API Categories

OpenAPI Explorer

Auto-generated OpenAPI definition for all enabled modules.

Default server: http://localhost:3000/api

Authentication & Accounts

25 endpoints

GET/auth/admin/nav

Auth required

Resolve sidebar entries

Returns the backend navigation tree available to the authenticated administrator after applying role and personal sidebar preferences.

Responses

200Sidebar navigation structure

Content-Type: application/json

{
  "groups": [
    {
      "id": "string",
      "name": "string",
      "defaultName": "string",
      "items": [
        {
          "href": "string",
          "title": "string",
          "defaultTitle": "string",
          "enabled": true
        }
      ]
    }
  ]
}

Example

curl -X GET "http://localhost:3000/api/auth/admin/nav" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/auth/feature-check

Auth required

Check feature grants for the current user

Evaluates which of the requested features are available to the signed-in user within the active tenant / organization context.

Request body (application/json)

{
  "features": [
    "string"
  ]
}

Responses

200Evaluation result

Content-Type: application/json

{
  "ok": true,
  "granted": [
    "string"
  ]
}

Example

curl -X POST "http://localhost:3000/api/auth/feature-check" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "features": [
    "string"
  ]
}'

GET/auth/features

Auth requiredauth.acl.manage

List declared feature flags

Returns all static features contributed by the enabled modules along with their module source. Requires features: auth.acl.manage

Responses

200Aggregated feature catalog

Content-Type: application/json

{
  "items": [
    {
      "id": "string",
      "title": "string",
      "module": "string"
    }
  ],
  "modules": [
    {
      "id": "string",
      "title": "string"
    }
  ]
}

Example

curl -X GET "http://localhost:3000/api/auth/features" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/auth/locale

GET /auth/locale

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/auth/locale" \
  -H "Accept: application/json"

POST/auth/locale

POST /auth/locale

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/auth/locale" \
  -H "Accept: application/json"

POST/auth/login

Authenticate user credentials

Validates the submitted credentials and issues a bearer token cookie for subsequent API calls.

Request body (application/x-www-form-urlencoded)

email=user%40example.com&password=string

Responses

200Authentication succeeded

Content-Type: application/json

{
  "ok": true,
  "token": "string",
  "redirect": null
}

400Validation failed

Content-Type: application/json

{
  "ok": false,
  "error": "string"
}

401Invalid credentials

Content-Type: application/json

{
  "ok": false,
  "error": "string"
}

403User lacks required role

Content-Type: application/json

{
  "ok": false,
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/auth/login" \
  -H "Accept: application/json" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d 'email=user%40example.com&password=string'

GET/auth/logout

Auth required

Log out (legacy GET)

For convenience, the GET variant performs the same logout logic as POST and issues a redirect.

Responses

200Success response

Content-Type: application/json

{}

302Redirect to login after successful logout

Content-Type: text/html

{}

Example

curl -X GET "http://localhost:3000/api/auth/logout" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/auth/logout

Auth required

Invalidate session and redirect

Clears authentication cookies and redirects the browser to the login page.

Responses

201Success response

Content-Type: application/json

{}

302Redirect to login after successful logout

Content-Type: text/html

{}

Example

curl -X POST "http://localhost:3000/api/auth/logout" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/auth/reset

Send reset email

Requests a password reset email for the given account. The endpoint always returns `ok: true` to avoid leaking account existence.

Request body (application/x-www-form-urlencoded)

email=user%40example.com

Responses

200Reset email dispatched (or ignored for unknown accounts)

Content-Type: application/json

{
  "ok": true
}

Example

curl -X POST "http://localhost:3000/api/auth/reset" \
  -H "Accept: application/json" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d 'email=user%40example.com'

POST/auth/reset/confirm

Complete password reset

Validates the reset token and updates the user password.

Request body (application/x-www-form-urlencoded)

token=string&password=string

Responses

200Password reset succeeded

Content-Type: application/json

{
  "ok": true,
  "redirect": "string"
}

400Invalid token or payload

Content-Type: application/json

{
  "ok": false,
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/auth/reset/confirm" \
  -H "Accept: application/json" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d 'token=string&password=string'

GET/auth/roles

Auth requiredauth.roles.list

List roles

Returns available roles within the current tenant. Super administrators receive visibility across tenants. Requires features: auth.roles.list

Parameters

Name	In	Required	Schema	Description
id	query	No	string	—
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
tenantId	query	No	string	—

Responses

200Role collection

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "usersCount": 1,
      "tenantId": null,
      "tenantName": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/auth/roles?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/auth/roles

Auth requiredauth.roles.manage

Create role

Creates a new role for the current tenant or globally when `tenantId` is omitted. Requires features: auth.roles.manage

Request body (application/json)

{
  "name": "string",
  "tenantId": null
}

Responses

201Role created

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000"
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/auth/roles" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "name": "string",
  "tenantId": null
}'

PUT/auth/roles

Auth requiredauth.roles.manage

Update role

Updates mutable fields on an existing role. Requires features: auth.roles.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "tenantId": null
}

Responses

200Role updated

Content-Type: application/json

{
  "ok": true
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

404Role not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PUT "http://localhost:3000/api/auth/roles" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "tenantId": null
}'

DELETE/auth/roles

Auth requiredauth.roles.manage

Delete role

Deletes a role by identifier. Fails when users remain assigned. Requires features: auth.roles.manage

Parameters

Name	In	Required	Schema	Description
id	query	Yes	string	—

Responses

200Role deleted

Content-Type: application/json

{
  "ok": true
}

400Role cannot be deleted

Content-Type: application/json

{
  "error": "string"
}

404Role not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X DELETE "http://localhost:3000/api/auth/roles?id=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/auth/roles/acl

Auth requiredauth.acl.manage

Fetch role ACL

Returns the feature and organization assignments associated with a role within the current tenant. Requires features: auth.acl.manage

Parameters

Name	In	Required	Schema	Description
roleId	query	Yes	string	—
tenantId	query	No	string	—

Responses

200Role ACL entry

Content-Type: application/json

{
  "isSuperAdmin": true,
  "features": [
    "string"
  ],
  "organizations": null
}

400Invalid role id

Content-Type: application/json

{
  "error": "string"
}

404Role not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/auth/roles/acl?roleId=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/auth/roles/acl

Auth requiredauth.acl.manage

Update role ACL

Replaces the feature list, super admin flag, and optional organization assignments for a role. Requires features: auth.acl.manage

Request body (application/json)

{
  "roleId": "00000000-0000-4000-8000-000000000000",
  "organizations": null
}

Responses

200Role ACL updated

Content-Type: application/json

{
  "ok": true,
  "sanitized": true
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

404Role not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PUT "http://localhost:3000/api/auth/roles/acl" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "roleId": "00000000-0000-4000-8000-000000000000",
  "organizations": null
}'

GET/auth/session/refresh

Refresh auth cookie from session token

Exchanges an existing `session_token` cookie for a fresh JWT auth cookie and redirects the browser.

Parameters

Name	In	Required	Schema	Description
redirect	query	No	string	—

Responses

200Success response

Content-Type: application/json

{}

302Redirect to target location when session is valid

Content-Type: text/html

{}

Example

curl -X GET "http://localhost:3000/api/auth/session/refresh" \
  -H "Accept: application/json"

GET/auth/sidebar/preferences

Auth required

Get sidebar preferences

Returns personal sidebar customization and any role-level preferences the user can manage.

Responses

200Current sidebar configuration

Content-Type: application/json

{
  "locale": "string",
  "settings": {
    "version": 1,
    "groupOrder": [
      "string"
    ],
    "groupLabels": {
      "key": "string"
    },
    "itemLabels": {
      "key": "string"
    },
    "hiddenItems": [
      "string"
    ]
  },
  "canApplyToRoles": true,
  "roles": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "hasPreference": true
    }
  ]
}

Example

curl -X GET "http://localhost:3000/api/auth/sidebar/preferences" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/auth/sidebar/preferences

Auth required

Update sidebar preferences

Updates personal sidebar configuration and, optionally, applies the same settings to selected roles.

Request body (application/json)

{}

Responses

200Preferences saved

Content-Type: application/json

{
  "locale": "string",
  "settings": {
    "version": 1,
    "groupOrder": [
      "string"
    ],
    "groupLabels": {
      "key": "string"
    },
    "itemLabels": {
      "key": "string"
    },
    "hiddenItems": [
      "string"
    ]
  },
  "canApplyToRoles": true,
  "roles": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "hasPreference": true
    }
  ],
  "appliedRoles": [
    "00000000-0000-4000-8000-000000000000"
  ],
  "clearedRoles": [
    "00000000-0000-4000-8000-000000000000"
  ]
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

403Missing features for role-wide updates

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PUT "http://localhost:3000/api/auth/sidebar/preferences" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{}'

GET/auth/users

Auth requiredauth.users.list

List users

Returns users for the current tenant. Super administrators may scope the response via organization or role filters. Requires features: auth.users.list

Parameters

Name	In	Required	Schema	Description
id	query	No	string	—
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
organizationId	query	No	string	—
roleIds	query	No	array	—

Responses

200User collection

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "email": "user@example.com",
      "organizationId": null,
      "organizationName": null,
      "tenantId": null,
      "tenantName": null,
      "roles": [
        "string"
      ]
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/auth/users?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/auth/users

Auth requiredauth.users.create

Create user

Creates a new confirmed user within the specified organization and optional roles. Requires features: auth.users.create

Request body (application/json)

{
  "email": "user@example.com",
  "password": "string",
  "organizationId": "00000000-0000-4000-8000-000000000000"
}

Responses

201User created

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000"
}

400Invalid payload or duplicate email

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/auth/users" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "email": "user@example.com",
  "password": "string",
  "organizationId": "00000000-0000-4000-8000-000000000000"
}'

PUT/auth/users

Auth requiredauth.users.edit

Update user

Updates profile fields, organization assignment, credentials, or role memberships. Requires features: auth.users.edit

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200User updated

Content-Type: application/json

{
  "ok": true
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

404User not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PUT "http://localhost:3000/api/auth/users" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

DELETE/auth/users

Auth requiredauth.users.delete

Delete user

Deletes a user by identifier. Undo support is provided via the command bus. Requires features: auth.users.delete

Parameters

Name	In	Required	Schema	Description
id	query	Yes	string	—

Responses

200User deleted

Content-Type: application/json

{
  "ok": true
}

400User cannot be deleted

Content-Type: application/json

{
  "error": "string"
}

404User not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X DELETE "http://localhost:3000/api/auth/users?id=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/auth/users/acl

Auth requiredauth.acl.manage

Fetch user ACL

Returns custom ACL overrides for a user within the current tenant, if any. Requires features: auth.acl.manage

Parameters

Name	In	Required	Schema	Description
userId	query	Yes	string	—

Responses

200User ACL entry

Content-Type: application/json

{
  "hasCustomAcl": true,
  "isSuperAdmin": true,
  "features": [
    "string"
  ],
  "organizations": null
}

400Invalid user id

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/auth/users/acl?userId=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/auth/users/acl

Auth requiredauth.acl.manage

Update user ACL

Configures per-user ACL overrides, including super admin access, feature list, and organization scope. Requires features: auth.acl.manage

Request body (application/json)

{
  "userId": "00000000-0000-4000-8000-000000000000",
  "organizations": null
}

Responses

200User ACL updated

Content-Type: application/json

{
  "ok": true,
  "sanitized": true
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PUT "http://localhost:3000/api/auth/users/acl" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "userId": "00000000-0000-4000-8000-000000000000",
  "organizations": null
}'

Configuration

6 endpoints

GET/configs/cache

Auth requiredconfigs.cache.view

GET /configs/cache

Requires features: configs.cache.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/configs/cache" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/configs/cache

Auth requiredconfigs.cache.manage

POST /configs/cache

Requires features: configs.cache.manage

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/configs/cache" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/configs/system-status

Auth requiredconfigs.system_status.view

GET /configs/system-status

Requires features: configs.system_status.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/configs/system-status" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/configs/system-status

Auth requiredconfigs.manage

POST /configs/system-status

Requires features: configs.manage

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/configs/system-status" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/configs/upgrade-actions

Auth requiredconfigs.manage

GET /configs/upgrade-actions

Requires features: configs.manage

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/configs/upgrade-actions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/configs/upgrade-actions

Auth requiredconfigs.manage

POST /configs/upgrade-actions

Requires features: configs.manage

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/configs/upgrade-actions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Audit & Action Logs

4 endpoints

GET/audit_logs/audit-logs/access

Auth requiredaudit_logs.view_self

Retrieve access logs

Fetches paginated access audit logs scoped to the authenticated user. Tenant administrators can optionally expand the search to other actors or organizations. Requires features: audit_logs.view_self

Parameters

Name	In	Required	Schema	Description
organizationId	query	No	string	—
actorUserId	query	No	string	—
resourceKind	query	No	string	—
accessType	query	No	string	—
page	query	No	string	—
pageSize	query	No	string	—
limit	query	No	string	—
before	query	No	string	—
after	query	No	string	—

Responses

200Access logs returned successfully

Content-Type: application/json

{
  "items": [
    {
      "id": "string",
      "resourceKind": "string",
      "resourceId": "string",
      "accessType": "string",
      "actorUserId": null,
      "actorUserName": null,
      "tenantId": null,
      "tenantName": null,
      "organizationId": null,
      "organizationName": null,
      "fields": [
        "string"
      ],
      "context": null,
      "createdAt": "string"
    }
  ],
  "canViewTenant": true,
  "page": 1,
  "pageSize": 1,
  "total": 1,
  "totalPages": 1
}

400Invalid filters supplied

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/audit_logs/audit-logs/access" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/audit_logs/audit-logs/actions

Auth requiredaudit_logs.view_self

Fetch action logs

Returns recent action audit log entries. Tenant administrators can widen the scope to other actors or organizations, and callers can optionally restrict results to undoable actions. Requires features: audit_logs.view_self

Parameters

Name	In	Required	Schema	Description
organizationId	query	No	string	—
actorUserId	query	No	string	—
undoableOnly	query	No	string	—
limit	query	No	string	—
before	query	No	string	—
after	query	No	string	—

Responses

200Action logs retrieved successfully

Content-Type: application/json

{
  "items": [
    {
      "id": "string",
      "commandId": "string",
      "actionLabel": null,
      "executionState": "done",
      "actorUserId": null,
      "actorUserName": null,
      "tenantId": null,
      "tenantName": null,
      "organizationId": null,
      "organizationName": null,
      "resourceKind": null,
      "resourceId": null,
      "undoToken": null,
      "createdAt": "string",
      "updatedAt": "string",
      "snapshotBefore": null,
      "snapshotAfter": null,
      "changes": null,
      "context": null
    }
  ],
  "canViewTenant": true
}

400Invalid filter values

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/audit_logs/audit-logs/actions?undoableOnly=false" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/audit_logs/audit-logs/actions/redo

Auth requiredaudit_logs.redo_self

Redo by action log id

Redoes the latest undone command owned by the caller. Requires the action to still be eligible for redo within tenant and organization scope. Requires features: audit_logs.redo_self

Request body (application/json)

{
  "logId": "string"
}

Responses

200Redo executed successfully

Content-Type: application/json

{
  "ok": true,
  "logId": null,
  "undoToken": null
}

400Log not eligible for redo

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/audit_logs/audit-logs/actions/redo" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "logId": "string"
}'

POST/audit_logs/audit-logs/actions/undo

Auth requiredaudit_logs.undo_self

Undo action by token

Replays the undo handler registered for a command. The provided undo token must match the latest undoable log entry accessible to the caller. Requires features: audit_logs.undo_self

Request body (application/json)

{
  "undoToken": "string"
}

Responses

200Undo applied successfully

Content-Type: application/json

{
  "ok": true,
  "logId": "string"
}

400Invalid or unavailable undo token

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/audit_logs/audit-logs/actions/undo" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "undoToken": "string"
}'

Attachments

14 endpoints

GET/attachments

Auth requiredattachments.view

List attachments for a record

Returns uploaded attachments for the given entity record, ordered by newest first. Requires features: attachments.view

Parameters

Name	In	Required	Schema	Description
entityId	query	Yes	string	—
recordId	query	Yes	string	—

Responses

200Attachments found for the record

Content-Type: application/json

{
  "items": [
    {
      "id": "string",
      "url": "string",
      "fileName": "string",
      "fileSize": 1,
      "createdAt": "string",
      "content": null
    }
  ]
}

400Missing entity or record identifiers

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/attachments?entityId=string&recordId=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/attachments

Auth requiredattachments.manage

Upload attachment

Uploads a new attachment using multipart form-data and stores metadata for later retrieval. Requires features: attachments.manage

Request body (multipart/form-data)

entityId=string
recordId=string
file=string

Responses

200Attachment stored successfully

Content-Type: application/json

{
  "ok": true,
  "item": {
    "id": "string",
    "url": "string",
    "fileName": "string",
    "fileSize": 1,
    "content": null
  }
}

400Payload validation error

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/attachments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: multipart/form-data" \
  -d '{
  "entityId": "string",
  "recordId": "string",
  "file": "string"
}'

DELETE/attachments

Auth requiredattachments.manage

Delete attachment

Removes an uploaded attachment and deletes the stored asset. Requires features: attachments.manage

Parameters

Name	In	Required	Schema	Description
id	query	Yes	string	—

Responses

200Attachment deleted

Content-Type: application/json

{
  "ok": true
}

400Missing attachment identifier

Content-Type: application/json

{
  "error": "string"
}

404Attachment not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X DELETE "http://localhost:3000/api/attachments?id=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/attachments/file/{id}

GET /attachments/file/{id}

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/attachments/file/:id" \
  -H "Accept: application/json"

GET/attachments/image/{id}/{slug}

GET /attachments/image/{id}/{slug}

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—
slug	path	No	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/attachments/image/:id/:slug" \
  -H "Accept: application/json"

GET/attachments/library

Auth requiredattachments.view

GET /attachments/library

Requires features: attachments.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/attachments/library" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/attachments/library/{id}

Auth requiredattachments.view

GET /attachments/library/{id}

Requires features: attachments.view

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/attachments/library/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PATCH/attachments/library/{id}

Auth requiredattachments.manage

PATCH /attachments/library/{id}

Requires features: attachments.manage

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PATCH "http://localhost:3000/api/attachments/library/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/attachments/library/{id}

Auth requiredattachments.manage

DELETE /attachments/library/{id}

Requires features: attachments.manage

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/attachments/library/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/attachments/partitions

Auth requiredattachments.manage

GET /attachments/partitions

Requires features: attachments.manage

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/attachments/partitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/attachments/partitions

Auth requiredattachments.manage

POST /attachments/partitions

Requires features: attachments.manage

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/attachments/partitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/attachments/partitions

Auth requiredattachments.manage

PUT /attachments/partitions

Requires features: attachments.manage

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/attachments/partitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/attachments/partitions

Auth requiredattachments.manage

DELETE /attachments/partitions

Requires features: attachments.manage

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/attachments/partitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/attachments/transfer

Auth requiredattachments.manage

POST /attachments/transfer

Requires features: attachments.manage

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/attachments/transfer" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

API Keys

3 endpoints

GET/api_keys/keys

Auth requiredapi_keys.view

List API keys

Returns paginated API keys visible to the current user, including per-key role assignments and organization context. Requires features: api_keys.view

Parameters

Name	In	Required	Schema	Description
page	query	No	string	—
pageSize	query	No	string	—
search	query	No	string	—

Responses

200Collection of API keys

Content-Type: application/json

{
  "items": [
    {
      "id": "string",
      "name": "string",
      "description": null,
      "keyPrefix": "string",
      "organizationId": null,
      "organizationName": null,
      "createdAt": "string",
      "lastUsedAt": null,
      "expiresAt": null,
      "roles": [
        {
          "id": "string",
          "name": null
        }
      ]
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

400Tenant context missing

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/api_keys/keys" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/api_keys/keys

Auth requiredapi_keys.create

Create API key

Creates a new API key, returning the one-time secret value together with the generated key prefix and scope details. Requires features: api_keys.create

Request body (application/json)

{
  "name": "string",
  "description": null,
  "tenantId": null,
  "organizationId": null,
  "roles": [],
  "expiresAt": null
}

Responses

201API key created successfully

Content-Type: application/json

{
  "id": "string",
  "name": "string",
  "keyPrefix": "string",
  "tenantId": null,
  "organizationId": null,
  "roles": [
    {
      "id": "string",
      "name": null
    }
  ]
}

400Invalid payload or missing tenant context

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/api_keys/keys" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "name": "string",
  "description": null,
  "tenantId": null,
  "organizationId": null,
  "roles": [],
  "expiresAt": null
}'

DELETE/api_keys/keys

Auth requiredapi_keys.delete

Delete API key

Removes an API key by identifier. The key must belong to the current tenant and fall within the requester organization scope. Requires features: api_keys.delete

Parameters

Name	In	Required	Schema	Description
id	query	Yes	string	—

Responses

200Key deleted successfully

Content-Type: application/json

{
  "success": true
}

400Missing or invalid identifier

Content-Type: application/json

{
  "error": "string"
}

404Key not found within scope

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X DELETE "http://localhost:3000/api/api_keys/keys?id=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Onboarding

2 endpoints

POST/onboarding/onboarding

Self-service onboarding submission

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/onboarding/onboarding" \
  -H "Accept: application/json"

GET/onboarding/onboarding/verify

Onboarding verification redirect

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/onboarding/onboarding/verify" \
  -H "Accept: application/json"

Business Rules

16 endpoints

POST/business_rules/execute

Auth requiredbusiness_rules.execute

Execute rules for given context

Manually executes applicable business rules for the specified entity type, event, and data. Supports dry-run mode to test rules without executing actions. Requires features: business_rules.execute

Request body (application/json)

{
  "entityType": "string",
  "dryRun": false
}

Responses

200Rules executed successfully

Content-Type: application/json

{
  "allowed": true,
  "executedRules": [
    {
      "ruleId": "string",
      "ruleName": "string",
      "conditionResult": true,
      "executionTime": 1
    }
  ],
  "totalExecutionTime": 1
}

400Invalid request payload

Content-Type: application/json

{
  "error": "string"
}

500Execution error

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/business_rules/execute" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "entityType": "string",
  "dryRun": false
}'

GET/business_rules/logs

Auth requiredbusiness_rules.view_logs

List rule execution logs

Returns rule execution history for the current tenant and organization with filtering and pagination. Useful for audit trails and debugging. Requires features: business_rules.view_logs

Parameters

Name	In	Required	Schema	Description
id	query	No	integer	—
page	query	No	number	—
pageSize	query	No	number	—
ruleId	query	No	string	—
entityId	query	No	string	—
entityType	query	No	string	—
executionResult	query	No	string	—
executedBy	query	No	string	—
executedAtFrom	query	No	string	—
executedAtTo	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Rule execution logs collection

Content-Type: application/json

{
  "items": [
    {
      "id": "string",
      "ruleId": "string",
      "ruleName": "string",
      "ruleType": "string",
      "entityId": "00000000-0000-4000-8000-000000000000",
      "entityType": "string",
      "executionResult": "SUCCESS",
      "inputContext": null,
      "outputContext": null,
      "errorMessage": null,
      "executionTimeMs": 1,
      "executedAt": "string",
      "tenantId": "00000000-0000-4000-8000-000000000000",
      "organizationId": null,
      "executedBy": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

400Invalid query parameters

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/business_rules/logs?page=1&pageSize=50&sortDir=desc" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/business_rules/logs/{id}

Auth requiredbusiness_rules.view_logs

Get execution log detail

Returns detailed information about a specific rule execution, including full context and results. Requires features: business_rules.view_logs

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Log entry details

Content-Type: application/json

{
  "id": "string",
  "rule": {
    "id": "00000000-0000-4000-8000-000000000000",
    "ruleId": "string",
    "ruleName": "string",
    "ruleType": "string",
    "entityType": "string"
  },
  "entityId": "00000000-0000-4000-8000-000000000000",
  "entityType": "string",
  "executionResult": "SUCCESS",
  "inputContext": null,
  "outputContext": null,
  "errorMessage": null,
  "executionTimeMs": 1,
  "executedAt": "string",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": null,
  "executedBy": null
}

400Invalid log id

Content-Type: application/json

{
  "error": "string"
}

404Log entry not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/business_rules/logs/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/business_rules/rules

Auth requiredbusiness_rules.view

List business rules

Returns business rules for the current tenant and organization with filtering and pagination. Requires features: business_rules.view

Parameters

Name	In	Required	Schema	Description
id	query	No	string	—
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
ruleId	query	No	string	—
ruleType	query	No	string	—
entityType	query	No	string	—
eventType	query	No	string	—
enabled	query	No	boolean	—
ruleCategory	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Business rules collection

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "ruleId": "string",
      "ruleName": "string",
      "description": null,
      "ruleType": "GUARD",
      "ruleCategory": null,
      "entityType": "string",
      "eventType": null,
      "enabled": true,
      "priority": 1,
      "version": 1,
      "effectiveFrom": null,
      "effectiveTo": null,
      "tenantId": "00000000-0000-4000-8000-000000000000",
      "organizationId": "00000000-0000-4000-8000-000000000000",
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "total": 1,
  "totalPages": 1
}

400Invalid query parameters

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/business_rules/rules?page=1&pageSize=50&sortDir=desc" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/business_rules/rules

Auth requiredbusiness_rules.manage

Create business rule

Creates a new business rule for the current tenant and organization. Requires features: business_rules.manage

Request body (application/json)

{
  "ruleId": "string",
  "ruleName": "string",
  "description": null,
  "ruleType": "GUARD",
  "ruleCategory": null,
  "entityType": "string",
  "eventType": null,
  "successActions": null,
  "failureActions": null,
  "enabled": true,
  "priority": 100,
  "version": 1,
  "effectiveFrom": null,
  "effectiveTo": null,
  "tenantId": "string",
  "organizationId": "string",
  "createdBy": null
}

Responses

201Business rule created

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000"
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/business_rules/rules" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "ruleId": "string",
  "ruleName": "string",
  "description": null,
  "ruleType": "GUARD",
  "ruleCategory": null,
  "entityType": "string",
  "eventType": null,
  "successActions": null,
  "failureActions": null,
  "enabled": true,
  "priority": 100,
  "version": 1,
  "effectiveFrom": null,
  "effectiveTo": null,
  "tenantId": "string",
  "organizationId": "string",
  "createdBy": null
}'

PUT/business_rules/rules

Auth requiredbusiness_rules.manage

Update business rule

Updates an existing business rule. Requires features: business_rules.manage

Request body (application/json)

{
  "description": null,
  "ruleCategory": null,
  "eventType": null,
  "successActions": null,
  "failureActions": null,
  "enabled": true,
  "priority": 100,
  "version": 1,
  "effectiveFrom": null,
  "effectiveTo": null,
  "createdBy": null,
  "id": "string"
}

Responses

200Business rule updated

Content-Type: application/json

{
  "ok": true
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

404Business rule not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PUT "http://localhost:3000/api/business_rules/rules" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "description": null,
  "ruleCategory": null,
  "eventType": null,
  "successActions": null,
  "failureActions": null,
  "enabled": true,
  "priority": 100,
  "version": 1,
  "effectiveFrom": null,
  "effectiveTo": null,
  "createdBy": null,
  "id": "string"
}'

DELETE/business_rules/rules

Auth requiredbusiness_rules.manage

Delete business rule

Soft deletes a business rule by identifier. Requires features: business_rules.manage

Parameters

Name	In	Required	Schema	Description
id	query	Yes	string	—

Responses

200Business rule deleted

Content-Type: application/json

{
  "ok": true
}

400Invalid identifier

Content-Type: application/json

{
  "error": "string"
}

404Business rule not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X DELETE "http://localhost:3000/api/business_rules/rules?id=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/business_rules/rules/{id}

Auth requiredbusiness_rules.view

Fetch business rule by ID

Returns complete details of a business rule including conditions and actions. Requires features: business_rules.view

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Business rule detail

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000",
  "ruleId": "string",
  "ruleName": "string",
  "description": null,
  "ruleType": "GUARD",
  "ruleCategory": null,
  "entityType": "string",
  "eventType": null,
  "successActions": null,
  "failureActions": null,
  "enabled": true,
  "priority": 1,
  "version": 1,
  "effectiveFrom": null,
  "effectiveTo": null,
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "createdBy": null,
  "updatedBy": null,
  "createdAt": "string",
  "updatedAt": "string"
}

400Invalid identifier

Content-Type: application/json

{
  "error": "string"
}

404Business rule not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/business_rules/rules/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/business_rules/sets

Auth requiredbusiness_rules.view

List rule sets

Returns rule sets for the current tenant and organization with filtering and pagination. Requires features: business_rules.view

Parameters

Name	In	Required	Schema	Description
id	query	No	string	—
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
setId	query	No	string	—
enabled	query	No	boolean	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Rule sets collection

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "setId": "string",
      "setName": "string",
      "description": null,
      "enabled": true,
      "tenantId": "00000000-0000-4000-8000-000000000000",
      "organizationId": "00000000-0000-4000-8000-000000000000",
      "createdBy": null,
      "updatedBy": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "total": 1,
  "totalPages": 1
}

400Invalid query parameters

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/business_rules/sets?page=1&pageSize=50&sortDir=asc" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/business_rules/sets

Auth requiredbusiness_rules.manage_sets

Create rule set

Creates a new rule set for organizing business rules. Requires features: business_rules.manage_sets

Request body (application/json)

{
  "setId": "string",
  "setName": "string",
  "description": null,
  "enabled": true,
  "tenantId": "string",
  "organizationId": "string",
  "createdBy": null
}

Responses

201Rule set created

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000"
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/business_rules/sets" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "setId": "string",
  "setName": "string",
  "description": null,
  "enabled": true,
  "tenantId": "string",
  "organizationId": "string",
  "createdBy": null
}'

PUT/business_rules/sets

Auth requiredbusiness_rules.manage_sets

Update rule set

Updates an existing rule set. Requires features: business_rules.manage_sets

Request body (application/json)

{
  "description": null,
  "enabled": true,
  "createdBy": null,
  "id": "string"
}

Responses

200Rule set updated

Content-Type: application/json

{
  "ok": true
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

404Rule set not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PUT "http://localhost:3000/api/business_rules/sets" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "description": null,
  "enabled": true,
  "createdBy": null,
  "id": "string"
}'

DELETE/business_rules/sets

Auth requiredbusiness_rules.manage_sets

Delete rule set

Soft deletes a rule set by identifier. Requires features: business_rules.manage_sets

Parameters

Name	In	Required	Schema	Description
id	query	Yes	string	—

Responses

200Rule set deleted

Content-Type: application/json

{
  "ok": true
}

400Invalid identifier

Content-Type: application/json

{
  "error": "string"
}

404Rule set not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X DELETE "http://localhost:3000/api/business_rules/sets?id=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/business_rules/sets/{id}

Auth requiredbusiness_rules.view

Get rule set detail

Returns detailed information about a specific rule set, including all member rules. Requires features: business_rules.view

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Rule set details

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000",
  "setId": "string",
  "setName": "string",
  "description": null,
  "enabled": true,
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "createdBy": null,
  "updatedBy": null,
  "createdAt": "string",
  "updatedAt": "string",
  "members": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "ruleId": "00000000-0000-4000-8000-000000000000",
      "ruleName": "string",
      "ruleType": "string",
      "sequence": 1,
      "enabled": true
    }
  ]
}

400Invalid rule set id

Content-Type: application/json

{
  "error": "string"
}

404Rule set not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/business_rules/sets/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/business_rules/sets/{id}/members

Auth requiredbusiness_rules.manage_sets

Add rule to set

Adds a business rule to a rule set with specified sequence and enabled state. Requires features: business_rules.manage_sets

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Request body (application/json)

{
  "ruleId": "00000000-0000-4000-8000-000000000000",
  "sequence": 0,
  "enabled": true
}

Responses

201Member added

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000"
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

404Rule set or rule not found

Content-Type: application/json

{
  "error": "string"
}

409Rule already in set

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/business_rules/sets/:id/members" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "ruleId": "00000000-0000-4000-8000-000000000000",
  "sequence": 0,
  "enabled": true
}'

PUT/business_rules/sets/{id}/members

Auth requiredbusiness_rules.manage_sets

Update set member

Updates sequence or enabled state of a rule set member. Requires features: business_rules.manage_sets

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Request body (application/json)

{
  "memberId": "00000000-0000-4000-8000-000000000000"
}

Responses

200Member updated

Content-Type: application/json

{
  "ok": true
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

404Member not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PUT "http://localhost:3000/api/business_rules/sets/:id/members" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "memberId": "00000000-0000-4000-8000-000000000000"
}'

DELETE/business_rules/sets/{id}/members

Auth requiredbusiness_rules.manage_sets

Remove rule from set

Removes a business rule from a rule set (hard delete). Requires features: business_rules.manage_sets

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—
memberId	query	Yes	string	—

Responses

200Member removed

Content-Type: application/json

{
  "ok": true
}

400Invalid identifier

Content-Type: application/json

{
  "error": "string"
}

404Member not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X DELETE "http://localhost:3000/api/business_rules/sets/:id/members?memberId=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Shipments

22 endpoints

GET/shipments

Auth requiredshipments.shipments.view

GET /shipments

Requires features: shipments.shipments.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/shipments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/shipments

Auth requiredshipments.shipments.create

POST /shipments

Requires features: shipments.shipments.create

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/shipments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/shipments

Auth requiredshipments.shipments.edit

PUT /shipments

Requires features: shipments.shipments.edit

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/shipments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/shipments

Auth requiredshipments.shipments.delete

DELETE /shipments

Requires features: shipments.shipments.delete

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/shipments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/shipments/containers

Auth requiredshipments.shipments.view

GET /shipments/containers

Requires features: shipments.shipments.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/shipments/containers" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/shipments/containers/{id}

PUT /shipments/containers/{id}

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/shipments/containers/:id" \
  -H "Accept: application/json"

GET/shipments/dictionaries/{key}

GET /shipments/dictionaries/{key}

Parameters

Name	In	Required	Schema	Description
key	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/shipments/dictionaries/:key" \
  -H "Accept: application/json"

GET/shipments/entities/{kind}

GET /shipments/entities/{kind}

Parameters

Name	In	Required	Schema	Description
kind	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/shipments/entities/:kind" \
  -H "Accept: application/json"

POST/shipments/shipments/import

Auth requiredshipments.import

POST /shipments/shipments/import

Requires features: shipments.import

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/shipments/shipments/import" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/shipments/table-config

Auth required

GET /shipments/table-config

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/shipments/table-config" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/shipments/tasks

Auth requiredshipments.shipments.view

GET /shipments/tasks

Requires features: shipments.shipments.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/shipments/tasks" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/shipments/{id}

GET /shipments/{id}

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/shipments/:id" \
  -H "Accept: application/json"

PUT/shipments/{id}

PUT /shipments/{id}

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/shipments/:id" \
  -H "Accept: application/json"

DELETE/shipments/{id}

DELETE /shipments/{id}

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/shipments/:id" \
  -H "Accept: application/json"

GET/shipments/{id}/containers

GET /shipments/{id}/containers

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/shipments/:id/containers" \
  -H "Accept: application/json"

GET/shipments/{id}/documents

GET /shipments/{id}/documents

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/shipments/:id/documents" \
  -H "Accept: application/json"

POST/shipments/{id}/documents

POST /shipments/{id}/documents

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/shipments/:id/documents" \
  -H "Accept: application/json"

GET/shipments/{id}/documents/{id}

GET /shipments/{id}/documents/{id}

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/shipments/:id/documents/:id" \
  -H "Accept: application/json"

GET/shipments/{id}/tasks

Auth requiredshipments.shipments.view

GET /shipments/{id}/tasks

Requires features: shipments.shipments.view

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/shipments/:id/tasks" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/shipments/{id}/tasks

Auth requiredshipments.shipments.edit

POST /shipments/{id}/tasks

Requires features: shipments.shipments.edit

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/shipments/:id/tasks" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/shipments/{id}/tasks/{id}

Auth requiredshipments.shipments.edit

PUT /shipments/{id}/tasks/{id}

Requires features: shipments.shipments.edit

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/shipments/:id/tasks/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/shipments/{id}/tasks/{id}

Auth requiredshipments.shipments.edit

DELETE /shipments/{id}/tasks/{id}

Requires features: shipments.shipments.edit

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—
id	path	Yes	string	—

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/shipments/:id/tasks/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Feature Toggles

12 endpoints

GET/feature_toggles/check/boolean

Auth required

Check if feature is enabled

Checks if a feature toggle is enabled for the current context.

Parameters

Name	In	Required	Schema	Description
identifier	query	Yes	string	—

Responses

200Feature status

Content-Type: application/json

{
  "enabled": true,
  "source": "override",
  "toggleId": "string",
  "identifier": "string",
  "tenantId": "string"
}

400Bad Request

Content-Type: application/json

{
  "error": "string"
}

404Tenant not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/feature_toggles/check/boolean?identifier=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/feature_toggles/check/json

Auth required

Get json config

Gets the json configuration for a feature toggle.

Parameters

Name	In	Required	Schema	Description
identifier	query	Yes	string	—

Responses

200Json config

Content-Type: application/json

{
  "valueType": "json",
  "source": "override",
  "toggleId": "string",
  "identifier": "string",
  "tenantId": "string"
}

400Bad Request

Content-Type: application/json

{
  "error": "string"
}

404Tenant not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/feature_toggles/check/json?identifier=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/feature_toggles/check/number

Auth required

Get number config

Gets the number configuration for a feature toggle.

Parameters

Name	In	Required	Schema	Description
identifier	query	Yes	string	—

Responses

200Number config

Content-Type: application/json

{
  "valueType": "number",
  "value": 1,
  "source": "override",
  "toggleId": "string",
  "identifier": "string",
  "tenantId": "string"
}

400Bad Request

Content-Type: application/json

{
  "error": "string"
}

404Tenant not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/feature_toggles/check/number?identifier=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/feature_toggles/check/string

Auth required

Get string config

Gets the string configuration for a feature toggle.

Parameters

Name	In	Required	Schema	Description
identifier	query	Yes	string	—

Responses

200String config

Content-Type: application/json

{
  "valueType": "string",
  "value": "string",
  "source": "override",
  "toggleId": "string",
  "identifier": "string",
  "tenantId": "string"
}

400Bad Request

Content-Type: application/json

{
  "error": "string"
}

404Tenant not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/feature_toggles/check/string?identifier=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/feature_toggles/global

Auth required

GET /feature_toggles/global

Requires roles: superadmin

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/feature_toggles/global" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/feature_toggles/global

Auth required

POST /feature_toggles/global

Requires roles: superadmin

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/feature_toggles/global" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/feature_toggles/global

Auth required

PUT /feature_toggles/global

Requires roles: superadmin

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/feature_toggles/global" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/feature_toggles/global

Auth required

DELETE /feature_toggles/global

Requires roles: superadmin

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/feature_toggles/global" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/feature_toggles/global/{id}

Auth required

Fetch feature toggle by ID

Returns complete details of a feature toggle. Requires roles: superadmin

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Feature toggle detail

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000",
  "identifier": "string",
  "name": "string",
  "description": null,
  "category": null,
  "default_state": true
}

400Invalid identifier

Content-Type: application/json

{
  "error": "string"
}

404Feature toggle not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/feature_toggles/global/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/feature_toggles/global/{id}/override

Auth required

Fetch feature toggle override

Returns feature toggle override. Requires roles: superadmin

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Feature toggle overrides

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000",
  "tenantName": "string",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "toggleType": "boolean"
}

400Invalid request

Content-Type: application/json

{
  "error": "string"
}

404Feature toggle not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/feature_toggles/global/:id/override" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/feature_toggles/overrides

Auth required

List overrides

Returns list of feature toggle overrides. Requires roles: superadmin

Parameters

Name	In	Required	Schema	Description
category	query	No	string	—
name	query	No	string	—
identifier	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—
page	query	No	number	—
pageSize	query	No	number	—

Responses

200List of overrides

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "toggleId": "00000000-0000-4000-8000-000000000000",
      "overrideState": "enabled",
      "identifier": "string",
      "name": "string",
      "category": null,
      "defaultState": true,
      "tenantName": null
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1,
  "isSuperAdmin": true
}

400Invalid query parameters

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/feature_toggles/overrides?page=1&pageSize=25" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/feature_toggles/overrides

Auth required

Change override state

Enable, disable or inherit a feature toggle for a specific tenant. Requires roles: superadmin

Request body (application/json)

{
  "toggleId": "00000000-0000-4000-8000-000000000000",
  "isOverride": true
}

Responses

200Override updated

Content-Type: application/json

{
  "ok": true,
  "overrideToggleId": null
}

400Validation failed

Content-Type: application/json

{
  "error": "string"
}

404Not found

Content-Type: application/json

{
  "error": "string"
}

500Internal server error

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PUT "http://localhost:3000/api/feature_toggles/overrides" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "toggleId": "00000000-0000-4000-8000-000000000000",
  "isOverride": true
}'

Workflows

20 endpoints

GET/workflows/definitions

List workflow definitions

Get a list of workflow definitions with optional filters. Supports pagination and search.

Parameters

Name	In	Required	Schema	Description
workflowId	query	Yes	string	—
enabled	query	No	boolean	—
search	query	No	string	—
limit	query	No	number	—
offset	query	No	number	—

Responses

200List of workflow definitions with pagination

Content-Type: application/json

{
  "data": [
    {
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "workflowId": "checkout-flow",
      "workflowName": "Checkout Flow",
      "description": "Complete checkout workflow for processing orders",
      "version": 1,
      "definition": {
        "steps": [
          {
            "stepId": "start",
            "stepName": "Start",
            "stepType": "START"
          },
          {
            "stepId": "validate-cart",
            "stepName": "Validate Cart",
            "stepType": "AUTOMATED"
          },
          {
            "stepId": "end",
            "stepName": "End",
            "stepType": "END"
          }
        ],
        "transitions": [
          {
            "transitionId": "start-to-validate",
            "fromStepId": "start",
            "toStepId": "validate-cart",
            "trigger": "auto"
          },
          {
            "transitionId": "validate-to-end",
            "fromStepId": "validate-cart",
            "toStepId": "end",
            "trigger": "auto"
          }
        ]
      },
      "enabled": true,
      "tenantId": "123e4567-e89b-12d3-a456-426614174001",
      "organizationId": "123e4567-e89b-12d3-a456-426614174002",
      "createdAt": "2025-12-08T10:00:00.000Z",
      "updatedAt": "2025-12-08T10:00:00.000Z"
    }
  ],
  "pagination": {
    "total": 1,
    "limit": 50,
    "offset": 0,
    "hasMore": false
  }
}

Example

curl -X GET "http://localhost:3000/api/workflows/definitions?workflowId=string&limit=50&offset=0" \
  -H "Accept: application/json"

POST/workflows/definitions

Create workflow definition

Create a new workflow definition. The definition must include at least START and END steps with at least one transition connecting them.

Request body (application/json)

{
  "workflowId": "checkout-flow",
  "workflowName": "Checkout Flow",
  "description": "Complete checkout workflow for processing orders",
  "version": 1,
  "definition": {
    "steps": [
      {
        "stepId": "start",
        "stepName": "Start",
        "stepType": "START"
      },
      {
        "stepId": "validate-cart",
        "stepName": "Validate Cart",
        "stepType": "AUTOMATED",
        "description": "Validate cart items and check inventory"
      },
      {
        "stepId": "payment",
        "stepName": "Process Payment",
        "stepType": "AUTOMATED",
        "description": "Charge payment method",
        "retryPolicy": {
          "maxAttempts": 3,
          "backoffMs": 1000
        }
      },
      {
        "stepId": "end",
        "stepName": "End",
        "stepType": "END"
      }
    ],
    "transitions": [
      {
        "transitionId": "start-to-validate",
        "fromStepId": "start",
        "toStepId": "validate-cart",
        "trigger": "auto"
      },
      {
        "transitionId": "validate-to-payment",
        "fromStepId": "validate-cart",
        "toStepId": "payment",
        "trigger": "auto"
      },
      {
        "transitionId": "payment-to-end",
        "fromStepId": "payment",
        "toStepId": "end",
        "trigger": "auto",
        "activities": [
          {
            "activityName": "Send Order Confirmation",
            "activityType": "SEND_EMAIL",
            "config": {
              "to": "{{context.customerEmail}}",
              "subject": "Order Confirmation #{{context.orderId}}",
              "template": "order_confirmation"
            }
          }
        ]
      }
    ]
  },
  "enabled": true
}

Responses

201Workflow definition created successfully

Content-Type: application/json

{
  "data": {
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "workflowId": "checkout-flow",
    "workflowName": "Checkout Flow",
    "description": "Complete checkout workflow for processing orders",
    "version": 1,
    "definition": {
      "steps": [
        {
          "stepId": "start",
          "stepName": "Start",
          "stepType": "START"
        },
        {
          "stepId": "validate-cart",
          "stepName": "Validate Cart",
          "stepType": "AUTOMATED"
        },
        {
          "stepId": "payment",
          "stepName": "Process Payment",
          "stepType": "AUTOMATED"
        },
        {
          "stepId": "end",
          "stepName": "End",
          "stepType": "END"
        }
      ],
      "transitions": [
        {
          "transitionId": "start-to-validate",
          "fromStepId": "start",
          "toStepId": "validate-cart",
          "trigger": "auto"
        },
        {
          "transitionId": "validate-to-payment",
          "fromStepId": "validate-cart",
          "toStepId": "payment",
          "trigger": "auto"
        },
        {
          "transitionId": "payment-to-end",
          "fromStepId": "payment",
          "toStepId": "end",
          "trigger": "auto"
        }
      ]
    },
    "enabled": true,
    "tenantId": "123e4567-e89b-12d3-a456-426614174001",
    "organizationId": "123e4567-e89b-12d3-a456-426614174002",
    "createdAt": "2025-12-08T10:00:00.000Z",
    "updatedAt": "2025-12-08T10:00:00.000Z"
  },
  "message": "Workflow definition created successfully"
}

400Validation error - invalid workflow structure

Content-Type: application/json

{
  "error": "Validation failed",
  "details": [
    {
      "code": "invalid_type",
      "message": "Workflow must have at least START and END steps",
      "path": [
        "definition",
        "steps"
      ]
    }
  ]
}

409Conflict - workflow with same ID and version already exists

Content-Type: application/json

{
  "error": "Workflow definition with ID \"checkout-flow\" and version 1 already exists"
}

Example

curl -X POST "http://localhost:3000/api/workflows/definitions" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
  "workflowId": "string",
  "workflowName": "string",
  "description": null,
  "version": 1,
  "definition": {
    "steps": [
      {
        "stepId": "string",
        "stepName": "string",
        "stepType": "START"
      }
    ],
    "transitions": [
      {
        "transitionId": "string",
        "fromStepId": "string",
        "toStepId": "string",
        "trigger": "auto",
        "continueOnActivityFailure": true,
        "priority": 0
      }
    ]
  },
  "metadata": null,
  "enabled": true
}'

GET/workflows/definitions/{id}

Get workflow definition

Get a single workflow definition by ID. Returns the complete workflow structure including steps and transitions (with embedded activities).

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Workflow definition found

Content-Type: application/json

{
  "data": {
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "workflowId": "checkout-flow",
    "workflowName": "Checkout Flow",
    "description": "Complete checkout workflow for processing orders",
    "version": 1,
    "definition": {
      "steps": [
        {
          "stepId": "start",
          "stepName": "Start",
          "stepType": "START"
        },
        {
          "stepId": "validate-cart",
          "stepName": "Validate Cart",
          "stepType": "AUTOMATED",
          "description": "Validate cart items and check inventory"
        },
        {
          "stepId": "payment",
          "stepName": "Process Payment",
          "stepType": "AUTOMATED",
          "description": "Charge payment method",
          "retryPolicy": {
            "maxAttempts": 3,
            "backoffMs": 1000
          }
        },
        {
          "stepId": "end",
          "stepName": "End",
          "stepType": "END"
        }
      ],
      "transitions": [
        {
          "transitionId": "start-to-validate",
          "fromStepId": "start",
          "toStepId": "validate-cart",
          "trigger": "auto"
        },
        {
          "transitionId": "validate-to-payment",
          "fromStepId": "validate-cart",
          "toStepId": "payment",
          "trigger": "auto"
        },
        {
          "transitionId": "payment-to-end",
          "fromStepId": "payment",
          "toStepId": "end",
          "trigger": "auto",
          "activities": [
            {
              "activityName": "Send Order Confirmation",
              "activityType": "SEND_EMAIL",
              "config": {
                "to": "{{context.customerEmail}}",
                "subject": "Order Confirmation #{{context.orderId}}",
                "template": "order_confirmation"
              }
            }
          ]
        }
      ]
    },
    "enabled": true,
    "tenantId": "123e4567-e89b-12d3-a456-426614174001",
    "organizationId": "123e4567-e89b-12d3-a456-426614174002",
    "createdAt": "2025-12-08T10:00:00.000Z",
    "updatedAt": "2025-12-08T10:00:00.000Z"
  }
}

404Workflow definition not found

Content-Type: application/json

{
  "error": "Workflow definition not found"
}

Example

curl -X GET "http://localhost:3000/api/workflows/definitions/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json"

PUT/workflows/definitions/{id}

Update workflow definition

Update an existing workflow definition. Supports partial updates - only provided fields will be updated.

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Request body (application/json)

{
  "definition": {
    "steps": [
      {
        "stepId": "start",
        "stepName": "Start",
        "stepType": "START"
      },
      {
        "stepId": "validate-cart",
        "stepName": "Validate Cart",
        "stepType": "AUTOMATED"
      },
      {
        "stepId": "payment",
        "stepName": "Process Payment",
        "stepType": "AUTOMATED"
      },
      {
        "stepId": "confirmation",
        "stepName": "Order Confirmation",
        "stepType": "AUTOMATED"
      },
      {
        "stepId": "end",
        "stepName": "End",
        "stepType": "END"
      }
    ],
    "transitions": [
      {
        "transitionId": "start-to-validate",
        "fromStepId": "start",
        "toStepId": "validate-cart",
        "trigger": "auto"
      },
      {
        "transitionId": "validate-to-payment",
        "fromStepId": "validate-cart",
        "toStepId": "payment",
        "trigger": "auto"
      },
      {
        "transitionId": "payment-to-confirmation",
        "fromStepId": "payment",
        "toStepId": "confirmation",
        "trigger": "auto"
      },
      {
        "transitionId": "confirmation-to-end",
        "fromStepId": "confirmation",
        "toStepId": "end",
        "trigger": "auto"
      }
    ]
  },
  "enabled": true
}

Responses

200Workflow definition updated successfully

Content-Type: application/json

{
  "data": {
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "workflowId": "checkout-flow",
    "workflowName": "Checkout Flow",
    "description": "Complete checkout workflow for processing orders",
    "version": 1,
    "definition": {
      "steps": [
        {
          "stepId": "start",
          "stepName": "Start",
          "stepType": "START"
        },
        {
          "stepId": "validate-cart",
          "stepName": "Validate Cart",
          "stepType": "AUTOMATED"
        },
        {
          "stepId": "payment",
          "stepName": "Process Payment",
          "stepType": "AUTOMATED"
        },
        {
          "stepId": "confirmation",
          "stepName": "Order Confirmation",
          "stepType": "AUTOMATED"
        },
        {
          "stepId": "end",
          "stepName": "End",
          "stepType": "END"
        }
      ],
      "transitions": [
        {
          "transitionId": "start-to-validate",
          "fromStepId": "start",
          "toStepId": "validate-cart",
          "trigger": "auto"
        },
        {
          "transitionId": "validate-to-payment",
          "fromStepId": "validate-cart",
          "toStepId": "payment",
          "trigger": "auto"
        },
        {
          "transitionId": "payment-to-confirmation",
          "fromStepId": "payment",
          "toStepId": "confirmation",
          "trigger": "auto"
        },
        {
          "transitionId": "confirmation-to-end",
          "fromStepId": "confirmation",
          "toStepId": "end",
          "trigger": "auto"
        }
      ]
    },
    "enabled": true,
    "tenantId": "123e4567-e89b-12d3-a456-426614174001",
    "organizationId": "123e4567-e89b-12d3-a456-426614174002",
    "createdAt": "2025-12-08T10:00:00.000Z",
    "updatedAt": "2025-12-08T11:30:00.000Z"
  },
  "message": "Workflow definition updated successfully"
}

400Validation error

Content-Type: application/json

{
  "error": "Validation failed",
  "details": [
    {
      "code": "invalid_type",
      "message": "Expected object, received string",
      "path": [
        "definition"
      ]
    }
  ]
}

404Workflow definition not found

Content-Type: application/json

{
  "error": "Workflow definition not found"
}

Example

curl -X PUT "http://localhost:3000/api/workflows/definitions/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{}'

DELETE/workflows/definitions/{id}

Delete workflow definition

Soft delete a workflow definition. Cannot be deleted if there are active workflow instances (RUNNING or WAITING status) using this definition.

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Workflow definition deleted successfully

Content-Type: application/json

{
  "message": "Workflow definition deleted successfully"
}

404Workflow definition not found

Content-Type: application/json

{
  "error": "Workflow definition not found"
}

409Cannot delete - active workflow instances exist

Content-Type: application/json

{
  "error": "Cannot delete workflow definition with 3 active instance(s)"
}

Example

curl -X DELETE "http://localhost:3000/api/workflows/definitions/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json"

GET/workflows/events

List all workflow events

Get a paginated list of all workflow events with filtering options

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
eventType	query	No	string	—
workflowInstanceId	query	No	string	—
userId	query	No	string	—
occurredAtFrom	query	No	string	—
occurredAtTo	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200List of workflow events

Content-Type: application/json

{
  "items": [],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

401Unauthorized

Content-Type: application/json

{
  "error": "string"
}

403Insufficient permissions

Content-Type: application/json

{
  "error": "string"
}

500Internal server error

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/workflows/events?page=1&pageSize=50&sortField=occurredAt&sortDir=desc" \
  -H "Accept: application/json"

GET/workflows/events/{id}

Get workflow event by ID

Get detailed information about a specific workflow event

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Workflow event details

Content-Type: application/json

{
  "id": "string",
  "workflowInstanceId": "string",
  "stepInstanceId": null,
  "eventType": "string",
  "occurredAt": "string",
  "userId": null,
  "workflowInstance": null
}

401Unauthorized

Content-Type: application/json

{
  "error": "string"
}

403Insufficient permissions

Content-Type: application/json

{
  "error": "string"
}

404Workflow event not found

Content-Type: application/json

{
  "error": "string"
}

500Internal server error

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/workflows/events/:id" \
  -H "Accept: application/json"

GET/workflows/instances

List workflow instances

Get a list of workflow instances with optional filters. Supports pagination and filtering by status, workflowId, correlationKey, etc.

Parameters

Name	In	Required	Schema	Description
workflowId	query	No	string	—
status	query	No	string	—
correlationKey	query	No	string	—
entityType	query	No	string	—
entityId	query	No	string	—
limit	query	No	number	—
offset	query	No	number	—

Responses

200List of workflow instances

Content-Type: application/json

{
  "data": [],
  "pagination": {
    "total": 1,
    "limit": 1,
    "offset": 1,
    "hasMore": true
  }
}

401Unauthorized

Content-Type: application/json

{
  "error": "string"
}

500Internal server error

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/workflows/instances?limit=50&offset=0" \
  -H "Accept: application/json"

POST/workflows/instances

Start workflow instance

Start a new workflow instance from a workflow definition. The workflow will execute immediately.

Request body (application/json)

{
  "workflowId": "string"
}

Responses

201Workflow started successfully

Content-Type: application/json

{
  "data": {},
  "message": "string"
}

400Bad request - Validation failed or definition disabled/invalid

Content-Type: application/json

{
  "error": "string"
}

401Unauthorized

Content-Type: application/json

{
  "error": "string"
}

403Forbidden - Insufficient permissions

Content-Type: application/json

{
  "error": "string"
}

404Workflow definition not found

Content-Type: application/json

{
  "error": "string"
}

500Internal server error

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/workflows/instances" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
  "workflowId": "string"
}'

GET/workflows/instances/{id}

Get workflow instance

Get detailed information about a specific workflow instance including current state, context, and execution status.

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Workflow instance details

Content-Type: application/json

{}

401Unauthorized

Content-Type: application/json

{
  "error": "string"
}

404Workflow instance not found

Content-Type: application/json

{
  "error": "string"
}

500Internal server error

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/workflows/instances/:id" \
  -H "Accept: application/json"

POST/workflows/instances/{id}/advance

POST /workflows/instances/{id}/advance

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/workflows/instances/:id/advance" \
  -H "Accept: application/json"

POST/workflows/instances/{id}/cancel

Cancel workflow instance

Cancel a running or paused workflow instance. The workflow will be marked as CANCELLED and will not execute further.

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Workflow cancelled successfully

Content-Type: application/json

{
  "message": "string"
}

400Bad request - Workflow cannot be cancelled in current status

Content-Type: application/json

{
  "error": "string"
}

401Unauthorized

Content-Type: application/json

{
  "error": "string"
}

403Forbidden - Insufficient permissions

Content-Type: application/json

{
  "error": "string"
}

404Workflow instance not found

Content-Type: application/json

{
  "error": "string"
}

500Internal server error

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/workflows/instances/:id/cancel" \
  -H "Accept: application/json"

GET/workflows/instances/{id}/events

Get workflow instance events

Get a chronological list of events for a workflow instance. Events track all state changes, transitions, and activities.

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—
eventType	query	No	string	—
limit	query	No	number	—
offset	query	No	number	—

Responses

200List of workflow events

Content-Type: application/json

{
  "data": [],
  "pagination": {
    "total": 1,
    "limit": 1,
    "offset": 1,
    "hasMore": true
  }
}

401Unauthorized

Content-Type: application/json

{
  "error": "string"
}

404Workflow instance not found

Content-Type: application/json

{
  "error": "string"
}

500Internal server error

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/workflows/instances/:id/events?limit=100&offset=0" \
  -H "Accept: application/json"

POST/workflows/instances/{id}/retry

Retry failed workflow instance

Retry a failed workflow instance from its current step. The workflow will be reset to RUNNING status and execution will continue.

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Workflow retry initiated successfully

Content-Type: application/json

{
  "data": {},
  "message": "string"
}

400Bad request - Workflow cannot be retried in current status or execution error

Content-Type: application/json

{
  "error": "string"
}

401Unauthorized

Content-Type: application/json

{
  "error": "string"
}

403Forbidden - Insufficient permissions

Content-Type: application/json

{
  "error": "string"
}

404Workflow instance not found

Content-Type: application/json

{
  "error": "string"
}

500Internal server error

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/workflows/instances/:id/retry" \
  -H "Accept: application/json"

POST/workflows/instances/{id}/signal

POST /workflows/instances/{id}/signal

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/workflows/instances/:id/signal" \
  -H "Accept: application/json"

POST/workflows/signals

POST /workflows/signals

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/workflows/signals" \
  -H "Accept: application/json"

GET/workflows/tasks

GET /workflows/tasks

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/workflows/tasks" \
  -H "Accept: application/json"

GET/workflows/tasks/{id}

GET /workflows/tasks/{id}

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/workflows/tasks/:id" \
  -H "Accept: application/json"

POST/workflows/tasks/{id}/claim

POST /workflows/tasks/{id}/claim

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/workflows/tasks/:id/claim" \
  -H "Accept: application/json"

POST/workflows/tasks/{id}/complete

POST /workflows/tasks/{id}/complete

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/workflows/tasks/:id/complete" \
  -H "Accept: application/json"

Booking

45 endpoints

GET/booking/availability

Auth requiredbooking.view

List availability rules

Returns a paginated collection of availability rules scoped to the authenticated organization. Requires features: booking.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
subjectType	query	No	string	—
subjectIds	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated availability rules

Content-Type: application/json

{
  "items": [
    {
      "id": null,
      "organization_id": null,
      "tenant_id": null,
      "subject_type": null,
      "subject_id": null,
      "timezone": null,
      "rrule": null,
      "exdates": null,
      "kind": null,
      "note": null,
      "created_at": null,
      "updated_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/booking/availability?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/booking/availability

Auth requiredbooking.manage_availability

Create availability rule

Creates an availability rule for the selected subject. Requires features: booking.manage_availability

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "subjectType": "member",
  "subjectId": "00000000-0000-4000-8000-000000000000",
  "timezone": "string",
  "rrule": "string",
  "exdates": [],
  "kind": "availability",
  "note": null
}

Responses

201Availability rule created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/booking/availability" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "subjectType": "member",
  "subjectId": "00000000-0000-4000-8000-000000000000",
  "timezone": "string",
  "rrule": "string",
  "exdates": [],
  "kind": "availability",
  "note": null
}'

PUT/booking/availability

Auth requiredbooking.manage_availability

Update availability rule

Updates an availability rule by id. Requires features: booking.manage_availability

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "note": null
}

Responses

200Availability rule updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/booking/availability" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "note": null
}'

DELETE/booking/availability

Auth requiredbooking.manage_availability

Delete availability rule

Deletes an availability rule by id. Requires features: booking.manage_availability

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Availability rule deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/booking/availability" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

POST/booking/availability-date-specific

Auth requiredbooking.manage_availability

Replace date-specific availability

Replaces date-specific availability rules for the subject in a single request. Requires features: booking.manage_availability

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "subjectType": "member",
  "subjectId": "00000000-0000-4000-8000-000000000000",
  "timezone": "string",
  "dates": [],
  "windows": [],
  "kind": "availability",
  "note": null
}

Responses

200Date-specific availability updated

Content-Type: application/json

{
  "ok": true
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/booking/availability-date-specific" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "subjectType": "member",
  "subjectId": "00000000-0000-4000-8000-000000000000",
  "timezone": "string",
  "dates": [],
  "windows": [],
  "kind": "availability",
  "note": null
}'

GET/booking/availability-rule-sets

Auth requiredbooking.view

List availability rule sets

Returns a paginated collection of availability rule sets scoped to the authenticated organization. Requires features: booking.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
ids	query	No	string	—
search	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated availability rule sets

Content-Type: application/json

{
  "items": [
    {
      "id": null,
      "organization_id": null,
      "tenant_id": null,
      "name": null,
      "description": null,
      "timezone": null,
      "created_at": null,
      "updated_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/booking/availability-rule-sets?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/booking/availability-rule-sets

Auth requiredbooking.manage_availability

Create availability rule set

Creates a reusable availability rule set. Requires features: booking.manage_availability

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "description": null,
  "timezone": "string"
}

Responses

201Availability rule set created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/booking/availability-rule-sets" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "description": null,
  "timezone": "string"
}'

PUT/booking/availability-rule-sets

Auth requiredbooking.manage_availability

Update availability rule set

Updates an availability rule set by id. Requires features: booking.manage_availability

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "description": null
}

Responses

200Availability rule set updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/booking/availability-rule-sets" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "description": null
}'

DELETE/booking/availability-rule-sets

Auth requiredbooking.manage_availability

Delete availability rule set

Deletes an availability rule set by id. Requires features: booking.manage_availability

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Availability rule set deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/booking/availability-rule-sets" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

POST/booking/availability-weekly

Auth requiredbooking.manage_availability

Replace weekly availability

Replaces weekly availability rules for the subject in a single request. Requires features: booking.manage_availability

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "subjectType": "member",
  "subjectId": "00000000-0000-4000-8000-000000000000",
  "timezone": "string",
  "windows": []
}

Responses

200Weekly availability updated

Content-Type: application/json

{
  "ok": true
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/booking/availability-weekly" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "subjectType": "member",
  "subjectId": "00000000-0000-4000-8000-000000000000",
  "timezone": "string",
  "windows": []
}'

GET/booking/event-attendees

Auth requiredbooking.view

List event attendees

Returns a paginated collection of event attendees scoped to the authenticated organization. Requires features: booking.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
ids	query	No	string	—
eventId	query	No	string	—
customerId	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated event attendees

Content-Type: application/json

{
  "items": [
    {
      "id": null,
      "organization_id": null,
      "tenant_id": null,
      "event_id": null,
      "customer_id": null,
      "first_name": null,
      "last_name": null,
      "email": null,
      "phone": null,
      "address_line1": null,
      "address_line2": null,
      "city": null,
      "region": null,
      "postal_code": null,
      "country": null,
      "attendee_type": null,
      "external_ref": null,
      "notes": null,
      "created_at": null,
      "updated_at": null,
      "eventTitle": null,
      "eventStartsAt": null,
      "eventEndsAt": null,
      "customerDisplayName": null,
      "customerKind": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/booking/event-attendees?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/booking/event-attendees

Auth requiredbooking.manage_events

Create event attendee

Registers an attendee for a booking event. Requires features: booking.manage_events

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "eventId": "00000000-0000-4000-8000-000000000000",
  "customerId": null,
  "firstName": "string",
  "lastName": "string",
  "email": null,
  "phone": null,
  "addressLine1": null,
  "addressLine2": null,
  "city": null,
  "region": null,
  "postalCode": null,
  "country": null,
  "attendeeType": null,
  "externalRef": null,
  "tags": [],
  "notes": null
}

Responses

201Event attendee created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/booking/event-attendees" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "eventId": "00000000-0000-4000-8000-000000000000",
  "customerId": null,
  "firstName": "string",
  "lastName": "string",
  "email": null,
  "phone": null,
  "addressLine1": null,
  "addressLine2": null,
  "city": null,
  "region": null,
  "postalCode": null,
  "country": null,
  "attendeeType": null,
  "externalRef": null,
  "tags": [],
  "notes": null
}'

PUT/booking/event-attendees

Auth requiredbooking.manage_events

Update event attendee

Updates an event attendee by id. Requires features: booking.manage_events

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "customerId": null,
  "email": null,
  "phone": null,
  "addressLine1": null,
  "addressLine2": null,
  "city": null,
  "region": null,
  "postalCode": null,
  "country": null,
  "attendeeType": null,
  "externalRef": null,
  "notes": null
}

Responses

200Event attendee updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/booking/event-attendees" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "customerId": null,
  "email": null,
  "phone": null,
  "addressLine1": null,
  "addressLine2": null,
  "city": null,
  "region": null,
  "postalCode": null,
  "country": null,
  "attendeeType": null,
  "externalRef": null,
  "notes": null
}'

DELETE/booking/event-attendees

Auth requiredbooking.manage_events

Delete event attendee

Deletes an event attendee by id. Requires features: booking.manage_events

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Event attendee deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/booking/event-attendees" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/booking/event-options

Auth requiredbooking.view

List event options

Returns a lightweight list of events for selectors. Requires features: booking.view

Parameters

Name	In	Required	Schema	Description
search	query	No	string	—
pageSize	query	No	number	—

Responses

200Event options

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "title": "string",
      "startsAt": "string",
      "endsAt": "string",
      "status": null
    }
  ]
}

400Invalid query parameters

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/booking/event-options?pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/booking/resource-events

Auth requiredbooking.view

List resource events

Returns events assigned to a resource within the provided time window. Requires features: booking.view

Parameters

Name	In	Required	Schema	Description
resourceId	query	Yes	string	—
startsAt	query	Yes	string	—
endsAt	query	Yes	string	—

Responses

200Resource events

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "title": "string",
      "startsAt": "string",
      "endsAt": "string",
      "status": null
    }
  ]
}

400Invalid query parameters

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/booking/resource-events?resourceId=00000000-0000-4000-8000-000000000000&startsAt=string&endsAt=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/booking/resource-types

Auth requiredbooking.view

List resource types

Returns a paginated collection of resource types scoped to the authenticated organization. Requires features: booking.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
ids	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated resource types

Content-Type: application/json

{
  "items": [
    {
      "id": null,
      "organization_id": null,
      "tenant_id": null,
      "name": null,
      "description": null,
      "appearance_icon": null,
      "appearance_color": null,
      "created_at": null,
      "updated_at": null,
      "resourceCount": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/booking/resource-types?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/booking/resource-types

Auth requiredbooking.manage_resources

Create resource type

Creates a resource type for booking resources. Requires features: booking.manage_resources

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "description": null,
  "appearanceIcon": null,
  "appearanceColor": null
}

Responses

201Resource type created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/booking/resource-types" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "description": null,
  "appearanceIcon": null,
  "appearanceColor": null
}'

PUT/booking/resource-types

Auth requiredbooking.manage_resources

Update resource type

Updates a resource type by id. Requires features: booking.manage_resources

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "description": null,
  "appearanceIcon": null,
  "appearanceColor": null
}

Responses

200Resource type updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/booking/resource-types" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "description": null,
  "appearanceIcon": null,
  "appearanceColor": null
}'

DELETE/booking/resource-types

Auth requiredbooking.manage_resources

Delete resource type

Deletes a resource type by id. Requires features: booking.manage_resources

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Resource type deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/booking/resource-types" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/booking/resources

Auth requiredbooking.view

List resources

Returns a paginated collection of resources scoped to the authenticated organization. Requires features: booking.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
ids	query	No	string	—
resourceTypeId	query	No	string	—
isActive	query	No	string	—
tagIds	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated resources

Content-Type: application/json

{
  "items": [
    {
      "id": null,
      "organization_id": null,
      "tenant_id": null,
      "name": null,
      "description": null,
      "resource_type_id": null,
      "capacity": null,
      "capacity_unit_value": null,
      "capacity_unit_name": null,
      "capacity_unit_color": null,
      "capacity_unit_icon": null,
      "appearance_icon": null,
      "appearance_color": null,
      "is_active": null,
      "availability_rule_set_id": null,
      "created_at": null,
      "updated_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/booking/resources?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/booking/resources

Auth requiredbooking.manage_resources

Create resource

Creates a resource scoped to the selected organization. Requires features: booking.manage_resources

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "description": null,
  "resourceTypeId": null,
  "capacity": null,
  "capacityUnitValue": null,
  "appearanceIcon": null,
  "appearanceColor": null,
  "availabilityRuleSetId": null
}

Responses

201Resource created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/booking/resources" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "description": null,
  "resourceTypeId": null,
  "capacity": null,
  "capacityUnitValue": null,
  "appearanceIcon": null,
  "appearanceColor": null,
  "availabilityRuleSetId": null
}'

PUT/booking/resources

Auth requiredbooking.manage_resources

Update resource

Updates a resource by id. Requires features: booking.manage_resources

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "description": null,
  "resourceTypeId": null,
  "capacity": null,
  "capacityUnitValue": null,
  "appearanceIcon": null,
  "appearanceColor": null,
  "availabilityRuleSetId": null
}

Responses

200Resource updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/booking/resources" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "description": null,
  "resourceTypeId": null,
  "capacity": null,
  "capacityUnitValue": null,
  "appearanceIcon": null,
  "appearanceColor": null,
  "availabilityRuleSetId": null
}'

DELETE/booking/resources

Auth requiredbooking.manage_resources

Delete resource

Deletes a resource by id. Requires features: booking.manage_resources

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Resource deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/booking/resources" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

POST/booking/resources/tags/assign

Auth requiredbooking.manage_resources

Assign resource tag

Assigns a tag to a booking resource. Requires features: booking.manage_resources

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tagId": "00000000-0000-4000-8000-000000000000",
  "resourceId": "00000000-0000-4000-8000-000000000000"
}

Responses

201Tag assignment created

Content-Type: application/json

{
  "id": null
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/booking/resources/tags/assign" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tagId": "00000000-0000-4000-8000-000000000000",
  "resourceId": "00000000-0000-4000-8000-000000000000"
}'

POST/booking/resources/tags/unassign

Auth requiredbooking.manage_resources

Unassign resource tag

Removes a tag from a booking resource. Requires features: booking.manage_resources

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tagId": "00000000-0000-4000-8000-000000000000",
  "resourceId": "00000000-0000-4000-8000-000000000000"
}

Responses

200Tag assignment removed

Content-Type: application/json

{
  "id": null
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/booking/resources/tags/unassign" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tagId": "00000000-0000-4000-8000-000000000000",
  "resourceId": "00000000-0000-4000-8000-000000000000"
}'

GET/booking/services

Auth requiredbooking.view

List services

Returns a paginated collection of services scoped to the authenticated organization. Requires features: booking.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
isActive	query	No	string	—
tagIds	query	No	string	—
duration	query	No	string	—
maxAttendees	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated services

Content-Type: application/json

{
  "items": [
    {
      "id": null,
      "organization_id": null,
      "tenant_id": null,
      "name": null,
      "description": null,
      "duration_minutes": null,
      "capacity_model": null,
      "max_attendees": null,
      "is_active": null,
      "created_at": null,
      "updated_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/booking/services?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/booking/tags

Auth requiredbooking.view

List resource tags

Returns a paginated collection of resource tags scoped to the authenticated organization. Requires features: booking.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated resource tags

Content-Type: application/json

{
  "items": [
    {
      "id": null,
      "slug": null,
      "label": null,
      "color": null,
      "description": null,
      "organization_id": null,
      "tenant_id": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/booking/tags?page=1&pageSize=100" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/booking/tags

Auth requiredbooking.manage_resources

Create resource tag

Creates a tag for booking resources and services. Requires features: booking.manage_resources

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "label": "string"
}

Responses

201Resource tag created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/booking/tags" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "label": "string"
}'

PUT/booking/tags

Auth requiredbooking.manage_resources

Update resource tag

Updates a resource tag by id. Requires features: booking.manage_resources

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Resource tag updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/booking/tags" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

DELETE/booking/tags

Auth requiredbooking.manage_resources

Delete resource tag

Deletes a resource tag by id. Requires features: booking.manage_resources

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Resource tag deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/booking/tags" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/booking/team-members

Auth requiredbooking.view

List team members

Returns a paginated collection of team members scoped to the authenticated organization. Requires features: booking.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
isActive	query	No	string	—
teamId	query	No	string	—
roleId	query	No	string	—
ids	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated team members

Content-Type: application/json

{
  "items": [
    {
      "id": null,
      "organization_id": null,
      "tenant_id": null,
      "team_id": null,
      "display_name": null,
      "description": null,
      "user_id": null,
      "availability_rule_set_id": null,
      "is_active": null,
      "created_at": null,
      "updated_at": null,
      "user": null,
      "team": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/booking/team-members?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/booking/team-members

Auth requiredbooking.manage_team

Create team member

Creates a team member for booking assignments. Requires features: booking.manage_team

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "teamId": null,
  "displayName": "string",
  "description": null,
  "userId": null,
  "roleIds": [],
  "tags": [],
  "availabilityRuleSetId": null
}

Responses

201Team member created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/booking/team-members" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "teamId": null,
  "displayName": "string",
  "description": null,
  "userId": null,
  "roleIds": [],
  "tags": [],
  "availabilityRuleSetId": null
}'

PUT/booking/team-members

Auth requiredbooking.manage_team

Update team member

Updates a team member by id. Requires features: booking.manage_team

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "teamId": null,
  "description": null,
  "userId": null,
  "availabilityRuleSetId": null
}

Responses

200Team member updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/booking/team-members" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "teamId": null,
  "description": null,
  "userId": null,
  "availabilityRuleSetId": null
}'

DELETE/booking/team-members

Auth requiredbooking.manage_team

Delete team member

Deletes a team member by id. Requires features: booking.manage_team

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Team member deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/booking/team-members" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

POST/booking/team-members/tags/assign

Auth requiredbooking.manage_team

Assign team member tag

Assigns a tag to a booking team member. Requires features: booking.manage_team

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "memberId": "00000000-0000-4000-8000-000000000000",
  "tag": "string"
}

Responses

201Tag assignment created

Content-Type: application/json

{
  "id": null
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/booking/team-members/tags/assign" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "memberId": "00000000-0000-4000-8000-000000000000",
  "tag": "string"
}'

POST/booking/team-members/tags/unassign

Auth requiredbooking.manage_team

Unassign team member tag

Removes a tag from a booking team member. Requires features: booking.manage_team

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "memberId": "00000000-0000-4000-8000-000000000000",
  "tag": "string"
}

Responses

200Tag assignment removed

Content-Type: application/json

{
  "id": null
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/booking/team-members/tags/unassign" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "memberId": "00000000-0000-4000-8000-000000000000",
  "tag": "string"
}'

GET/booking/team-roles

Auth requiredbooking.view

List team roles

Returns a paginated collection of team roles scoped to the authenticated organization. Requires features: booking.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
ids	query	No	string	—
teamId	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated team roles

Content-Type: application/json

{
  "items": [
    {
      "id": null,
      "organization_id": null,
      "tenant_id": null,
      "team_id": null,
      "name": null,
      "description": null,
      "appearance_icon": null,
      "appearance_color": null,
      "created_at": null,
      "updated_at": null,
      "team": null,
      "memberCount": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/booking/team-roles?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/booking/team-roles

Auth requiredbooking.manage_team

Create team role

Creates a team role for booking team members. Requires features: booking.manage_team

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "teamId": null,
  "name": "string",
  "description": null,
  "appearanceIcon": null,
  "appearanceColor": null
}

Responses

201Team role created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/booking/team-roles" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "teamId": null,
  "name": "string",
  "description": null,
  "appearanceIcon": null,
  "appearanceColor": null
}'

PUT/booking/team-roles

Auth requiredbooking.manage_team

Update team role

Updates a team role by id. Requires features: booking.manage_team

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "teamId": null,
  "description": null,
  "appearanceIcon": null,
  "appearanceColor": null
}

Responses

200Team role updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/booking/team-roles" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "teamId": null,
  "description": null,
  "appearanceIcon": null,
  "appearanceColor": null
}'

DELETE/booking/team-roles

Auth requiredbooking.manage_team

Delete team role

Deletes a team role by id. Requires features: booking.manage_team

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Team role deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/booking/team-roles" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/booking/teams

Auth requiredbooking.view

List teams

Returns a paginated collection of teams scoped to the authenticated organization. Requires features: booking.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
ids	query	No	string	—
isActive	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated teams

Content-Type: application/json

{
  "items": [
    {
      "id": null,
      "organization_id": null,
      "tenant_id": null,
      "name": null,
      "description": null,
      "is_active": null,
      "created_at": null,
      "updated_at": null,
      "memberCount": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/booking/teams?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/booking/teams

Auth requiredbooking.manage_team

Create team

Creates a booking team. Requires features: booking.manage_team

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "description": null
}

Responses

201Team created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/booking/teams" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "description": null
}'

PUT/booking/teams

Auth requiredbooking.manage_team

Update team

Updates a booking team by id. Requires features: booking.manage_team

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "description": null
}

Responses

200Team updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/booking/teams" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "description": null
}'

DELETE/booking/teams

Auth requiredbooking.manage_team

Delete team

Deletes a booking team by id. Requires features: booking.manage_team

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Team deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/booking/teams" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

Search

15 endpoints

GET/search/embeddings

Auth requiredsearch.embeddings.view

GET /search/embeddings

Requires features: search.embeddings.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/search/embeddings" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/search/embeddings

Auth requiredsearch.embeddings.manage

POST /search/embeddings

Requires features: search.embeddings.manage

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/search/embeddings" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/search/embeddings/reindex

Auth requiredsearch.embeddings.manage

POST /search/embeddings/reindex

Requires features: search.embeddings.manage

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/search/embeddings/reindex" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/search/embeddings/reindex/cancel

Auth requiredsearch.embeddings.manage

POST /search/embeddings/reindex/cancel

Requires features: search.embeddings.manage

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/search/embeddings/reindex/cancel" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/search/index

Auth requiredsearch.view

GET /search/index

Requires features: search.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/search/index" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/search/index

Auth requiredsearch.embeddings.manage

DELETE /search/index

Requires features: search.embeddings.manage

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/search/index" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/search/reindex

Auth requiredsearch.reindex

POST /search/reindex

Requires features: search.reindex

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/search/reindex" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/search/reindex/cancel

Auth requiredsearch.reindex

POST /search/reindex/cancel

Requires features: search.reindex

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/search/reindex/cancel" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/search/search

Auth requiredsearch.view

GET /search/search

Requires features: search.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/search/search" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/search/search/global

Auth requiredsearch.view

GET /search/search/global

Requires features: search.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/search/search/global" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/search/settings

Auth requiredsearch.view

GET /search/settings

Requires features: search.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/search/settings" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/search/settings/fulltext

Auth requiredsearch.view

GET /search/settings/fulltext

Requires features: search.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/search/settings/fulltext" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/search/settings/global-search

Auth requiredsearch.view

GET /search/settings/global-search

Requires features: search.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/search/settings/global-search" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/search/settings/global-search

Auth requiredsearch.manage

POST /search/settings/global-search

Requires features: search.manage

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/search/settings/global-search" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/search/settings/vector-store

Auth requiredsearch.view

GET /search/settings/vector-store

Requires features: search.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/search/settings/vector-store" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Currencies

13 endpoints

GET/currencies/currencies

Auth requiredcurrencies.view

GET /currencies/currencies

Requires features: currencies.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/currencies/currencies" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/currencies/currencies

Auth requiredcurrencies.manage

POST /currencies/currencies

Requires features: currencies.manage

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/currencies/currencies" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/currencies/currencies

Auth requiredcurrencies.manage

PUT /currencies/currencies

Requires features: currencies.manage

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/currencies/currencies" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/currencies/currencies

Auth requiredcurrencies.manage

DELETE /currencies/currencies

Requires features: currencies.manage

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/currencies/currencies" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/currencies/exchange-rates

Auth requiredcurrencies.rates.view

GET /currencies/exchange-rates

Requires features: currencies.rates.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/currencies/exchange-rates" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/currencies/exchange-rates

Auth requiredcurrencies.rates.manage

POST /currencies/exchange-rates

Requires features: currencies.rates.manage

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/currencies/exchange-rates" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/currencies/exchange-rates

Auth requiredcurrencies.rates.manage

PUT /currencies/exchange-rates

Requires features: currencies.rates.manage

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/currencies/exchange-rates" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/currencies/exchange-rates

Auth requiredcurrencies.rates.manage

DELETE /currencies/exchange-rates

Requires features: currencies.rates.manage

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/currencies/exchange-rates" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/currencies/fetch-configs

GET /currencies/fetch-configs

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/currencies/fetch-configs" \
  -H "Accept: application/json"

POST/currencies/fetch-configs

POST /currencies/fetch-configs

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/currencies/fetch-configs" \
  -H "Accept: application/json"

PUT/currencies/fetch-configs

PUT /currencies/fetch-configs

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/currencies/fetch-configs" \
  -H "Accept: application/json"

DELETE/currencies/fetch-configs

DELETE /currencies/fetch-configs

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/currencies/fetch-configs" \
  -H "Accept: application/json"

POST/currencies/fetch-rates

POST /currencies/fetch-rates

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/currencies/fetch-rates" \
  -H "Accept: application/json"

Contractors

30 endpoints

GET/contractors/addresses

Auth requiredcontractors.view

GET /contractors/addresses

Requires features: contractors.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/contractors/addresses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/contractors/addresses

Auth requiredcontractors.edit

POST /contractors/addresses

Requires features: contractors.edit

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/contractors/addresses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/contractors/addresses

Auth requiredcontractors.edit

PUT /contractors/addresses

Requires features: contractors.edit

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/contractors/addresses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/contractors/addresses

Auth requiredcontractors.edit

DELETE /contractors/addresses

Requires features: contractors.edit

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/contractors/addresses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/contractors/addresses/table-config

Auth requiredcontractors.view

GET /contractors/addresses/table-config

Requires features: contractors.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/contractors/addresses/table-config" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/contractors/contacts

Auth requiredcontractors.view

GET /contractors/contacts

Requires features: contractors.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/contractors/contacts" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/contractors/contacts

Auth requiredcontractors.edit

POST /contractors/contacts

Requires features: contractors.edit

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/contractors/contacts" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/contractors/contacts

Auth requiredcontractors.edit

PUT /contractors/contacts

Requires features: contractors.edit

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/contractors/contacts" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/contractors/contacts

Auth requiredcontractors.edit

DELETE /contractors/contacts

Requires features: contractors.edit

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/contractors/contacts" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/contractors/contacts/table-config

Auth requiredcontractors.view

GET /contractors/contacts/table-config

Requires features: contractors.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/contractors/contacts/table-config" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/contractors/contractors

Auth requiredcontractors.view

GET /contractors/contractors

Requires features: contractors.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/contractors/contractors" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/contractors/contractors

Auth requiredcontractors.create

POST /contractors/contractors

Requires features: contractors.create

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/contractors/contractors" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/contractors/contractors

Auth requiredcontractors.edit

PUT /contractors/contractors

Requires features: contractors.edit

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/contractors/contractors" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/contractors/contractors

Auth requiredcontractors.delete

DELETE /contractors/contractors

Requires features: contractors.delete

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/contractors/contractors" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/contractors/contractors/{id}

Auth requiredcontractors.view

GET /contractors/contractors/{id}

Requires features: contractors.view

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/contractors/contractors/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/contractors/contractors/{id}

Auth requiredcontractors.edit

PUT /contractors/contractors/{id}

Requires features: contractors.edit

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/contractors/contractors/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/contractors/contractors/{id}

Auth requiredcontractors.delete

DELETE /contractors/contractors/{id}

Requires features: contractors.delete

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/contractors/contractors/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/contractors/credit-limits

Auth requiredcontractors.view

GET /contractors/credit-limits

Requires features: contractors.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/contractors/credit-limits" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/contractors/credit-limits

Auth requiredcontractors.manage_financial

POST /contractors/credit-limits

Requires features: contractors.manage_financial

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/contractors/credit-limits" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/contractors/credit-limits

Auth requiredcontractors.manage_financial

PUT /contractors/credit-limits

Requires features: contractors.manage_financial

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/contractors/credit-limits" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/contractors/credit-limits

Auth requiredcontractors.manage_financial

DELETE /contractors/credit-limits

Requires features: contractors.manage_financial

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/contractors/credit-limits" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/contractors/payment-terms

Auth requiredcontractors.view

GET /contractors/payment-terms

Requires features: contractors.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/contractors/payment-terms" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/contractors/payment-terms

Auth requiredcontractors.manage_financial

POST /contractors/payment-terms

Requires features: contractors.manage_financial

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/contractors/payment-terms" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/contractors/payment-terms

Auth requiredcontractors.manage_financial

PUT /contractors/payment-terms

Requires features: contractors.manage_financial

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/contractors/payment-terms" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/contractors/payment-terms

Auth requiredcontractors.manage_financial

DELETE /contractors/payment-terms

Requires features: contractors.manage_financial

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/contractors/payment-terms" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/contractors/role-types

Auth requiredcontractors.view

GET /contractors/role-types

Requires features: contractors.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/contractors/role-types" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/contractors/role-types

Auth requiredcontractors.admin

POST /contractors/role-types

Requires features: contractors.admin

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/contractors/role-types" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/contractors/role-types

Auth requiredcontractors.admin

PUT /contractors/role-types

Requires features: contractors.admin

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/contractors/role-types" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/contractors/role-types

Auth requiredcontractors.admin

DELETE /contractors/role-types

Requires features: contractors.admin

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/contractors/role-types" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/contractors/table-config

Auth requiredcontractors.view

GET /contractors/table-config

Requires features: contractors.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/contractors/table-config" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

FMS Quotes & Offers

26 endpoints

GET/fms_quotes

Auth requiredfms_quotes.quotes.view

GET /fms_quotes

Requires features: fms_quotes.quotes.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_quotes" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/fms_quotes

Auth requiredfms_quotes.quotes.manage

POST /fms_quotes

Requires features: fms_quotes.quotes.manage

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/fms_quotes" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/fms_quotes

Auth requiredfms_quotes.quotes.manage

PUT /fms_quotes

Requires features: fms_quotes.quotes.manage

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/fms_quotes" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/fms_quotes

Auth requiredfms_quotes.quotes.manage

DELETE /fms_quotes

Requires features: fms_quotes.quotes.manage

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/fms_quotes" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/fms_quotes/offer-lines

Auth requiredfms_quotes.quotes.view

GET /fms_quotes/offer-lines

Requires features: fms_quotes.quotes.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_quotes/offer-lines" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/fms_quotes/offer-lines

Auth requiredfms_quotes.quotes.manage

POST /fms_quotes/offer-lines

Requires features: fms_quotes.quotes.manage

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/fms_quotes/offer-lines" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/fms_quotes/offer-lines/table-config

Auth requiredfms_quotes.quotes.view

GET /fms_quotes/offer-lines/table-config

Requires features: fms_quotes.quotes.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_quotes/offer-lines/table-config" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/fms_quotes/offer-lines/{id}

Auth requiredfms_quotes.quotes.view

GET /fms_quotes/offer-lines/{id}

Requires features: fms_quotes.quotes.view

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_quotes/offer-lines/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/fms_quotes/offer-lines/{id}

Auth requiredfms_quotes.quotes.manage

PUT /fms_quotes/offer-lines/{id}

Requires features: fms_quotes.quotes.manage

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/fms_quotes/offer-lines/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/fms_quotes/offer-lines/{id}

Auth requiredfms_quotes.quotes.manage

DELETE /fms_quotes/offer-lines/{id}

Requires features: fms_quotes.quotes.manage

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/fms_quotes/offer-lines/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/fms_quotes/offers

Auth requiredfms_quotes.offers.view

GET /fms_quotes/offers

Requires features: fms_quotes.offers.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_quotes/offers" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/fms_quotes/offers

Auth requiredfms_quotes.offers.manage

POST /fms_quotes/offers

Requires features: fms_quotes.offers.manage

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/fms_quotes/offers" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/fms_quotes/offers/version

Auth requiredfms_quotes.offers.manage

POST /fms_quotes/offers/version

Requires features: fms_quotes.offers.manage

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/fms_quotes/offers/version" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/fms_quotes/offers/{id}

Auth requiredfms_quotes.offers.view

GET /fms_quotes/offers/{id}

Requires features: fms_quotes.offers.view

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_quotes/offers/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/fms_quotes/offers/{id}

Auth requiredfms_quotes.offers.manage

PUT /fms_quotes/offers/{id}

Requires features: fms_quotes.offers.manage

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/fms_quotes/offers/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/fms_quotes/offers/{id}

Auth requiredfms_quotes.offers.manage

DELETE /fms_quotes/offers/{id}

Requires features: fms_quotes.offers.manage

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/fms_quotes/offers/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/fms_quotes/quote-lines

Auth requiredfms_quotes.quotes.view

GET /fms_quotes/quote-lines

Requires features: fms_quotes.quotes.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_quotes/quote-lines" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/fms_quotes/quote-lines

Auth requiredfms_quotes.quotes.manage

POST /fms_quotes/quote-lines

Requires features: fms_quotes.quotes.manage

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/fms_quotes/quote-lines" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/fms_quotes/quote-lines/table-config

Auth requiredfms_quotes.quotes.view

GET /fms_quotes/quote-lines/table-config

Requires features: fms_quotes.quotes.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_quotes/quote-lines/table-config" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/fms_quotes/quote-lines/{id}

Auth requiredfms_quotes.quotes.view

GET /fms_quotes/quote-lines/{id}

Requires features: fms_quotes.quotes.view

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_quotes/quote-lines/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/fms_quotes/quote-lines/{id}

Auth requiredfms_quotes.quotes.manage

PUT /fms_quotes/quote-lines/{id}

Requires features: fms_quotes.quotes.manage

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/fms_quotes/quote-lines/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/fms_quotes/quote-lines/{id}

Auth requiredfms_quotes.quotes.manage

DELETE /fms_quotes/quote-lines/{id}

Requires features: fms_quotes.quotes.manage

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/fms_quotes/quote-lines/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/fms_quotes/table-config

Auth requiredfms_quotes.quotes.view

GET /fms_quotes/table-config

Requires features: fms_quotes.quotes.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_quotes/table-config" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/fms_quotes/{id}

Auth requiredfms_quotes.quotes.view

GET /fms_quotes/{id}

Requires features: fms_quotes.quotes.view

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_quotes/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/fms_quotes/{id}

Auth requiredfms_quotes.quotes.manage

PUT /fms_quotes/{id}

Requires features: fms_quotes.quotes.manage

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/fms_quotes/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/fms_quotes/{id}

Auth requiredfms_quotes.quotes.manage

DELETE /fms_quotes/{id}

Requires features: fms_quotes.quotes.manage

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/fms_quotes/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

FMS Locations

17 endpoints

POST/fms_locations/import

Auth requiredfms_locations.import

POST /fms_locations/import

Requires features: fms_locations.import

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/fms_locations/import" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/fms_locations/locations

Auth requiredfms_locations.ports.view

GET /fms_locations/locations

Requires features: fms_locations.ports.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_locations/locations" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/fms_locations/ports

Auth requiredfms_locations.ports.view

GET /fms_locations/ports

Requires features: fms_locations.ports.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_locations/ports" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/fms_locations/ports

Auth requiredfms_locations.ports.manage

POST /fms_locations/ports

Requires features: fms_locations.ports.manage

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/fms_locations/ports" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/fms_locations/ports

Auth requiredfms_locations.ports.manage

PUT /fms_locations/ports

Requires features: fms_locations.ports.manage

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/fms_locations/ports" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/fms_locations/ports

Auth requiredfms_locations.ports.manage

DELETE /fms_locations/ports

Requires features: fms_locations.ports.manage

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/fms_locations/ports" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/fms_locations/ports/{id}

Auth requiredfms_locations.ports.view

GET /fms_locations/ports/{id}

Requires features: fms_locations.ports.view

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_locations/ports/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/fms_locations/ports/{id}

Auth requiredfms_locations.ports.manage

PUT /fms_locations/ports/{id}

Requires features: fms_locations.ports.manage

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/fms_locations/ports/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/fms_locations/ports/{id}

Auth requiredfms_locations.ports.manage

DELETE /fms_locations/ports/{id}

Requires features: fms_locations.ports.manage

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/fms_locations/ports/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/fms_locations/table-config

Auth requiredfms_locations.ports.view

GET /fms_locations/table-config

Requires features: fms_locations.ports.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_locations/table-config" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/fms_locations/terminals

Auth requiredfms_locations.terminals.view

GET /fms_locations/terminals

Requires features: fms_locations.terminals.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_locations/terminals" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/fms_locations/terminals

Auth requiredfms_locations.terminals.manage

POST /fms_locations/terminals

Requires features: fms_locations.terminals.manage

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/fms_locations/terminals" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/fms_locations/terminals

Auth requiredfms_locations.terminals.manage

PUT /fms_locations/terminals

Requires features: fms_locations.terminals.manage

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/fms_locations/terminals" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/fms_locations/terminals

Auth requiredfms_locations.terminals.manage

DELETE /fms_locations/terminals

Requires features: fms_locations.terminals.manage

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/fms_locations/terminals" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/fms_locations/terminals/{id}

Auth requiredfms_locations.terminals.view

GET /fms_locations/terminals/{id}

Requires features: fms_locations.terminals.view

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_locations/terminals/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/fms_locations/terminals/{id}

Auth requiredfms_locations.terminals.manage

PUT /fms_locations/terminals/{id}

Requires features: fms_locations.terminals.manage

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/fms_locations/terminals/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/fms_locations/terminals/{id}

Auth requiredfms_locations.terminals.manage

DELETE /fms_locations/terminals/{id}

Requires features: fms_locations.terminals.manage

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/fms_locations/terminals/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Fms Products

10 endpoints

GET/fms_products/charge-codes

Auth requiredfms_products.charge_codes.view

GET /fms_products/charge-codes

Requires features: fms_products.charge_codes.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_products/charge-codes" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/fms_products/charge-codes

Auth requiredfms_products.charge_codes.manage

POST /fms_products/charge-codes

Requires features: fms_products.charge_codes.manage

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/fms_products/charge-codes" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/fms_products/charge-codes

Auth requiredfms_products.charge_codes.manage

PUT /fms_products/charge-codes

Requires features: fms_products.charge_codes.manage

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/fms_products/charge-codes" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/fms_products/charge-codes

Auth requiredfms_products.charge_codes.manage

DELETE /fms_products/charge-codes

Requires features: fms_products.charge_codes.manage

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/fms_products/charge-codes" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/fms_products/charge-codes/import

Auth requiredfms_products.charge_codes.import

POST /fms_products/charge-codes/import

Requires features: fms_products.charge_codes.import

Responses

201Success response

Content-Type: application/json

{}

Example

curl -X POST "http://localhost:3000/api/fms_products/charge-codes/import" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/fms_products/charge-codes/{id}

Auth requiredfms_products.charge_codes.view

GET /fms_products/charge-codes/{id}

Requires features: fms_products.charge_codes.view

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_products/charge-codes/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/fms_products/charge-codes/{id}

Auth requiredfms_products.charge_codes.manage

PUT /fms_products/charge-codes/{id}

Requires features: fms_products.charge_codes.manage

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/fms_products/charge-codes/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/fms_products/charge-codes/{id}

Auth requiredfms_products.charge_codes.manage

DELETE /fms_products/charge-codes/{id}

Requires features: fms_products.charge_codes.manage

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

204Success

No response body.

Example

curl -X DELETE "http://localhost:3000/api/fms_products/charge-codes/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/fms_products/search

Auth requiredfms_quotes.quotes.view

GET /fms_products/search

Requires features: fms_quotes.quotes.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_products/search" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/fms_products/table-config

Auth requiredfms_products.charge_codes.view

GET /fms_products/table-config

Requires features: fms_products.charge_codes.view

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X GET "http://localhost:3000/api/fms_products/table-config" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Catalog

31 endpoints

GET/catalog/categories

Auth requiredcatalog.categories.view

List categories

Returns a paginated collection of categories scoped to the authenticated organization. Requires features: catalog.categories.view

Parameters

Name	In	Required	Schema	Description
view	query	No	string	—
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
status	query	No	string	—
ids	query	No	string	—

Responses

200Paginated categories

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "slug": null,
      "description": null,
      "parentId": null,
      "parentName": null,
      "depth": 1,
      "treePath": "string",
      "pathLabel": "string",
      "childCount": 1,
      "descendantCount": 1,
      "isActive": true,
      "organizationId": "00000000-0000-4000-8000-000000000000",
      "tenantId": "00000000-0000-4000-8000-000000000000"
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/catalog/categories?view=manage&page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/catalog/categories

Auth requiredcatalog.categories.manage

Create category

Creates a new product category. Requires features: catalog.categories.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "slug": null,
  "parentId": null
}

Responses

201Category created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/catalog/categories" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "slug": null,
  "parentId": null
}'

PUT/catalog/categories

Auth requiredcatalog.categories.manage

Update category

Updates an existing category by id. Requires features: catalog.categories.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "slug": null,
  "parentId": null
}

Responses

200Category updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/catalog/categories" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "slug": null,
  "parentId": null
}'

DELETE/catalog/categories

Auth requiredcatalog.categories.manage

Delete category

Deletes a category by id. Requires features: catalog.categories.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Category deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/catalog/categories" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/catalog/dictionaries/{key}

Auth requiredcatalog.products.manage

Get dictionary entries by key

Returns dictionary entries for a specific key (e.g., currency, unit). Requires features: catalog.products.manage

Parameters

Name	In	Required	Schema	Description
key	path	Yes	string	—

Responses

200Dictionary entries

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000",
  "entries": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "value": "string",
      "label": "string",
      "color": null,
      "icon": null
    }
  ]
}

Example

curl -X GET "http://localhost:3000/api/catalog/dictionaries/:key" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/catalog/offers

Auth requiredsales.channels.manage

List offers

Returns a paginated collection of offers scoped to the authenticated organization. Requires features: sales.channels.manage

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
productId	query	No	string	—
channelId	query	No	string	—
channelIds	query	No	string	—
id	query	No	string	—
search	query	No	string	—
isActive	query	No	string	—
withDeleted	query	No	boolean	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated offers

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "productId": null,
      "organizationId": null,
      "tenantId": null,
      "channelId": null,
      "title": "string",
      "description": null,
      "defaultMediaId": null,
      "defaultMediaUrl": null,
      "localizedContent": null,
      "metadata": null,
      "isActive": null,
      "createdAt": null,
      "updatedAt": null,
      "product": null,
      "productChannelPrice": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/catalog/offers?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/catalog/offers

Auth requiredsales.channels.manage

Create offer

Creates a new offer linking a product to a sales channel. Requires features: sales.channels.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "channelId": "00000000-0000-4000-8000-000000000000",
  "title": "string",
  "defaultMediaId": null,
  "defaultMediaUrl": null,
  "productId": "00000000-0000-4000-8000-000000000000"
}

Responses

201Offer created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/catalog/offers" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "channelId": "00000000-0000-4000-8000-000000000000",
  "title": "string",
  "defaultMediaId": null,
  "defaultMediaUrl": null,
  "productId": "00000000-0000-4000-8000-000000000000"
}'

PUT/catalog/offers

Auth requiredsales.channels.manage

Update offer

Updates an existing offer by id. Requires features: sales.channels.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "defaultMediaId": null,
  "defaultMediaUrl": null
}

Responses

200Offer updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/catalog/offers" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "defaultMediaId": null,
  "defaultMediaUrl": null
}'

DELETE/catalog/offers

Auth requiredsales.channels.manage

Delete offer

Deletes an offer by id. Requires features: sales.channels.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Offer deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/catalog/offers" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/catalog/option-schemas

Auth requiredcatalog.products.view

List option schemas

Returns a paginated collection of option schemas scoped to the authenticated organization. Requires features: catalog.products.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
id	query	No	string	—
search	query	No	string	—
isActive	query	No	string	—
withDeleted	query	No	boolean	—

Responses

200Paginated option schemas

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "code": null,
      "description": null,
      "schema": null,
      "metadata": null,
      "is_active": null,
      "created_at": null,
      "updated_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/catalog/option-schemas?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/catalog/option-schemas

Auth requiredcatalog.settings.manage

Create option schema

Creates a new option schema template for product configurations. Requires features: catalog.settings.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "schema": {
    "options": [
      {
        "code": "string",
        "label": "string",
        "inputType": "select"
      }
    ]
  }
}

Responses

201Option Schema created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/catalog/option-schemas" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "schema": {
    "options": [
      {
        "code": "string",
        "label": "string",
        "inputType": "select"
      }
    ]
  }
}'

PUT/catalog/option-schemas

Auth requiredcatalog.settings.manage

Update option schema

Updates an existing option schema by id. Requires features: catalog.settings.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Option Schema updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/catalog/option-schemas" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

DELETE/catalog/option-schemas

Auth requiredcatalog.settings.manage

Delete option schema

Deletes an option schema by id. Requires features: catalog.settings.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Option Schema deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/catalog/option-schemas" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/catalog/price-kinds

Auth requiredcatalog.settings.manage

List price kinds

Returns a paginated collection of price kinds scoped to the authenticated organization. Requires features: catalog.settings.manage

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
isPromotion	query	No	string	—
isActive	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated price kinds

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "organization_id": null,
      "tenant_id": null,
      "code": "string",
      "title": "string",
      "display_mode": null,
      "currency_code": null,
      "is_promotion": null,
      "is_active": null,
      "created_at": null,
      "updated_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/catalog/price-kinds?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/catalog/price-kinds

Auth requiredcatalog.settings.manage

Create price kind

Creates a new price kind for categorizing product prices. Requires features: catalog.settings.manage

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "code": "string",
  "title": "string",
  "displayMode": "excluding-tax"
}

Responses

201Price Kind created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/catalog/price-kinds" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "code": "string",
  "title": "string",
  "displayMode": "excluding-tax"
}'

PUT/catalog/price-kinds

Auth requiredcatalog.settings.manage

Update price kind

Updates an existing price kind by id. Requires features: catalog.settings.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "displayMode": "excluding-tax"
}

Responses

200Price Kind updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/catalog/price-kinds" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "displayMode": "excluding-tax"
}'

DELETE/catalog/price-kinds

Auth requiredcatalog.settings.manage

Delete price kind

Deletes a price kind by id. Requires features: catalog.settings.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Price Kind deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/catalog/price-kinds" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/catalog/prices

Auth requiredcatalog.products.view

List prices

Returns a paginated collection of prices scoped to the authenticated organization. Requires features: catalog.products.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
productId	query	No	string	—
variantId	query	No	string	—
offerId	query	No	string	—
channelId	query	No	string	—
currencyCode	query	No	string	—
priceKindId	query	No	string	—
kind	query	No	string	—
userId	query	No	string	—
userGroupId	query	No	string	—
customerId	query	No	string	—
customerGroupId	query	No	string	—
withDeleted	query	No	boolean	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated prices

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "product_id": null,
      "variant_id": null,
      "offer_id": null,
      "currency_code": null,
      "price_kind_id": null,
      "kind": null,
      "min_quantity": null,
      "max_quantity": null,
      "unit_price_net": null,
      "unit_price_gross": null,
      "tax_rate": null,
      "tax_amount": null,
      "channel_id": null,
      "user_id": null,
      "user_group_id": null,
      "customer_id": null,
      "customer_group_id": null,
      "metadata": null,
      "starts_at": null,
      "ends_at": null,
      "created_at": null,
      "updated_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/catalog/prices?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/catalog/prices

Auth requiredcatalog.pricing.manage

Create price

Creates a new price entry for a product or variant. Requires features: catalog.pricing.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "currencyCode": "string",
  "priceKindId": "00000000-0000-4000-8000-000000000000",
  "taxRateId": null
}

Responses

201Price created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/catalog/prices" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "currencyCode": "string",
  "priceKindId": "00000000-0000-4000-8000-000000000000",
  "taxRateId": null
}'

PUT/catalog/prices

Auth requiredcatalog.pricing.manage

Update price

Updates an existing price by id. Requires features: catalog.pricing.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "taxRateId": null
}

Responses

200Price updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/catalog/prices" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "taxRateId": null
}'

DELETE/catalog/prices

Auth requiredcatalog.pricing.manage

Delete price

Deletes a price by id. Requires features: catalog.pricing.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Price deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/catalog/prices" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/catalog/product-media

Auth requiredcatalog.products.view

List product media

Returns a list of media attachments for a specific product. Requires features: catalog.products.view

Parameters

Name	In	Required	Schema	Description
productId	query	Yes	string	—

Responses

200List of product media

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "fileName": "string",
      "url": "string",
      "thumbnailUrl": "string"
    }
  ]
}

Example

curl -X GET "http://localhost:3000/api/catalog/product-media?productId=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/catalog/products

Auth requiredcatalog.products.view

List products

Returns a paginated collection of products scoped to the authenticated organization. Requires features: catalog.products.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
id	query	No	string	—
search	query	No	string	—
status	query	No	string	—
isActive	query	No	string	—
configurable	query	No	string	—
productType	query	No	string	—
channelIds	query	No	string	—
channelId	query	No	string	—
categoryIds	query	No	string	—
tagIds	query	No	string	—
offerId	query	No	string	—
userId	query	No	string	—
userGroupId	query	No	string	—
customerId	query	No	string	—
customerGroupId	query	No	string	—
quantity	query	No	number	—
priceDate	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—
withDeleted	query	No	boolean	—
customFieldset	query	No	string	—

Responses

200Paginated products

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "title": null,
      "subtitle": null,
      "description": null,
      "sku": null,
      "handle": null,
      "product_type": null,
      "status_entry_id": null,
      "primary_currency_code": null,
      "default_unit": null,
      "default_media_id": null,
      "default_media_url": null,
      "weight_value": null,
      "weight_unit": null,
      "dimensions": null,
      "is_configurable": null,
      "is_active": null,
      "metadata": null,
      "custom_fieldset_code": null,
      "option_schema_id": null,
      "created_at": null,
      "updated_at": null,
      "pricing": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/catalog/products?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/catalog/products

Auth requiredcatalog.products.manage

Create product

Creates a new product in the catalog. Requires features: catalog.products.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "title": "string",
  "taxRateId": null,
  "taxRate": null,
  "productType": "simple",
  "defaultMediaId": null,
  "defaultMediaUrl": null,
  "weightValue": null,
  "weightUnit": null,
  "dimensions": null,
  "optionSchemaId": null,
  "customFieldsetCode": null
}

Responses

201Product created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/catalog/products" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "title": "string",
  "taxRateId": null,
  "taxRate": null,
  "productType": "simple",
  "defaultMediaId": null,
  "defaultMediaUrl": null,
  "weightValue": null,
  "weightUnit": null,
  "dimensions": null,
  "optionSchemaId": null,
  "customFieldsetCode": null
}'

PUT/catalog/products

Auth requiredcatalog.products.manage

Update product

Updates an existing product by id. Requires features: catalog.products.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "taxRateId": null,
  "taxRate": null,
  "defaultMediaId": null,
  "defaultMediaUrl": null,
  "weightValue": null,
  "weightUnit": null,
  "dimensions": null,
  "optionSchemaId": null,
  "customFieldsetCode": null
}

Responses

200Product updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/catalog/products" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "taxRateId": null,
  "taxRate": null,
  "defaultMediaId": null,
  "defaultMediaUrl": null,
  "weightValue": null,
  "weightUnit": null,
  "dimensions": null,
  "optionSchemaId": null,
  "customFieldsetCode": null
}'

DELETE/catalog/products

Auth requiredcatalog.products.manage

Delete product

Deletes a product by id. Requires features: catalog.products.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Product deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/catalog/products" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/catalog/tags

Auth requiredcatalog.products.view

List product tags

Returns a paginated collection of product tags scoped to the authenticated organization. Requires features: catalog.products.view

Parameters

Name	In	Required	Schema	Description
search	query	No	string	—
page	query	No	number	—
pageSize	query	No	number	—

Responses

200Paginated product tags

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "label": "string",
      "slug": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/catalog/tags?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/catalog/variants

Auth requiredcatalog.products.view

List variants

Returns a paginated collection of variants scoped to the authenticated organization. Requires features: catalog.products.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
id	query	No	string	—
search	query	No	string	—
productId	query	No	string	—
sku	query	No	string	—
isActive	query	No	string	—
isDefault	query	No	string	—
withDeleted	query	No	boolean	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated variants

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "product_id": null,
      "name": null,
      "sku": null,
      "barcode": null,
      "status_entry_id": null,
      "is_default": null,
      "is_active": null,
      "weight_value": null,
      "weight_unit": null,
      "dimensions": null,
      "metadata": null,
      "option_values": null,
      "custom_fieldset_code": null,
      "created_at": null,
      "updated_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/catalog/variants?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/catalog/variants

Auth requiredcatalog.variants.manage

Create variant

Creates a new product variant. Requires features: catalog.variants.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "productId": "00000000-0000-4000-8000-000000000000",
  "defaultMediaId": null,
  "defaultMediaUrl": null,
  "taxRateId": null,
  "taxRate": null,
  "customFieldsetCode": null
}

Responses

201Variant created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/catalog/variants" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "productId": "00000000-0000-4000-8000-000000000000",
  "defaultMediaId": null,
  "defaultMediaUrl": null,
  "taxRateId": null,
  "taxRate": null,
  "customFieldsetCode": null
}'

PUT/catalog/variants

Auth requiredcatalog.variants.manage

Update variant

Updates an existing variant by id. Requires features: catalog.variants.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "defaultMediaId": null,
  "defaultMediaUrl": null,
  "taxRateId": null,
  "taxRate": null,
  "customFieldsetCode": null
}

Responses

200Variant updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/catalog/variants" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "defaultMediaId": null,
  "defaultMediaUrl": null,
  "taxRateId": null,
  "taxRate": null,
  "customFieldsetCode": null
}'

DELETE/catalog/variants

Auth requiredcatalog.variants.manage

Delete variant

Deletes a variant by id. Requires features: catalog.variants.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Variant deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/catalog/variants" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

Customers

49 endpoints

GET/customers/activities

Auth requiredcustomers.activities.view

List activitys

Returns a paginated collection of activitys scoped to the authenticated organization. Requires features: customers.activities.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
entityId	query	No	string	—
dealId	query	No	string	—
activityType	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated activitys

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "entityId": null,
      "dealId": null,
      "activityType": "string",
      "subject": null,
      "body": null,
      "occurredAt": null,
      "createdAt": null,
      "authorUserId": null,
      "organizationId": null,
      "tenantId": null,
      "activityTypeLabel": null,
      "authorName": null,
      "authorEmail": null,
      "appearanceIcon": null,
      "appearanceColor": null,
      "dealTitle": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/customers/activities?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/customers/activities

Auth requiredcustomers.activities.manage

Create activity

Creates a timeline activity linked to an entity or deal. Requires features: customers.activities.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000",
  "activityType": "string",
  "appearanceIcon": null,
  "appearanceColor": null
}

Responses

201Activity created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/customers/activities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000",
  "activityType": "string",
  "appearanceIcon": null,
  "appearanceColor": null
}'

PUT/customers/activities

Auth requiredcustomers.activities.manage

Update activity

Updates subject, body, scheduling, or custom fields for an existing activity. Requires features: customers.activities.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "appearanceIcon": null,
  "appearanceColor": null
}

Responses

200Activity updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/customers/activities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "appearanceIcon": null,
  "appearanceColor": null
}'

DELETE/customers/activities

Auth requiredcustomers.activities.manage

Delete activity

Deletes an activity identified by `id`. Accepts id via body or query string. Requires features: customers.activities.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Activity deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/customers/activities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/customers/addresses

Auth requiredcustomers.activities.view

List addresss

Returns a paginated collection of addresss scoped to the authenticated organization. Requires features: customers.activities.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
entityId	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated addresss

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "entity_id": "00000000-0000-4000-8000-000000000000",
      "name": null,
      "purpose": null,
      "company_name": null,
      "address_line1": null,
      "address_line2": null,
      "building_number": null,
      "flat_number": null,
      "city": null,
      "region": null,
      "postal_code": null,
      "country": null,
      "latitude": null,
      "longitude": null,
      "is_primary": null,
      "organization_id": null,
      "tenant_id": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/customers/addresses?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/customers/addresses

Auth requiredcustomers.activities.manage

Create address

Creates a customer address record and associates it with the referenced entity. Requires features: customers.activities.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000",
  "addressLine1": "string"
}

Responses

201Address created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/customers/addresses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000",
  "addressLine1": "string"
}'

PUT/customers/addresses

Auth requiredcustomers.activities.manage

Update address

Updates fields on an existing customer address. Requires features: customers.activities.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Address updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/customers/addresses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

DELETE/customers/addresses

Auth requiredcustomers.activities.manage

Delete address

Deletes an address by id. The identifier may be included in the body or query. Requires features: customers.activities.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Address deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/customers/addresses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/customers/comments

Auth requiredcustomers.activities.view

List comments

Returns a paginated collection of comments scoped to the authenticated organization. Requires features: customers.activities.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
entityId	query	No	string	—
dealId	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated comments

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "entity_id": null,
      "deal_id": null,
      "body": null,
      "author_user_id": null,
      "appearance_icon": null,
      "appearance_color": null,
      "organization_id": null,
      "tenant_id": null,
      "created_at": null,
      "updated_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/customers/comments?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/customers/comments

Auth requiredcustomers.activities.manage

Create comment

Adds a comment to a customer timeline. Requires features: customers.activities.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000",
  "body": "string",
  "appearanceIcon": null,
  "appearanceColor": null
}

Responses

201Comment created

Content-Type: application/json

{
  "id": null,
  "authorUserId": null
}

Example

curl -X POST "http://localhost:3000/api/customers/comments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000",
  "body": "string",
  "appearanceIcon": null,
  "appearanceColor": null
}'

PUT/customers/comments

Auth requiredcustomers.activities.manage

Update comment

Updates an existing timeline comment. Requires features: customers.activities.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "appearanceIcon": null,
  "appearanceColor": null
}

Responses

200Comment updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/customers/comments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "appearanceIcon": null,
  "appearanceColor": null
}'

DELETE/customers/comments

Auth requiredcustomers.activities.manage

Delete comment

Deletes a comment identified by `id` supplied via body or query string. Requires features: customers.activities.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Comment deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/customers/comments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/customers/companies

Auth requiredcustomers.companies.view

List companies

Returns a paginated collection of companies scoped to the authenticated organization. Requires features: customers.companies.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
email	query	No	string	—
emailStartsWith	query	No	string	—
emailContains	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—
status	query	No	string	—
lifecycleStage	query	No	string	—
source	query	No	string	—
hasEmail	query	No	string	—
hasPhone	query	No	string	—
hasNextInteraction	query	No	string	—
createdFrom	query	No	string	—
createdTo	query	No	string	—
id	query	No	string	—
tagIds	query	No	string	—
tagIdsEmpty	query	No	string	—

Responses

200Paginated companies

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "description": null,
      "owner_user_id": null,
      "primary_email": null,
      "primary_phone": null,
      "status": null,
      "lifecycle_stage": null,
      "source": null,
      "next_interaction_at": null,
      "next_interaction_name": null,
      "next_interaction_ref_id": null,
      "next_interaction_icon": null,
      "next_interaction_color": null,
      "organization_id": null,
      "tenant_id": null,
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/customers/companies?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/customers/companies

Auth requiredcustomers.companies.manage

Create company

Creates a company record and associated profile data. Requires features: customers.companies.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "displayName": "string",
  "nextInteraction": null
}

Responses

201Company created

Content-Type: application/json

{
  "id": null,
  "companyId": null
}

Example

curl -X POST "http://localhost:3000/api/customers/companies" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "displayName": "string",
  "nextInteraction": null
}'

PUT/customers/companies

Auth requiredcustomers.companies.manage

Update company

Updates company profile fields, tags, or custom attributes. Requires features: customers.companies.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "nextInteraction": null
}

Responses

200Company updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/customers/companies" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "nextInteraction": null
}'

DELETE/customers/companies

Auth requiredcustomers.companies.manage

Delete company

Deletes a company by id. The identifier can be provided via body or query. Requires features: customers.companies.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Company deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/customers/companies" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/customers/companies/{id}

Fetch company with related data

Returns a company customer record with optional related resources such as addresses, comments, activities, deals, todos, and linked people.

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—
include	query	No	string	—

Responses

200Company detail payload

Content-Type: application/json

{
  "company": {
    "id": "00000000-0000-4000-8000-000000000000",
    "displayName": null,
    "description": null,
    "ownerUserId": null,
    "primaryEmail": null,
    "primaryPhone": null,
    "status": null,
    "lifecycleStage": null,
    "source": null,
    "nextInteractionAt": null,
    "nextInteractionName": null,
    "nextInteractionRefId": null,
    "nextInteractionIcon": null,
    "nextInteractionColor": null,
    "organizationId": null,
    "tenantId": null,
    "createdAt": "string",
    "updatedAt": "string"
  },
  "profile": null,
  "customFields": {},
  "tags": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "label": "string",
      "color": null
    }
  ],
  "addresses": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": null,
      "purpose": null,
      "addressLine1": null,
      "addressLine2": null,
      "buildingNumber": null,
      "flatNumber": null,
      "city": null,
      "region": null,
      "postalCode": null,
      "country": null,
      "latitude": null,
      "longitude": null,
      "isPrimary": null,
      "createdAt": "string"
    }
  ],
  "comments": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "body": null,
      "authorUserId": null,
      "authorName": null,
      "authorEmail": null,
      "dealId": null,
      "createdAt": "string",
      "appearanceIcon": null,
      "appearanceColor": null
    }
  ],
  "activities": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "activityType": "string",
      "subject": null,
      "body": null,
      "occurredAt": null,
      "dealId": null,
      "authorUserId": null,
      "authorName": null,
      "authorEmail": null,
      "createdAt": "string",
      "appearanceIcon": null,
      "appearanceColor": null
    }
  ],
  "deals": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "title": null,
      "status": null,
      "pipelineStage": null,
      "valueAmount": null,
      "valueCurrency": null,
      "probability": null,
      "expectedCloseAt": null,
      "ownerUserId": null,
      "source": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "todos": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "todoId": "00000000-0000-4000-8000-000000000000",
      "todoSource": "string",
      "createdAt": "string",
      "createdByUserId": null,
      "title": null,
      "isDone": null,
      "priority": null,
      "severity": null,
      "description": null,
      "dueAt": null,
      "todoOrganizationId": null,
      "customValues": null
    }
  ],
  "people": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "displayName": null,
      "primaryEmail": null,
      "primaryPhone": null,
      "status": null,
      "lifecycleStage": null,
      "jobTitle": null,
      "department": null,
      "createdAt": "string",
      "organizationId": null
    }
  ],
  "viewer": {
    "userId": null,
    "name": null,
    "email": null
  }
}

400Invalid identifier

Content-Type: application/json

{
  "error": "string"
}

401Unauthorized

Content-Type: application/json

{
  "error": "string"
}

403Forbidden for tenant/organization scope

Content-Type: application/json

{
  "error": "string"
}

404Company not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/customers/companies/:id" \
  -H "Accept: application/json"

GET/customers/dashboard/widgets/customer-todos

Auth requireddashboards.viewcustomers.widgets.todos

Fetch recent customer todo links

Returns the most recently created todo links for display on dashboards. Requires features: dashboards.view, customers.widgets.todos

Parameters

Name	In	Required	Schema	Description
limit	query	No	number	—
tenantId	query	No	string	—
organizationId	query	No	string	—

Responses

200Widget payload

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "todoId": "00000000-0000-4000-8000-000000000000",
      "todoSource": "string",
      "todoTitle": null,
      "createdAt": "string",
      "organizationId": null,
      "entity": {
        "id": null,
        "displayName": null,
        "kind": null,
        "ownerUserId": null
      }
    }
  ]
}

400Invalid query parameters

Content-Type: application/json

{
  "error": "string"
}

500Widget failed to load

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/customers/dashboard/widgets/customer-todos?limit=5" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/customers/dashboard/widgets/new-customers

Auth requireddashboards.viewcustomers.widgets.new-customers

Fetch recently created customers

Returns the latest customers created within the scoped tenant/organization for dashboard display. Requires features: dashboards.view, customers.widgets.new-customers

Parameters

Name	In	Required	Schema	Description
limit	query	No	number	—
tenantId	query	No	string	—
organizationId	query	No	string	—
kind	query	No	string	—

Responses

200Widget payload

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "displayName": null,
      "kind": null,
      "organizationId": null,
      "createdAt": "string",
      "ownerUserId": null
    }
  ]
}

400Invalid query parameters

Content-Type: application/json

{
  "error": "string"
}

500Widget failed to load

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/customers/dashboard/widgets/new-customers?limit=5" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/customers/dashboard/widgets/new-deals

Auth requireddashboards.viewcustomers.widgets.new-deals

Fetch recently created deals

Returns the latest deals created within the scoped tenant/organization for dashboard display. Requires features: dashboards.view, customers.widgets.new-deals

Parameters

Name	In	Required	Schema	Description
limit	query	No	number	—
tenantId	query	No	string	—
organizationId	query	No	string	—

Responses

200Widget payload

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "title": null,
      "status": null,
      "organizationId": null,
      "createdAt": "string",
      "ownerUserId": null,
      "valueAmount": null,
      "valueCurrency": null
    }
  ]
}

400Invalid query parameters

Content-Type: application/json

{
  "error": "string"
}

500Widget failed to load

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/customers/dashboard/widgets/new-deals?limit=5" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/customers/dashboard/widgets/next-interactions

Auth requireddashboards.viewcustomers.widgets.next-interactions

Fetch upcoming customer interactions

Lists upcoming (or optionally past) customer interaction reminders ordered by interaction date. Requires features: dashboards.view, customers.widgets.next-interactions

Parameters

Name	In	Required	Schema	Description
limit	query	No	number	—
tenantId	query	No	string	—
organizationId	query	No	string	—
includePast	query	No	string	—

Responses

200Widget payload

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "displayName": null,
      "kind": null,
      "organizationId": null,
      "nextInteractionAt": null,
      "nextInteractionName": null,
      "nextInteractionIcon": null,
      "nextInteractionColor": null,
      "ownerUserId": null
    }
  ],
  "now": "string"
}

400Invalid query parameters

Content-Type: application/json

{
  "error": "string"
}

500Widget failed to load

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/customers/dashboard/widgets/next-interactions?limit=5" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/customers/deals

Auth requiredcustomers.deals.view

List deals

Returns a paginated collection of deals scoped to the authenticated organization. Requires features: customers.deals.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
status	query	No	string	—
pipelineStage	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—
personEntityId	query	No	string	—
companyEntityId	query	No	string	—

Responses

200Paginated deals

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "title": null,
      "description": null,
      "status": null,
      "pipeline_stage": null,
      "value_amount": null,
      "value_currency": null,
      "probability": null,
      "expected_close_at": null,
      "owner_user_id": null,
      "source": null,
      "organization_id": null,
      "tenant_id": null,
      "created_at": null,
      "updated_at": null,
      "organizationId": null,
      "tenantId": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/customers/deals?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/customers/deals

Auth requiredcustomers.deals.manage

Create deal

Creates a sales deal, optionally associating people and companies. Requires features: customers.deals.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "title": "string"
}

Responses

201Deal created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/customers/deals" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "title": "string"
}'

PUT/customers/deals

Auth requiredcustomers.deals.manage

Update deal

Updates pipeline position, metadata, or associations for an existing deal. Requires features: customers.deals.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Deal updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/customers/deals" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

DELETE/customers/deals

Auth requiredcustomers.deals.manage

Delete deal

Deletes a deal by `id`. The identifier may be provided in the body or query parameters. Requires features: customers.deals.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Deal deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/customers/deals" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/customers/deals/{id}

Fetch deal with associations

Returns a deal with linked people, companies, custom fields, and viewer context.

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Deal detail payload

Content-Type: application/json

{
  "deal": {
    "id": "00000000-0000-4000-8000-000000000000",
    "title": null,
    "description": null,
    "status": null,
    "pipelineStage": null,
    "valueAmount": null,
    "valueCurrency": null,
    "probability": null,
    "expectedCloseAt": null,
    "ownerUserId": null,
    "source": null,
    "organizationId": null,
    "tenantId": null,
    "createdAt": "string",
    "updatedAt": "string"
  },
  "people": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "label": "string",
      "subtitle": null,
      "kind": "person"
    }
  ],
  "companies": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "label": "string",
      "subtitle": null,
      "kind": "company"
    }
  ],
  "customFields": {},
  "viewer": {
    "userId": null,
    "name": null,
    "email": null
  }
}

401Unauthorized

Content-Type: application/json

{
  "error": "string"
}

403Forbidden for tenant/organization scope

Content-Type: application/json

{
  "error": "string"
}

404Deal not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/customers/deals/:id" \
  -H "Accept: application/json"

GET/customers/dictionaries/currency

Auth requiredcustomers.people.view

Resolve currency dictionary

Returns the active currency dictionary for the current organization scope, falling back to shared entries when required. Requires features: customers.people.view

Responses

200Currency dictionary entries

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000",
  "entries": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "value": "string",
      "label": null
    }
  ]
}

404Currency dictionary missing

Content-Type: application/json

{
  "error": "string"
}

500Unexpected error

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/customers/dictionaries/currency" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/customers/dictionaries/{kind}

Auth requiredcustomers.people.view

List dictionary entries

Returns the merged dictionary entries for the requested kind, including inherited values. Requires features: customers.people.view

Parameters

Name	In	Required	Schema	Description
kind	path	Yes	string	—

Responses

200Dictionary entries

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "value": "string",
      "label": null,
      "color": null,
      "icon": null,
      "organizationId": null
    }
  ]
}

400Failed to resolve dictionary context

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/customers/dictionaries/:kind" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/customers/dictionaries/{kind}

Auth requiredcustomers.settings.manage

Create or override dictionary entry

Creates a dictionary entry (or updates the existing entry for the same value) within the current organization scope. Requires features: customers.settings.manage

Parameters

Name	In	Required	Schema	Description
kind	path	Yes	string	—

Request body (application/json)

{
  "value": "string"
}

Responses

200Dictionary entry updated

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000",
  "value": "string",
  "label": null,
  "color": null,
  "icon": null,
  "organizationId": null
}

201Dictionary entry created

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000",
  "value": "string",
  "label": null,
  "color": null,
  "icon": null,
  "organizationId": null
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

409Duplicate value conflict

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/customers/dictionaries/:kind" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "value": "string"
}'

PATCH/customers/dictionaries/{kind}/{id}

Auth requiredcustomers.settings.manage

Update dictionary entry

Updates value, label, color, or icon for an existing customer dictionary entry. Requires features: customers.settings.manage

Parameters

Name	In	Required	Schema	Description
kind	path	Yes	string	—
id	path	Yes	string	—

Request body (application/json)

{}

Responses

200Updated dictionary entry

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000",
  "value": "string",
  "label": null,
  "color": null,
  "icon": null,
  "organizationId": null
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

404Entry not found

Content-Type: application/json

{
  "error": "string"
}

409Duplicate value conflict

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PATCH "http://localhost:3000/api/customers/dictionaries/:kind/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{}'

DELETE/customers/dictionaries/{kind}/{id}

Auth requiredcustomers.settings.manage

Delete dictionary entry

Removes a customer dictionary entry by identifier. Requires features: customers.settings.manage

Parameters

Name	In	Required	Schema	Description
kind	path	Yes	string	—
id	path	Yes	string	—

Responses

200Entry deleted

Content-Type: application/json

{
  "success": true
}

404Entry not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X DELETE "http://localhost:3000/api/customers/dictionaries/:kind/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/customers/people

Auth requiredcustomers.people.view

List people

Returns a paginated collection of people scoped to the authenticated organization. Requires features: customers.people.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
email	query	No	string	—
emailStartsWith	query	No	string	—
emailContains	query	No	string	—
status	query	No	string	—
lifecycleStage	query	No	string	—
source	query	No	string	—
hasEmail	query	No	string	—
hasPhone	query	No	string	—
hasNextInteraction	query	No	string	—
createdFrom	query	No	string	—
createdTo	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—
id	query	No	string	—
tagIds	query	No	string	—
tagIdsEmpty	query	No	string	—

Responses

200Paginated people

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "description": null,
      "owner_user_id": null,
      "primary_email": null,
      "primary_phone": null,
      "status": null,
      "lifecycle_stage": null,
      "source": null,
      "next_interaction_at": null,
      "next_interaction_name": null,
      "next_interaction_ref_id": null,
      "next_interaction_icon": null,
      "next_interaction_color": null,
      "organization_id": null,
      "tenant_id": null,
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/customers/people?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/customers/people

Auth requiredcustomers.people.manage

Create person

Creates a person contact using scoped organization and tenant identifiers. Requires features: customers.people.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "nextInteraction": null,
  "firstName": "string",
  "lastName": "string",
  "companyEntityId": null
}

Responses

201Person created

Content-Type: application/json

{
  "id": null,
  "personId": null
}

Example

curl -X POST "http://localhost:3000/api/customers/people" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "nextInteraction": null,
  "firstName": "string",
  "lastName": "string",
  "companyEntityId": null
}'

PUT/customers/people

Auth requiredcustomers.people.manage

Update person

Updates contact details or custom fields for a person. Requires features: customers.people.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "nextInteraction": null,
  "companyEntityId": null
}

Responses

200Person updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/customers/people" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "nextInteraction": null,
  "companyEntityId": null
}'

DELETE/customers/people

Auth requiredcustomers.people.manage

Delete person

Deletes a person by id. Request body or query may provide the identifier. Requires features: customers.people.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Person deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/customers/people" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/customers/people/check-phone

Auth requiredcustomers.people.view

Find person by phone digits

Performs an exact digits comparison (stripping non-numeric characters) to determine whether a customer contact matches the provided phone fragment. Requires features: customers.people.view

Parameters

Name	In	Required	Schema	Description
digits	query	Yes	any	—

Responses

200Matching contact (if any)

Content-Type: application/json

{
  "match": null
}

Example

curl -X GET "http://localhost:3000/api/customers/people/check-phone" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/customers/people/{id}

Fetch person with related data

Returns a person customer record with optional related resources such as addresses, comments, activities, deals, and todos.

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—
include	query	No	string	—

Responses

200Person detail payload

Content-Type: application/json

{
  "person": {
    "id": "00000000-0000-4000-8000-000000000000",
    "displayName": null,
    "description": null,
    "ownerUserId": null,
    "primaryEmail": null,
    "primaryPhone": null,
    "status": null,
    "lifecycleStage": null,
    "source": null,
    "nextInteractionAt": null,
    "nextInteractionName": null,
    "nextInteractionRefId": null,
    "nextInteractionIcon": null,
    "nextInteractionColor": null,
    "organizationId": null,
    "tenantId": null,
    "createdAt": "string",
    "updatedAt": "string"
  },
  "profile": null,
  "customFields": {},
  "tags": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "label": "string",
      "color": null
    }
  ],
  "addresses": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": null,
      "purpose": null,
      "addressLine1": null,
      "addressLine2": null,
      "buildingNumber": null,
      "flatNumber": null,
      "city": null,
      "region": null,
      "postalCode": null,
      "country": null,
      "latitude": null,
      "longitude": null,
      "isPrimary": null,
      "createdAt": "string"
    }
  ],
  "comments": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "body": null,
      "authorUserId": null,
      "authorName": null,
      "authorEmail": null,
      "dealId": null,
      "createdAt": "string",
      "appearanceIcon": null,
      "appearanceColor": null
    }
  ],
  "activities": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "activityType": "string",
      "subject": null,
      "body": null,
      "occurredAt": null,
      "dealId": null,
      "authorUserId": null,
      "authorName": null,
      "authorEmail": null,
      "createdAt": "string",
      "appearanceIcon": null,
      "appearanceColor": null
    }
  ],
  "deals": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "title": null,
      "status": null,
      "pipelineStage": null,
      "valueAmount": null,
      "valueCurrency": null,
      "probability": null,
      "expectedCloseAt": null,
      "ownerUserId": null,
      "source": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "todos": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "todoId": "00000000-0000-4000-8000-000000000000",
      "todoSource": "string",
      "createdAt": "string",
      "createdByUserId": null,
      "title": null,
      "isDone": null,
      "priority": null,
      "severity": null,
      "description": null,
      "dueAt": null,
      "todoOrganizationId": null,
      "customValues": null
    }
  ],
  "viewer": {
    "userId": null,
    "name": null,
    "email": null
  }
}

400Invalid identifier

Content-Type: application/json

{
  "error": "string"
}

401Unauthorized

Content-Type: application/json

{
  "error": "string"
}

403Forbidden for tenant/organization scope

Content-Type: application/json

{
  "error": "string"
}

404Person not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/customers/people/:id" \
  -H "Accept: application/json"

GET/customers/settings/address-format

Auth requiredcustomers.settings.manage

Retrieve address format

Returns the current address formatting preference for the selected organization. Requires features: customers.settings.manage

Responses

200Current address format

Content-Type: application/json

{
  "addressFormat": "string"
}

400Organization context missing

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/customers/settings/address-format" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/customers/settings/address-format

Auth requiredcustomers.settings.manage

Update address format

Updates the address format preference for the selected organization. Requires features: customers.settings.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "addressFormat": "line_first"
}

Responses

200Updated address format

Content-Type: application/json

{
  "addressFormat": "string"
}

400Invalid payload or organization context

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PUT "http://localhost:3000/api/customers/settings/address-format" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "addressFormat": "line_first"
}'

GET/customers/tags

Auth requiredcustomers.activities.view

List tags

Returns a paginated collection of tags scoped to the authenticated organization. Requires features: customers.activities.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated tags

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "slug": "string",
      "label": "string",
      "color": null,
      "description": null,
      "organization_id": null,
      "tenant_id": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/customers/tags?page=1&pageSize=100" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/customers/tags

Auth requiredcustomers.activities.manage

Create tag

Creates a tag scoped to the current tenant and organization. Requires features: customers.activities.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "slug": "string",
  "label": "string"
}

Responses

201Tag created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/customers/tags" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "slug": "string",
  "label": "string"
}'

PUT/customers/tags

Auth requiredcustomers.activities.manage

Update tag

Updates label, color, or description for an existing tag. Requires features: customers.activities.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Tag updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/customers/tags" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

DELETE/customers/tags

Auth requiredcustomers.activities.manage

Delete tag

Deletes a tag identified by `id`. The identifier may be provided via body or query string. Requires features: customers.activities.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Tag deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/customers/tags" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

POST/customers/tags/assign

Auth requiredcustomers.activities.manage

Assign tag to customer entity

Links a tag to a customer entity within the validated tenant / organization scope. Requires features: customers.activities.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "tagId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000"
}

Responses

201Tag assigned to customer

Content-Type: application/json

{
  "id": null
}

400Validation or assignment failed

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/customers/tags/assign" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "tagId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000"
}'

POST/customers/tags/unassign

Auth requiredcustomers.activities.manage

Remove tag from customer entity

Detaches a tag from a customer entity within the validated tenant / organization scope. Requires features: customers.activities.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "tagId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000"
}

Responses

200Tag unassigned from customer

Content-Type: application/json

{
  "id": null
}

400Validation or unassignment failed

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/customers/tags/unassign" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "tagId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000"
}'

GET/customers/todos

Auth requiredcustomers.activities.view

List todos linked to customers

Returns paginated todo link entries filtered by completion, search term, or entity. Requires features: customers.activities.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
isDone	query	No	string	—
organizationId	query	No	string	—
entityId	query	No	string	—

Responses

200Paginated todo links

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "todoId": "00000000-0000-4000-8000-000000000000",
      "todoSource": "string",
      "todoTitle": null,
      "todoIsDone": null,
      "todoPriority": null,
      "todoSeverity": null,
      "todoDescription": null,
      "todoDueAt": null,
      "todoCustomValues": null,
      "todoOrganizationId": null,
      "organizationId": null,
      "tenantId": null,
      "createdAt": "string",
      "customer": {
        "id": null,
        "displayName": null,
        "kind": null
      }
    }
  ],
  "total": 1,
  "totalPages": 1
}

400Invalid query parameters

Content-Type: application/json

{
  "error": "string"
}

500Unexpected error

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/customers/todos?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/customers/todos

Auth requiredcustomers.activities.manage

Create todo and link to customer

Creates a new todo (via the configured source entity) and links it to the specified customer record. Requires features: customers.activities.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000",
  "title": "string",
  "todoSource": "example:todo"
}

Responses

201Todo created and linked

Content-Type: application/json

{
  "todoId": null,
  "linkId": null
}

400Validation failed

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/customers/todos" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000",
  "title": "string",
  "todoSource": "example:todo"
}'

PUT/customers/todos

Auth requiredcustomers.activities.manage

Link existing todo to customer

Links an existing todo record to a customer entity within the allowed scope. Requires features: customers.activities.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000",
  "todoId": "00000000-0000-4000-8000-000000000000",
  "todoSource": "example:todo"
}

Responses

200Todo linked

Content-Type: application/json

{
  "linkId": null
}

400Validation failed

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PUT "http://localhost:3000/api/customers/todos" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000",
  "todoId": "00000000-0000-4000-8000-000000000000",
  "todoSource": "example:todo"
}'

DELETE/customers/todos

Auth requiredcustomers.activities.manage

Unlink todo from customer

Removes the association between a todo and the specified customer. Requires features: customers.activities.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Todo unlinked

Content-Type: application/json

{
  "linkId": null
}

400Invalid request or missing link id

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X DELETE "http://localhost:3000/api/customers/todos" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

Dashboards

8 endpoints

GET/dashboards/layout

Auth requireddashboards.view

Load the current dashboard layout

Returns the saved widget layout together with the widgets the current user is allowed to place. Requires features: dashboards.view

Responses

200Current dashboard layout and available widgets.

Content-Type: application/json

{
  "layout": {
    "items": [
      {
        "id": "00000000-0000-4000-8000-000000000000",
        "widgetId": "string",
        "order": 1
      }
    ]
  },
  "allowedWidgetIds": [
    "string"
  ],
  "canConfigure": true,
  "context": {
    "userId": "00000000-0000-4000-8000-000000000000",
    "tenantId": null,
    "organizationId": null,
    "userName": null,
    "userEmail": null,
    "userLabel": "string"
  },
  "widgets": [
    {
      "id": "string",
      "title": "string",
      "description": null,
      "defaultSize": "sm",
      "defaultEnabled": true,
      "defaultSettings": null,
      "features": [
        "string"
      ],
      "moduleId": "string",
      "icon": null,
      "loaderKey": "string",
      "supportsRefresh": true
    }
  ]
}

Example

curl -X GET "http://localhost:3000/api/dashboards/layout" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/dashboards/layout

Auth requireddashboards.configure

Persist dashboard layout changes

Saves the provided widget ordering, sizes, and settings for the current user. Requires features: dashboards.configure

Request body (application/json)

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "widgetId": "string",
      "order": 1
    }
  ]
}

Responses

200Layout updated successfully.

Content-Type: application/json

{
  "ok": true
}

400Invalid layout payload

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PUT "http://localhost:3000/api/dashboards/layout" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "widgetId": "string",
      "order": 1
    }
  ]
}'

PATCH/dashboards/layout/{itemId}

Auth requireddashboards.configure

Update a dashboard layout item

Adjusts the size or settings for a single widget within the dashboard layout. Requires features: dashboards.configure

Parameters

Name	In	Required	Schema	Description
itemId	path	Yes	string	—

Request body (application/json)

{}

Responses

200Layout item updated.

Content-Type: application/json

{
  "ok": true
}

400Invalid payload or missing item id

Content-Type: application/json

{
  "error": "string"
}

404Item not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PATCH "http://localhost:3000/api/dashboards/layout/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{}'

GET/dashboards/roles/widgets

Auth requireddashboards.admin.assign-widgets

Fetch widget assignments for a role

Returns the widgets explicitly assigned to the given role together with the evaluation scope. Requires features: dashboards.admin.assign-widgets

Parameters

Name	In	Required	Schema	Description
roleId	query	Yes	string	—
tenantId	query	No	string	—
organizationId	query	No	string	—

Responses

200Current widget configuration for the role.

Content-Type: application/json

{
  "widgetIds": [
    "string"
  ],
  "hasCustom": true,
  "scope": {
    "tenantId": null,
    "organizationId": null
  }
}

400Missing role identifier

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/dashboards/roles/widgets?roleId=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/dashboards/roles/widgets

Auth requireddashboards.admin.assign-widgets

Update widgets assigned to a role

Persists the widget list for a role within the provided tenant and organization scope. Requires features: dashboards.admin.assign-widgets

Request body (application/json)

{
  "roleId": "00000000-0000-4000-8000-000000000000",
  "tenantId": null,
  "organizationId": null,
  "widgetIds": [
    "string"
  ]
}

Responses

200Widgets updated successfully.

Content-Type: application/json

{
  "ok": true,
  "widgetIds": [
    "string"
  ]
}

400Invalid payload or unknown widgets

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PUT "http://localhost:3000/api/dashboards/roles/widgets" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "roleId": "00000000-0000-4000-8000-000000000000",
  "tenantId": null,
  "organizationId": null,
  "widgetIds": [
    "string"
  ]
}'

GET/dashboards/users/widgets

Auth requireddashboards.admin.assign-widgets

Read widget overrides for a user

Returns the widgets inherited and explicitly configured for the requested user within the current scope. Requires features: dashboards.admin.assign-widgets

Parameters

Name	In	Required	Schema	Description
userId	query	Yes	string	—
tenantId	query	No	string	—
organizationId	query	No	string	—

Responses

200Widget settings for the user.

Content-Type: application/json

{
  "mode": "inherit",
  "widgetIds": [
    "string"
  ],
  "hasCustom": true,
  "effectiveWidgetIds": [
    "string"
  ],
  "scope": {
    "tenantId": null,
    "organizationId": null
  }
}

400Missing user identifier

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/dashboards/users/widgets?userId=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/dashboards/users/widgets

Auth requireddashboards.admin.assign-widgets

Update user-specific dashboard widgets

Sets the widget override mode and allowed widgets for a user. Passing `mode: inherit` clears overrides. Requires features: dashboards.admin.assign-widgets

Request body (application/json)

{
  "userId": "00000000-0000-4000-8000-000000000000",
  "tenantId": null,
  "organizationId": null,
  "mode": "inherit",
  "widgetIds": [
    "string"
  ]
}

Responses

200Overrides saved.

Content-Type: application/json

{
  "ok": true,
  "mode": "inherit",
  "widgetIds": [
    "string"
  ]
}

400Invalid payload or unknown widgets

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PUT "http://localhost:3000/api/dashboards/users/widgets" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "userId": "00000000-0000-4000-8000-000000000000",
  "tenantId": null,
  "organizationId": null,
  "mode": "inherit",
  "widgetIds": [
    "string"
  ]
}'

GET/dashboards/widgets/catalog

Auth requireddashboards.admin.assign-widgets

List available dashboard widgets

Returns the catalog of widgets that modules expose, including defaults and feature requirements. Requires features: dashboards.admin.assign-widgets

Responses

200Widgets available for assignment.

Content-Type: application/json

{
  "items": [
    {
      "id": "string",
      "title": "string",
      "description": null,
      "defaultSize": "sm",
      "defaultEnabled": true,
      "defaultSettings": null,
      "features": [
        "string"
      ],
      "moduleId": "string",
      "icon": null,
      "loaderKey": "string",
      "supportsRefresh": true
    }
  ]
}

Example

curl -X GET "http://localhost:3000/api/dashboards/widgets/catalog" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Dictionaries

9 endpoints

GET/dictionaries

Auth requireddictionaries.view

List dictionaries

Returns dictionaries accessible to the current organization, optionally including inactive records. Requires features: dictionaries.view

Parameters

Name	In	Required	Schema	Description
includeInactive	query	No	string	—

Responses

200Dictionary collection.

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "key": "string",
      "name": "string",
      "description": null,
      "isSystem": true,
      "isActive": true,
      "managerVisibility": null,
      "organizationId": null,
      "createdAt": "string",
      "updatedAt": null
    }
  ]
}

500Failed to load dictionaries

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/dictionaries" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/dictionaries

Auth requireddictionaries.manage

Create dictionary

Registers a dictionary scoped to the current organization. Requires features: dictionaries.manage

Request body (application/json)

{
  "key": "string",
  "name": "string"
}

Responses

201Dictionary created.

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000",
  "key": "string",
  "name": "string",
  "description": null,
  "isSystem": true,
  "isActive": true,
  "managerVisibility": null,
  "organizationId": null,
  "createdAt": "string",
  "updatedAt": null
}

400Validation failed

Content-Type: application/json

{
  "error": "string"
}

409Dictionary key already exists

Content-Type: application/json

{
  "error": "string"
}

500Failed to create dictionary

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/dictionaries" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "key": "string",
  "name": "string"
}'

GET/dictionaries/{dictionaryId}

Auth requireddictionaries.view

Get dictionary

Returns details for the specified dictionary, including inheritance flags. Requires features: dictionaries.view

Parameters

Name	In	Required	Schema	Description
dictionaryId	path	Yes	string	—

Responses

200Dictionary details.

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000",
  "key": "string",
  "name": "string",
  "description": null,
  "isSystem": true,
  "isActive": true,
  "managerVisibility": null,
  "organizationId": null,
  "createdAt": "string",
  "updatedAt": null
}

400Invalid parameters

Content-Type: application/json

{
  "error": "string"
}

404Dictionary not found

Content-Type: application/json

{
  "error": "string"
}

500Failed to load dictionary

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/dictionaries/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PATCH/dictionaries/{dictionaryId}

Auth requireddictionaries.manage

Update dictionary

Updates mutable attributes of the dictionary. Currency dictionaries are protected from modification. Requires features: dictionaries.manage

Parameters

Name	In	Required	Schema	Description
dictionaryId	path	Yes	string	—

Request body (application/json)

{}

Responses

200Dictionary updated.

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000",
  "key": "string",
  "name": "string",
  "description": null,
  "isSystem": true,
  "isActive": true,
  "managerVisibility": null,
  "organizationId": null,
  "createdAt": "string",
  "updatedAt": null
}

400Validation failed or protected dictionary

Content-Type: application/json

{
  "error": "string"
}

404Dictionary not found

Content-Type: application/json

{
  "error": "string"
}

409Dictionary key already exists

Content-Type: application/json

{
  "error": "string"
}

500Failed to update dictionary

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PATCH "http://localhost:3000/api/dictionaries/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{}'

DELETE/dictionaries/{dictionaryId}

Auth requireddictionaries.manage

Delete dictionary

Soft deletes the dictionary unless it is the protected currency dictionary. Requires features: dictionaries.manage

Parameters

Name	In	Required	Schema	Description
dictionaryId	path	Yes	string	—

Responses

200Dictionary archived.

Content-Type: application/json

{
  "ok": true
}

400Protected dictionary cannot be deleted

Content-Type: application/json

{
  "error": "string"
}

404Dictionary not found

Content-Type: application/json

{
  "error": "string"
}

500Failed to delete dictionary

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X DELETE "http://localhost:3000/api/dictionaries/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/dictionaries/{dictionaryId}/entries

Auth requireddictionaries.view

List dictionary entries

Returns entries for the specified dictionary ordered alphabetically. Requires features: dictionaries.view

Parameters

Name	In	Required	Schema	Description
dictionaryId	path	Yes	string	—

Responses

200Dictionary entries.

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "value": "string",
      "label": "string",
      "color": null,
      "icon": null,
      "createdAt": "string",
      "updatedAt": null
    }
  ]
}

400Invalid parameters

Content-Type: application/json

{
  "error": "string"
}

404Dictionary not found

Content-Type: application/json

{
  "error": "string"
}

500Failed to load dictionary entries

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/dictionaries/00000000-0000-4000-8000-000000000000/entries" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/dictionaries/{dictionaryId}/entries

Auth requireddictionaries.manage

Create dictionary entry

Creates a new entry in the specified dictionary. Requires features: dictionaries.manage

Parameters

Name	In	Required	Schema	Description
dictionaryId	path	Yes	string	—

Request body (application/json)

{
  "value": "string",
  "color": null,
  "icon": null
}

Responses

201Dictionary entry created.

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000",
  "value": "string",
  "label": "string",
  "color": null,
  "icon": null,
  "createdAt": "string",
  "updatedAt": null
}

400Validation failed

Content-Type: application/json

{
  "error": "string"
}

404Dictionary not found

Content-Type: application/json

{
  "error": "string"
}

500Failed to create dictionary entry

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/dictionaries/00000000-0000-4000-8000-000000000000/entries" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "value": "string",
  "color": null,
  "icon": null
}'

PATCH/dictionaries/{dictionaryId}/entries/{entryId}

Auth requireddictionaries.manage

Update dictionary entry

Updates the specified dictionary entry using the command bus pipeline. Requires features: dictionaries.manage

Parameters

Name	In	Required	Schema	Description
dictionaryId	path	Yes	string	—
entryId	path	Yes	string	—

Request body (application/json)

{
  "color": null,
  "icon": null
}

Responses

200Dictionary entry updated.

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000",
  "value": "string",
  "label": "string",
  "color": null,
  "icon": null,
  "createdAt": "string",
  "updatedAt": null
}

400Validation failed

Content-Type: application/json

{
  "error": "string"
}

404Dictionary or entry not found

Content-Type: application/json

{
  "error": "string"
}

500Failed to update entry

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PATCH "http://localhost:3000/api/dictionaries/00000000-0000-4000-8000-000000000000/entries/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "color": null,
  "icon": null
}'

DELETE/dictionaries/{dictionaryId}/entries/{entryId}

Auth requireddictionaries.manage

Delete dictionary entry

Deletes the specified dictionary entry via the command bus. Requires features: dictionaries.manage

Parameters

Name	In	Required	Schema	Description
dictionaryId	path	Yes	string	—
entryId	path	Yes	string	—

Responses

200Entry deleted.

Content-Type: application/json

{
  "ok": true
}

400Validation failed

Content-Type: application/json

{
  "error": "string"
}

404Dictionary or entry not found

Content-Type: application/json

{
  "error": "string"
}

500Failed to delete entry

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X DELETE "http://localhost:3000/api/dictionaries/00000000-0000-4000-8000-000000000000/entries/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Entities

17 endpoints

GET/entities/definitions

Auth required

List active custom field definitions

Returns active custom field definitions for the supplied entity ids, respecting tenant scope and tombstones.

Parameters

Name	In	Required	Schema	Description
entityId	query	No	any	—
entityIds	query	No	string	—
fieldset	query	No	string	—

Responses

200Definition list

Content-Type: application/json

{
  "items": [
    {
      "key": "string",
      "kind": "string",
      "label": "string",
      "entityId": "string"
    }
  ]
}

400Missing entity id

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/entities/definitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/entities/definitions

Auth requiredentities.definitions.manage

Upsert custom field definition

Creates or updates a custom field definition for the current tenant/org scope. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string",
  "key": "string",
  "kind": "text"
}

Responses

200Definition saved

Content-Type: application/json

{
  "ok": true,
  "item": {
    "id": "00000000-0000-4000-8000-000000000000",
    "key": "string",
    "kind": "string",
    "configJson": {}
  }
}

400Validation failed

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/entities/definitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "entityId": "string",
  "key": "string",
  "kind": "text"
}'

DELETE/entities/definitions

Auth requiredentities.definitions.manage

Soft delete custom field definition

Marks the specified definition inactive and tombstones it for the current scope. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string",
  "key": "string"
}

Responses

200Definition deleted

Content-Type: application/json

{
  "ok": true
}

400Missing entity id or key

Content-Type: application/json

{
  "error": "string"
}

404Definition not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X DELETE "http://localhost:3000/api/entities/definitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "entityId": "string",
  "key": "string"
}'

POST/entities/definitions.batch

Auth requiredentities.definitions.manage

Save multiple custom field definitions

Creates or updates multiple definitions for a single entity in one transaction. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string",
  "definitions": [
    {
      "key": "string",
      "kind": "text"
    }
  ]
}

Responses

200Definitions saved

Content-Type: application/json

{
  "ok": true
}

400Validation error

Content-Type: application/json

{
  "error": "string"
}

500Unexpected failure

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/entities/definitions.batch" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "entityId": "string",
  "definitions": [
    {
      "key": "string",
      "kind": "text"
    }
  ]
}'

GET/entities/definitions.manage

Auth requiredentities.definitions.manage

Get management snapshot

Returns scoped custom field definitions (including inactive tombstones) for administration interfaces. Requires features: entities.definitions.manage

Parameters

Name	In	Required	Schema	Description
entityId	query	Yes	string	—

Responses

200Scoped definitions and deleted keys

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "key": "string",
      "kind": "string",
      "configJson": null,
      "organizationId": null,
      "tenantId": null
    }
  ],
  "deletedKeys": [
    "string"
  ]
}

400Missing entity id

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/entities/definitions.manage?entityId=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/entities/definitions.restore

Auth requiredentities.definitions.manage

Restore definition

Reactivates a previously soft-deleted definition within the current tenant/org scope. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string",
  "key": "string"
}

Responses

200Definition restored

Content-Type: application/json

{
  "ok": true
}

400Missing entity id or key

Content-Type: application/json

{
  "error": "string"
}

404Definition not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/entities/definitions.restore" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "entityId": "string",
  "key": "string"
}'

GET/entities/encryption

Auth requiredentities.definitions.manage

Fetch encryption map

Returns the encrypted field map for the current tenant/organization scope. Requires features: entities.definitions.manage

Parameters

Name	In	Required	Schema	Description
entityId	query	Yes	string	—

Responses

200Map

Content-Type: application/json

{
  "entityId": "string",
  "fields": [
    {
      "field": "string",
      "hashField": null
    }
  ]
}

Example

curl -X GET "http://localhost:3000/api/entities/encryption?entityId=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/entities/encryption

Auth requiredentities.definitions.manage

Upsert encryption map

Creates or updates the encryption map for the current tenant/organization scope. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string",
  "tenantId": null,
  "organizationId": null,
  "fields": [
    {
      "field": "string",
      "hashField": null
    }
  ]
}

Responses

200Saved

Content-Type: application/json

{
  "ok": true
}

Example

curl -X POST "http://localhost:3000/api/entities/encryption" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "entityId": "string",
  "tenantId": null,
  "organizationId": null,
  "fields": [
    {
      "field": "string",
      "hashField": null
    }
  ]
}'

GET/entities/entities

Auth required

List available entities

Returns generated and custom entities scoped to the caller with field counts per entity.

Responses

200List of entities

Content-Type: application/json

{
  "items": [
    {
      "entityId": "string",
      "source": "code",
      "label": "string",
      "count": 1
    }
  ]
}

Example

curl -X GET "http://localhost:3000/api/entities/entities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/entities/entities

Auth requiredentities.definitions.manage

Upsert custom entity

Creates or updates a tenant/org scoped custom entity definition. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string",
  "label": "string",
  "description": null,
  "showInSidebar": false
}

Responses

200Entity saved

Content-Type: application/json

{
  "ok": true,
  "item": {
    "id": "00000000-0000-4000-8000-000000000000",
    "entityId": "string",
    "label": "string"
  }
}

400Validation error

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/entities/entities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "entityId": "string",
  "label": "string",
  "description": null,
  "showInSidebar": false
}'

DELETE/entities/entities

Auth requiredentities.definitions.manage

Soft delete custom entity

Marks the specified custom entity inactive within the current scope. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string"
}

Responses

200Entity deleted

Content-Type: application/json

{
  "ok": true
}

400Missing entity id

Content-Type: application/json

{
  "error": "string"
}

404Entity not found in scope

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X DELETE "http://localhost:3000/api/entities/entities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "entityId": "string"
}'

GET/entities/records

Auth requiredentities.records.view

List records

Returns paginated records for the supplied entity. Supports custom field filters, exports, and soft-delete toggles. Requires features: entities.records.view

Parameters

Name	In	Required	Schema	Description
entityId	query	Yes	string	—
page	query	No	number	—
pageSize	query	No	number	—
sortField	query	No	string	—
sortDir	query	No	string	—
withDeleted	query	No	boolean	—
format	query	No	string	—
exportScope	query	No	string	—
export_scope	query	No	string	—
all	query	No	boolean	—
full	query	No	boolean	—

Responses

200Paginated records

Content-Type: application/json

{
  "items": [
    {}
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

400Missing entity id

Content-Type: application/json

{
  "error": "string"
}

500Unexpected failure

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/entities/records?entityId=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/entities/records

Auth requiredentities.records.manage

Create record

Creates a record for the given entity. When `recordId` is omitted or not a UUID the data engine will generate one automatically. Requires features: entities.records.manage

Request body (application/json)

{
  "entityId": "string",
  "values": {}
}

Responses

200Record created

Content-Type: application/json

{
  "ok": true
}

400Validation failure

Content-Type: application/json

{
  "error": "string"
}

500Unexpected failure

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/entities/records" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "entityId": "string",
  "values": {}
}'

PUT/entities/records

Auth requiredentities.records.manage

Update record

Updates an existing record. If the provided recordId is not a UUID the record will be created instead to support optimistic flows. Requires features: entities.records.manage

Request body (application/json)

{
  "entityId": "string",
  "recordId": "string",
  "values": {}
}

Responses

200Record updated

Content-Type: application/json

{
  "ok": true
}

400Validation failure

Content-Type: application/json

{
  "error": "string"
}

500Unexpected failure

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PUT "http://localhost:3000/api/entities/records" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "entityId": "string",
  "recordId": "string",
  "values": {}
}'

DELETE/entities/records

Auth requiredentities.records.manage

Delete record

Soft deletes the specified record within the current tenant/org scope. Requires features: entities.records.manage

Request body (application/json)

{
  "entityId": "string",
  "recordId": "string"
}

Responses

200Record deleted

Content-Type: application/json

{
  "ok": true
}

400Missing entity id or record id

Content-Type: application/json

{
  "error": "string"
}

404Record not found

Content-Type: application/json

{
  "error": "string"
}

500Unexpected failure

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X DELETE "http://localhost:3000/api/entities/records" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "entityId": "string",
  "recordId": "string"
}'

GET/entities/relations/options

Auth requiredentities.definitions.view

List relation options

Returns up to 50 option entries for populating relation dropdowns, automatically resolving label fields when omitted. Requires features: entities.definitions.view

Parameters

Name	In	Required	Schema	Description
entityId	query	Yes	string	—
labelField	query	No	string	—
q	query	No	string	—

Responses

200Option list

Content-Type: application/json

{
  "items": [
    {
      "value": "string",
      "label": "string"
    }
  ]
}

Example

curl -X GET "http://localhost:3000/api/entities/relations/options?entityId=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/entities/sidebar-entities

Auth required

Get sidebar entities

Returns custom entities flagged with `showInSidebar` for the current tenant/org scope.

Responses

200Sidebar entities for navigation

Content-Type: application/json

{
  "items": [
    {
      "entityId": "string",
      "label": "string",
      "href": "string"
    }
  ]
}

Example

curl -X GET "http://localhost:3000/api/entities/sidebar-entities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Example

9 endpoints

GET/example/assignees

Auth requiredexample.todos.view

List example assignees

Returns mock assignee options filtered by the optional `q` query parameter. Requires features: example.todos.view

Parameters

Name	In	Required	Schema	Description
q	query	No	string	—

Responses

200Assignable users.

Content-Type: application/json

{
  "items": [
    {
      "value": "string",
      "label": "string"
    }
  ]
}

500Unexpected server error

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/example/assignees" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/example/blog/{id}

Fetch demo blog payload

Returns a placeholder blog record containing the provided identifier.

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Placeholder blog payload.

Content-Type: application/json

{
  "id": "string",
  "method": "GET"
}

401Authentication required

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/example/blog/string" \
  -H "Accept: application/json"

POST/example/blog/{id}

Create demo blog payload

Echoes the provided identifier as a placeholder write endpoint.

Parameters

Name	In	Required	Schema	Description
id	path	Yes	string	—

Responses

200Placeholder confirmation.

Content-Type: application/json

{
  "id": "string",
  "method": "POST"
}

401Authentication required

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/example/blog/string" \
  -H "Accept: application/json"

GET/example/organizations

Auth requiredexample.todos.view

Resolve organization labels

Fetches organization names for the provided identifiers within the current tenant scope. Requires features: example.todos.view

Parameters

Name	In	Required	Schema	Description
ids	query	No	string	—

Responses

200Resolved organizations.

Content-Type: application/json

{
  "items": [
    {
      "value": "string",
      "label": "string"
    }
  ]
}

500Unexpected server error

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/example/organizations" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/example/tags

Auth requiredexample.todos.view

List example tags

Returns tag options collected from custom field values and dictionary configuration. Requires features: example.todos.view

Responses

200Available tag options.

Content-Type: application/json

{
  "items": [
    {
      "value": "string",
      "label": "string"
    }
  ]
}

500Failed to resolve tags

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/example/tags" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/example/todos

Auth requiredexample.todos.view

List todos

Returns a paginated collection of todos in the current tenant scope. Requires features: example.todos.view

Parameters

Name	In	Required	Schema	Description
id	query	No	string	—
page	query	No	number	—
pageSize	query	No	number	—
sortField	query	No	string	—
sortDir	query	No	string	—
title	query	No	string	—
isDone	query	No	boolean	—
withDeleted	query	No	boolean	—
organizationId	query	No	string	—
createdFrom	query	No	string	—
createdTo	query	No	string	—
format	query	No	string	—

Responses

200Paginated todos

Content-Type: application/json

{
  "items": [
    {
      "id": "string",
      "title": "string",
      "tenant_id": null,
      "organization_id": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/example/todos?page=1&pageSize=50&sortField=id&sortDir=asc&withDeleted=false&format=json" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/example/todos

Auth requiredexample.todos.manage

Create todo

Creates a todo record. Supports additional custom field keys prefixed with `cf_`. Requires features: example.todos.manage

Request body (application/json)

{}

Responses

201Todo created

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Example

curl -X POST "http://localhost:3000/api/example/todos" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{}'

PUT/example/todos

Auth requiredexample.todos.manage

Update todo

Updates an existing todo record by id. Accepts base fields and optional `cf_` custom fields. Requires features: example.todos.manage

Request body (application/json)

{}

Responses

200Todo updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/example/todos" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{}'

DELETE/example/todos

Auth requiredexample.todos.manage

Delete todo

Deletes a todo by id. Provide the identifier in the request body. Requires features: example.todos.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Todo deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/example/todos" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

Freighttech

3 endpoints

GET/fms_tracking/settings/freighttech

Get tracking settings

Retrieve Freighttech tracking API settings for the current organization

Responses

200Current settings

Content-Type: application/json

{
  "apiKey": "string",
  "apiBaseUrl": "string"
}

400Missing scope

Content-Type: application/json

{
  "error": "string"
}

401Unauthorized

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/fms_tracking/settings/freighttech" \
  -H "Accept: application/json"

PUT/fms_tracking/settings/freighttech

Upsert settings

Upsert Freighttech tracking API settings for the current organization

Request body (application/json)

{
  "apiKey": "string",
  "apiBaseUrl": "string"
}

Responses

200Updated settings

Content-Type: application/json

{
  "apiKey": "string",
  "apiBaseUrl": "string"
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

401Unauthorized

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PUT "http://localhost:3000/api/fms_tracking/settings/freighttech" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
  "apiKey": "string",
  "apiBaseUrl": "string"
}'

POST/fms_tracking/webhook/freighttech

Auth requiredfms_tracking.freighttech.webhook

Push container data

Requires features: fms_tracking.freighttech.webhook

Request body (application/json)

{
  "id": "string",
  "reference_id": "string",
  "parent_reference_id": null,
  "status": "string",
  "organization_id": "string",
  "payload": {
    "reference_id": "string",
    "bill_of_lading": null,
    "carrier_scac": "string",
    "container_id": "string",
    "container_iso": "string",
    "milestones": [
      {
        "id": "string",
        "timestamp": "string",
        "location": {
          "name": "string",
          "city": "string",
          "state": "string",
          "country": "string",
          "unlocode": "string",
          "firms_cd": null,
          "bic_cd": null,
          "smdg_cd": null,
          "facility": null,
          "geolocation": {
            "latitude": 1,
            "longitude": 1
          }
        },
        "description": "string",
        "raw_description": "string",
        "journey_event": {
          "journey_type": "string",
          "event_classifier": "string",
          "event_type": "string",
          "facility_type": null,
          "document_type": null
        },
        "shipment_location": {
          "type_code": null
        },
        "vessel": null,
        "vessel_imo": null,
        "vessel_mmsi": null,
        "voyage": null,
        "planned": true,
        "mode": null,
        "source": "string"
      }
    ],
    "inland_origin": {
      "name": "string",
      "city": "string",
      "state": "string",
      "country": "string",
      "unlocode": "string",
      "firms_cd": null,
      "bic_cd": null,
      "smdg_cd": null,
      "facility": null,
      "geolocation": {
        "latitude": 1,
        "longitude": 1
      }
    },
    "origin_port": {
      "name": "string",
      "city": "string",
      "state": "string",
      "country": "string",
      "unlocode": "string",
      "firms_cd": null,
      "bic_cd": null,
      "smdg_cd": null,
      "facility": null,
      "geolocation": {
        "latitude": 1,
        "longitude": 1
      }
    },
    "destination_port": {
      "name": "string",
      "city": "string",
      "state": "string",
      "country": "string",
      "unlocode": "string",
      "firms_cd": null,
      "bic_cd": null,
      "smdg_cd": null,
      "facility": null,
      "geolocation": {
        "latitude": 1,
        "longitude": 1
      }
    },
    "inland_destination": {
      "name": "string",
      "city": "string",
      "state": "string",
      "country": "string",
      "unlocode": "string",
      "firms_cd": null,
      "bic_cd": null,
      "smdg_cd": null,
      "facility": null,
      "geolocation": {
        "latitude": 1,
        "longitude": 1
      }
    }
  },
  "created_at": "string",
  "updated_at": "string"
}

Responses

200Received data

Content-Type: application/json

{}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

500Server error

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/fms_tracking/webhook/freighttech" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "string",
  "reference_id": "string",
  "parent_reference_id": null,
  "status": "string",
  "organization_id": "string",
  "payload": {
    "reference_id": "string",
    "bill_of_lading": null,
    "carrier_scac": "string",
    "container_id": "string",
    "container_iso": "string",
    "milestones": [
      {
        "id": "string",
        "timestamp": "string",
        "location": {
          "name": "string",
          "city": "string",
          "state": "string",
          "country": "string",
          "unlocode": "string",
          "firms_cd": null,
          "bic_cd": null,
          "smdg_cd": null,
          "facility": null,
          "geolocation": {
            "latitude": 1,
            "longitude": 1
          }
        },
        "description": "string",
        "raw_description": "string",
        "journey_event": {
          "journey_type": "string",
          "event_classifier": "string",
          "event_type": "string",
          "facility_type": null,
          "document_type": null
        },
        "shipment_location": {
          "type_code": null
        },
        "vessel": null,
        "vessel_imo": null,
        "vessel_mmsi": null,
        "voyage": null,
        "planned": true,
        "mode": null,
        "source": "string"
      }
    ],
    "inland_origin": {
      "name": "string",
      "city": "string",
      "state": "string",
      "country": "string",
      "unlocode": "string",
      "firms_cd": null,
      "bic_cd": null,
      "smdg_cd": null,
      "facility": null,
      "geolocation": {
        "latitude": 1,
        "longitude": 1
      }
    },
    "origin_port": {
      "name": "string",
      "city": "string",
      "state": "string",
      "country": "string",
      "unlocode": "string",
      "firms_cd": null,
      "bic_cd": null,
      "smdg_cd": null,
      "facility": null,
      "geolocation": {
        "latitude": 1,
        "longitude": 1
      }
    },
    "destination_port": {
      "name": "string",
      "city": "string",
      "state": "string",
      "country": "string",
      "unlocode": "string",
      "firms_cd": null,
      "bic_cd": null,
      "smdg_cd": null,
      "facility": null,
      "geolocation": {
        "latitude": 1,
        "longitude": 1
      }
    },
    "inland_destination": {
      "name": "string",
      "city": "string",
      "state": "string",
      "country": "string",
      "unlocode": "string",
      "firms_cd": null,
      "bic_cd": null,
      "smdg_cd": null,
      "facility": null,
      "geolocation": {
        "latitude": 1,
        "longitude": 1
      }
    }
  },
  "created_at": "string",
  "updated_at": "string"
}'

Perspectives

4 endpoints

GET/perspectives/{tableId}

Auth requiredperspectives.use

Load perspectives for a table

Returns personal perspectives and available role defaults for the requested table identifier. Requires features: perspectives.use

Parameters

Name	In	Required	Schema	Description
tableId	path	Yes	string	—

Responses

200Current perspectives and defaults.

Content-Type: application/json

{
  "tableId": "string",
  "perspectives": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "tableId": "string",
      "settings": {},
      "isDefault": true,
      "createdAt": "string",
      "updatedAt": null
    }
  ],
  "defaultPerspectiveId": null,
  "rolePerspectives": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "tableId": "string",
      "settings": {},
      "isDefault": true,
      "createdAt": "string",
      "updatedAt": null,
      "roleId": "00000000-0000-4000-8000-000000000000",
      "tenantId": null,
      "organizationId": null,
      "roleName": null
    }
  ],
  "roles": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "hasPerspective": true,
      "hasDefault": true
    }
  ],
  "canApplyToRoles": true
}

400Invalid table identifier

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/perspectives/string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/perspectives/{tableId}

Auth requiredperspectives.use

Create or update a perspective

Saves a personal perspective and optionally applies the same configuration to selected roles. Requires features: perspectives.use

Parameters

Name	In	Required	Schema	Description
tableId	path	Yes	string	—

Request body (application/json)

{
  "name": "string",
  "settings": {}
}

Responses

200Perspective saved successfully.

Content-Type: application/json

{
  "perspective": {
    "id": "00000000-0000-4000-8000-000000000000",
    "name": "string",
    "tableId": "string",
    "settings": {},
    "isDefault": true,
    "createdAt": "string",
    "updatedAt": null
  },
  "rolePerspectives": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "tableId": "string",
      "settings": {},
      "isDefault": true,
      "createdAt": "string",
      "updatedAt": null,
      "roleId": "00000000-0000-4000-8000-000000000000",
      "tenantId": null,
      "organizationId": null,
      "roleName": null
    }
  ],
  "clearedRoleIds": [
    "00000000-0000-4000-8000-000000000000"
  ]
}

400Validation failed or invalid roles provided

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/perspectives/string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "name": "string",
  "settings": {}
}'

DELETE/perspectives/{tableId}/roles/{roleId}

Auth requiredperspectives.role_defaults

Clear role perspectives for a table

Removes all role-level perspectives associated with the provided role identifier for the table. Requires features: perspectives.role_defaults

Parameters

Name	In	Required	Schema	Description
tableId	path	Yes	string	—
roleId	path	Yes	string	—

Responses

200Role perspectives cleared.

Content-Type: application/json

{
  "success": true
}

400Invalid identifiers supplied

Content-Type: application/json

{
  "error": "string"
}

404Role not found in scope

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X DELETE "http://localhost:3000/api/perspectives/string/roles/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/perspectives/{tableId}/{perspectiveId}

Auth requiredperspectives.use

Delete a personal perspective

Removes a perspective owned by the current user for the given table. Requires features: perspectives.use

Parameters

Name	In	Required	Schema	Description
tableId	path	Yes	string	—
perspectiveId	path	Yes	string	—

Responses

200Perspective removed.

Content-Type: application/json

{
  "success": true
}

400Invalid identifiers supplied

Content-Type: application/json

{
  "error": "string"
}

404Perspective not found

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X DELETE "http://localhost:3000/api/perspectives/string/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Query Index

3 endpoints

POST/query_index/purge

Auth requiredquery_index.purge

Purge query index records

Queues a purge job to remove indexed records for an entity type within the active scope. Requires features: query_index.purge

Request body (application/json)

{
  "entityType": "string"
}

Responses

200Purge job accepted.

Content-Type: application/json

{
  "ok": true
}

400Missing entity type

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/query_index/purge" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "entityType": "string"
}'

POST/query_index/reindex

Auth requiredquery_index.reindex

Trigger query index rebuild

Queues a reindex job for the specified entity type within the current tenant scope. Requires features: query_index.reindex

Request body (application/json)

{
  "entityType": "string"
}

Responses

200Reindex job accepted.

Content-Type: application/json

{
  "ok": true
}

400Missing entity type

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/query_index/reindex" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "entityType": "string"
}'

GET/query_index/status

Auth requiredquery_index.status.view

Inspect query index coverage

Returns entity counts comparing base tables with the query index along with the latest job status. Requires features: query_index.status.view

Responses

200Current query index status.

Content-Type: application/json

{
  "items": [
    {
      "entityId": "string",
      "label": "string",
      "baseCount": null,
      "indexCount": null,
      "vectorCount": null,
      "ok": true,
      "job": {
        "status": "idle",
        "startedAt": null,
        "finishedAt": null,
        "heartbeatAt": null,
        "processedCount": null,
        "totalCount": null,
        "scope": null
      }
    }
  ],
  "errors": [
    {
      "id": "string",
      "source": "string",
      "handler": "string",
      "entityType": null,
      "recordId": null,
      "tenantId": null,
      "organizationId": null,
      "message": "string",
      "stack": null,
      "payload": null,
      "occurredAt": "string"
    }
  ],
  "logs": [
    {
      "id": "string",
      "source": "string",
      "handler": "string",
      "level": "info",
      "entityType": null,
      "recordId": null,
      "tenantId": null,
      "organizationId": null,
      "message": "string",
      "details": null,
      "occurredAt": "string"
    }
  ]
}

400Tenant or organization context required

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/query_index/status" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Sales

91 endpoints

GET/sales/adjustment-kinds

Auth requiredsales.orders.view

List sales adjustment kinds

Returns a paginated collection of sales adjustment kinds that belong to the current organization. Requires features: sales.orders.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated sales adjustment kinds

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "value": "string",
      "label": null,
      "color": null,
      "icon": null,
      "organizationId": null,
      "tenantId": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/adjustment-kinds?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/sales/adjustment-kinds

Auth requiredsales.settings.manage

Create sales adjustment kind

Creates an adjustment kind. Requires features: sales.settings.manage

Request body (application/json)

{}

Responses

201Sales adjustment kind created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/sales/adjustment-kinds" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{}'

PUT/sales/adjustment-kinds

Auth requiredsales.settings.manage

Update sales adjustment kind

Updates an adjustment kind. Requires features: sales.settings.manage

Request body (application/json)

{}

Responses

200Sales adjustment kind updated

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Example

curl -X PUT "http://localhost:3000/api/sales/adjustment-kinds" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{}'

DELETE/sales/adjustment-kinds

Auth requiredsales.settings.manage

Delete sales adjustment kind

Deletes an adjustment kind. Requires features: sales.settings.manage

Request body (application/json)

{}

Responses

200Sales adjustment kind deleted

Content-Type: application/json

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Example

curl -X DELETE "http://localhost:3000/api/sales/adjustment-kinds" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{}'

GET/sales/channels

Auth requiredsales.channels.manage

List sales channels

Manage sales channels to segment orders and pricing across marketplaces or stores. Requires features: sales.channels.manage

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
id	query	No	string	—
ids	query	No	string	—
isActive	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—
withDeleted	query	No	boolean	—

Responses

200Paginated sales channels

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "code": null,
      "description": null,
      "statusEntryId": null,
      "isActive": true,
      "organizationId": null,
      "tenantId": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/channels?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/sales/channels

Auth requiredsales.channels.manage

Create sales channel

Creates a new sales channel. Requires features: sales.channels.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "code": "string"
}

Responses

201Sales channel created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/sales/channels" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "code": "string"
}'

PUT/sales/channels

Auth requiredsales.channels.manage

Update sales channel

Updates an existing sales channel by id. Requires features: sales.channels.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "code": "string"
}

Responses

200Sales channel updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/sales/channels" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "code": "string"
}'

DELETE/sales/channels

Auth requiredsales.channels.manage

Delete sales channel

Deletes a sales channel identified by id. Requires features: sales.channels.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Sales channel deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/sales/channels" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/sales/delivery-windows

Auth requiredsales.settings.manage

List delivery windows

Define delivery windows to communicate lead times and cut-off rules for sales orders. Requires features: sales.settings.manage

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
isActive	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—
withDeleted	query	No	boolean	—

Responses

200Paginated delivery windows

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "code": null,
      "description": null,
      "leadTimeDays": null,
      "cutoffTime": null,
      "timezone": null,
      "isActive": true,
      "metadata": null,
      "organizationId": null,
      "tenantId": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/delivery-windows?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/sales/delivery-windows

Auth requiredsales.settings.manage

Create delivery window

Creates a new delivery window. Requires features: sales.settings.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "code": "string"
}

Responses

201Delivery window created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/sales/delivery-windows" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "code": "string"
}'

PUT/sales/delivery-windows

Auth requiredsales.settings.manage

Update delivery window

Updates an existing delivery window by id. Requires features: sales.settings.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Delivery window updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/sales/delivery-windows" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

DELETE/sales/delivery-windows

Auth requiredsales.settings.manage

Delete delivery window

Deletes a delivery window identified by id. Requires features: sales.settings.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Delivery window deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/sales/delivery-windows" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/sales/document-addresses

Auth required

List document addresss

Returns a paginated collection of document addresss that belong to the current organization.

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
documentId	query	Yes	string	—
documentKind	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated document addresss

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "document_id": "00000000-0000-4000-8000-000000000000",
      "document_kind": "order",
      "customer_address_id": null,
      "name": null,
      "purpose": null,
      "company_name": null,
      "address_line1": "string",
      "address_line2": null,
      "building_number": null,
      "flat_number": null,
      "city": null,
      "region": null,
      "postal_code": null,
      "country": null,
      "latitude": null,
      "longitude": null,
      "created_at": "string",
      "updated_at": "string"
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/document-addresses?page=1&pageSize=50&documentId=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/sales/document-addresses

Auth required

Create document address

Creates a sales document address linked to an order or quote.

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "documentId": "00000000-0000-4000-8000-000000000000",
  "documentKind": "order",
  "name": null,
  "purpose": null,
  "companyName": null,
  "addressLine1": "string",
  "addressLine2": null,
  "city": null,
  "region": null,
  "postalCode": null,
  "country": null,
  "buildingNumber": null,
  "flatNumber": null,
  "latitude": null,
  "longitude": null
}

Responses

201Document address created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/sales/document-addresses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "documentId": "00000000-0000-4000-8000-000000000000",
  "documentKind": "order",
  "name": null,
  "purpose": null,
  "companyName": null,
  "addressLine1": "string",
  "addressLine2": null,
  "city": null,
  "region": null,
  "postalCode": null,
  "country": null,
  "buildingNumber": null,
  "flatNumber": null,
  "latitude": null,
  "longitude": null
}'

PUT/sales/document-addresses

Auth required

Update document address

Updates a sales document address.

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "id": "00000000-0000-4000-8000-000000000000",
  "documentId": "00000000-0000-4000-8000-000000000000",
  "documentKind": "order",
  "name": null,
  "purpose": null,
  "companyName": null,
  "addressLine1": "string",
  "addressLine2": null,
  "city": null,
  "region": null,
  "postalCode": null,
  "country": null,
  "buildingNumber": null,
  "flatNumber": null,
  "latitude": null,
  "longitude": null
}

Responses

200Document address updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/sales/document-addresses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "id": "00000000-0000-4000-8000-000000000000",
  "documentId": "00000000-0000-4000-8000-000000000000",
  "documentKind": "order",
  "name": null,
  "purpose": null,
  "companyName": null,
  "addressLine1": "string",
  "addressLine2": null,
  "city": null,
  "region": null,
  "postalCode": null,
  "country": null,
  "buildingNumber": null,
  "flatNumber": null,
  "latitude": null,
  "longitude": null
}'

DELETE/sales/document-addresses

Auth required

Delete document address

Deletes a sales document address.

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "documentId": "00000000-0000-4000-8000-000000000000",
  "documentKind": "order"
}

Responses

200Document address deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/sales/document-addresses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "documentId": "00000000-0000-4000-8000-000000000000",
  "documentKind": "order"
}'

POST/sales/document-numbers

Auth required

Generate next number

Generates the next sales order or quote number using configured formatting rules.

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "kind": "order"
}

Responses

200Generated number

Content-Type: application/json

{
  "number": "string",
  "format": "string",
  "sequence": 1
}

400Invalid input or scope missing

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/sales/document-numbers" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "kind": "order"
}'

GET/sales/notes

Auth required

List sales notes

Returns a paginated collection of sales notes that belong to the current organization.

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
contextType	query	No	string	—
contextId	query	No	string	—
orderId	query	No	string	—
quoteId	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated sales notes

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "context_type": "order",
      "context_id": "00000000-0000-4000-8000-000000000000",
      "order_id": null,
      "quote_id": null,
      "body": null,
      "author_user_id": null,
      "appearance_icon": null,
      "appearance_color": null,
      "organization_id": null,
      "tenant_id": null,
      "created_at": null,
      "updated_at": null
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/notes?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/sales/notes

Auth required

Create sales note

Creates a note attached to a sales document.

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "contextType": "order",
  "contextId": "00000000-0000-4000-8000-000000000000",
  "body": "string",
  "appearanceIcon": null,
  "appearanceColor": null
}

Responses

201Sales note created

Content-Type: application/json

{
  "id": null,
  "authorUserId": null
}

Example

curl -X POST "http://localhost:3000/api/sales/notes" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "contextType": "order",
  "contextId": "00000000-0000-4000-8000-000000000000",
  "body": "string",
  "appearanceIcon": null,
  "appearanceColor": null
}'

PUT/sales/notes

Auth required

Update sales note

Updates a sales note.

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "appearanceIcon": null,
  "appearanceColor": null
}

Responses

200Sales note updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/sales/notes" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "appearanceIcon": null,
  "appearanceColor": null
}'

DELETE/sales/notes

Auth required

Delete sales note

Deletes a sales note.

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Sales note deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/sales/notes" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/sales/order-adjustments

List order adjustments

Returns a paginated collection of order adjustments that belong to the current organization.

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
orderId	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated order adjustments

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "order_id": "00000000-0000-4000-8000-000000000000",
      "order_line_id": null,
      "scope": "string",
      "kind": "string",
      "code": null,
      "label": null,
      "calculator_key": null,
      "promotion_id": null,
      "rate": 1,
      "amount_net": 1,
      "amount_gross": 1,
      "currency_code": null,
      "metadata": null,
      "position": 1,
      "created_at": "string",
      "updated_at": "string"
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/order-adjustments?page=1&pageSize=50" \
  -H "Accept: application/json"

POST/sales/order-adjustments

Create order adjustment

Creates an order adjustment and recalculates totals.

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "orderId": "00000000-0000-4000-8000-000000000000"
}

Responses

201Order adjustment created

Content-Type: application/json

{
  "id": null,
  "orderId": null
}

Example

curl -X POST "http://localhost:3000/api/sales/order-adjustments" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "orderId": "00000000-0000-4000-8000-000000000000"
}'

PUT/sales/order-adjustments

Update order adjustment

Updates an order adjustment and recalculates totals.

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "orderId": "00000000-0000-4000-8000-000000000000"
}

Responses

200Order adjustment updated

Content-Type: application/json

{
  "id": null,
  "orderId": null
}

Example

curl -X PUT "http://localhost:3000/api/sales/order-adjustments" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "orderId": "00000000-0000-4000-8000-000000000000"
}'

DELETE/sales/order-adjustments

Delete order adjustment

Deletes an order adjustment and recalculates totals.

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "orderId": "00000000-0000-4000-8000-000000000000"
}

Responses

200Order adjustment deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/sales/order-adjustments" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "orderId": "00000000-0000-4000-8000-000000000000"
}'

GET/sales/order-line-statuses

Auth requiredsales.settings.manage

List order line statuses

Manage custom order line statuses available for sales documents. Requires features: sales.settings.manage

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated order line statuses

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "value": "string",
      "label": null,
      "color": null,
      "icon": null,
      "organizationId": null,
      "tenantId": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/order-line-statuses?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/sales/order-line-statuses

Auth requiredsales.settings.manage

Create order line status

Creates a new order line status. Requires features: sales.settings.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "value": "string",
  "color": null,
  "icon": null
}

Responses

201Order line status created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/sales/order-line-statuses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "value": "string",
  "color": null,
  "icon": null
}'

PUT/sales/order-line-statuses

Auth requiredsales.settings.manage

Update order line status

Updates an existing order line status by id. Requires features: sales.settings.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "color": null,
  "icon": null,
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Order line status updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/sales/order-line-statuses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "color": null,
  "icon": null,
  "id": "00000000-0000-4000-8000-000000000000"
}'

DELETE/sales/order-line-statuses

Auth requiredsales.settings.manage

Delete order line status

Deletes a order line status identified by id. Requires features: sales.settings.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Order line status deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/sales/order-line-statuses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/sales/order-lines

List order lines

Returns a paginated collection of order lines that belong to the current organization.

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
id	query	No	string	—
orderId	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated order lines

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "order_id": "00000000-0000-4000-8000-000000000000",
      "line_number": 1,
      "kind": "string",
      "status_entry_id": null,
      "status": null,
      "product_id": null,
      "product_variant_id": null,
      "catalog_snapshot": null,
      "name": null,
      "description": null,
      "comment": null,
      "quantity": 1,
      "quantity_unit": null,
      "currency_code": "string",
      "unit_price_net": 1,
      "unit_price_gross": 1,
      "discount_amount": 1,
      "discount_percent": 1,
      "tax_rate": 1,
      "tax_amount": 1,
      "total_net_amount": 1,
      "total_gross_amount": 1,
      "configuration": null,
      "promotion_code": null,
      "promotion_snapshot": null,
      "metadata": null,
      "custom_field_set_id": null,
      "created_at": "string",
      "updated_at": "string"
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/order-lines?page=1&pageSize=50" \
  -H "Accept: application/json"

POST/sales/order-lines

Create order line

Creates an order line and recalculates totals.

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "orderId": "00000000-0000-4000-8000-000000000000",
  "currencyCode": "string",
  "quantity": 1
}

Responses

201Order line created

Content-Type: application/json

{
  "id": null,
  "orderId": null
}

Example

curl -X POST "http://localhost:3000/api/sales/order-lines" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "orderId": "00000000-0000-4000-8000-000000000000",
  "currencyCode": "string",
  "quantity": 1
}'

PUT/sales/order-lines

Update order line

Updates an order line and recalculates totals.

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "orderId": "00000000-0000-4000-8000-000000000000",
  "currencyCode": "string",
  "quantity": 1
}

Responses

200Order line updated

Content-Type: application/json

{
  "id": null,
  "orderId": null
}

Example

curl -X PUT "http://localhost:3000/api/sales/order-lines" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "orderId": "00000000-0000-4000-8000-000000000000",
  "currencyCode": "string",
  "quantity": 1
}'

DELETE/sales/order-lines

Delete order line

Deletes an order line and recalculates totals.

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "orderId": "00000000-0000-4000-8000-000000000000"
}

Responses

200Order line deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/sales/order-lines" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "orderId": "00000000-0000-4000-8000-000000000000"
}'

GET/sales/order-statuses

Auth requiredsales.settings.manage

List order statuses

Manage the lifecycle states available for sales orders. Requires features: sales.settings.manage

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated order statuses

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "value": "string",
      "label": null,
      "color": null,
      "icon": null,
      "organizationId": null,
      "tenantId": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/order-statuses?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/sales/order-statuses

Auth requiredsales.settings.manage

Create order status

Creates a new order status. Requires features: sales.settings.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "value": "string",
  "color": null,
  "icon": null
}

Responses

201Order status created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/sales/order-statuses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "value": "string",
  "color": null,
  "icon": null
}'

PUT/sales/order-statuses

Auth requiredsales.settings.manage

Update order status

Updates an existing order status by id. Requires features: sales.settings.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "color": null,
  "icon": null,
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Order status updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/sales/order-statuses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "color": null,
  "icon": null,
  "id": "00000000-0000-4000-8000-000000000000"
}'

DELETE/sales/order-statuses

Auth requiredsales.settings.manage

Delete order status

Deletes a order status identified by id. Requires features: sales.settings.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Order status deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/sales/order-statuses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/sales/orders

Auth requiredsales.orders.view

List orders

Returns a paginated collection of orders that belong to the current organization. Requires features: sales.orders.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
id	query	No	string	—
customerId	query	No	string	—
channelId	query	No	string	—
lineItemCountMin	query	No	number	—
lineItemCountMax	query	No	number	—
totalNetMin	query	No	number	—
totalNetMax	query	No	number	—
totalGrossMin	query	No	number	—
totalGrossMax	query	No	number	—
dateFrom	query	No	string	—
dateTo	query	No	string	—
tagIds	query	No	string	—
tagIdsEmpty	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—
withDeleted	query	No	boolean	—

Responses

200Paginated orders

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "orderNumber": null,
      "status": null,
      "statusEntryId": null,
      "customerEntityId": null,
      "customerContactId": null,
      "billingAddressId": null,
      "shippingAddressId": null,
      "customerReference": null,
      "externalReference": null,
      "comment": null,
      "placedAt": null,
      "expectedDeliveryAt": null,
      "customerSnapshot": null,
      "billingAddressSnapshot": null,
      "shippingAddressSnapshot": null,
      "shippingMethodId": null,
      "shippingMethodCode": null,
      "shippingMethodSnapshot": null,
      "paymentMethodId": null,
      "paymentMethodCode": null,
      "paymentMethodSnapshot": null,
      "currencyCode": null,
      "channelId": null,
      "organizationId": null,
      "tenantId": null,
      "validFrom": null,
      "validUntil": null,
      "lineItemCount": null,
      "subtotalNetAmount": null,
      "subtotalGrossAmount": null,
      "discountTotalAmount": null,
      "taxTotalAmount": null,
      "shippingNetAmount": null,
      "shippingGrossAmount": null,
      "surchargeTotalAmount": null,
      "grandTotalNetAmount": null,
      "grandTotalGrossAmount": null,
      "paidTotalAmount": null,
      "refundedTotalAmount": null,
      "outstandingAmount": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/orders?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/sales/orders

Auth requiredsales.orders.manage

Create order

Creates a new sales order. Requires features: sales.orders.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "currencyCode": "string"
}

Responses

201Order created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/sales/orders" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "currencyCode": "string"
}'

PUT/sales/orders

Auth requiredsales.orders.manage

Order management

Requires features: sales.orders.manage

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/sales/orders" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/sales/orders

Auth requiredsales.orders.manage

Delete order

Deletes a sales order. Requires features: sales.orders.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Order deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/sales/orders" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/sales/payment-methods

Auth requiredsales.settings.manage

List payment methods

Configure payment options that can be assigned to sales orders and invoices. Requires features: sales.settings.manage

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
isActive	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—
withDeleted	query	No	boolean	—

Responses

200Paginated payment methods

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "code": "string",
      "description": null,
      "providerKey": null,
      "terms": null,
      "isActive": true,
      "metadata": null,
      "providerSettings": null,
      "organizationId": null,
      "tenantId": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/payment-methods?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/sales/payment-methods

Auth requiredsales.settings.manage

Create payment method

Creates a new payment method. Requires features: sales.settings.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "code": "string"
}

Responses

201Payment method created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/sales/payment-methods" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "code": "string"
}'

PUT/sales/payment-methods

Auth requiredsales.settings.manage

Update payment method

Updates an existing payment method by id. Requires features: sales.settings.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Payment method updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/sales/payment-methods" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

DELETE/sales/payment-methods

Auth requiredsales.settings.manage

Delete payment method

Deletes a payment method identified by id. Requires features: sales.settings.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Payment method deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/sales/payment-methods" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/sales/payment-statuses

Auth requiredsales.settings.manage

List payment statuses

Manage the lifecycle states available for payments. Requires features: sales.settings.manage

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated payment statuses

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "value": "string",
      "label": null,
      "color": null,
      "icon": null,
      "organizationId": null,
      "tenantId": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/payment-statuses?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/sales/payment-statuses

Auth requiredsales.settings.manage

Create payment status

Creates a new payment status. Requires features: sales.settings.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "value": "string",
  "color": null,
  "icon": null
}

Responses

201Payment status created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/sales/payment-statuses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "value": "string",
  "color": null,
  "icon": null
}'

PUT/sales/payment-statuses

Auth requiredsales.settings.manage

Update payment status

Updates an existing payment status by id. Requires features: sales.settings.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "color": null,
  "icon": null,
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Payment status updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/sales/payment-statuses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "color": null,
  "icon": null,
  "id": "00000000-0000-4000-8000-000000000000"
}'

DELETE/sales/payment-statuses

Auth requiredsales.settings.manage

Delete payment status

Deletes a payment status identified by id. Requires features: sales.settings.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Payment status deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/sales/payment-statuses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/sales/payments

Auth requiredsales.orders.view

List payments

Returns a paginated collection of payments that belong to the current organization. Requires features: sales.orders.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
orderId	query	No	string	—
paymentMethodId	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated payments

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "order_id": null,
      "payment_method_id": null,
      "payment_method_name": null,
      "payment_method_code": null,
      "payment_reference": null,
      "status_entry_id": null,
      "status": null,
      "status_label": null,
      "amount": 1,
      "currency_code": "string",
      "captured_amount": null,
      "refunded_amount": null,
      "received_at": null,
      "captured_at": null,
      "custom_field_set_id": null,
      "customFieldSetId": null,
      "custom_values": null,
      "customValues": null,
      "custom_fields": null,
      "customFields": null,
      "metadata": null,
      "created_at": "string",
      "updated_at": null
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/payments?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/sales/payments

Auth requiredsales.payments.manage

Create payment

Creates a payment for a sales order. Requires features: sales.payments.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "amount": 1,
  "currencyCode": "string"
}

Responses

201Payment created

Content-Type: application/json

{
  "id": null,
  "orderTotals": null
}

Example

curl -X POST "http://localhost:3000/api/sales/payments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "amount": 1,
  "currencyCode": "string"
}'

PUT/sales/payments

Auth requiredsales.payments.manage

Update payment

Updates a payment. Requires features: sales.payments.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Payment updated

Content-Type: application/json

{
  "id": null,
  "orderTotals": null
}

Example

curl -X PUT "http://localhost:3000/api/sales/payments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

DELETE/sales/payments

Auth requiredsales.payments.manage

Delete payment

Deletes a payment. Requires features: sales.payments.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Payment deleted

Content-Type: application/json

{
  "id": null,
  "orderTotals": null
}

Example

curl -X DELETE "http://localhost:3000/api/sales/payments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/sales/price-kinds

Auth requiredsales.channels.manage

List price kinds

Lists available price kinds that can be used when pricing sales channels and offers. Requires features: sales.channels.manage

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
isActive	query	No	string	—

Responses

200Paginated price kinds

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "code": "string",
      "title": "string",
      "currency_code": null,
      "display_mode": "string",
      "is_active": true
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/price-kinds?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/sales/quote-adjustments

List quote adjustments

Returns a paginated collection of quote adjustments that belong to the current organization.

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
quoteId	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated quote adjustments

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "quote_id": "00000000-0000-4000-8000-000000000000",
      "quote_line_id": null,
      "scope": "string",
      "kind": "string",
      "code": null,
      "label": null,
      "calculator_key": null,
      "promotion_id": null,
      "rate": 1,
      "amount_net": 1,
      "amount_gross": 1,
      "currency_code": null,
      "metadata": null,
      "position": 1,
      "created_at": "string",
      "updated_at": "string"
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/quote-adjustments?page=1&pageSize=50" \
  -H "Accept: application/json"

POST/sales/quote-adjustments

Create quote adjustment

Creates a quote adjustment and recalculates totals.

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "quoteId": "00000000-0000-4000-8000-000000000000"
}

Responses

201Quote adjustment created

Content-Type: application/json

{
  "id": null,
  "quoteId": null
}

Example

curl -X POST "http://localhost:3000/api/sales/quote-adjustments" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "quoteId": "00000000-0000-4000-8000-000000000000"
}'

PUT/sales/quote-adjustments

Update quote adjustment

Updates a quote adjustment and recalculates totals.

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "quoteId": "00000000-0000-4000-8000-000000000000"
}

Responses

200Quote adjustment updated

Content-Type: application/json

{
  "id": null,
  "quoteId": null
}

Example

curl -X PUT "http://localhost:3000/api/sales/quote-adjustments" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "quoteId": "00000000-0000-4000-8000-000000000000"
}'

DELETE/sales/quote-adjustments

Delete quote adjustment

Deletes a quote adjustment and recalculates totals.

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "quoteId": "00000000-0000-4000-8000-000000000000"
}

Responses

200Quote adjustment deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/sales/quote-adjustments" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "quoteId": "00000000-0000-4000-8000-000000000000"
}'

GET/sales/quote-lines

List quote lines

Returns a paginated collection of quote lines that belong to the current organization.

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
id	query	No	string	—
quoteId	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated quote lines

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "quote_id": "00000000-0000-4000-8000-000000000000",
      "line_number": 1,
      "kind": "string",
      "status_entry_id": null,
      "status": null,
      "product_id": null,
      "product_variant_id": null,
      "catalog_snapshot": null,
      "name": null,
      "description": null,
      "comment": null,
      "quantity": 1,
      "quantity_unit": null,
      "currency_code": "string",
      "unit_price_net": 1,
      "unit_price_gross": 1,
      "discount_amount": 1,
      "discount_percent": 1,
      "tax_rate": 1,
      "tax_amount": 1,
      "total_net_amount": 1,
      "total_gross_amount": 1,
      "configuration": null,
      "promotion_code": null,
      "promotion_snapshot": null,
      "metadata": null,
      "custom_field_set_id": null,
      "created_at": "string",
      "updated_at": "string"
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/quote-lines?page=1&pageSize=50" \
  -H "Accept: application/json"

POST/sales/quote-lines

Create quote line

Creates a quote line and recalculates totals.

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "quoteId": "00000000-0000-4000-8000-000000000000",
  "currencyCode": "string",
  "quantity": 1
}

Responses

201Quote line created

Content-Type: application/json

{
  "id": null,
  "quoteId": null
}

Example

curl -X POST "http://localhost:3000/api/sales/quote-lines" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "quoteId": "00000000-0000-4000-8000-000000000000",
  "currencyCode": "string",
  "quantity": 1
}'

PUT/sales/quote-lines

Update quote line

Updates a quote line and recalculates totals.

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "quoteId": "00000000-0000-4000-8000-000000000000",
  "currencyCode": "string",
  "quantity": 1
}

Responses

200Quote line updated

Content-Type: application/json

{
  "id": null,
  "quoteId": null
}

Example

curl -X PUT "http://localhost:3000/api/sales/quote-lines" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "quoteId": "00000000-0000-4000-8000-000000000000",
  "currencyCode": "string",
  "quantity": 1
}'

DELETE/sales/quote-lines

Delete quote line

Deletes a quote line and recalculates totals.

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "quoteId": "00000000-0000-4000-8000-000000000000"
}

Responses

200Quote line deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/sales/quote-lines" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000",
  "quoteId": "00000000-0000-4000-8000-000000000000"
}'

GET/sales/quotes

Auth requiredsales.quotes.view

List quotes

Returns a paginated collection of quotes that belong to the current organization. Requires features: sales.quotes.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
id	query	No	string	—
customerId	query	No	string	—
channelId	query	No	string	—
lineItemCountMin	query	No	number	—
lineItemCountMax	query	No	number	—
totalNetMin	query	No	number	—
totalNetMax	query	No	number	—
totalGrossMin	query	No	number	—
totalGrossMax	query	No	number	—
dateFrom	query	No	string	—
dateTo	query	No	string	—
tagIds	query	No	string	—
tagIdsEmpty	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—
withDeleted	query	No	boolean	—

Responses

200Paginated quotes

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "quoteNumber": null,
      "status": null,
      "statusEntryId": null,
      "customerEntityId": null,
      "customerContactId": null,
      "billingAddressId": null,
      "shippingAddressId": null,
      "customerReference": null,
      "externalReference": null,
      "comment": null,
      "placedAt": null,
      "expectedDeliveryAt": null,
      "customerSnapshot": null,
      "billingAddressSnapshot": null,
      "shippingAddressSnapshot": null,
      "shippingMethodId": null,
      "shippingMethodCode": null,
      "shippingMethodSnapshot": null,
      "paymentMethodId": null,
      "paymentMethodCode": null,
      "paymentMethodSnapshot": null,
      "currencyCode": null,
      "channelId": null,
      "organizationId": null,
      "tenantId": null,
      "validFrom": null,
      "validUntil": null,
      "lineItemCount": null,
      "subtotalNetAmount": null,
      "subtotalGrossAmount": null,
      "discountTotalAmount": null,
      "taxTotalAmount": null,
      "shippingNetAmount": null,
      "shippingGrossAmount": null,
      "surchargeTotalAmount": null,
      "grandTotalNetAmount": null,
      "grandTotalGrossAmount": null,
      "paidTotalAmount": null,
      "refundedTotalAmount": null,
      "outstandingAmount": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/quotes?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/sales/quotes

Auth requiredsales.quotes.manage

Create quote

Creates a new sales quote. Requires features: sales.quotes.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "currencyCode": "string"
}

Responses

201Quote created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/sales/quotes" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "currencyCode": "string"
}'

PUT/sales/quotes

Auth requiredsales.quotes.manage

Quote management

Requires features: sales.quotes.manage

Responses

200Success response

Content-Type: application/json

{}

Example

curl -X PUT "http://localhost:3000/api/sales/quotes" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

DELETE/sales/quotes

Auth requiredsales.quotes.manage

Delete quote

Deletes a sales quote. Requires features: sales.quotes.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Quote deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/sales/quotes" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

POST/sales/quotes/convert

Auth requiredsales.quotes.managesales.orders.manage

Convert quote

Creates a sales order from a quote and removes the original quote record. Requires features: sales.quotes.manage, sales.orders.manage

Request body (application/json)

{
  "quoteId": "00000000-0000-4000-8000-000000000000"
}

Responses

200Conversion succeeded

Content-Type: application/json

{
  "orderId": "00000000-0000-4000-8000-000000000000"
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X POST "http://localhost:3000/api/sales/quotes/convert" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "quoteId": "00000000-0000-4000-8000-000000000000"
}'

GET/sales/settings/document-numbers

Auth requiredsales.settings.manage

Get document numbering settings

Requires features: sales.settings.manage

Responses

200Current numbering formats and counters

Content-Type: application/json

{
  "orderNumberFormat": "string",
  "quoteNumberFormat": "string",
  "nextOrderNumber": 1,
  "nextQuoteNumber": 1
}

400Missing scope

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/sales/settings/document-numbers" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/sales/settings/document-numbers

Auth requiredsales.settings.manage

Update document numbering settings

Requires features: sales.settings.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "orderNumberFormat": "string",
  "quoteNumberFormat": "string",
  "orderCustomerEditableStatuses": null,
  "orderAddressEditableStatuses": null
}

Responses

200Updated numbering formats and counters

Content-Type: application/json

{
  "orderNumberFormat": "string",
  "quoteNumberFormat": "string",
  "nextOrderNumber": 1,
  "nextQuoteNumber": 1
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PUT "http://localhost:3000/api/sales/settings/document-numbers" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "orderNumberFormat": "string",
  "quoteNumberFormat": "string",
  "orderCustomerEditableStatuses": null,
  "orderAddressEditableStatuses": null
}'

GET/sales/settings/order-editing

Auth requiredsales.settings.manage

Get order editing guards

Requires features: sales.settings.manage

Responses

200Current order editing guards

Content-Type: application/json

{
  "orderCustomerEditableStatuses": null,
  "orderAddressEditableStatuses": null,
  "orderStatuses": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "value": "string",
      "label": "string"
    }
  ]
}

400Missing scope

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X GET "http://localhost:3000/api/sales/settings/order-editing" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

PUT/sales/settings/order-editing

Auth requiredsales.settings.manage

Update order editing guards

Requires features: sales.settings.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "orderCustomerEditableStatuses": null,
  "orderAddressEditableStatuses": null
}

Responses

200Updated order editing guards

Content-Type: application/json

{
  "orderCustomerEditableStatuses": null,
  "orderAddressEditableStatuses": null,
  "orderStatuses": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "value": "string",
      "label": "string"
    }
  ]
}

400Invalid payload

Content-Type: application/json

{
  "error": "string"
}

Example

curl -X PUT "http://localhost:3000/api/sales/settings/order-editing" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "orderCustomerEditableStatuses": null,
  "orderAddressEditableStatuses": null
}'

GET/sales/shipment-statuses

Auth requiredsales.settings.manage

List shipment statuses

Manage the lifecycle states available for shipments. Requires features: sales.settings.manage

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated shipment statuses

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "value": "string",
      "label": null,
      "color": null,
      "icon": null,
      "organizationId": null,
      "tenantId": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/shipment-statuses?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/sales/shipment-statuses

Auth requiredsales.settings.manage

Create shipment status

Creates a new shipment status. Requires features: sales.settings.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "value": "string",
  "color": null,
  "icon": null
}

Responses

201Shipment status created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/sales/shipment-statuses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "value": "string",
  "color": null,
  "icon": null
}'

PUT/sales/shipment-statuses

Auth requiredsales.settings.manage

Update shipment status

Updates an existing shipment status by id. Requires features: sales.settings.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "color": null,
  "icon": null,
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Shipment status updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/sales/shipment-statuses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "color": null,
  "icon": null,
  "id": "00000000-0000-4000-8000-000000000000"
}'

DELETE/sales/shipment-statuses

Auth requiredsales.settings.manage

Delete shipment status

Deletes a shipment status identified by id. Requires features: sales.settings.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Shipment status deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/sales/shipment-statuses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/sales/shipments

List shipments

Returns a paginated collection of shipments that belong to the current organization.

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
orderId	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated shipments

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "order_id": "00000000-0000-4000-8000-000000000000",
      "shipment_number": null,
      "shipping_method_id": null,
      "shipping_method_code": null,
      "shipping_method_name": null,
      "status_entry_id": null,
      "status": null,
      "status_label": null,
      "carrier_name": null,
      "tracking_numbers": null,
      "shipped_at": null,
      "delivered_at": null,
      "weight_value": null,
      "weight_unit": null,
      "declared_value_net": null,
      "declared_value_gross": null,
      "currency_code": null,
      "notes": null,
      "metadata": null,
      "custom_values": null,
      "customValues": null,
      "custom_fields": null,
      "customFields": null,
      "items_snapshot": null,
      "itemsSnapshot": null,
      "created_at": "string",
      "updated_at": "string"
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/shipments?page=1&pageSize=50" \
  -H "Accept: application/json"

POST/sales/shipments

Create shipment

Creates a shipment for an order.

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "orderId": "00000000-0000-4000-8000-000000000000"
}

Responses

201Shipment created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/sales/shipments" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "orderId": "00000000-0000-4000-8000-000000000000"
}'

PUT/sales/shipments

Update shipment

Updates a shipment.

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Shipment updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/sales/shipments" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

DELETE/sales/shipments

Delete shipment

Deletes a shipment.

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Shipment deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/sales/shipments" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/sales/shipping-methods

Auth requiredsales.settings.manage

List shipping methods

Maintain shipping services, carrier mappings, and pricing defaults for order fulfillment. Requires features: sales.settings.manage

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
currency	query	No	string	—
isActive	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—
withDeleted	query	No	boolean	—

Responses

200Paginated shipping methods

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "code": "string",
      "description": null,
      "carrierCode": null,
      "providerKey": null,
      "serviceLevel": null,
      "estimatedTransitDays": null,
      "baseRateNet": "string",
      "baseRateGross": "string",
      "currencyCode": null,
      "isActive": true,
      "metadata": null,
      "providerSettings": null,
      "organizationId": null,
      "tenantId": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/shipping-methods?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/sales/shipping-methods

Auth requiredsales.settings.manage

Create shipping method

Creates a new shipping method. Requires features: sales.settings.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "code": "string"
}

Responses

201Shipping method created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/sales/shipping-methods" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "code": "string"
}'

PUT/sales/shipping-methods

Auth requiredsales.settings.manage

Update shipping method

Updates an existing shipping method by id. Requires features: sales.settings.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Shipping method updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/sales/shipping-methods" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

DELETE/sales/shipping-methods

Auth requiredsales.settings.manage

Delete shipping method

Deletes a shipping method identified by id. Requires features: sales.settings.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Shipping method deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/sales/shipping-methods" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

GET/sales/tags

Auth requiredsales.orders.view

List sales tags

Manage reusable tags to categorize sales orders and quotes. Requires features: sales.orders.view

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—

Responses

200Paginated sales tags

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "slug": "string",
      "label": null,
      "color": null,
      "description": null,
      "organization_id": null,
      "tenant_id": null
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/tags?page=1&pageSize=100" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/sales/tags

Auth requiredsales.orders.manage

Create sales tag

Creates a sales document tag. Requires features: sales.orders.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "slug": "string",
  "label": "string"
}

Responses

201Sales tag created

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/sales/tags" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "slug": "string",
  "label": "string"
}'

PUT/sales/tags

Auth requiredsales.orders.manage

Update sales tag

Updates an existing sales tag. Requires features: sales.orders.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Sales tag updated

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/sales/tags" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

DELETE/sales/tags

Auth requiredsales.orders.manage

Delete sales tag

Deletes a sales tag. Requires features: sales.orders.manage

Responses

200Sales tag deleted

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/sales/tags" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

GET/sales/tax-rates

Auth requiredsales.settings.manage

List tax rates

Returns a paginated list of sales tax rates for the current organization. Requires features: sales.settings.manage

Parameters

Name	In	Required	Schema	Description
page	query	No	number	—
pageSize	query	No	number	—
search	query	No	string	—
country	query	No	string	—
region	query	No	string	—
channelId	query	No	string	—
isCompound	query	No	string	—
sortField	query	No	string	—
sortDir	query	No	string	—
withDeleted	query	No	boolean	—

Responses

200Paginated list of tax rates

Content-Type: application/json

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "code": null,
      "rate": 1,
      "countryCode": null,
      "regionCode": null,
      "postalCode": null,
      "city": null,
      "customerGroupId": null,
      "productCategoryId": null,
      "channelId": null,
      "priority": null,
      "isCompound": true,
      "isDefault": true,
      "metadata": null,
      "startsAt": null,
      "endsAt": null,
      "organizationId": null,
      "tenantId": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "http://localhost:3000/api/sales/tax-rates?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

POST/sales/tax-rates

Auth requiredsales.settings.manage

Create tax rate

Creates a new tax rate record. Requires features: sales.settings.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "code": "string",
  "rate": 1
}

Responses

201Identifier of the created tax rate

Content-Type: application/json

{
  "id": null
}

Example

curl -X POST "http://localhost:3000/api/sales/tax-rates" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "code": "string",
  "rate": 1
}'

PUT/sales/tax-rates

Auth requiredsales.settings.manage

Update tax rate

Updates an existing tax rate by identifier. Requires features: sales.settings.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Update acknowledgement

Content-Type: application/json

{
  "ok": true
}

Example

curl -X PUT "http://localhost:3000/api/sales/tax-rates" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'

DELETE/sales/tax-rates

Auth requiredsales.settings.manage

Delete tax rate

Deletes a tax rate identified by `id`. Requires features: sales.settings.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Deletion acknowledgement

Content-Type: application/json

{
  "ok": true
}

Example

curl -X DELETE "http://localhost:3000/api/sales/tax-rates" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "00000000-0000-4000-8000-000000000000"
}'