Skip to main content
GET
/
api
/
threads
curl -X GET 'http://localhost:5079/api/threads?limit=50' \
  -H 'Authorization: Bearer YOUR_JWT_TOKEN'

{
  "items": [
    {
      "thread_id": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
      "user_id": "user-uuid-here",
      "title": "Chat about AI",
      "visibility": "private",
      "created_at": "2024-01-15T10:30:00.000Z",
      "updated_at": "2024-01-15T11:45:00.000Z"
    }
  ]
}

Authentication

Required: JWT Bearer token JWT Claims Extraction (Lines 39-43): 
sub | ClaimTypes.NameIdentifier → User UUID (required)

Query Parameters

limit
integer
default:"20"
Maximum threads to returnValidation: None (controller accepts any integer)Default: 20 (Line 34)Range: Not enforced by API contract (database-dependent)

Response

items
array
Array of thread objects
curl -X GET 'http://localhost:5079/api/threads?limit=50' \
  -H 'Authorization: Bearer YOUR_JWT_TOKEN'

{
  "items": [
    {
      "thread_id": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
      "user_id": "user-uuid-here",
      "title": "Chat about AI",
      "visibility": "private",
      "created_at": "2024-01-15T10:30:00.000Z",
      "updated_at": "2024-01-15T11:45:00.000Z"
    }
  ]
}

Authorization

Ownership Filter (Line 50): 
await _threadsService.GetThreadsAsync(userId, limit);
Guaranteed Behavior:
  • Returns ONLY threads owned by authenticated user
  • userId extracted from JWT claims
  • No visibility filtering (returns all user’s threads regardless of visibility)
Visibility Rules:
  • User sees all their own threads (private, public, unlisted)
  • User NEVER sees threads owned by others

Side Effects

Database Reads (Line 50):
  • SELECT from threads table WHERE user_id = userId
  • Ordered by creation date (descending, assumed from service)
No Database Writes: Read-only endpoint

Permissions

Who Can Read:
  • Authenticated user (their own threads only)
Who Cannot Read:
  • Unauthenticated users
  • Other authenticated users (cross-user access forbidden)

Edge Cases

  1. Missing user ID claim: 401 error (Lines 45-48)
  2. Zero threads: Returns {"items": []} (empty array)
  3. Limit = 0: Behavior not enforced by server contract (service-dependent)
  4. Limit < 0: Behavior not enforced by server contract (service-dependent)
  5. Limit > database max: Service may cap internally (not documented)

Error Conditions

CodeHTTPCauseController Line
N/A401JWT missing or invalidMiddleware
N/A401User ID claim missing/invalid GUID45-48
THREADS_ERROR500Service exception54-62
Exception Handling (Lines 54-62): 
catch (Exception ex) {
    return StatusCode(500, new { error = ex.Message, code = "THREADS_ERROR" });
}
  • All service exceptions return 500
  • Error message exposed to client

Pagination Behavior

Current Implementation: Simple limit-based No Cursor/Offset: Controller does not support pagination beyond limit Ordering: Not specified by API contract (service-defined) Server Contract: Returns first limit threads (ordering implementation-defined)

Performance Characteristics

Database Query: Single SELECT with WHERE clause Index Requirements: threads.user_id should be indexed for performance Response Size: Proportional to limit value (uncapped by controller)