Profile resources (public)
These endpoints redirect to temporary S3 signed URLs:
Profile image
GET /api/resources/profile-image/{id}
Profile video
GET /api/resources/profile-video/{id}
Videos get a much longer signed URL expiry (5 days vs 5 minutes) due to streaming requirements.
Protected resources
DBS document image
GET /api/resources/dbs-image/{id}
auth:api — redirects to 5-minute signed S3 URL.
Qualification document image
GET /api/resources/qualification-image/{id}
auth:api — redirects to 5-minute signed S3 URL.
Mobile app assets
GET /api/resources/mobile/...
File management (v1)
GET /api/v1/files
POST /api/v1/files
GET /api/v1/files/{id}
PUT /api/v1/files/{id}
DELETE /api/v1/files/{id}
auth:api)
Files use UUID primary keys (not auto-increment integers). Stored in S3 via FileService.
Current API files
GET /api/files
POST /api/files
GET /api/files/{id}
PUT /api/files/{id}
DELETE /api/files/{id}
Service notifications
GET /api/service-notifications
Address search
GET /api/addresses/search
GET /api/v1/addresses/search-postcode
AddressService::searchPostCode() → GoogleMapsAPI::getGeoCodeResults() + getReverseGeoCodeResults().
