursor-based pagination:

| Parameter | Description                                                 |
| --------- | ----------------------------------------------------------- |
| `Cursor`  | Opaque cursor from a previous response's `nextCursor` field |
| `Limit`   | Number of items per page (default: 20)                      |

```json theme={null}
{
  "data": [...],
  "nextCursor": "eyJpZCI6...",
  "hasMore": true
}
```
