Content

Clients can read any library item (admin-authored content), author their own items within a library (rows stamped with owner_app_user_id = session user), and update / delete only the items they own.

Source: apps/api/src/routes/client/content.ts.

Endpoints

GET /client/content/today

Today's delivered items (UTC date) joined to their content_schedules and content_items rows.

Response 200

{
  "data": [
    {
      "schedule_name": "…",
      "schedule_type": "daily_rotation",
      "delivered_at": "…",
      "id": "…",
      "library_id": "…",
      "body": "…"
    }
  ]
}

Errors

• 500 FETCH_FAILED.

Try it:

curl -X GET 'https://api.amba.dev/client/content/today'

Curl:

curl -X GET '${BASE_URL}/client/content/today' \
  -H 'X-Api-Key: ${CLIENT_API_KEY}' \
  -H 'Authorization: Bearer ${SESSION_TOKEN}'

GET /client/content/libraries/:libraryId

Paginated list of active items ordered by sort_order.

Query

Response 200

{ "data": [{ "id": "…", "body": "…", "sort_order": 0 }], "total": 42, "offset": 0, "limit": 50 }

Try it:

curl -X GET 'https://api.amba.dev/client/content/libraries/%7B%7BlibraryId%7D%7D'

Curl:

curl -X GET '${BASE_URL}/client/content/libraries/{libraryId}' \
  -H 'X-Api-Key: ${CLIENT_API_KEY}' \
  -H 'Authorization: Bearer ${SESSION_TOKEN}'

POST /client/content/libraries/:libraryId/items

Create an item with ownership stamped from the session user. sort_order is computed server-side via the shared advisory-lock helper (MAX+1 within the library). is_premium and is_active are not settable by clients.

Request

Response 201

Full inserted row including id, owner_app_user_id, sort_order, is_active = true.

Errors

• 400 INVALID_INPUT — body missing or not JSON.
• 404 NOT_FOUND — library does not exist.
• 500 CREATE_FAILED.

Try it:

curl -X POST 'https://api.amba.dev/client/content/libraries/%7B%7BlibraryId%7D%7D/items'

Curl:

curl -X POST '${BASE_URL}/client/content/libraries/{libraryId}/items' \
  -H 'X-Api-Key: ${CLIENT_API_KEY}' \
  -H 'Authorization: Bearer ${SESSION_TOKEN}' \
  -H 'Content-Type: application/json' \
  -d '{}'

PATCH /client/content/items/:itemId

Allowed fields: title, body, media_url, category, tags, metadata, is_active.

Ownership enforced in the UPDATE — zero rows affected → 404 NOT_FOUND whether the item doesn't exist or is owned by someone else (existence not leaked).

Errors

• 400 INVALID_INPUT.
• 404 NOT_FOUND.
• 500 UPDATE_FAILED.

Try it:

curl -X PATCH 'https://api.amba.dev/client/content/items/%7B%7BitemId%7D%7D'

Curl:

curl -X PATCH '${BASE_URL}/client/content/items/{itemId}' \
  -H 'X-Api-Key: ${CLIENT_API_KEY}' \
  -H 'Authorization: Bearer ${SESSION_TOKEN}' \
  -H 'Content-Type: application/json' \
  -d '{}'

DELETE /client/content/items/:itemId

Ownership-scoped; returns 404 NOT_FOUND on a miss without distinguishing the cause.

Response 200

{ "data": { "deleted": true } }

Errors

• 404 NOT_FOUND.
• 500 DELETE_FAILED.

Try it:

curl -X DELETE 'https://api.amba.dev/client/content/items/%7B%7BitemId%7D%7D'

Curl:

curl -X DELETE '${BASE_URL}/client/content/items/{itemId}' \
  -H 'X-Api-Key: ${CLIENT_API_KEY}' \
  -H 'Authorization: Bearer ${SESSION_TOKEN}'

GET /client/content/items/:itemId

Returns the item only if it's is_active = true.

Errors

• 404 NOT_FOUND.
• 500 FETCH_FAILED.

Try it:

curl -X GET 'https://api.amba.dev/client/content/items/%7B%7BitemId%7D%7D'

Curl:

curl -X GET '${BASE_URL}/client/content/items/{itemId}' \
  -H 'X-Api-Key: ${CLIENT_API_KEY}' \
  -H 'Authorization: Bearer ${SESSION_TOKEN}'