# Phase 6 - Integrate With Live Data Endpoints

Status: implemented  
Date: 2026-02-25

## Summary

`/live/accounts` and `/live/dashboard` now support `profileId` as token source resolver.

Resolution order:
1. If `profileId` is provided -> load token sources from saved profile (owner-only)
2. Else if inline token payload exists -> use inline token source flow
3. Else fallback to server default token (`API_ACCESS_TOKEN_ENC` หรือ `API_ACCESS_TOKEN`)
4. If no usable token -> return validation error

## Endpoints changed

- `GET /live/accounts`
- `POST /live/accounts`
- `POST /live/dashboard`

## Behavior details

- `profileId` requires authenticated session mode; public mode returns `LOGIN_REQUIRED`.
- Profile ownership enforced via service (`session.userId`).
- Profile token sources are decrypted only at execution boundary.
- Account presets from profile are auto-applied when request has no explicit account selection:
  - `viewMode=single` -> first preset
  - `viewMode=selected` -> all presets
- `viewMode=all` still resolves all available accounts from resolved token sources.
- `last_used_at` is updated (best effort) when profile is used successfully.

## Response metadata additions

- `meta.profileId`
- `meta.profileName`
- `meta.profilePresetCount` (dashboard)

## Error shape

Live endpoints now return stable error payload with `errorCode` when applicable:

```json
{
  "ok": false,
  "error": "message",
  "errorCode": "SOME_CODE"
}
```
