> ## Documentation Index
> Fetch the complete documentation index at: https://api.idunox.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Core Contract

> The API contract Health Yourself uses to submit data and retrieve results.

## Contract overview

Health Yourself uses the Idunox Platform API to submit de-identified questionnaire and blood marker data as **canonical Type A JSON** (`canonical_submission_v1`), track processing, and retrieve completed results with **wellbeing outcomes** and optional report artefacts.

Map intake data to the canonical shape in your backend before `POST /v1/submissions` — see [Canonical submission JSON](/platform/canonical-submission). The live contract matches platform baseline tag **`baseline`** (OpenAPI synced from `iduscore-platform-services`).

## Base URL

```
https://api.idunox.com
```

All endpoints are versioned under `/v1/`.

## Endpoints

| Method    | Path                                                                        | Purpose                                                          |
| --------- | --------------------------------------------------------------------------- | ---------------------------------------------------------------- |
| `GET`     | [`/health`](/api-reference/endpoint/health)                                 | Server health check                                              |
| `GET`     | [`/openapi.json`](/api-reference/endpoint/openapi)                          | Machine-readable API contract for SDK generation and API tooling |
| `GET`     | [`/v1/partner-auth-probe`](/api-reference/endpoint/partner-auth-probe)      | Validate credentials                                             |
| `POST`    | [`/v1/submissions`](/api-reference/endpoint/submissions)                    | Submit a de-identified payload for processing                    |
| `GET`     | [`/v1/submissions/{submissionId}`](/api-reference/endpoint/get_submissions) | Poll submission status                                           |
| `GET`     | [`/v1/results/{resultId}`](/api-reference/endpoint/results)                 | Retrieve a completed result with assessments                     |
| `WEBHOOK` | Outbound: [`result.ready`](/api-reference/endpoint/webhook)                 | Platform-initiated callback when a result is ready               |

## Request conventions

Every write request (`POST`) must include:

* `x-correlation-id` header — a client-supplied identifier used to trace logs and response payloads.
* `Idempotency-Key` header — prevents duplicate submissions within a 24-hour window.

## Account isolation

All resource IDs are limited to your authenticated <Tooltip tip="Your account's isolated data scope. IDs are only valid within your account." cta="Full glossary" href="/platform/glossary">account</Tooltip>. If you request an ID from another account, the API returns `404`. You cannot access another account's <Tooltip tip="Payloads sent via POST /v1/submissions without direct personal identifiers." cta="Full glossary" href="/platform/glossary">submissions</Tooltip>, <Tooltip tip="API responses from GET /v1/results/{resultId}, containing assessments." cta="Full glossary" href="/platform/glossary">results</Tooltip>, or <Tooltip tip="Generated output files (PDF/HTML) for a result, accessed through signed URLs." cta="Full glossary" href="/platform/glossary">artifacts</Tooltip>.

## Content type

All requests and responses use `application/json` unless otherwise noted.