Documentation which endpoints are required for users

Hi,

i currently try to setup commento in a restricted environment where I only can allow access to those endpoints, that are really required by users. All other endpoints (e.g. dashboard) should only be accessible using ip-restrictions.

I use a nginx proxy for this and figured out the following endpoints, that seem to be required. It would be very helpful, if a complete list of endpoints can be created to simplify such a setup.

• /api/commenter/
• /api/comment/
• /api/oauth/ (can this be restricted to /oauth/.*/callback ?)
• /api/page/
• /css/commento.css
• /js/commento.js
• /fonts/