Service documentation
75 Hard API discovery
This page documents the main API surfaces exposed by 75 Hard. Agents can also discover the machine-readable catalog at /.well-known/api-catalog.
Authentication discovery
Protected member APIs support OAuth discovery metadata at /.well-known/oauth-authorization-server, a JWKS endpoint at /oauth/jwks, and a token endpoint at /oauth/token.
Programmatic clients can exchange an email and password for a bearer token with the OAuth password grant. Protected API routes also continue to accept session cookies for browser access.
Public endpoints
No authentication required.
| Method | Path | Description |
|---|---|---|
| GET | /api/health | Returns basic service health and environment status. |
| POST | /api/auth/signup | Creates an account and starts the verification flow. |
| POST | /api/auth/login | Authenticates an existing account. |
| POST | /api/auth/send-otp | Sends a verification code to the user email. |
| POST | /api/auth/verify-otp | Validates the verification code. |
Authenticated member endpoints
Requires an authenticated session cookie.
| Method | Path | Description |
|---|---|---|
| GET | /api/dashboard | Loads authenticated dashboard state. |
| GET, POST | /api/routines | Reads and updates member routine data. |
| POST | /api/progress/toggle | Marks daily tasks complete or incomplete. |
| GET, POST | /api/gallery | Loads and uploads gallery items. |