List Session Notes

GET 
/api/v1/devices/:device_uuid/sessions/:session_id/notes

List SessionNote rows for a session (oldest first per D-20).

Role scoping (D-09 / D-14):

• field_worker: only own device's session notes
• manager/owner: any workspace device's session notes

Returns a uniform 403 for non-existent / cross-device / cross-workspace / unauthorized-field-worker cases (prevents session-ID enumeration via differential 403 vs 404).

Request

Responses

200

OK

401

Unauthorized

403

Forbidden

404

Not Found

422

Validation Error