POST /api/v1/gateway
Universal gateway for non-LLM operations: provider management, metrics, organization admin. The gateway consolidates 50+ logical endpoints behind a single operation-routed entrypoint to minimize attack surface.
Request
POST https://firemission.us/api/v1/gateway
Authorization: Bearer fm_live_...
Content-Type: application/json
{
"operation": "metrics.cost",
"params": { "windowDays": 30 }
}Fields
operation— string, required. The operation id.params— object, operation-specific.
Operations
| Category | Operations |
|---|---|
| AI proxy | ai.proxy, ai.cost, ai.models |
| Metrics | metrics.cost, metrics.rate-limits |
| Provider mgmt | provider.list, provider.create, provider.update, provider.delete |
| Org admin | org.api-keys.list, org.service-accounts.list, org.service-account.create, org.api-key.revoke |
Response
{
"success": true,
"data": {
"totalCostCents": 184221,
"byProvider": {
"openai": { "costCents": 102300, "calls": 18420 },
"anthropic": { "costCents": 64900, "calls": 4310 },
"groq": { "costCents": 17021, "calls": 9988 }
}
}
}RBAC
Org admin operations require organizationRole: 'admin'. Members
without admin role get 403 Forbidden. Every admin action is
recorded in the audit log with actor, IP, user-agent, and a generated audit
log entry id.