API docs by Redocly

Fonella API (1.0.0)

Download OpenAPI specification:Download

Official API documentation for the Fonella backend services.

Public

Public endpoints without authentication.

Chatwoot agent bot webhook (delegates to AI worker)

Request Body schema: application/json
property name*
additional property
any

Responses

Request samples

Content type
application/json
{ }

Redirect to signed S3 download URL

Returns HTTP 302 to a short-lived presigned URL; file bytes are served directly from S3.

query Parameters
key
required
string
Example: key=downloads/fonella-1.1.2-macos.dmg

Responses

List public app download archive

Lists release artifacts stored under downloads/ in the files S3 bucket (metadata only).

Responses

Get latest app version available for download

Returns the highest semantic version from the public download archive with its per-platform artifacts.

Responses

List Public Plans

Returns publicly available pricing plans.

Responses

Response samples

Content type
application/json
{
  • "plans": [
    ]
}

GET get Service Message

Responses

Response samples

Content type
application/json
{ }

Health Check

Returns API runtime health information.

Responses

Response samples

Content type
application/json
{
  • "status": "ok",
  • "service": "fonella-api",
  • "stage": "prod",
  • "timestamp": "2019-08-24T14:15:22Z"
}

SIP Bridge Health

Verifies the SIP bridge container is reachable and our Sipgate trunk registration is alive. Intended for uptime monitoring; returns 200 on full green, 503 when any probe fails.

Responses

Request Test Call

Starts a test callback request via the configured outbound telephony provider.

Request Body schema: application/json
phoneNumber
required
string
locale
string
Enum: "de" "en" "tr" "ar" "el"

Marketing UI locale (selects callback assistant + outbound caller ID)

company
string
preferredWindow
string
notes
string
recaptchaToken
string

Responses

Request samples

Content type
application/json
{
  • "phoneNumber": "+491701234567",
  • "locale": "de",
  • "company": "Fonella GmbH",
  • "preferredWindow": "Today 14:00-16:00",
  • "notes": "Please call via office line.",
  • "recaptchaToken": "03AFcWeA..."
}

Response samples

Content type
application/json
{ }

Submit Contact Form

Submits the public contact form.

Request Body schema: application/json
name
required
string
email
required
string <email>
company
string
message
required
string

Responses

Request samples

Content type
application/json
{
  • "name": "Max Mustermann",
  • "email": "max@example.com",
  • "company": "Fonella GmbH",
  • "message": "I would like to book a demo."
}

Response samples

Content type
application/json
{ }

Submit public feedback (CreateTicketRequest subset + reCAPTCHA)

Request Body schema: application/json
email
required
string <email>
title
required
string
content
required
string
ticketPriority
required
string
Enum: "trivial" "minor" "major" "critical" "blocker"
recaptchaToken
string

Responses

Request samples

Content type
application/json
{
  • "email": "user@example.com",
  • "title": "string",
  • "content": "string",
  • "ticketPriority": "trivial",
  • "recaptchaToken": "string"
}

Voice telephony webhook

Receives webhook events from the configured voice telephony provider (server URL). Processes end-of-call-report events by resolving the owning customer via assistantId → auth0_user_id → Auth0 email, then sends a call summary email via Mailgun (deep link to call detail in customer portal). All other event types are acknowledged with 200 OK.

Request Body schema: application/json
object

Responses

Request samples

Content type
application/json
{
  • "message": {
    }
}

Authentication

Authentication and session endpoints.

Validate Access Token

Validates the provided bearer token and returns user context.

Responses

Response samples

Content type
application/json
{ }

Logout Session

Logs out the authenticated user session.

Request Body schema: application/json
property name*
additional property
any

Responses

Request samples

Content type
application/json
{ }

Response samples

Content type
application/json
{ }

List active login sessions

Returns registered devices/sessions for the authenticated user with resolved city labels.

Responses

Response samples

Content type
application/json
{ }

Register login session

Registers or updates a device session after sign-in. May send email/push alerts for new devices.

Request Body schema: application/json
property name*
additional property
any

Responses

Request samples

Content type
application/json
{ }

Response samples

Content type
application/json
{ }

Revoke all login sessions

Revokes all registered sessions except an optional current session id.

Request Body schema: application/json
exceptSessionId
string

Responses

Request samples

Content type
application/json
{
  • "exceptSessionId": "string"
}

Response samples

Content type
application/json
{ }

Revoke login session

Revokes a single registered device session for the authenticated user.

path Parameters
sessionId
required
string

Responses

Response samples

Content type
application/json
{ }

Verify login session

Checks whether a session id is still active. Pass sessionId as query param or X-Fonella-Session-Id header.

query Parameters
sessionId
string
header Parameters
X-Fonella-Session-Id
string

Responses

Response samples

Content type
application/json
{ }

Subscription

Subscription management endpoints.

Create Subscription

Creates a new subscription for the authenticated user.

Request Body schema: application/json
planId
required
string
Enum: "starter" "business" "premium"

Responses

Request samples

Content type
application/json
{
  • "planId": "business"
}

Response samples

Content type
application/json
{ }

Get Subscription

Returns the current subscription of the authenticated user.

Responses

Response samples

Content type
application/json
{ }

Reactivate Subscription

Reactivates a previously scheduled cancellation.

Request Body schema: application/json
property name*
additional property
any

Responses

Request samples

Content type
application/json
{ }

Response samples

Content type
application/json
{ }

Schedule Subscription Cancellation

Schedules subscription cancellation at the period end.

Request Body schema: application/json
property name*
additional property
any

Responses

Request samples

Content type
application/json
{ }

Response samples

Content type
application/json
{ }

Schedule Plan Change

Schedules a subscription plan change.

Request Body schema: application/json
targetPlanId
required
string
Enum: "starter" "business" "premium"

Responses

Request samples

Content type
application/json
{
  • "targetPlanId": "premium"
}

Response samples

Content type
application/json
{ }

Billing

Invoice and billing endpoints.

List Invoices

Returns invoices for the authenticated user.

Responses

Response samples

Content type
application/json
{ }

Settings

User settings endpoints.

Mark dashboard tour as completed

Persists that the authenticated user finished the guided dashboard tour.

Responses

Get Assistant Tool Selection

Returns the user's custom tools together with the per-assistant opt-out (disabled tool ids) for the currently active assistant (pool line).

Responses

Response samples

Content type
application/json
{ }

Update Assistant Tool Selection

Stores which custom tools are disabled for the currently active assistant (pool line). Tool ids not in the list apply to the assistant.

Responses

Response samples

Content type
application/json
{ }

Get User Settings

Returns settings for the authenticated user.

Responses

Response samples

Content type
application/json
{ }

Update User Settings

Updates settings for the authenticated user.

Request Body schema: application/json
name
string
email
string <email>
timezone
string

Responses

Request samples

Content type
application/json
{
  • "name": "Max Mustermann",
  • "email": "max@fonella.ai",
  • "timezone": "Europe/Berlin"
}

Response samples

Content type
application/json
{ }

GET my Ai Consent

Responses

Response samples

Content type
application/json
{ }

PATCH my Ai Consent

Responses

Response samples

Content type
application/json
{ }

PATCH patch My Color Scheme

Responses

Response samples

Content type
application/json
{ }

PATCH patch My Font Scale

Responses

Response samples

Content type
application/json
{ }

PATCH patch My Ui Locale

Responses

Response samples

Content type
application/json
{ }

Files

File management endpoints.

POST create My Crawl Url

Responses

Response samples

Content type
application/json
{ }

GET get My Crawl Urls

Responses

Response samples

Content type
application/json
{ }

DELETE delete My Crawl Url

Responses

Response samples

Content type
application/json
{ }

DELETE delete My File

Responses

Response samples

Content type
application/json
{ }

List Files

Returns uploaded files for the authenticated user.

Responses

Response samples

Content type
application/json
{ }

POST upload My File

Responses

Response samples

Content type
application/json
{ }

Query knowledge base

Searches uploaded knowledge-base documents for the authenticated user (RAG).

Request Body schema: application/json
query
required
string

Responses

Request samples

Content type
application/json
{
  • "query": "string"
}

Analytics

Usage and call analytics endpoints.

List Call Logs

Call logs for the authenticated user; DynamoDB keyset pagination (newest first).

query Parameters
limit
integer [ 10 .. 50 ]
Default: 25
cursor
string

Responses

Response samples

Content type
application/json
{ }

Get Usage Metrics

Returns usage metrics for the authenticated user.

Responses

Response samples

Content type
application/json
{ }

Report inappropriate AI-generated call content

Sends a team notification email for review (Microsoft Store policy 11.16).

Request Body schema: application/json
callId
required
string
startedAt
required
string <date-time>
description
required
string
locale
string
Enum: "de" "en"

Responses

Request samples

Content type
application/json
{
  • "callId": "string",
  • "startedAt": "2019-08-24T14:15:22Z",
  • "description": "string",
  • "locale": "de"
}

Assistant

Assistant setup endpoints.

Setup Assistant

Creates or updates assistant setup for the authenticated user.

Request Body schema: application/json
greeting
string
language
string

Responses

Request samples

Content type
application/json
{
  • "greeting": "Hello, this is Fonella.",
  • "language": "de"
}

Response samples

Content type
application/json
{ }

Setup assistant from marketing invite token (verified CRM row)

Setup assistant when Auth0 e-mail matches a marketing potential row (same as invite flow)

Account

Account lifecycle endpoints.

Request Account Deletion

Permanently deletes the account: Vapi assistant and phone resources (pool number released), Sipgate devices (except shared trunk), DynamoDB user data, and the Auth0 user. Confirmation email is sent only after successful removal.

Request Body schema: application/json
property name*
additional property
any

Responses

Request samples

Content type
application/json
{ }

Response samples

Content type
application/json
{ }

Request Data Export

Starts a personal data export request.

Request Body schema: application/json
property name*
additional property
any

Responses

Request samples

Content type
application/json
{ }

Response samples

Content type
application/json
{ }

Integrations

Third-party integration endpoints.

Delete SIP Integration

Removes integration(s). Without query: pool fonella line, dashboard Sipgate line, and external trunk. With ?externalOnly=1, removes only the third-party SIP trunk (voice provider + metadata) and leaves Sipgate routing untouched. With ?fonellaSipgateOnly=1, removes only the dashboard Fonella/Sipgate device line (not the pool number, not external).

query Parameters
externalOnly
string
Enum: "1" "true"
fonellaSipgateOnly
string
Enum: "1" "true"

Responses

Save SIP Integration

Two modes: (1) mode=sipgate — fonella Sipgate device + routing + third-party voice stack for a number on the Sipgate account. (2) mode=external — your own SIP trunk + voice provider only (additive; does not change Sipgate routing or pool numbers).

Request Body schema: application/json
mode
string
Enum: "sipgate" "external"
phoneNumber
string
alias
string

Optional label for the Sipgate register device (sipgate mode only).

gateway
string

SIP host or IP (external mode only).

authUsername
string
authPassword
string
port
integer
inboundEnabled
boolean

Responses

Request samples

Content type
application/json
{
  • "mode": "sipgate",
  • "phoneNumber": "string",
  • "alias": "string",
  • "gateway": "string",
  • "authUsername": "string",
  • "authPassword": "string",
  • "port": 0,
  • "inboundEnabled": true
}

Get SIP Integration

Returns fonella Sipgate line, optional pool line, and optional external SIP trunk.

Responses

GET get My Live Events Auth

Responses

Response samples

Content type
application/json
{ }

POST stripe Webhook

Responses

Response samples

Content type
application/json
{ }

Admin

Admin portal endpoints (requires admin:access).

Block an IP (Admin)

Permanently blocks an IP via the reputation cache.

Responses

List blocked IPs (Admin)

Returns all blocked IPs (manual + IPQS automatic).

Responses

Blacklist a phone number (Admin)

Responses

List blacklisted phone numbers (Admin)

Responses

Release a blocked IP (Admin)

path Parameters
ip
required
string

Responses

Remove a phone number from the blacklist (Admin)

path Parameters
phoneNumber
required
string

Responses

Close user account (Admin)

Cancels the Stripe subscription immediately when a subscription id is stored, then full teardown: Vapi assistant + phone numbers + per-user credentials, Sipgate devices, phone pool assignment, all DynamoDB rows, and the Auth0 user. Active team member accounts linked to this owner are fully closed as well (DynamoDB + Auth0). The shared Sipgate trunk BYO-SIP credential is never deleted.

path Parameters
userId
required
string

Responses

Get user detail (Admin)

Returns detailed information for a single user.

path Parameters
userId
required
string

Responses

Complete a payout (Admin)

Marks a pending payout as completed and notifies the partner via email.

path Parameters
payoutId
required
any
Request Body schema: application/json
status
string
Enum: "completed" "rejected"

Responses

Request samples

Content type
application/json
{
  • "status": "completed"
}

POST Admin create User Crawl Url

Responses

Response samples

Content type
application/json
{ }

GET Admin get User Crawl Urls

Responses

Response samples

Content type
application/json
{ }

DELETE Admin delete Platform Service Message

Responses

Response samples

Content type
application/json
{ }

GET Admin get Platform Service Message

Responses

Response samples

Content type
application/json
{ }

PUT Admin update Platform Service Message

Responses

Response samples

Content type
application/json
{ }

DELETE Admin delete User Crawl Url

Responses

Response samples

Content type
application/json
{ }

DELETE Admin delete User File

Responses

Response samples

Content type
application/json
{ }

Admin platform dashboard stats

Aggregated KPIs and 12-month time series. Serves a DynamoDB snapshot when younger than one hour; otherwise recomputes from table scans and updates the snapshot. Pass refresh=1 to force a recompute.

query Parameters
refresh
string

Set to 1 to bypass cache and rebuild statistics

Responses

List partners (Admin)

Affiliate partners with Auth0 email from USER# SETTINGS cache; paginated.

query Parameters
limit
integer [ 25 .. 100 ]
Default: 25
cursor
string

Responses

Invite partner (Admin)

Sends an invite email and creates a partner record.

Request Body schema: application/json
email
required
string
name
required
string
commissionPercent
number

Responses

Request samples

Content type
application/json
{
  • "email": "string",
  • "name": "string",
  • "commissionPercent": 0
}

List payout requests (Admin)

Returns all payout requests across all partners.

Responses

GET Admin get Phone Numbers

Responses

Response samples

Content type
application/json
{ }

GET Admin get Platform Vapi System Prompt

Responses

Response samples

Content type
application/json
{ }

PUT Admin update Platform Vapi System Prompt

Responses

Response samples

Content type
application/json
{ }

Revenue overview (Admin)

Per-user revenue from invoices; Auth0 email from SETTINGS cache; paginated.

query Parameters
limit
integer [ 25 .. 100 ]
Default: 25
cursor
string

Responses

List test call requests (Admin)

Test call requests, newest first; DynamoDB keyset pagination.

query Parameters
limit
integer [ 25 .. 100 ]
Default: 25
cursor
string
sortBy
string
Enum: "date" "phone" "ip" "locale"
sortDir
string
Enum: "asc" "desc"

Responses

Admin Get Assistant Tool Selection

Responses

Response samples

Content type
application/json
{ }

Admin Update Assistant Tool Selection

Responses

Response samples

Content type
application/json
{ }

GET Admin get User Files

Responses

Response samples

Content type
application/json
{ }

POST Admin upload User File

Responses

Response samples

Content type
application/json
{ }

List users (Admin, paginated)

Union of USER# SETTINGS and SUBSCRIPTION rows (subscription-only customers appear). Auth0 email comes from SETTINGS cache fields when present. Offset pagination. Search (q) uses the same union in memory (suitable for ~1–3k accounts).

query Parameters
limit
integer [ 25 .. 100 ]
Default: 25
cursor
string
q
string

Responses

Get customer settings (admin)

Update customer settings (admin)

GET Admin get User Sip Integration

Responses

Response samples

Content type
application/json
{ }

Persist Auth0 primary email on SETTINGS (Admin)

Fetches Auth0 once if cache empty, writes to DynamoDB; idempotent thereafter.

Persist Auth0 RBAC permissions on SETTINGS (Admin)

DELETE Admin phone Numbers delete Admin Phone Number Assignment

Responses

Response samples

Content type
application/json
{ }

GET Admin phone Numbers get Admin Phone Number Detail

Responses

Response samples

Content type
application/json
{ }

GET Admin phone Numbers get Admin Phone Numbers Available

Responses

Response samples

Content type
application/json
{ }

PATCH Admin phone Numbers patch Admin Phone Number Owner

Responses

Response samples

Content type
application/json
{ }

POST Admin phone Numbers post Admin User Phone Number

Responses

Response samples

Content type
application/json
{ }

POST Admin potentials Assign Export

Responses

Response samples

Content type
application/json
{ }

GET Admin potentials Contacts

Responses

Response samples

Content type
application/json
{ }

GET Admin potentials Export

Responses

Response samples

Content type
application/json
{ }

POST Admin potentials Import

Responses

Response samples

Content type
application/json
{ }

GET Admin potentials Industries

Responses

Response samples

Content type
application/json
{ }

GET Admin potentials Lists

Responses

Response samples

Content type
application/json
{ }

POST Admin potentials Preview

Responses

Response samples

Content type
application/json
{ }

POST Admin sip create Admin Sip Trunk

Responses

Response samples

Content type
application/json
{ }

DELETE Admin sip delete Admin Sip Trunk

Responses

Response samples

Content type
application/json
{ }

PATCH Admin sip update Admin Sip Trunk

Responses

Response samples

Content type
application/json
{ }

GET Admin sip get Admin Sip Control

Responses

Response samples

Content type
application/json
{ }

POST Admin sip sync Admin Sip Trunk Numbers

Responses

Response samples

Content type
application/json
{ }

GET Admin sipgate get Admin Sipgate Trunk Phone Numbers

Responses

Response samples

Content type
application/json
{ }

PUT Admin sipgate put Admin Sipgate Trunk Phone Numbers

Responses

Response samples

Content type
application/json
{ }

GET Admin sipgate get Admin Sipgate Trunks

Responses

Response samples

Content type
application/json
{ }

PATCH Admin sipgate patch Admin Sipgate Trunk

Responses

Response samples

Content type
application/json
{ }

POST Admin sipgate sync Admin Sipgate Trunk Numbers

Responses

Response samples

Content type
application/json
{ }

Update partner (Admin)

Updates the commission rate or status of a partner.

path Parameters
partnerId
required
string
Request Body schema: application/json
commissionPercent
number
status
string
Enum: "active" "disabled"

Responses

Request samples

Content type
application/json
{
  • "commissionPercent": 0,
  • "status": "active"
}

Update per-user overage minute price (Admin)

Either send effectivePricePerExtraMinuteEuro (€/minute charged) or legacy overageMinutePriceMultiplier. null = reset to plan default (factor 1).

Partner

Partner program endpoints.

Activate partner account

Called after a partner registers. Validates the invite token, updates the partner record with the auth0 user ID, and sets status to active.

Request Body schema: application/json
inviteToken
required
string

Responses

Request samples

Content type
application/json
{
  • "inviteToken": "string"
}

Partner commissions

Returns commission transactions for the authenticated partner.

Responses

Partner dashboard

Returns aggregated earnings for the authenticated partner.

Responses

Join partner program

Any authenticated user can join the partner program (self-signup).

Responses

Request payout

Creates a payout request for available commission balance.

Responses

Save payout info

Saves billing address and bank account details for commission payouts.

Request Body schema: application/json
payoutIban
string
payoutBic
string
payoutBankName
string
payoutAccountHolder
string
billingCompany
string
billingName
string
billingStreet
string
billingZip
string
billingCity
string
billingCountry
string
billingVatId
string

Responses

Request samples

Content type
application/json
{
  • "payoutIban": "string",
  • "payoutBic": "string",
  • "payoutBankName": "string",
  • "payoutAccountHolder": "string",
  • "billingCompany": "string",
  • "billingName": "string",
  • "billingStreet": "string",
  • "billingZip": "string",
  • "billingCity": "string",
  • "billingCountry": "string",
  • "billingVatId": "string"
}

Affiliate

Referral and affiliate endpoints.

Save referral

Saves the affiliate referral for the authenticated user. Called once on first login when a ref cookie is present. refId may be a short public code (see ?ref=) or a legacy partner user id (?refId=).

Request Body schema: application/json
refId
required
string

Responses

Request samples

Content type
application/json
{
  • "refId": "string"
}

Internal

Machine-to-machine internal endpoints.

POST Internal calendar tool (sip-server)

Executes a calendar availability/booking action for a live sip-server call, or returns booking status.

Responses

GET Internal get Internal Sip Trunk

Responses

Response samples

Content type
application/json
{ }

GET Internal list User Knowledge Files

Responses

Response samples

Content type
application/json
{ }

Persist SIP-server call log with multilingual translations

Responses

POST Internal post Internal Sip Server Heartbeat

Responses

Response samples

Content type
application/json
{ }

POST Internal query User Knowledge

Responses

Response samples

Content type
application/json
{ }

Internal Auth0 webhook — mirror signup into HubSpot

Push

Push notification device registration.

DELETE delete Push Device

Responses

Response samples

Content type
application/json
{ }

PATCH update Push Device

Responses

Response samples

Content type
application/json
{ }

GET get My Push Devices

Responses

Response samples

Content type
application/json
{ }

POST register Push Device

Responses

Response samples

Content type
application/json
{ }

GET get Vapid Public Key

Responses

Response samples

Content type
application/json
{ }

Phone

Phone number and addon management.

POST cancel Phone Addon

Responses

Response samples

Content type
application/json
{ }

POST create Phone Addon

Responses

Response samples

Content type
application/json
{ }

GET get My Phone Addons

Responses

Response samples

Content type
application/json
{ }

GET get My Phone Numbers

Responses

Response samples

Content type
application/json
{ }

GET get My Voice Test Config

Responses

Response samples

Content type
application/json
{ }

PATCH patch My Active Phone

Responses

Response samples

Content type
application/json
{ }

Calendar

Get computed free slots

Returns bookable slots (UTC) for the active assistant within a range — for the UI preview and the AI booking flow.

query Parameters
from
string <date-time>
to
string <date-time>

Responses

Get booking configuration

Responses

Update booking configuration

Responses

Connect a Cal.com event type

Validates the API key + event type and stores the key encrypted for the active assistant.

Responses

Connect a CalDAV / iCloud calendar

Validates the credentials via PROPFIND and stores them encrypted for the active assistant.

Responses

Start a calendar OAuth connect flow

Returns the provider authorize URL for the active assistant (pool line).

path Parameters
provider
required
string
Enum: "google" "microsoft" "calendly"
query Parameters
assistantId
string

Responses

Calendar OAuth callback (public)

Exchanges the authorization code, stores encrypted tokens and redirects back to the dashboard.

path Parameters
provider
required
string

Responses

Disconnect a calendar integration

Revokes tokens (best-effort) and removes the stored integration for the active assistant.

path Parameters
provider
required
string

Responses

List connected calendar integrations

Returns connected services (without secrets), booking config and the provider catalog for the active assistant.

Responses

Team

Accept a team invitation after Auth0 registration

Responses

Remove or revoke a team member invitation

Responses

List team members

Responses

Invite a team member

Responses

Preview team invite (company name)

query Parameters
token
required
string

Responses