Backend Changelog

0.6.2

Release Date: 2026-03-06

Swagger/OpenAPI documentation has been significantly improved to include clear access tags. Each endpoint description now specifies its permission level:
- [Public]: Indicates a publicly accessible endpoint, no authentication required.
- [👤 Private]: Indicates a private endpoint requiring authentication (Bearer or API Key).
OpenAPI version updated from 3.0.1 to 3.1.0.

The API now formally documents possible error return codes for much better client-side integration.
Authorization errors (401 Unauthorized, 403 Forbidden) and resource not found errors (404 Not Found) were previously missing in several endpoints. They are now correctly declared:
- Almost all private endpoints now list the 401 return.
- Fetch (GET /{id}), modify (PUT /finish), and delete (DELETE) actions on specific resources explicitly return a 404 Not Found for invalid IDs.
- The POST /lives endpoint now declares all its strict error returns (401, 403, 404, 422, 503).

Release Date: 2026-01-08

The new version of the API is a major update focused on user experience. The most significant changes include:

Removal of Administration Endpoints: All routes for creating, modifying, and deleting base resources (models, languages, users) have been removed from this specification to make it purely user-oriented.
New Authentication Method: The authentication system has been revamped.
URL Standardization: Endpoint paths have been simplified and made more consistent.
Introduction of Pagination: Resource lists are now paginated for better performance.
Data Model Enrichment: API responses are now more detailed and better documented.

These changes will require modifications in any existing integration.

The old ApiKeyAuth security mechanism that used the Authorization header has been removed.
The new version uses bearerAuth (for JWT tokens) and apiKeyHeader which expects a key in the X-API-Key header.

The /api/v1 prefix has been removed from all paths and is now part of the server URL (https://aura.authot.live/backend/api/v1).
Path identifiers have been standardized to {id} (e.g., /models/{modelId} becomes /models/{id}).
Trailing slashes have been added to several routes for consistency (e.g., /languages becomes /languages/).

All administration endpoints have been removed from this documentation, specifically:
- POST, PUT, DELETE on /languages
- POST, PUT, DELETE on /models
- POST, PUT, DELETE on /translations
- POST /users, POST /setup/initial-admin
- POST /settings
The following user endpoints have been removed:
- GET /api/v1/ping (now /ping but the prefix changed)
- GET /api/v1/lives/1/save
- GET /api/v1/lives/1/saves/
- GET /api/v1/live_transcriptions/{liveTranslationId}/save

Endpoints that return lists (like GET /languages/) no longer use a count field. They now return a pagination object containing total_items, total_pages, current_page, and per_page.

GET /languages/: The active filter parameter has been removed.
GET /models: The active filter parameter has been removed.
GET /settings: The user_id and username parameters have been removed. The endpoint now returns the authenticated user’s settings.

New GET endpoints have been added to retrieve a single resource by its identifier:

A new Websocket section has been added to document in detail how the real-time API works.

Data models (schemas) are now formally defined and highly detailed, with clear descriptions for each field.
Responses for live sessions (Live), translations (Translation), and others are much richer and include nested objects for models and languages.

GET /settings: Simplified to no longer take parameters and directly return the connected user’s configuration.