GareArc a07b32274a feat(api): add /openapi/v1/workspaces reads (Phase E.17) ...

GET /openapi/v1/workspaces lists tenants the bearer's account is a
member of. GET /openapi/v1/workspaces/<id> returns one workspace
detail, member-gated (404 on non-member, never 403, so workspace IDs
don't leak across tenants).

Bearer-authed via @validate_bearer(accept=ACCEPT_USER_ANY). External
SSO bearers (no account_id) get an empty list / 404 — same posture as
GET /openapi/v1/account.

Cookie-authed /console/api/workspaces stays in console for the
dashboard SPA — different consumer, different auth model. No legacy
/v1/ remount this phase.

Plan: docs/superpowers/plans/2026-04-26-openapi-migration.md (in difyctl repo).

2026-04-27 00:10:16 -07:00

..

common

chore: reorg imports (#35308)

2026-04-16 08:50:02 +00:00

console

feat(api): lift device-flow approve/deny to /openapi/v1 (Phase D.13-14)

2026-04-26 23:57:28 -07:00

files

refactor(api): continue decoupling dify_graph from API concerns (#33580)

2026-03-25 20:32:24 +08:00

inner_api

fix: scope plugin inner API end-user lookup by tenant (#35325)

2026-04-17 06:12:07 +00:00

mcp

chore: reorg imports (#35308)

2026-04-16 08:50:02 +00:00

openapi

feat(api): add /openapi/v1/workspaces reads (Phase E.17)

2026-04-27 00:10:16 -07:00

service_api

refactor(api): consolidate openapi/oauth_device into per-domain modules

2026-04-27 00:07:15 -07:00

trigger

refactor(api): type webhook data extraction with RawWebhookDataDict TypedDict (#34486)

2026-04-03 02:24:17 +00:00

web

chore: reorg imports (#35308)

2026-04-16 08:50:02 +00:00

__init__.py

chore(api/controllers): Apply Ruff Formatter. (#7645)

2024-08-26 15:29:10 +08:00

fastopenapi.py

feat: init fastopenapi (#30453)

2026-01-23 21:07:52 +09:00

oauth_device_sso.py

refactor(api): consolidate openapi/oauth_device into per-domain modules

2026-04-27 00:07:15 -07:00