reactbin/specs/012-api-docs-gate/quickstart.md

Quickstart: API Documentation Visibility Gate

Verify docs are disabled

# Start API with docs disabled
API_DOCS_ENABLED=false uvicorn app.main:app --reload

curl -s -o /dev/null -w "%{http_code}" http://localhost:8000/docs        # → 404
curl -s -o /dev/null -w "%{http_code}" http://localhost:8000/redoc       # → 404
curl -s -o /dev/null -w "%{http_code}" http://localhost:8000/openapi.json # → 404
curl -s -o /dev/null -w "%{http_code}" http://localhost:8000/api/v1/health # → 200

Verify docs are enabled (default)

# Start API without the flag (or with it set to true)
uvicorn app.main:app --reload

curl -s -o /dev/null -w "%{http_code}" http://localhost:8000/docs         # → 200
curl -s -o /dev/null -w "%{http_code}" http://localhost:8000/redoc        # → 200
curl -s -o /dev/null -w "%{http_code}" http://localhost:8000/openapi.json # → 200

Integration test scenarios

Scenario 1: flag disabled — all three docs endpoints return 404

Start a test client with API_DOCS_ENABLED=false injected into settings. Assert each of the three endpoint paths returns 404. Assert /api/v1/health returns 200.

Scenario 2: flag enabled (default) — docs endpoints return 200

Start a test client without the flag (or with API_DOCS_ENABLED=true). Assert each of the three endpoint paths returns 200.

Scenario 3: invalid flag value — app starts, docs enabled

Set API_DOCS_ENABLED=not-a-bool. The app must start without error. Docs must be accessible (safe fallback to enabled).

Scenario 4: flag absent — docs enabled (backwards compatibility)

Start the app with no API_DOCS_ENABLED variable set. Assert docs endpoints return 200 — identical to pre-feature behaviour.