Stats
Actions
Tags
From patriotforge
Use when designing REST endpoints, defining Pydantic request/response schemas, configuring middleware, or planning integration contracts with external services.
How this skill is triggered — by the user, by Claude, or both
Slash command
/patriotforge:apiThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
**Stack:** FastAPI · Pydantic v2 · Redis sessions · CSRF protection · Rate limiting
Stack: FastAPI · Pydantic v2 · Redis sessions · CSRF protection · Rate limiting
| Action | Verb | Status | Example |
|---|---|---|---|
| Create | POST | 201 | POST /api/quotes |
| List | GET | 200 | GET /api/quotes?page=1&per_page=25 |
| Detail | GET | 200 | GET /api/quotes/{id} |
| Update | PATCH | 200 | PATCH /api/quotes/{id} |
| Delete | DELETE | 204 | DELETE /api/quotes/{id} (soft delete) |
Always declare response_model and status_code on every endpoint.
# Request — reject unknown fields
class CreateQuoteRequest(BaseModel):
model_config = ConfigDict(extra='forbid')
customer_id: UUID
notes: str = Field(max_length=2000, default="")
# Response — ORM-compatible
class QuoteResponse(BaseModel):
model_config = ConfigDict(from_attributes=True)
id: UUID
customer_id: UUID
status: str
created_at: datetime
class PaginatedResponse(BaseModel, Generic[T]):
total: int
page: int
per_page: int
items: list[T]
Default: page=1, per_page=25, max per_page=100.
X-CSRF-Token header required on POST/PATCH/DELETEhttps://forge.patriotpf.com, credentials enabledCache-Control: no-store on auth responses{
"detail": "Human-readable message",
"code": "DUPLICATE_EMAIL",
"correlation_id": "uuid"
}
| System | Protocol | Auth | Key Pattern |
|---|---|---|---|
| Floor Tracker | HTTPS REST | API key | Push WOs, poll status |
| ShipStation | REST v2 | API key | Rate shop, create shipments |
| Stripe | Checkout Sessions | Secret key | Webhooks w/ signature verification |
| QuickBooks | REST + OAuth 2.0 | OAuth tokens | Batch export queue |
| OnPrintShop | Zapier webhook | Shared secret | Inbound SO creation |
| Email (M365) | Graph API | OAuth | Claude-parsed → pending_review quote |
| Artworker.io | Webhooks | Signature | Proof approval status |
All webhooks: verify signature → deduplicate by event ID → return 200 immediately → process async.
📖 Full details: backend/app/routers/auth.py, docs/plans/2026-01-24-integrations.md
npx claudepluginhub aka-kolton/patriotforge-claude-plugin --plugin patriotforgeDesigns full API specs with endpoints, request/response shapes, error codes, auth patterns, and pagination following Stripe consistency principles. Use for designing APIs, building endpoints, or REST APIs.
Design and spec an API — endpoints, request/response shapes, error codes, auth pattern, pagination. Applies Stripe's consistency principles. Use when asked to "design an API", "build API endpoints", "create REST API", or "API for this feature".
Guides REST API design patterns for production-grade endpoints including resource naming, status codes, pagination, filtering, error responses, versioning, and rate limiting. Use when designing new APIs or reviewing contracts.