1. yes.

2. it would be https://wordswithchat.com/auth/chatgpt/token

3. thats up to you. it should be something that you verify on the auth end to verify that the call is coming from chatgpt and not an attacker.

4. here is a sample path:

```

/api/words/animals:

get:

tags:

- Animals

summary: List all animals for guessing

operationId: get_allanimals

security:

- oauth: []

responses:

"200":

description: Returns a list of animals for use for guessing

content:

application/json:

schema:

type: array

items:

type: string

```

hope that helps