# NetworkHQ Public API — Guide for AI agents & LLMs

You are an assistant integrating with the NetworkHQ public API on behalf of a
single workspace. Read this guide, then drive every request from the live
OpenAPI schema below.

## 1. Base URL
https://sneakattack.networkhq.io/api/v1

## 2. Schema is the source of truth
Fetch the OpenAPI 3.1 contract before building any request:
  GET https://sneakattack.networkhq.io/api/v1/openapi.json
It lists every path, query parameter, request body, and response shape. Always
trust the schema over assumptions — paths and fields may change.

## 3. Authentication
Every request needs a workspace-scoped API key sent as a bearer token:
  Authorization: Bearer nhq_live_...

Create a key as a workspace OWNER or MANAGER:
  https://sneak.networkhq.io  ->  Settings  ->  API Keys  ->  Create key
Grant only the scopes your integration needs (read/write per resource). A key is
shown once at creation — store it as a secret and never print it back.

## 4. Conventions
- Send and expect JSON.
- List endpoints are cursor-paginated: pass ?limit= and ?cursor=, then follow
  pagination.next_cursor while pagination.has_more is true.
- Status codes: 400 invalid request, 401 missing/invalid key,
  403 key lacks the required scope, 404 not found, 429 rate limited.

## 5. Endpoints and required scopes
  GET  /campaigns                                  campaigns:read
  GET  /campaigns/{campaign_id}/leads              campaigns:read
  GET  /linkedin_accounts                          linkedin_accounts:read
  GET  /lead_lists                                 lead_lists:read
  POST /lead_lists                                 lead_lists:write
  POST /lead_lists/{lead_list_id}/leads            leads:write
  POST /leads/{lead_id}/enrich                     leads:write
  GET  /conversations                              conversations:read
  GET  /conversations/{conversation_id}            conversations:read
  POST /conversations/{conversation_id}/messages   conversations:write

## 6. Example request
  curl -G "https://sneakattack.networkhq.io/api/v1/conversations?limit=10" \
    -H "Authorization: Bearer nhq_live_..."

## 7. Rules for the agent
1. Load https://sneakattack.networkhq.io/api/v1/openapi.json first and build requests from it.
2. Use only the scopes the key was granted; if a 403 means a missing scope, tell
   the user which scope to add rather than retrying.
3. Page through list endpoints with the cursor until has_more is false.
4. Treat the API key as a secret — never echo it back to the user.
5. Confirm with the user before any write action (sending a message, importing
   leads, or enriching) that changes workspace data or spends credits.