Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Group Endpoints

Create Group

Creates a new group with the authenticated user as the sole member and admin.

POST /api/v1/groups

Authentication: Required.

Request Body — CreateGroupRequest

FieldTypeRequiredDescription
group_namestringYesUnique group name. 1–64 characters, must start with ASCII alphanumeric, only letters/digits/underscores.
aliasstringNoDisplay name. Max 64 characters, no ASCII control characters.

Response Body — CreateGroupResponse

FieldTypeDescription
group_idint64The server-assigned unique group ID.

Notes

The creator is automatically added as a member with the admin role. No other members are added at creation time. Additional members are added via the escrow invite system.

After creating the group on the server, the client MUST:

  1. Create an MLS group locally.
  2. Upload the initial commit and GroupInfo via POST /api/v1/groups/{id}/commit, including the mls_group_id.

Status Codes

CodeCondition
201 CreatedGroup created successfully.
400 Bad RequestInvalid group name format, alias too long or contains control characters.
401 UnauthorizedInvalid or expired token.
409 ConflictGroup name already taken.

SSE Events

None.

List Groups

Lists all groups the authenticated user is a member of, including member lists and metadata.

GET /api/v1/groups

Authentication: Required.

Request Body

None.

Response Body — ListGroupsResponse

FieldTypeDescription
groupsrepeated GroupInfoList of groups the user belongs to.

Each GroupInfo:

FieldTypeDescription
group_idint64Server-assigned group ID.
aliasstringDisplay name (may be empty).
group_namestringUnique group name.
membersrepeated GroupMemberAll members of the group.
created_atuint64Unix timestamp of group creation (seconds).
mls_group_idstringHex-encoded MLS group identifier.
message_expiry_secondsint64Per-group message expiry (-1=disabled, 0=delete-after-fetch, >0=seconds).

Each GroupMember:

FieldTypeDescription
user_idint64Member’s user ID.
usernamestringMember’s username.
aliasstringMember’s display name (may be empty).
rolestringEither "admin" or "member".
signing_key_fingerprintstringSHA-256 hex of the member’s MLS signing public key (may be empty).

Status Codes

CodeCondition
200 OKSuccess.
401 UnauthorizedInvalid or expired token.

SSE Events

None.

Update Group

Updates a group’s alias, name, and/or message expiry settings.

PATCH /api/v1/groups/{group_id}

Authentication: Required. Authorization: Admin only.

Path Parameters

ParameterTypeDescription
group_idint64The group to update.

Request Body — UpdateGroupRequest

FieldTypeRequiredDescription
aliasstringNoNew display name. Max 64 characters, no ASCII control characters.
group_namestringNoNew group name. Same validation rules as creation.
message_expiry_secondsint64NoNew message expiry value. Only applied when update_message_expiry is true.
update_message_expiryboolNoMUST be true for the message_expiry_seconds field to take effect.

Message Expiry Validation

When update_message_expiry is true:

  • The value MUST be -1 (disabled), 0 (delete-after-fetch), or a positive integer (seconds).
  • If the server has a non-disabled retention policy (i.e., message_retention is not "-1"), the group expiry MUST NOT exceed the server retention value.

Response Body — UpdateGroupResponse

Empty message.

Status Codes

CodeCondition
200 OKGroup updated.
400 Bad RequestInvalid name/alias format, invalid expiry value, or expiry exceeds server retention.
401 UnauthorizedInvalid token, not a member, or not an admin.

SSE Events

  • GroupUpdateEvent with update_type: "group_settings" — sent to all group members, including the sender.

Get Group Info

Returns the stored MLS GroupInfo blob for a group. Required for external commits (account reset / rejoin).

GET /api/v1/groups/{group_id}/group-info

Authentication: Required. Authorization: Group member.

Path Parameters

ParameterTypeDescription
group_idint64The group whose GroupInfo to fetch.

Request Body

None.

Response Body — GetGroupInfoResponse

FieldTypeDescription
group_infobytesRaw MLS GroupInfo bytes.

Status Codes

CodeCondition
200 OKGroupInfo returned.
401 UnauthorizedInvalid token or not a group member.
404 Not FoundNo GroupInfo has been stored for this group.

SSE Events

None.

Get Retention Policy

Returns the server-wide retention policy and the group’s per-group expiry setting.

GET /api/v1/groups/{group_id}/retention

Authentication: Required. Authorization: Group member.

Path Parameters

ParameterTypeDescription
group_idint64The group to query.

Request Body

None.

Response Body — GetRetentionPolicyResponse

FieldTypeDescription
server_retention_secondsint64Server-wide retention (-1=disabled, 0=delete-after-fetch, >0=seconds).
group_expiry_secondsint64Per-group expiry (-1=disabled, 0=delete-after-fetch, >0=seconds).

Status Codes

CodeCondition
200 OKSuccess.
401 UnauthorizedInvalid token or not a group member.

SSE Events

None.

Delete Group

Permanently deletes a group and all associated data.

POST /api/v1/groups/{group_id}/delete

Authentication: Required. Authorization: Group admin.

Path Parameters

ParameterTypeDescription
group_idint64The group to delete.

Request Body

None.

Response Body — DeleteGroupResponse

Empty message.

Status Codes

CodeCondition
200 OKGroup deleted.
401 UnauthorizedInvalid token, not a group member, or not an admin.
404 Not FoundGroup does not exist.

Notes

This is an irreversible operation. The server:

  1. Verifies the caller is a group admin.
  2. Collects all group members for SSE notification.
  3. Deletes the group row (DELETE FROM groups WHERE id = ?). CASCADE handles all dependent tables (group_members, messages, pending_invites, pending_welcomes, message_fetch_watermarks).
  4. Broadcasts GroupDeletedEvent to all former members (including the caller).

All members’ local MLS state for the group becomes orphaned. Clients clean up local MLS state upon receiving the GroupDeletedEvent.

SSE Events

GroupDeletedEvent is broadcast to all former group members (including the caller).