docs: 5798 5801 API & Event stream documentation and format changes

* docs: Add API endpoint documentation
- Add documentation for endpoints that are currently undocumented.
- Add documentation for dynamic fields defined by users.

* docs: Update API documentation
- Change format of API level documentation(existing ones)
- Update Summary.md

* docs: Modify API documentation & (API) Event Stream documentation
- Fill the missing documentation gaps on some of docs
- Tranform docs into formatted version remove swagger format
- Modify even stream documentations

* chore: add execution payload documentation md
* docs: add few modifications in documentation for policy block API execution payloads
* docs: update API documentation format and add missing V2 endpoint docs
- Convert some docs in schema, tag from legacy GitBook format to  markdown with tables and JSON examples
- Add V2 endpoint documentation for: GET /schemas, GET /tools, GET /tokens, GET /policies, GET /tags/schemas, GET /schemas/system/{username}, GET /modules, GET /artifacts, POST /policies/{id}/dry-run/user, POST /projects/compare/documents, POST /contracts
- Add entirely new Projects APIs section (POST /projects/search, POST /projects/compare/documents, GET /projects/properties)
- Fix some of incorrect HTTP methods, permissions, response codes and paths found during format migration
- Update SUMMARY.md with all new V2 doc entries and Projects section

* fix: update API documentation with Block Completion Events
* docs: move compare-documents-v2 into project-comparison section
* - Added token-transfer API endpoint documents
- Updated existing README and SUMMARY
---------
Signed-off-by: gayanath8 <gayanathr@xeptagon.com>
Signed-off-by: OshanM <oshanm@xeptagon.com>
Co-authored-by: OshanM <oshanm@xeptagon.com>

Author: gayanath8

docs/SUMMARY.md

@@ -0,0 +1,37 @@
+# Account APIs
+
+The Account APIs handle user registration, authentication, session management, and account queries within the Guardian system.
+
+**Base URL:** `/api/v1/accounts`
+
+> **Note:** `POST /accounts/register`, `POST /accounts/login`, and `POST /accounts/access-token` do not require a Bearer token. All other endpoints require `Authorization: Bearer <token>`.
+
+---
+
+## Endpoints
+
+| Method | Endpoint | Description | Auth Required |
+|--------|----------|-------------|---------------|
+| **`POST`** | `/accounts/register` | Register a new user account | No |
+| **`POST`** | `/accounts/login` | Log in and receive JWT tokens | No |
+| **`POST`** | `/accounts/change-password` | Change the authenticated user's password | Yes |
+| **`POST`** | `/accounts/access-token` | Refresh access token using a refresh token | No |
+| **`GET`** | `/accounts/session` | Return current session information | Yes |
+| **`GET`** | `/accounts/` | List users (excluding Standard Registry and Auditor) | Yes |
+| **`GET`** | `/accounts/standard-registries` | Return all Standard Registry accounts | Yes |
+| **`GET`** | `/accounts/standard-registries/aggregated` | Return Standard Registries with policies and VCs | Yes |
+| **`GET`** | `/accounts/balance` | Return the authenticated user's Hedera balance | Yes |
+
+---
+
+## Endpoint Details
+
+* [Registering a New Account](registering-new-account.md)
+* [User Login](user-login.md)
+* [Change Password](change-password.md)
+* [Refresh Access Token](refresh-access-token.md)
+* [User Session](user-session.md)
+* [User Listing (Excluding Standard Registry and Auditor)](user-listing-except-root-authority-and-auditor.md)
+* [Returns All Standard Registries](returns-all-root-authorities.md)
+* [Standard Registries Aggregated](standard-registries-aggregated.md)
+* [User Balance](user-balance.md)

docs/account-apis/README.md

@@ -0,0 +1,52 @@
+# Change Password
+
+**`POST /accounts/change-password`**
+
+Changes the authenticated user's password.
+
+**Authentication:** Bearer token required (`Authorization: Bearer <token>`)
+
+---
+
+## Request
+
+### Request Body
+
+```json
+{
+  "username": "example_user",
+  "oldPassword": "examplePassword123",
+  "newPassword": "newSecurePassword456"
+}
+```
+
+| Field | Type | Required | Description |
+|-------|------|----------|-------------|
+| `username` | string | Yes | The account username |
+| `oldPassword` | string | Yes | The current password |
+| `newPassword` | string | Yes | The new password to set |
+
+---
+
+## Response
+
+### Success Response
+
+**Status:** `200 OK`
+
+```json
+{
+  "username": "example_user",
+  "role": "STANDARD_REGISTRY",
+  "did": "did:hedera:testnet:zHcDLGFNymFAJiMBKnpbHDgjvTn6yZnwkPPeFhtJBECH_0.0.4532001",
+  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
+  "refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
+}
+```
+
+### Error Responses
+
+| Status | Description |
+|--------|-------------|
+| `401 Unauthorized` | Invalid credentials or missing token |
+| `500 Internal Server Error` | Unexpected server failure |

docs/account-apis/change-password.md

@@ -0,0 +1,41 @@
+# Refresh Access Token
+
+**`POST /accounts/access-token`**
+
+Returns a new access token using a valid refresh token.
+
+---
+
+## Request
+
+### Request Body
+
+```json
+{
+  "refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
+}
+```
+
+| Field | Type | Required | Description |
+|-------|------|----------|-------------|
+| `refreshToken` | string | Yes | A valid refresh token obtained from login |
+
+---
+
+## Response
+
+### Success Response
+
+**Status:** `200 OK`
+
+```json
+{
+  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
+}
+```
+
+### Error Responses
+
+| Status | Description |
+|--------|-------------|
+| `401 Unauthorized` | Invalid or expired refresh token |

docs/account-apis/refresh-access-token.md

@@ -1,35 +1,53 @@
-# Registering new account
+# Registering a New Account
 
-### REGISTERING NEW ACCOUNT
+**`POST /accounts/register`**
 
-{% swagger method="post" path="" baseUrl="/accounts/register" summary="Registers a new user account" %}
-{% swagger-description %}
+Registers a new user account with a username, password, and optional role.
 
-{% endswagger-description %}
+**Authentication:** Bearer token required for non-demo mode (`Authorization: Bearer <token>`). Only a Standard Registry user may register new accounts outside of demo mode.
 
-{% swagger-parameter in="body" required="true" %}
-Object that contain username, password and role (optional) fields
-{% endswagger-parameter %}
+---
 
-{% swagger-response status="201: Created" description="Successful Operation" %}
-```javascript
+## Request
+
+### Request Body
+
+```json
 {
-    content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/Account'
+  "username": "example_user",
+  "password": "examplePassword123",
+  "role": "USER"
 }
 ```
-{% endswagger-response %}
 
-{% swagger-response status="500: Internal Server Error" description="Internal Server Error" %}
-```javascript
+| Field | Type | Required | Description |
+|-------|------|----------|-------------|
+| `username` | string | Yes | The new account username |
+| `password` | string | Yes | The account password |
+| `role` | string | No | User role: `STANDARD_REGISTRY`, `USER`, or `AUDITOR`. Defaults to `USER` |
+
+---
+
+## Response
+
+### Success Response
+
+**Status:** `201 Created`
+
+```json
 {
-    content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/Error'
+  "username": "example_user",
+  "role": "USER",
+  "did": null,
+  "hederaAccountId": null
 }
 ```
-{% endswagger-response %}
-{% endswagger %}
+
+### Error Responses
+
+| Status | Description |
+|--------|-------------|
+| `401 Unauthorized` | Caller is not authenticated (non-demo mode) |
+| `403 Forbidden` | Caller does not have Standard Registry role |
+| `409 Conflict` | Username already exists |
+| `500 Internal Server Error` | Unexpected server failure |

docs/account-apis/registering-new-account.md

@@ -1,39 +1,44 @@
-# Returns all Standard Registries
-
-{% swagger method="get" path="" baseUrl="/accounts/standard-registries" summary="Returns an array of Standard Registries for user to select one during registration process" %}
-{% swagger-description %}
-Returns all Standard Registries
-{% endswagger-description %}
-
-{% swagger-response status="200: OK" description="Successful Operation" %}
-```javascript
-{
-    content:
-            application/json:
-              schema:
-                type: array
-                items:
-                  $ref: '#/components/schemas/Account'
-}
-```
-{% endswagger-response %}
+# Returns All Standard Registries
 
-{% swagger-response status="401: Unauthorized" description="Unauthorized" %}
-```javascript
-{
-    // Response
-}
-```
-{% endswagger-response %}
-
-{% swagger-response status="500: Internal Server Error" description="Internal Server Error" %}
-```javascript
-{
-  content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/Error'
-}
+**`GET /accounts/standard-registries`**
+
+Returns all Standard Registry accounts available in the system.
+
+**Authentication:** Bearer token required (`Authorization: Bearer <token>`)
+
+**Permission:** `Permissions.ACCOUNTS_STANDARD_REGISTRY_READ`
+
+---
+
+## Request
+
+No request body or parameters required.
+
+---
+
+## Response
+
+### Success Response
+
+**Status:** `200 OK`
+
+```json
+[
+  {
+    "username": "registry_user",
+    "role": "STANDARD_REGISTRY",
+    "did": "did:hedera:testnet:zHcDLGFNymFAJiMBKnpbHDgjvTn6yZnwkPPeFhtJBECH_0.0.4532001",
+    "hederaAccountId": "0.0.4532001",
+    "confirmed": true,
+    "failed": false
+  }
+]
 ```
-{% endswagger-response %}
-{% endswagger %}
+
+### Error Responses
+
+| Status | Description |
+|--------|-------------|
+| `401 Unauthorized` | Missing or invalid token |
+| `403 Forbidden` | Insufficient permissions |
+| `500 Internal Server Error` | Unexpected server failure |

docs/account-apis/returns-all-root-authorities.md

@@ -0,0 +1,54 @@
+# Standard Registries Aggregated
+
+**`GET /accounts/standard-registries/aggregated`**
+
+Returns all Standard Registry accounts aggregated with their associated policies and VC documents.
+
+**Authentication:** Bearer token required (`Authorization: Bearer <token>`)
+
+**Permission:** `Permissions.ACCOUNTS_STANDARD_REGISTRY_READ`
+
+---
+
+## Request
+
+No request body or parameters required.
+
+---
+
+## Response
+
+### Success Response
+
+**Status:** `200 OK`
+
+```json
+[
+  {
+    "did": "did:hedera:testnet:zHcDLGFNymFAJiMBKnpbHDgjvTn6yZnwkPPeFhtJBECH_0.0.4532001",
+    "username": "registry_user",
+    "hederaAccountId": "0.0.4532001",
+    "vcDocument": {
+      "@context": ["https://www.w3.org/2018/credentials/v1"],
+      "id": "did:hedera:testnet:zHcDLGFNymFAJiMBKnpbHDgjvTn6yZnwkPPeFhtJBECH_0.0.4532001",
+      "type": ["VerifiableCredential"]
+    },
+    "policies": [
+      {
+        "id": "63e3e5e8a01b3c001234abcd",
+        "name": "Example Policy",
+        "version": "1.0.0",
+        "status": "PUBLISH"
+      }
+    ]
+  }
+]
+```
+
+### Error Responses
+
+| Status | Description |
+|--------|-------------|
+| `401 Unauthorized` | Missing or invalid token |
+| `403 Forbidden` | Insufficient permissions |
+| `500 Internal Server Error` | Unexpected server failure |