EULA
The EULA tag covers reading the published agreement and accepting it during browser session self-signup flows. Shapes follow EulaResponse (content, version), AcceptEulaRequest (accepted), and AcceptEulaResponse (message, user_id, optional workspace_id) — see the API reference.
GET /eula is intentionally readable without authentication at the HTTP edge so clients can render terms before login. POST /eula/accept requires bearer_auth and is documented as relying on X-User-Email from the Oathkeeper cookie session (same pattern as other auth-browser routes — see Auth (browser session)).
Operations vs wire routes
Section titled “Operations vs wire routes”| Concern | HTTP | operationId | Notes |
|---|---|---|---|
| Read agreement | GET /eula | get_eula | No security in OpenAPI; anonymous GET at the edge. |
| Accept & provision | POST /eula/accept | accept_eula | Body AcceptEulaRequest with accepted: true. Session-email header expectations match browser auth flows. |
SDK coverage
Section titled “SDK coverage”| Capability | Python | Rust (openapp_sdk) | Go | TypeScript (AsyncClient) |
|---|---|---|---|---|
| Get EULA | client.eula.get() | client.eula().get() | EULAAPI.GetEula | Not on façade yet |
| Accept EULA | client.eula.accept(accepted=True) | client.eula().accept(...) | EULAAPI.AcceptEula | Not on façade yet |
Typical errors
Section titled “Typical errors”POST /eula/accept returns 401 without a valid browser session / bearer context and 400 for invalid bodies. GET /eula follows normal read retry behavior — see Errors & retries.
Examples
Section titled “Examples”Fetch EULA text
Section titled “Fetch EULA text”text = await client.eula.get()assert "version" in textGetEula returns EulaResponse.
import ( "context"
openapiclient "github.com/tomers/openapp-sdk/go")
resp, httpResp, err := client.EULAAPI.GetEula(context.Background()).Execute()if err != nil { return err}defer httpResp.Body.Close()_ = resp.GetContent()_ = resp.GetVersion()Returns serde_json::Value for EulaResponse.
use openapp_sdk::Client;
let client = Client::builder() .api_key("https://api.openapp.house/api/v1_openapp_YOUR_SECRET") .build()?;
let eula = client.eula().get().await?;if let Some(v) = eula["version"].as_str() { println!("{v}");}const eula = await fetch("https://app.openapp.house/eula").then( (r) => r.json() as Promise<{ content: string; version: string }>,);GET /eula is intentionally readable without authentication, so no Authorization or cookies are required — the same call works from a public landing page (browser) and from a Node bootstrap script (no tough-cookie wrapper needed). Replace with AsyncClient.getEula once the Node façade exposes it.
Accept EULA (authenticated session)
Section titled “Accept EULA (authenticated session)”Use this only when your transport carries the browser session / bearer token expected by the gateway (see Authentication and Auth (browser session)).
out = await client.eula.accept(accepted=True)import ( "context"
openapiclient "github.com/tomers/openapp-sdk/go")
body := *openapiclient.NewAcceptEulaRequest(true)resp, httpResp, err := client.EULAAPI.AcceptEula(context.Background()). AcceptEulaRequest(body). Execute()if err != nil { return err}defer httpResp.Body.Close()_ = respuse openapp_sdk::Client;use serde_json::json;
let client = Client::builder() .api_key("https://api.openapp.house/api/v1_openapp_YOUR_SECRET") .build()?;
let provisioned = client .eula() .accept(&json!({ "accepted": true })) .await?;const out = await fetch("https://app.openapp.house/eula/accept", { method: "POST", credentials: "include", headers: { "content-type": "application/json" }, body: JSON.stringify({ accepted: true }),}).then( (r) => r.json() as Promise<{ message: string; user_id: string; workspace_id?: string; }>,);The browser path relies on the page’s ory_kratos_session cookie (same as Auth (browser session)) — credentials: "include" sends it across origins as long as CORS is configured. From Node, swap credentials: "include" for an undici.Agent + tough-cookie wrapper that replays the cookie jar captured during the Kratos self-service login, or pass an explicit Cookie: header. POST /eula/accept also provisions the user — capture out.user_id / out.workspace_id for the next dashboard hop. Replace with AsyncClient.acceptEula once the Node façade exposes it.