GET /api/api/v2/posts
List all posts

Returns a list of all posts in the system. Requires valid authentication token.

Authentication

All authentication strategies are supported:

  • JWT Token: Standard JWT with HS256 algorithm

  • Database Token: Custom token stored in user record

  • API Key: 40-character alphanumeric key

  • Devise Token Auth: Requires uid and client headers

Errors

Code Description
401 Unauthorized - Invalid or missing token
403 Forbidden - Token valid but insufficient permissions

Examples

curl -X GET https://your-domain.com/api/v2/posts \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." \
  -H "Content-Type: application/json"
  
Response (200):
[
  {
    "id": 1,
    "title": "Sample Post Title",
    "content": "This is the content of the post...",
    "author_id": 123,
    "created_at": "2024-01-15T10:30:00Z",
    "updated_at": "2024-01-15T10:30:00Z"
  },
  {
    "id": 2,
    "title": "Another Post",
    "content": "Another post content...",
    "author_id": 456,
    "created_at": "2024-01-16T14:20:00Z",
    "updated_at": "2024-01-16T14:20:00Z"
  }
]

Error Response (401):
{
  "error": "Unauthorized"
}

Headers

Header name Description
Authorization
required
Bearer token for authentication
uid
optional
User email (required for devise_token_auth)
client
optional
Client ID (required for devise_token_auth)

GET /api/api/v2/posts/:id
Get a post by ID

Returns a single post by its ID. Requires valid authentication token.

Authentication

All authentication strategies are supported:

  • JWT Token: Standard JWT with HS256 algorithm

  • Database Token: Custom token stored in user record

  • API Key: 40-character alphanumeric key

  • Devise Token Auth: Requires uid and client headers

Errors

Code Description
401 Unauthorized - Invalid or missing token
404 Not Found - Post does not exist

Examples

curl -X GET https://your-domain.com/api/v2/posts/123       -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."       -H "Content-Type: application/json"

Response (200):
{
  "id": 123,
  "title": "Sample Post Title",
  "content": "This is the content of the post...",
  "author_id": 456,
  "created_at": "2024-01-15T10:30:00Z",
  "updated_at": "2024-01-16T14:20:00Z"
}

Error Response (404):
{
  "error": "Not Found"
}

Params

Param name Description
id
required

ID of the post

Validations:

  • Must be a Integer

Headers

Header name Description
Authorization
required
Bearer token for authentication
uid
optional
User email (required for devise_token_auth)
client
optional
Client ID (required for devise_token_auth)

GET /api/api/v2/posts/search
Search posts using Ransack


POST /api/api/v2/webhooks/posts
Create a post via incoming webhook (v2)

Errors

Code Description
401 Unauthorized (missing or invalid secret)
422 Validation errors
503 Receiving disabled by admin settings

Examples

Request:
  POST /api/v2/webhooks/posts
  Headers: { "X-Webhook-Secret": "<secret>" }
  Body:
  {
    "title": "Example from Webhook",
    "content": "Hello from an external system",
    "post_type": "idea",
    "user_id": 1,
    "tags": ["integration", "external"]
  }

Success (201):
  { "id": 42, "url": "https://needpedia.org/posts/42" }

Params

Param name Description
title
required

Post title

Validations:

  • Must be a String

content
optional

Post content (text or HTML)

Validations:

  • Must be a String

post_type
optional

Type of the post (e.g., idea, problem, note)

Validations:

  • Must be a String

user_id
required

User ID for the post creator

Validations:

  • Must be a Integer

subject_id
optional

Optional subject ID

Validations:

  • Must be a Integer

problem_id
optional

Optional problem ID

Validations:

  • Must be a Integer

lat
optional

Latitude

Validations:

  • Must be a Float

long
optional

Longitude

Validations:

  • Must be a Float

posted_to_id
optional

Destination/posted_to ID

Validations:

  • Must be a Integer

geo_maxing
optional

Geo-maxing flag

Validations:

  • Must be one of: TrueClass, FalseClass.

group_id
optional

Group ID

Validations:

  • Must be a Integer

tags
optional

List of tags

Validations:

  • Must be an array of String

resource_tags
optional

List of resource tags

Validations:

  • Must be an array of String

created_at
optional

ISO8601 timestamp to override creation time

Validations:

  • Must be a String

updated_at
optional

ISO8601 timestamp to override updated time

Validations:

  • Must be a String

Headers

Header name Description
X-Webhook-Secret
required
Shared secret for authentication