| GET | /health | Liveness probe on the API host (same deployment as /api/v1/*) | Public |
| GET | /ready | Readiness probe (Postgres SELECT 1; 503 when DB unavailable) | Public |
| GET | /api | Machine-readable map of documented routes and descriptions | Public |
| POST | /api/v1/auth/login | Email/password login; sets HttpOnly session cookie for browser clients | Public |
| GET | /api/v1/auth/me | Current user and organization context | Session or JWT |
| POST | /api/v1/session/create | Anonymous session id for onboarding before signup | Public |
| GET | /api/v1/public-site/:publicUsername | Read published hosted landing HTML + theme (no auth when hosting is enabled) | Public |
| POST | /api/v1/prospect-audit/public | Rate-limited public SEO audit from a URL (returns slug/path for /seo-audit/:slug) | Public (rate limited) |
| POST | /api/v1/jobs/website-analysis | Enqueue async website analysis (returns jobId) | Session, JWT, or x-session-id |
| GET | /api/v1/jobs/:jobId/status | Poll job status and result payload when terminal | Session, JWT, or x-session-id |
| GET | /api/v1/jobs/:jobId/narrative-stream | Server-sent events for analysis narration / progress | Session, JWT, or x-session-id |
| GET | /api/v1/jobs/:jobId/stream | Server-sent events for per-item partial results (audiences, blog chunks, etc.) | Session, JWT, or x-session-id |
| POST | /api/v1/jobs/content-generation | Enqueue async enhanced blog generation (worker + credits) | Session, JWT, or x-session-id |
| GET | /api/v1/stream/:connectionId | Ephemeral SSE for generate-stream endpoints (topics, tweets, blog, etc.) | Session, JWT, or x-session-id |
| POST | /api/v1/topics | Generate topic suggestions for a selected audience | Session optional (see backend optionalAuth) |
| POST | /api/v1/enhanced-blog-generation/generate | Deprecated — returns 410. Use POST /api/v1/jobs/content-generation | Session or JWT |
| POST | /api/v1/blog-posts/custom-generate | Deprecated — returns 410. Use POST /api/v1/jobs/content-generation | Session or JWT |
| GET | /api/v1/blog-posts | List authenticated user blog posts | Session or JWT |