> ## Documentation Index
> Fetch the complete documentation index at: https://docs.praxis-ai.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Upload content from URL

> Downloads or scrapes content from a URL and ingests it into the user's IP Vault via RAG. Google document URLs (Docs, Sheets, Slides) are automatically detected and read via Google OAuth instead of plain HTTP download. The URL is validated against SSRF in non-dev mode. When an institution is provided, the user's membership is verified before proceeding.



## OpenAPI

````yaml /mdx/api-reference/runtime/runtime-api.json post /api/user/url
openapi: 3.0.0
info:
  title: Pria Runtime API
  version: 2.0.1
  description: >-
    Pria API Documentation Praxis's developer platform is a core part of our
    mission to empower organizations to grow better. Our APIs are designed to
    enable teams of any shape or size to build robust integrations that help
    them customize and get the most value out of Pria. All Pria APIs are built
    using REST conventions and designed to have a predictable URL structure.
    <br/>  <br/>They use many standard HTTP features, including methods (POST,
    GET, PUT, DELETE) and error response codes.  <br/> <br/>All API calls are
    made under https://hiimpria.ai/api and all responses return standard JSON.
    In these docs, you'll find lists of all available endpoints for a given API,
    along with interactive code blocks for building requests. For walkthroughs
    of basic usage for these APIs, check out the API guides.
servers:
  - url: https://pria.praxislxp.com
    description: Pria API Server
security: []
tags:
  - name: Authentication
    description: User authentication, registration, and password management (/api/auth)
  - name: OAuth
    description: OAuth authentication providers - Google, GitHub, SSO (/api/auth/oauth)
  - name: User
    description: User profile management and account operations (/api/user)
  - name: User Institutions
    description: User institution memberships and switching (/api/user/institution)
  - name: User Tools
    description: Available tools for authenticated users (/api/user/tools)
  - name: Institutions
    description: Institution settings and configuration (/api/user/institution)
  - name: Conversation
    description: AI conversation and Q&A endpoints (/api/ai)
  - name: Realtime
    description: Real-time voice AI and WebRTC sessions (/api/ai/rt)
  - name: Assistant
    description: AI assistant configuration and management (/api/user/assistant)
  - name: History
    description: Conversation history and favorites (/api/user/history)
  - name: RAG
    description: >-
      Document upload, embedding, and retrieval-augmented generation
      (/api/user/files, /api/user/rag)
  - name: Setting
    description: Instance variables and settings management (/api/user/setting)
  - name: Branding
    description: Digital twin branding and customization (/api/agent/branding)
  - name: Agent
    description: Agent engagement and session management (/api/agent)
  - name: SDK Launch
    description: >-
      SDK launch token signing and verification for secure iframe embedding
      (/api/auth/sdk-sign, /api/auth/sdk-verify)
  - name: Testing
    description: Health checks, diagnostics, and test endpoints (/api/test)
  - name: Admin Accounts
    description: Account management for super admins (/api/admin/account)
  - name: Admin Institutions
    description: Institution management for admins (/api/admin/institution)
  - name: Admin Users
    description: User management for admins (/api/admin/user)
  - name: Admin Entitlements
    description: >-
      User-institution relationships and permissions
      (/api/admin/userInstitution)
  - name: Admin Sessions
    description: Session management for admins (/api/admin/session)
  - name: Admin Histories
    description: Conversation history management and analytics (/api/admin/history)
  - name: Admin Assistants
    description: AI assistant management for admins (/api/admin/assistant)
  - name: Admin Questions
    description: Institution question and prompt management (/api/admin/question)
  - name: Admin Tools
    description: Tool configuration management (/api/admin/tool)
  - name: Admin AI Models
    description: AI model configuration (/api/admin/aimodel)
  - name: Admin MCP Servers
    description: Model Context Protocol server management (/api/admin/mcpserver)
  - name: Admin Feedbacks
    description: User feedback management (/api/admin/feedback)
  - name: Admin Uploads
    description: Upload management (/api/admin/upload)
  - name: Admin Charts
    description: Analytics and visualization chart management (/api/admin/chart)
  - name: Audio Notes
    description: Capture and ingest spoken notes into the personal vault
  - name: Memory
    description: User-facing memory parameters (personal + shared instance memory).
  - name: My Data
    description: >-
      GDPR controls — personal-scope counts, async ZIP-by-email export, and
      scoped soft-delete. Every endpoint pins `user = req.user._id` AND
      `institution: null`; institution-scoped data is governed by the
      institution's own retention policy and never reached from here.
  - name: Questions
    description: >-
      User-facing read of the onboarding question bank used by the "create a
      digital twin" wizard.
  - name: Transcription
    description: >-
      One-shot speech-to-text for in-place dictation. Audio blob in, transcript
      out — no Upload / History / RAG embeddings are persisted. Use
      `/audio-notes` for anything durable.
paths:
  /api/user/url:
    post:
      tags:
        - IP Vault
      summary: Upload content from URL
      description: >-
        Downloads or scrapes content from a URL and ingests it into the user's
        IP Vault via RAG. Google document URLs (Docs, Sheets, Slides) are
        automatically detected and read via Google OAuth instead of plain HTTP
        download. The URL is validated against SSRF in non-dev mode. When an
        institution is provided, the user's membership is verified before
        proceeding.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UploadUrlRequest'
      responses:
        '200':
          description: URL content ingested successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UploadUrlResponse'
        '400':
          description: >-
            Bad request - invalid URL, SSRF violation, unauthorized institution,
            or RAG processing error
          content:
            application/json:
              schema:
                type: object
                properties:
                  success:
                    type: boolean
                    example: false
                  message:
                    type: string
                    example: Invalid url
                  error:
                    description: Error object from the failed operation
        '401':
          description: Unauthorized - Invalid or missing access token
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '403':
          description: >-
            Forbidden - multiple causes: (a) Google OAuth authorization required
            - the URL is a Google document but the user has no valid Google
            OAuth token; (b) standard user attempted to upload to an instance
            vault; (c) standard user personal upload denied because the
            institution has disableFileUploadForUser=true and the user's email
            domain is not in enableFileUploadForEmail; (d) admin lacks files.add
            entitlement on the target institution
          content:
            application/json:
              schema:
                type: object
                properties:
                  success:
                    type: boolean
                    example: false
                  code:
                    type: string
                    enum:
                      - GOOGLE_AUTH_REQUIRED
                      - GOOGLE_AUTH_ERROR
                      - SERVICES_DISABLED_BY_ADMIN
                      - TOKEN_REFRESH_FAILED
                      - SERVICE_NOT_ENABLED
                      - TOKEN_MISSING
                    description: >-
                      Specific error code from the Google OAuth cascade (only
                      present for Google OAuth 403 scenarios)
                  message:
                    type: string
                    example: Google authorization is required to read this document.
                  consentUrl:
                    type: string
                    nullable: true
                    description: >-
                      OAuth consent URL if available (user can authorize
                      directly, Google OAuth case only)
                    example: >-
                      https://pria.praxislxp.com/api/auth/google/services/authorize?scopes=drive,document&token=...
      security:
        - apiKeyAuth: []
components:
  schemas:
    UploadUrlRequest:
      type: object
      required:
        - url
      properties:
        url:
          type: string
          format: uri
          description: URL to download and ingest content from
          example: https://example.com/document.pdf
        confidential:
          type: boolean
          description: >-
            Whether the content is confidential. Only applied when institution
            is provided; ignored for personal uploads.
          default: false
        skipIndexing:
          type: boolean
          description: >-
            When true, the file is stored in the vault but RAG embedding
            generation is skipped. The file is set to status 'active' (visible
            in vault) with no embeddings. Default: false.
          default: false
        scrape:
          type: boolean
          description: >-
            When true, scrapes webpage content. When false, downloads the file
            directly.
          default: false
        institution:
          type: string
          description: >-
            Institution ID to associate the upload with. Must match the user's
            institution for regular users.
          example: 6631915765bb0a94cfd6ca99
        selectedCourse:
          type: object
          description: Course context for the upload history record
          properties:
            course_id:
              type: number
              description: Unique identifier for the course
            course_name:
              type: string
              description: Name of the course
            assistant:
              type: object
              properties:
                _id:
                  type: string
                  description: Assistant unique identifier
        selectedAssistant:
          type: string
          description: >-
            Assistant ID for the upload history record (used as fallback if
            selectedCourse.assistant._id is not set)
          example: 6856fa89cbafcff8d98680f5
        collection:
          type: string
          description: >-
            Collection ID to associate the uploaded file with. When provided,
            the Upload record is linked to this collection.
          example: 6631915765bb0a94cfd6ca99
        account_shared:
          type: boolean
          description: >-
            When true and institution is set, marks the file as shared across
            the institution's account
          default: false
    UploadUrlResponse:
      type: object
      properties:
        success:
          type: boolean
          example: true
        message:
          type: string
          example: URL ingested successfully
        code:
          type: integer
          description: Status code (1 indicates success)
          example: 1
    ErrorResponse:
      type: object
      properties:
        success:
          type: boolean
          example: false
        message:
          type: string
          description: Human-readable error message
        error:
          type: string
          description: Technical error details
  securitySchemes:
    apiKeyAuth:
      type: apiKey
      in: header
      name: x-access-token
      description: JWT token passed in x-access-token header

````