{"openapi":"3.0.3","info":{"title":"API Learning Sandbox","description":"## Welcome to the API Learning Sandbox 🧪\n\nA hands-on API testing platform for learning **REST**, **GraphQL**, **SOAP**, and **Authentication**.\n\n### Quick Start\n1. **No login required** — a session is auto-created on your first request\n2. Your session ID is returned in the `x-session-id` response header\n3. All data you create is **private to your session** and **auto-expires** in 10 minutes\n4. Use the REST, GraphQL, or SOAP endpoints — they all share the same data store\n\n### Authentication Methods\n| Method | How to use |\n|--------|-----------|\n| **API Key** | Add header `x-api-key: demo-key-sandbox-2024` |\n| **JWT** | POST `/auth/token` → use `Authorization: Bearer <token>` |\n| **OAuth2** | POST `/auth/oauth` with client credentials |\n\n### Simulation Features\nAdd these query params to any REST endpoint:\n- `?delay=2000` — add 2 second artificial delay\n- `?error=500` — force a 500 error response\n- `?random_fail=true` — 30% random failure chance\n\n### Rate Limiting\n100 requests/minute per IP. Headers: `X-RateLimit-Remaining`\n\n### Entities Available\n- `users` — name, email, role, age\n- `products` — name, price, description, stock, category\n- `orders` — user_id, product_id, quantity, status, notes\n","version":"1.0.0","contact":{"name":"TotalShiftLeft","url":"https://demo.totalshiftleft.ai"},"license":{"name":"MIT"}},"components":{"securitySchemes":{"ApiKeyAuth":{"type":"apiKey","in":"header","name":"x-api-key","description":"Demo keys: `demo-key-sandbox-2024` or `admin-key-sandbox-2024`"},"BearerAuth":{"type":"http","scheme":"bearer","bearerFormat":"JWT","description":"Obtain via POST /auth/token"},"SessionHeader":{"type":"apiKey","in":"header","name":"x-session-id","description":"Session ID (auto-created on first request, returned in response headers)"}},"schemas":{}},"paths":{"/api/v1/users":{"post":{"summary":"Create a new user","tags":["Users"],"description":"Creates a new record in the sandbox. Data is session-scoped and auto-expires.","parameters":[{"schema":{"type":"string","enum":["users","orders","products"]},"in":"path","name":"entity","required":true}],"responses":{"200":{"description":"Default Response"}}},"get":{"summary":"List users","tags":["Users"],"description":"Returns paginated list. Supports ?page, ?limit, ?sort, ?order, and any field filter. Also supports ?delay, ?error, ?random_fail.","parameters":[{"schema":{"type":"string","enum":["users","orders","products"]},"in":"path","name":"entity","required":true}],"responses":{"200":{"description":"Default Response"}}}},"/api/v1/users/{id}":{"get":{"summary":"Get a single user by ID","tags":["Users"],"description":"Fetch one record by UUID.","parameters":[{"schema":{"type":"string","enum":["users","orders","products"]},"in":"path","name":"entity","required":true},{"schema":{"type":"string","format":"uuid"},"in":"path","name":"id","required":true}],"responses":{"200":{"description":"Default Response"}}},"put":{"summary":"Replace a user (full update)","tags":["Users"],"parameters":[{"schema":{"type":"string","enum":["users","orders","products"]},"in":"path","name":"entity","required":true},{"schema":{"type":"string","format":"uuid"},"in":"path","name":"id","required":true}],"responses":{"200":{"description":"Default Response"}}},"patch":{"summary":"Partially update a user (PATCH)","tags":["Users"],"parameters":[{"schema":{"type":"string","enum":["users","orders","products"]},"in":"path","name":"entity","required":true},{"schema":{"type":"string","format":"uuid"},"in":"path","name":"id","required":true}],"responses":{"200":{"description":"Default Response"}}},"delete":{"summary":"Delete a user by ID","tags":["Users"],"parameters":[{"schema":{"type":"string","enum":["users","orders","products"]},"in":"path","name":"entity","required":true},{"schema":{"type":"string","format":"uuid"},"in":"path","name":"id","required":true}],"responses":{"200":{"description":"Default Response"}}}},"/api/v1/orders":{"post":{"summary":"Create a new order","tags":["Orders"],"description":"Creates a new record in the sandbox. Data is session-scoped and auto-expires.","parameters":[{"schema":{"type":"string","enum":["users","orders","products"]},"in":"path","name":"entity","required":true}],"responses":{"200":{"description":"Default Response"}}},"get":{"summary":"List orders","tags":["Orders"],"description":"Returns paginated list. Supports ?page, ?limit, ?sort, ?order, and any field filter. Also supports ?delay, ?error, ?random_fail.","parameters":[{"schema":{"type":"string","enum":["users","orders","products"]},"in":"path","name":"entity","required":true}],"responses":{"200":{"description":"Default Response"}}}},"/api/v1/orders/{id}":{"get":{"summary":"Get a single order by ID","tags":["Orders"],"description":"Fetch one record by UUID. Add ?expand=user,product to inline the linked user and product objects.","parameters":[{"schema":{"type":"string","enum":["users","orders","products"]},"in":"path","name":"entity","required":true},{"schema":{"type":"string","format":"uuid"},"in":"path","name":"id","required":true}],"responses":{"200":{"description":"Default Response"}}},"put":{"summary":"Replace a order (full update)","tags":["Orders"],"parameters":[{"schema":{"type":"string","enum":["users","orders","products"]},"in":"path","name":"entity","required":true},{"schema":{"type":"string","format":"uuid"},"in":"path","name":"id","required":true}],"responses":{"200":{"description":"Default Response"}}},"patch":{"summary":"Partially update a order (PATCH)","tags":["Orders"],"parameters":[{"schema":{"type":"string","enum":["users","orders","products"]},"in":"path","name":"entity","required":true},{"schema":{"type":"string","format":"uuid"},"in":"path","name":"id","required":true}],"responses":{"200":{"description":"Default Response"}}},"delete":{"summary":"Delete a order by ID","tags":["Orders"],"parameters":[{"schema":{"type":"string","enum":["users","orders","products"]},"in":"path","name":"entity","required":true},{"schema":{"type":"string","format":"uuid"},"in":"path","name":"id","required":true}],"responses":{"200":{"description":"Default Response"}}}},"/api/v1/products":{"post":{"summary":"Create a new product","tags":["Products"],"description":"Creates a new record in the sandbox. Data is session-scoped and auto-expires.","parameters":[{"schema":{"type":"string","enum":["users","orders","products"]},"in":"path","name":"entity","required":true}],"responses":{"200":{"description":"Default Response"}}},"get":{"summary":"List products","tags":["Products"],"description":"Returns paginated list. Supports ?page, ?limit, ?sort, ?order, and any field filter. Also supports ?delay, ?error, ?random_fail.","parameters":[{"schema":{"type":"string","enum":["users","orders","products"]},"in":"path","name":"entity","required":true}],"responses":{"200":{"description":"Default Response"}}}},"/api/v1/products/{id}":{"get":{"summary":"Get a single product by ID","tags":["Products"],"description":"Fetch one record by UUID.","parameters":[{"schema":{"type":"string","enum":["users","orders","products"]},"in":"path","name":"entity","required":true},{"schema":{"type":"string","format":"uuid"},"in":"path","name":"id","required":true}],"responses":{"200":{"description":"Default Response"}}},"put":{"summary":"Replace a product (full update)","tags":["Products"],"parameters":[{"schema":{"type":"string","enum":["users","orders","products"]},"in":"path","name":"entity","required":true},{"schema":{"type":"string","format":"uuid"},"in":"path","name":"id","required":true}],"responses":{"200":{"description":"Default Response"}}},"patch":{"summary":"Partially update a product (PATCH)","tags":["Products"],"parameters":[{"schema":{"type":"string","enum":["users","orders","products"]},"in":"path","name":"entity","required":true},{"schema":{"type":"string","format":"uuid"},"in":"path","name":"id","required":true}],"responses":{"200":{"description":"Default Response"}}},"delete":{"summary":"Delete a product by ID","tags":["Products"],"parameters":[{"schema":{"type":"string","enum":["users","orders","products"]},"in":"path","name":"entity","required":true},{"schema":{"type":"string","format":"uuid"},"in":"path","name":"id","required":true}],"responses":{"200":{"description":"Default Response"}}}}},"servers":[{"url":"https://demo.totalshiftleft.ai","description":"API Learning Sandbox"}],"tags":[{"name":"Users","description":"User management — create, read, update, delete"},{"name":"Products","description":"Product catalogue — create, read, update, delete"},{"name":"Orders","description":"Order management — create, read, update, delete; supports ?expand=user,product"}],"externalDocs":{"url":"https://demo.totalshiftleft.ai/docs","description":"Full API Learning Guide"}}