https://docs.test.geena.eu/user/index.html User API Operations under the user scope of the unified GraphQL endpoint (POST /graphql). All calls require a Bearer JWT obtained from verify-otp. Sections register — finalise a new user account status — registration / tier / seal state seal / unseal — vault key management schemas — discover built-in JSON schemas at runtime documents/ — private-vault documents (7 ops) files/ — private-vault files (5 ops) shared-vaults/ — shared vault creation, docs, files Info Most write operations require the user’s vault to be unsealed. Reading status works while sealed; most other endpoints do not. Hugo en https://docs.test.geena.eu/user/register/index.html Mon, 01 Jan 0001 00:00:00 +0000 https://docs.test.geena.eu/user/register/index.html user.register Finalises a new user account. Called after verify-otp returns isNewUser: true. Idempotent per session: calling it on an already-registered account is a no-op. Auth Bearer JWT required. Vault does not need to be unsealed — this mutation creates the user row and initialises the KMS keys for the caller. https://docs.test.geena.eu/user/status/index.html Mon, 01 Jan 0001 00:00:00 +0000 https://docs.test.geena.eu/user/status/index.html user.status Returns the caller’s registration state, security tier, and vault seal state. Safe to call at any time — including when the vault is sealed. Auth Bearer JWT required. GraphQL query { user { status { isRegistered securityLevel isSealed faceScanVerified deletionRequestedAt deletionScheduledFor } } } Response fields Field Type Meaning isRegistered Boolean! User row exists in the system securityLevel Int 1 = Standard, 2 = Enhanced, 3 = Maximum. null if not registered. isSealed Boolean! true until security.unseal is called this session faceScanVerified Boolean! Current session has a verified FaceTech scan deletionRequestedAt Time Set if user requested account deletion deletionScheduledFor Time Date the account will be permanently deleted Example response { "data": { "user": { "status": { "isRegistered": true, "securityLevel": 1, "isSealed": false, "faceScanVerified": false, "deletionRequestedAt": null, "deletionScheduledFor": null } } } } curl curl -X POST https://api.test.geena.eu/graphql \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json" \ -d '{"query":"{ user { status { isRegistered securityLevel isSealed faceScanVerified } } }"}' https://docs.test.geena.eu/user/seal/index.html Mon, 01 Jan 0001 00:00:00 +0000 https://docs.test.geena.eu/user/seal/index.html user.security.seal Evicts the caller’s master key from the server’s in-memory KMS cache. After sealing, any further encrypted operation (document/file read or write) will fail until the user calls unseal again. Use this when the user logs out, switches context, or after a period of inactivity — the JWT session can live longer than the unseal cache. https://docs.test.geena.eu/user/documents/index.html Mon, 01 Jan 0001 00:00:00 +0000 https://docs.test.geena.eu/user/documents/index.html Documents (private vault) Structured JSON documents stored in the caller’s private vault. Each document is encrypted with a vault-scoped DEK; the vault must be unsealed for all document operations. Queries: list, get, versions Mutations: create, update, delete, validate https://docs.test.geena.eu/user/unseal/index.html Mon, 01 Jan 0001 00:00:00 +0000 https://docs.test.geena.eu/user/unseal/index.html user.security.unseal Loads the caller’s master key into the KMS cache for this process. Required before any encrypted read/write (documents, files, shared vaults, flow submissions, …). Auth Bearer JWT required. Input input VaultUnsealInput { pin: String # 6-digit PIN } Tier 1 (Standard): omit pin. The master key is protected by a platform-held secret only. Tier 2 (Enhanced) and above: pin is required. The PIN is combined (Shamir 2/2) with a platform secret to reconstruct the master key. GraphQL mutation UnsealTier2($pin: String!) { user { security { unseal(input: { pin: $pin }) } } } Tier 1: https://docs.test.geena.eu/user/files/index.html Mon, 01 Jan 0001 00:00:00 +0000 https://docs.test.geena.eu/user/files/index.html Files (private vault) Binary files (PDFs, images, etc.) stored in the caller’s private vault. Content is in MinIO; metadata is in PostgreSQL. Vault must be unsealed. Queries: list, get, versions Mutations: upload, delete Actual binary download is HTTP, not GraphQL: GET /user/file/:fileID/download (Bearer JWT). https://docs.test.geena.eu/user/schemas/index.html Mon, 01 Jan 0001 00:00:00 +0000 https://docs.test.geena.eu/user/schemas/index.html user.schema The User scope exposes the backend’s schema registry so clients can discover which built-in schemas are available and fetch their JSON Schema definitions at runtime. Use these when rendering forms, validating data locally, or picking a schemaRef for document.create. For a human-readable catalog of what each schema means, see reference/schemas. Auth Bearer JWT. Vault can be sealed — the registry is not encrypted. https://docs.test.geena.eu/user/shared-vaults/index.html Mon, 01 Jan 0001 00:00:00 +0000 https://docs.test.geena.eu/user/shared-vaults/index.html Shared Vaults A shared vault is a cryptographically isolated collection of documents and files owned by a single user. Sharing is implemented via key re-encryption — no master key ever leaves the owner’s client. Create / list / get create — sharedVaultCreate list — sharedVaultList get — sharedVault(id).get Contents document-ops — list / get / versions / create / update / delete file-ops — list / get / versions / upload / delete