POST /api/v1/gateway

Universal gateway for non-LLM operations: provider management, metrics, organization admin. The gateway consolidates 50+ logical endpoints behind a single operation-routed entrypoint to minimize attack surface.

Request

POST https://firemission.us/api/v1/gateway
Authorization: Bearer fm_live_...
Content-Type: application/json

{
  "operation": "metrics.cost",
  "params": { "windowDays": 30 }
}

Fields

  • operation — string, required. The operation id.
  • params — object, operation-specific.

Operations

CategoryOperations
AI proxyai.proxy, ai.cost, ai.models
Metricsmetrics.cost, metrics.rate-limits
Provider mgmtprovider.list, provider.create, provider.update, provider.delete
Org adminorg.api-keys.list, org.service-accounts.list, org.service-account.create, org.api-key.revoke

Response

{
  "success": true,
  "data": {
    "totalCostCents": 184221,
    "byProvider": {
      "openai":    { "costCents": 102300, "calls": 18420 },
      "anthropic": { "costCents":  64900, "calls":  4310 },
      "groq":      { "costCents":  17021, "calls":  9988 }
    }
  }
}

RBAC

Org admin operations require organizationRole: 'admin'. Members without admin role get 403 Forbidden. Every admin action is recorded in the audit log with actor, IP, user-agent, and a generated audit log entry id.