Open Mercato
Open Mercato API
Version 0.4.3
OpenAPI JSONMarkdown Docs

OpenAPI Explorer

Auto-generated OpenAPI definition for all enabled modules.

Default server: https://web-production-756174.up.railway.app/api

Authentication & Accounts

27 endpoints
GET/auth/admin/nav
Auth required

Resolve sidebar entries

Returns the backend navigation tree available to the authenticated administrator after applying role and personal sidebar preferences.

Responses

200Sidebar navigation structure
Content-Type: application/json
{
  "groups": [
    {
      "id": "string",
      "name": "string",
      "defaultName": "string",
      "items": [
        {
          "href": "string",
          "title": "string",
          "defaultTitle": "string",
          "enabled": true
        }
      ]
    }
  ]
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/auth/admin/nav" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/auth/feature-check
Auth required

Check feature grants for the current user

Evaluates which of the requested features are available to the signed-in user within the active tenant / organization context.

Request body (application/json)

{
  "features": [
    "string"
  ]
}

Responses

200Evaluation result
Content-Type: application/json
{
  "ok": true,
  "granted": [
    "string"
  ],
  "userId": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/auth/feature-check" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"features\": [
    \"string\"
  ]
}"
GET/auth/features
Auth requiredauth.acl.manage

List declared feature flags

Returns all static features contributed by the enabled modules along with their module source. Requires features: auth.acl.manage

Responses

200Aggregated feature catalog
Content-Type: application/json
{
  "items": [
    {
      "id": "string",
      "title": "string",
      "module": "string"
    }
  ],
  "modules": [
    {
      "id": "string",
      "title": "string"
    }
  ]
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/auth/features" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/auth/locale

GET /auth/locale

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/auth/locale" \
  -H "Accept: application/json"
POST/auth/locale

POST /auth/locale

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/auth/locale" \
  -H "Accept: application/json"
POST/auth/login

Authenticate user credentials

Validates the submitted credentials and issues a bearer token cookie for subsequent API calls.

Request body (application/x-www-form-urlencoded)

email=user%40example.com&password=string

Responses

200Authentication succeeded
Content-Type: application/json
{
  "ok": true,
  "token": "string",
  "redirect": null
}
400Validation failed
Content-Type: application/json
{
  "ok": false,
  "error": "string"
}
401Invalid credentials
Content-Type: application/json
{
  "ok": false,
  "error": "string"
}
403User lacks required role
Content-Type: application/json
{
  "ok": false,
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/auth/login" \
  -H "Accept: application/json" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "email=user%40example.com&password=string"
GET/auth/logout
Auth required

Log out (legacy GET)

For convenience, the GET variant performs the same logout logic as POST and issues a redirect.

Responses

200Success response
Content-Type: application/json
{}
302Redirect to login after successful logout
Content-Type: text/html
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/auth/logout" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/auth/logout
Auth required

Invalidate session and redirect

Clears authentication cookies and redirects the browser to the login page.

Responses

201Success response
Content-Type: application/json
{}
302Redirect to login after successful logout
Content-Type: text/html
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/auth/logout" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/auth/profile
Auth required

Get current profile

Returns the email address for the signed-in user.

Responses

200Profile payload
Content-Type: application/json
{
  "email": "user@example.com"
}
404User not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/auth/profile" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/auth/profile
Auth required

Update current profile

Updates the email address or password for the signed-in user.

Request body (application/json)

{}

Responses

200Profile updated
Content-Type: application/json
{
  "ok": true,
  "email": "user@example.com"
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/auth/profile" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{}"
POST/auth/reset

Send reset email

Requests a password reset email for the given account. The endpoint always returns `ok: true` to avoid leaking account existence.

Request body (application/x-www-form-urlencoded)

email=user%40example.com

Responses

200Reset email dispatched (or ignored for unknown accounts)
Content-Type: application/json
{
  "ok": true
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/auth/reset" \
  -H "Accept: application/json" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "email=user%40example.com"
POST/auth/reset/confirm

Complete password reset

Validates the reset token and updates the user password.

Request body (application/x-www-form-urlencoded)

token=string&password=string

Responses

200Password reset succeeded
Content-Type: application/json
{
  "ok": true,
  "redirect": "string"
}
400Invalid token or payload
Content-Type: application/json
{
  "ok": false,
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/auth/reset/confirm" \
  -H "Accept: application/json" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "token=string&password=string"
GET/auth/roles
Auth requiredauth.roles.list

List roles

Returns available roles within the current tenant. Super administrators receive visibility across tenants. Requires features: auth.roles.list

Parameters

NameInRequiredSchemaDescription
idqueryNostring
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
tenantIdqueryNostring

Responses

200Role collection
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "usersCount": 1,
      "tenantId": null,
      "tenantName": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/auth/roles?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/auth/roles
Auth requiredauth.roles.manage

Create role

Creates a new role for the current tenant or globally when `tenantId` is omitted. Requires features: auth.roles.manage

Request body (application/json)

{
  "name": "string",
  "tenantId": null
}

Responses

201Role created
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000"
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/auth/roles" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"name\": \"string\",
  \"tenantId\": null
}"
PUT/auth/roles
Auth requiredauth.roles.manage

Update role

Updates mutable fields on an existing role. Requires features: auth.roles.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "tenantId": null
}

Responses

200Role updated
Content-Type: application/json
{
  "ok": true
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
404Role not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/auth/roles" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": null
}"
DELETE/auth/roles
Auth requiredauth.roles.manage

Delete role

Deletes a role by identifier. Fails when users remain assigned. Requires features: auth.roles.manage

Parameters

NameInRequiredSchemaDescription
idqueryYesstringRole identifier

Responses

200Role deleted
Content-Type: application/json
{
  "ok": true
}
400Role cannot be deleted
Content-Type: application/json
{
  "error": "string"
}
404Role not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/auth/roles?id=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/auth/roles/acl
Auth requiredauth.acl.manage

Fetch role ACL

Returns the feature and organization assignments associated with a role within the current tenant. Requires features: auth.acl.manage

Parameters

NameInRequiredSchemaDescription
roleIdqueryYesstring
tenantIdqueryNostring

Responses

200Role ACL entry
Content-Type: application/json
{
  "isSuperAdmin": true,
  "features": [
    "string"
  ],
  "organizations": null
}
400Invalid role id
Content-Type: application/json
{
  "error": "string"
}
404Role not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/auth/roles/acl?roleId=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/auth/roles/acl
Auth requiredauth.acl.manage

Update role ACL

Replaces the feature list, super admin flag, and optional organization assignments for a role. Requires features: auth.acl.manage

Request body (application/json)

{
  "roleId": "00000000-0000-4000-8000-000000000000",
  "organizations": null
}

Responses

200Role ACL updated
Content-Type: application/json
{
  "ok": true,
  "sanitized": true
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
404Role not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/auth/roles/acl" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"roleId\": \"00000000-0000-4000-8000-000000000000\",
  \"organizations\": null
}"
GET/auth/session/refresh

Refresh auth cookie from session token

Exchanges an existing `session_token` cookie for a fresh JWT auth cookie and redirects the browser.

Parameters

NameInRequiredSchemaDescription
redirectqueryNostringAbsolute or relative URL to redirect after refresh

Responses

200Success response
Content-Type: application/json
{}
302Redirect to target location when session is valid
Content-Type: text/html
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/auth/session/refresh" \
  -H "Accept: application/json"
GET/auth/sidebar/preferences
Auth required

Get sidebar preferences

Returns personal sidebar customization and any role-level preferences the user can manage.

Responses

200Current sidebar configuration
Content-Type: application/json
{
  "locale": "string",
  "settings": {
    "version": 1,
    "groupOrder": [
      "string"
    ],
    "groupLabels": {
      "key": "string"
    },
    "itemLabels": {
      "key": "string"
    },
    "hiddenItems": [
      "string"
    ]
  },
  "canApplyToRoles": true,
  "roles": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "hasPreference": true
    }
  ]
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/auth/sidebar/preferences" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/auth/sidebar/preferences
Auth required

Update sidebar preferences

Updates personal sidebar configuration and, optionally, applies the same settings to selected roles.

Request body (application/json)

{}

Responses

200Preferences saved
Content-Type: application/json
{
  "locale": "string",
  "settings": {
    "version": 1,
    "groupOrder": [
      "string"
    ],
    "groupLabels": {
      "key": "string"
    },
    "itemLabels": {
      "key": "string"
    },
    "hiddenItems": [
      "string"
    ]
  },
  "canApplyToRoles": true,
  "roles": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "hasPreference": true
    }
  ],
  "appliedRoles": [
    "00000000-0000-4000-8000-000000000000"
  ],
  "clearedRoles": [
    "00000000-0000-4000-8000-000000000000"
  ]
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
403Missing features for role-wide updates
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/auth/sidebar/preferences" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{}"
GET/auth/users
Auth requiredauth.users.list

List users

Returns users for the current tenant. Super administrators may scope the response via organization or role filters. Requires features: auth.users.list

Parameters

NameInRequiredSchemaDescription
idqueryNostring
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
organizationIdqueryNostring
roleIdsqueryNoarray

Responses

200User collection
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "email": "user@example.com",
      "organizationId": null,
      "organizationName": null,
      "tenantId": null,
      "tenantName": null,
      "roles": [
        "string"
      ]
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/auth/users?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/auth/users
Auth requiredauth.users.create

Create user

Creates a new confirmed user within the specified organization and optional roles. Requires features: auth.users.create

Request body (application/json)

{
  "email": "user@example.com",
  "password": "string",
  "organizationId": "00000000-0000-4000-8000-000000000000"
}

Responses

201User created
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000"
}
400Invalid payload or duplicate email
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/auth/users" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"email\": \"user@example.com\",
  \"password\": \"string\",
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\"
}"
PUT/auth/users
Auth requiredauth.users.edit

Update user

Updates profile fields, organization assignment, credentials, or role memberships. Requires features: auth.users.edit

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200User updated
Content-Type: application/json
{
  "ok": true
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
404User not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/auth/users" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
DELETE/auth/users
Auth requiredauth.users.delete

Delete user

Deletes a user by identifier. Undo support is provided via the command bus. Requires features: auth.users.delete

Parameters

NameInRequiredSchemaDescription
idqueryYesstringUser identifier

Responses

200User deleted
Content-Type: application/json
{
  "ok": true
}
400User cannot be deleted
Content-Type: application/json
{
  "error": "string"
}
404User not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/auth/users?id=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/auth/users/acl
Auth requiredauth.acl.manage

Fetch user ACL

Returns custom ACL overrides for a user within the current tenant, if any. Requires features: auth.acl.manage

Parameters

NameInRequiredSchemaDescription
userIdqueryYesstring

Responses

200User ACL entry
Content-Type: application/json
{
  "hasCustomAcl": true,
  "isSuperAdmin": true,
  "features": [
    "string"
  ],
  "organizations": null
}
400Invalid user id
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/auth/users/acl?userId=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/auth/users/acl
Auth requiredauth.acl.manage

Update user ACL

Configures per-user ACL overrides, including super admin access, feature list, and organization scope. Requires features: auth.acl.manage

Request body (application/json)

{
  "userId": "00000000-0000-4000-8000-000000000000",
  "organizations": null
}

Responses

200User ACL updated
Content-Type: application/json
{
  "ok": true,
  "sanitized": true
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/auth/users/acl" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"userId\": \"00000000-0000-4000-8000-000000000000\",
  \"organizations\": null
}"

Directory (Tenants & Organizations)

1 endpoints
GET/directory/tenants/lookup

GET /directory/tenants/lookup

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/directory/tenants/lookup" \
  -H "Accept: application/json"

Configuration

6 endpoints
GET/configs/cache
Auth requiredconfigs.cache.view

GET /configs/cache

Requires features: configs.cache.view

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/configs/cache" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/configs/cache
Auth requiredconfigs.cache.manage

POST /configs/cache

Requires features: configs.cache.manage

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/configs/cache" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/configs/system-status
Auth requiredconfigs.system_status.view

GET /configs/system-status

Requires features: configs.system_status.view

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/configs/system-status" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/configs/system-status
Auth requiredconfigs.manage

POST /configs/system-status

Requires features: configs.manage

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/configs/system-status" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/configs/upgrade-actions
Auth requiredconfigs.manage

GET /configs/upgrade-actions

Requires features: configs.manage

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/configs/upgrade-actions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/configs/upgrade-actions
Auth requiredconfigs.manage

POST /configs/upgrade-actions

Requires features: configs.manage

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/configs/upgrade-actions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Audit & Action Logs

4 endpoints
GET/audit_logs/audit-logs/access
Auth requiredaudit_logs.view_self

Retrieve access logs

Fetches paginated access audit logs scoped to the authenticated user. Tenant administrators can optionally expand the search to other actors or organizations. Requires features: audit_logs.view_self

Parameters

NameInRequiredSchemaDescription
organizationIdqueryNostringLimit results to a specific organization
actorUserIdqueryNostringFilter by actor user id (tenant administrators only)
resourceKindqueryNostringRestrict to a resource kind such as `order` or `product`
accessTypequeryNostringAccess type filter, e.g. `read` or `export`
pagequeryNostringPage number (default 1)
pageSizequeryNostringPage size (default 50)
limitqueryNostringExplicit maximum number of records when paginating manually
beforequeryNostringReturn logs created before this ISO-8601 timestamp
afterqueryNostringReturn logs created after this ISO-8601 timestamp

Responses

200Access logs returned successfully
Content-Type: application/json
{
  "items": [
    {
      "id": "string",
      "resourceKind": "string",
      "resourceId": "string",
      "accessType": "string",
      "actorUserId": null,
      "actorUserName": null,
      "tenantId": null,
      "tenantName": null,
      "organizationId": null,
      "organizationName": null,
      "fields": [
        "string"
      ],
      "context": null,
      "createdAt": "string"
    }
  ],
  "canViewTenant": true,
  "page": 1,
  "pageSize": 1,
  "total": 1,
  "totalPages": 1
}
400Invalid filters supplied
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/audit_logs/audit-logs/access" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/audit_logs/audit-logs/actions
Auth requiredaudit_logs.view_self

Fetch action logs

Returns recent action audit log entries. Tenant administrators can widen the scope to other actors or organizations, and callers can optionally restrict results to undoable actions. Requires features: audit_logs.view_self

Parameters

NameInRequiredSchemaDescription
organizationIdqueryNostringLimit results to a specific organization
actorUserIdqueryNostringFilter logs created by a specific actor (tenant administrators only)
resourceKindqueryNostringFilter by resource kind (e.g., "order", "product")
resourceIdqueryNostringFilter by resource ID (UUID of the specific record)
includeRelatedqueryNostringWhen `true`, also returns changes to child entities linked via parentResourceKind/parentResourceId
undoableOnlyqueryNostringWhen `true`, only undoable actions are returned
limitqueryNostringMaximum number of records to return (default 50)
beforequeryNostringReturn actions created before this ISO-8601 timestamp
afterqueryNostringReturn actions created after this ISO-8601 timestamp

Responses

200Action logs retrieved successfully
Content-Type: application/json
{
  "items": [
    {
      "id": "string",
      "commandId": "string",
      "actionLabel": null,
      "executionState": "done",
      "actorUserId": null,
      "actorUserName": null,
      "tenantId": null,
      "tenantName": null,
      "organizationId": null,
      "organizationName": null,
      "resourceKind": null,
      "resourceId": null,
      "parentResourceKind": null,
      "parentResourceId": null,
      "undoToken": null,
      "createdAt": "string",
      "updatedAt": "string",
      "snapshotBefore": null,
      "snapshotAfter": null,
      "changes": null,
      "context": null
    }
  ],
  "canViewTenant": true
}
400Invalid filter values
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/audit_logs/audit-logs/actions?includeRelated=false&undoableOnly=false" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/audit_logs/audit-logs/actions/redo
Auth requiredaudit_logs.redo_self

Redo by action log id

Redoes the latest undone command owned by the caller. Requires the action to still be eligible for redo within tenant and organization scope. Requires features: audit_logs.redo_self

Request body (application/json)

{
  "logId": "string"
}

Responses

200Redo executed successfully
Content-Type: application/json
{
  "ok": true,
  "logId": null,
  "undoToken": null
}
400Log not eligible for redo
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/audit_logs/audit-logs/actions/redo" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"logId\": \"string\"
}"
POST/audit_logs/audit-logs/actions/undo
Auth requiredaudit_logs.undo_self

Undo action by token

Replays the undo handler registered for a command. The provided undo token must match the latest undoable log entry accessible to the caller. Requires features: audit_logs.undo_self

Request body (application/json)

{
  "undoToken": "string"
}

Responses

200Undo applied successfully
Content-Type: application/json
{
  "ok": true,
  "logId": "string"
}
400Invalid or unavailable undo token
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/audit_logs/audit-logs/actions/undo" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"undoToken\": \"string\"
}"

Attachments

14 endpoints
GET/attachments
Auth requiredattachments.view

List attachments for a record

Returns uploaded attachments for the given entity record, ordered by newest first. Requires features: attachments.view

Parameters

NameInRequiredSchemaDescription
entityIdqueryYesstringEntity identifier that owns the attachments
recordIdqueryYesstringRecord identifier within the entity

Responses

200Attachments found for the record
Content-Type: application/json
{
  "items": [
    {
      "id": "string",
      "url": "string",
      "fileName": "string",
      "fileSize": 1,
      "createdAt": "string",
      "mimeType": null,
      "content": null
    }
  ]
}
400Missing entity or record identifiers
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/attachments?entityId=string&recordId=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/attachments
Auth requiredattachments.manage

Upload attachment

Uploads a new attachment using multipart form-data and stores metadata for later retrieval. Requires features: attachments.manage

Request body (multipart/form-data)

entityId=string
recordId=string
file=string

Responses

200Attachment stored successfully
Content-Type: application/json
{
  "ok": true,
  "item": {
    "id": "string",
    "url": "string",
    "fileName": "string",
    "fileSize": 1,
    "content": null
  }
}
400Payload validation error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/attachments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: multipart/form-data" \
  -d "{
  \"entityId\": \"string\",
  \"recordId\": \"string\",
  \"file\": \"string\"
}"
DELETE/attachments
Auth requiredattachments.manage

Delete attachment

Removes an uploaded attachment and deletes the stored asset. Requires features: attachments.manage

Parameters

NameInRequiredSchemaDescription
idqueryYesstring

Responses

200Attachment deleted
Content-Type: application/json
{
  "ok": true
}
400Missing attachment identifier
Content-Type: application/json
{
  "error": "string"
}
404Attachment not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/attachments?id=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/attachments/file/{id}

GET /attachments/file/{id}

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/attachments/file/:id" \
  -H "Accept: application/json"
GET/attachments/image/{id}/{slug}

GET /attachments/image/{id}/{slug}

Parameters

NameInRequiredSchemaDescription
idpathYesstring
slugpathNostring

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/attachments/image/:id/:slug" \
  -H "Accept: application/json"
GET/attachments/library
Auth requiredattachments.view

GET /attachments/library

Requires features: attachments.view

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/attachments/library" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/attachments/library/{id}
Auth requiredattachments.view

GET /attachments/library/{id}

Requires features: attachments.view

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/attachments/library/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PATCH/attachments/library/{id}
Auth requiredattachments.manage

PATCH /attachments/library/{id}

Requires features: attachments.manage

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X PATCH "https://web-production-756174.up.railway.app/api/attachments/library/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
DELETE/attachments/library/{id}
Auth requiredattachments.manage

DELETE /attachments/library/{id}

Requires features: attachments.manage

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

204Success

No response body.

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/attachments/library/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/attachments/partitions
Auth requiredattachments.manage

GET /attachments/partitions

Requires features: attachments.manage

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/attachments/partitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/attachments/partitions
Auth requiredattachments.manage

POST /attachments/partitions

Requires features: attachments.manage

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/attachments/partitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/attachments/partitions
Auth requiredattachments.manage

PUT /attachments/partitions

Requires features: attachments.manage

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/attachments/partitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
DELETE/attachments/partitions
Auth requiredattachments.manage

DELETE /attachments/partitions

Requires features: attachments.manage

Responses

204Success

No response body.

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/attachments/partitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/attachments/transfer
Auth requiredattachments.manage

POST /attachments/transfer

Requires features: attachments.manage

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/attachments/transfer" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

API Keys

3 endpoints
GET/api_keys/keys
Auth requiredapi_keys.view

List API keys

Returns paginated API keys visible to the current user, including per-key role assignments and organization context. Requires features: api_keys.view

Parameters

NameInRequiredSchemaDescription
pagequeryNostring
pageSizequeryNostring
searchqueryNostring

Responses

200Collection of API keys
Content-Type: application/json
{
  "items": [
    {
      "id": "string",
      "name": "string",
      "description": null,
      "keyPrefix": "string",
      "organizationId": null,
      "organizationName": null,
      "createdAt": "string",
      "lastUsedAt": null,
      "expiresAt": null,
      "roles": [
        {
          "id": "string",
          "name": null
        }
      ]
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}
400Tenant context missing
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/api_keys/keys" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/api_keys/keys
Auth requiredapi_keys.create

Create API key

Creates a new API key, returning the one-time secret value together with the generated key prefix and scope details. Requires features: api_keys.create

Request body (application/json)

{
  "name": "string",
  "description": null,
  "tenantId": null,
  "organizationId": null,
  "roles": [],
  "expiresAt": null
}

Responses

201API key created successfully
Content-Type: application/json
{
  "id": "string",
  "name": "string",
  "keyPrefix": "string",
  "tenantId": null,
  "organizationId": null,
  "roles": [
    {
      "id": "string",
      "name": null
    }
  ]
}
400Invalid payload or missing tenant context
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/api_keys/keys" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"name\": \"string\",
  \"description\": null,
  \"tenantId\": null,
  \"organizationId\": null,
  \"roles\": [],
  \"expiresAt\": null
}"
DELETE/api_keys/keys
Auth requiredapi_keys.delete

Delete API key

Removes an API key by identifier. The key must belong to the current tenant and fall within the requester organization scope. Requires features: api_keys.delete

Parameters

NameInRequiredSchemaDescription
idqueryYesstringAPI key identifier to delete

Responses

200Key deleted successfully
Content-Type: application/json
{
  "success": true
}
400Missing or invalid identifier
Content-Type: application/json
{
  "error": "string"
}
404Key not found within scope
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/api_keys/keys?id=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Onboarding

2 endpoints
POST/onboarding/onboarding

POST /onboarding/onboarding

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/onboarding/onboarding" \
  -H "Accept: application/json"
GET/onboarding/onboarding/verify

GET /onboarding/onboarding/verify

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/onboarding/onboarding/verify" \
  -H "Accept: application/json"

Feature Toggles

12 endpoints
GET/feature_toggles/check/boolean
Auth required

Check if feature is enabled

Checks if a feature toggle is enabled for the current context.

Parameters

NameInRequiredSchemaDescription
identifierqueryYesstringFeature toggle identifier

Responses

200Feature status
Content-Type: application/json
{
  "enabled": true,
  "source": "override",
  "toggleId": "string",
  "identifier": "string",
  "tenantId": "string"
}
400Bad Request
Content-Type: application/json
{
  "error": "string"
}
404Tenant not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/feature_toggles/check/boolean?identifier=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/feature_toggles/check/json
Auth required

Get json config

Gets the json configuration for a feature toggle.

Parameters

NameInRequiredSchemaDescription
identifierqueryYesstringFeature toggle identifier

Responses

200Json config
Content-Type: application/json
{
  "valueType": "json",
  "source": "override",
  "toggleId": "string",
  "identifier": "string",
  "tenantId": "string"
}
400Bad Request
Content-Type: application/json
{
  "error": "string"
}
404Tenant not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/feature_toggles/check/json?identifier=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/feature_toggles/check/number
Auth required

Get number config

Gets the number configuration for a feature toggle.

Parameters

NameInRequiredSchemaDescription
identifierqueryYesstringFeature toggle identifier

Responses

200Number config
Content-Type: application/json
{
  "valueType": "number",
  "value": 1,
  "source": "override",
  "toggleId": "string",
  "identifier": "string",
  "tenantId": "string"
}
400Bad Request
Content-Type: application/json
{
  "error": "string"
}
404Tenant not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/feature_toggles/check/number?identifier=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/feature_toggles/check/string
Auth required

Get string config

Gets the string configuration for a feature toggle.

Parameters

NameInRequiredSchemaDescription
identifierqueryYesstringFeature toggle identifier

Responses

200String config
Content-Type: application/json
{
  "valueType": "string",
  "value": "string",
  "source": "override",
  "toggleId": "string",
  "identifier": "string",
  "tenantId": "string"
}
400Bad Request
Content-Type: application/json
{
  "error": "string"
}
404Tenant not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/feature_toggles/check/string?identifier=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/feature_toggles/global
Auth required

GET /feature_toggles/global

Requires roles: superadmin

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/feature_toggles/global" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/feature_toggles/global
Auth required

POST /feature_toggles/global

Requires roles: superadmin

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/feature_toggles/global" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/feature_toggles/global
Auth required

PUT /feature_toggles/global

Requires roles: superadmin

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/feature_toggles/global" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
DELETE/feature_toggles/global
Auth required

DELETE /feature_toggles/global

Requires roles: superadmin

Responses

204Success

No response body.

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/feature_toggles/global" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/feature_toggles/global/{id}
Auth required

Fetch feature toggle by ID

Returns complete details of a feature toggle. Requires roles: superadmin

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Feature toggle detail
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "identifier": "string",
  "name": "string",
  "description": null,
  "category": null,
  "default_state": true
}
400Invalid identifier
Content-Type: application/json
{
  "error": "string"
}
404Feature toggle not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/feature_toggles/global/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/feature_toggles/global/{id}/override
Auth required

Fetch feature toggle override

Returns feature toggle override. Requires roles: superadmin

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Feature toggle overrides
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "tenantName": "string",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "toggleType": "boolean"
}
400Invalid request
Content-Type: application/json
{
  "error": "string"
}
404Feature toggle not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/feature_toggles/global/:id/override" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/feature_toggles/overrides
Auth required

List overrides

Returns list of feature toggle overrides. Requires roles: superadmin

Parameters

NameInRequiredSchemaDescription
categoryqueryNostring
namequeryNostring
identifierqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
pagequeryNonumber
pageSizequeryNonumber

Responses

200List of overrides
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "toggleId": "00000000-0000-4000-8000-000000000000",
      "overrideState": "enabled",
      "identifier": "string",
      "name": "string",
      "category": null,
      "defaultState": true,
      "tenantName": null
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1,
  "isSuperAdmin": true
}
400Invalid query parameters
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/feature_toggles/overrides?page=1&pageSize=25" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/feature_toggles/overrides
Auth required

Change override state

Enable, disable or inherit a feature toggle for a specific tenant. Requires roles: superadmin

Request body (application/json)

{
  "toggleId": "00000000-0000-4000-8000-000000000000",
  "isOverride": true
}

Responses

200Override updated
Content-Type: application/json
{
  "ok": true,
  "overrideToggleId": null
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}
404Not found
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/feature_toggles/overrides" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"toggleId\": \"00000000-0000-4000-8000-000000000000\",
  \"isOverride\": true
}"

Search

15 endpoints
GET/search/embeddings
Auth requiredsearch.embeddings.view

Get embeddings configuration

Returns current embedding provider and model configuration. Requires features: search.embeddings.view

Responses

200Embeddings settings
Content-Type: application/json
{
  "settings": {
    "openaiConfigured": true,
    "autoIndexingEnabled": true,
    "autoIndexingLocked": true,
    "lockReason": null,
    "embeddingConfig": null,
    "configuredProviders": [
      "openai"
    ],
    "indexedDimension": null,
    "reindexRequired": true,
    "documentCount": null
  }
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/search/embeddings" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/search/embeddings
Auth requiredsearch.embeddings.manage

Update embeddings configuration

Updates the embedding provider and model settings. Requires features: search.embeddings.manage

Request body (application/json)

{}

Responses

200Updated settings
Content-Type: application/json
{
  "settings": {
    "openaiConfigured": true,
    "autoIndexingEnabled": true,
    "autoIndexingLocked": true,
    "lockReason": null,
    "embeddingConfig": null,
    "configuredProviders": [
      "openai"
    ],
    "indexedDimension": null,
    "reindexRequired": true,
    "documentCount": null
  }
}
400Invalid request
Content-Type: application/json
{
  "error": "string"
}
409Auto-indexing disabled via environment
Content-Type: application/json
{
  "error": "string"
}
500Update failed
Content-Type: application/json
{
  "error": "string"
}
503Configuration service unavailable
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/search/embeddings" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{}"
POST/search/embeddings/reindex
Auth requiredsearch.embeddings.manage

Trigger vector reindex

Starts a vector embedding reindex operation. Requires features: search.embeddings.manage

Request body (application/json)

{}

Responses

200Reindex result
Content-Type: application/json
{
  "ok": true
}
409Reindex already in progress
Content-Type: application/json
{
  "error": "string",
  "lock": {
    "type": "fulltext",
    "action": "string",
    "startedAt": "string",
    "elapsedMinutes": 1,
    "processedCount": null,
    "totalCount": null
  }
}
500Reindex failed
Content-Type: application/json
{
  "error": "string"
}
503Search indexer unavailable
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/search/embeddings/reindex" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{}"
POST/search/embeddings/reindex/cancel
Auth requiredsearch.embeddings.manage

Cancel vector reindex

Cancels an in-progress vector reindex operation. Requires features: search.embeddings.manage

Responses

200Cancel result
Content-Type: application/json
{
  "ok": true,
  "jobsRemoved": 1
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/search/embeddings/reindex/cancel" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/search/index
Auth requiredsearch.view

List vector index entries

Returns paginated list of entries in the vector search index. Requires features: search.view

Parameters

NameInRequiredSchemaDescription
entityIdqueryNostringFilter by entity ID (e.g., "customers:customer_person_profile", "catalog:catalog_product")
limitqueryNonumberMaximum entries to return (default: 50, max: 200)
offsetqueryNonumberOffset for pagination (default: 0)

Responses

200Index entries
Content-Type: application/json
{
  "entries": [
    {
      "id": "string",
      "entityId": "string",
      "recordId": "string",
      "tenantId": "string",
      "organizationId": null
    }
  ],
  "limit": 1,
  "offset": 1
}
500Failed to fetch index
Content-Type: application/json
{
  "error": "string"
}
503Vector strategy unavailable
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/search/index" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
DELETE/search/index
Auth requiredsearch.embeddings.manage

Purge vector index

Purges entries from the vector search index. Requires confirmAll=true when purging all entities. Requires features: search.embeddings.manage

Parameters

NameInRequiredSchemaDescription
entityIdqueryNostringSpecific entity ID to purge (e.g., "customers:customer_person_profile", "catalog:catalog_product")
confirmAllqueryNostringRequired when purging all entities

Responses

200Purge result
Content-Type: application/json
{
  "ok": true
}
400Missing confirmAll parameter
Content-Type: application/json
{
  "error": "string"
}
500Purge failed
Content-Type: application/json
{
  "error": "string"
}
503Search indexer unavailable
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/search/index" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/search/reindex
Auth requiredsearch.reindex

Trigger fulltext reindex

Starts a fulltext (Meilisearch) reindex operation. Can clear, recreate, or fully reindex. Requires features: search.reindex

Request body (application/json)

{}

Responses

200Reindex result
Content-Type: application/json
{
  "ok": true,
  "action": "clear",
  "entityId": null
}
409Reindex already in progress
Content-Type: application/json
{
  "error": "string",
  "lock": {
    "type": "fulltext",
    "action": "string",
    "startedAt": "string",
    "elapsedMinutes": 1,
    "processedCount": null,
    "totalCount": null
  }
}
500Reindex failed
Content-Type: application/json
{
  "error": "string"
}
503Search service unavailable
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/search/reindex" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{}"
POST/search/reindex/cancel
Auth requiredsearch.reindex

Cancel fulltext reindex

Cancels an in-progress fulltext reindex operation. Requires features: search.reindex

Responses

200Cancel result
Content-Type: application/json
{
  "ok": true,
  "jobsRemoved": 1
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/search/reindex/cancel" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/search/search
Auth requiredsearch.view

Search across all indexed entities

Performs a search using configured strategies (fulltext, vector, tokens). Use for search playground. Requires features: search.view

Parameters

NameInRequiredSchemaDescription
qqueryYesstringSearch query (required)
limitqueryNonumberMaximum results to return (default: 50, max: 100)
strategiesqueryNostringComma-separated strategies to use: fulltext, vector, tokens (e.g., "fulltext,vector")
entityTypesqueryNostringComma-separated entity types to filter results (e.g., "customers:customer_person_profile,catalog:catalog_product,sales:sales_order")

Responses

200Search results
Content-Type: application/json
{
  "results": [
    {
      "entityId": "string",
      "recordId": "string",
      "score": 1,
      "source": "fulltext"
    }
  ],
  "strategiesUsed": [
    "fulltext"
  ],
  "timing": 1,
  "query": "string",
  "limit": 1
}
400Missing query parameter
Content-Type: application/json
{
  "error": "string"
}
500Search failed
Content-Type: application/json
{
  "error": "string"
}
503Search service unavailable
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/search/search?q=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/search/search/global
Auth requiredsearch.view

Global search (Cmd+K)

Performs a global search using saved tenant strategies. Does NOT accept strategies from URL. Requires features: search.view

Parameters

NameInRequiredSchemaDescription
qqueryYesstringSearch query (required)
limitqueryNonumberMaximum results to return (default: 50, max: 100)
entityTypesqueryNostringComma-separated entity types to filter results (e.g., "customers:customer_person_profile,catalog:catalog_product,sales:sales_order")

Responses

200Search results
Content-Type: application/json
{
  "results": [
    {
      "entityId": "string",
      "recordId": "string",
      "score": 1,
      "source": "fulltext"
    }
  ],
  "strategiesUsed": [
    "fulltext"
  ],
  "strategiesEnabled": [
    "fulltext"
  ],
  "timing": 1,
  "query": "string",
  "limit": 1
}
400Missing query parameter
Content-Type: application/json
{
  "error": "string"
}
500Search failed
Content-Type: application/json
{
  "error": "string"
}
503Search service unavailable
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/search/search/global?q=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/search/settings
Auth requiredsearch.view

Get search settings and status

Returns search module configuration, available strategies, and reindex lock status. Requires features: search.view

Responses

200Search settings
Content-Type: application/json
{
  "settings": {
    "strategies": [
      {
        "id": "string",
        "name": "string",
        "priority": 1,
        "available": true
      }
    ],
    "fulltextConfigured": true,
    "fulltextStats": null,
    "vectorConfigured": true,
    "tokensEnabled": true,
    "defaultStrategies": [
      "string"
    ],
    "reindexLock": null,
    "fulltextReindexLock": null,
    "vectorReindexLock": null
  }
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/search/settings" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/search/settings/fulltext
Auth requiredsearch.view

Get fulltext search configuration

Returns Meilisearch configuration status and index statistics. Requires features: search.view

Responses

200Fulltext settings
Content-Type: application/json
{
  "driver": null,
  "configured": true,
  "envVars": {
    "MEILISEARCH_HOST": {
      "set": true,
      "hint": "string"
    },
    "MEILISEARCH_API_KEY": {
      "set": true,
      "hint": "string"
    }
  },
  "optionalEnvVars": {
    "MEILISEARCH_INDEX_PREFIX": {
      "set": true,
      "hint": "string"
    },
    "SEARCH_EXCLUDE_ENCRYPTED_FIELDS": {
      "set": true,
      "hint": "string"
    }
  }
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/search/settings/fulltext" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/search/settings/global-search
Auth requiredsearch.view

Get global search strategies

Returns the enabled strategies for Cmd+K global search. Requires features: search.view

Responses

200Global search settings
Content-Type: application/json
{
  "enabledStrategies": [
    "fulltext"
  ]
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/search/settings/global-search" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/search/settings/global-search
Auth requiredsearch.manage

Update global search strategies

Sets which strategies are enabled for Cmd+K global search. Requires features: search.manage

Request body (application/json)

{
  "enabledStrategies": [
    "fulltext"
  ]
}

Responses

200Updated settings
Content-Type: application/json
{
  "ok": true,
  "enabledStrategies": [
    "fulltext"
  ]
}
400Invalid request
Content-Type: application/json
{
  "error": "string"
}
500Internal error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/search/settings/global-search" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"enabledStrategies\": [
    \"fulltext\"
  ]
}"
GET/search/settings/vector-store
Auth requiredsearch.view

Get vector store configuration

Returns vector store configuration status. Requires features: search.view

Responses

200Vector store settings
Content-Type: application/json
{
  "currentDriver": "pgvector",
  "configured": true,
  "drivers": [
    {
      "id": "pgvector",
      "name": "string",
      "configured": true,
      "implemented": true,
      "envVars": [
        {
          "name": "string",
          "set": true,
          "hint": "string"
        }
      ]
    }
  ]
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/search/settings/vector-store" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Scheduler

8 endpoints
GET/scheduler/jobs
Auth requiredscheduler.jobs.view

List scheduledjobs

Returns a paginated collection of scheduledjobs scoped to the authenticated organization. Requires features: scheduler.jobs.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
idqueryNostring
searchqueryNostring
scopeTypequeryNostring
isEnabledqueryYesany
sourceTypequeryNostring
sourceModulequeryNostring
sortqueryNostring
orderqueryNostring

Responses

200Paginated scheduledjobs
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "description": null,
      "scopeType": "system",
      "organizationId": null,
      "tenantId": null,
      "scheduleType": "cron",
      "scheduleValue": "string",
      "timezone": "string",
      "targetType": "queue",
      "targetQueue": null,
      "targetCommand": null,
      "targetPayload": null,
      "requireFeature": null,
      "isEnabled": true,
      "lastRunAt": null,
      "nextRunAt": null,
      "sourceType": "user",
      "sourceModule": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/scheduler/jobs?page=1&pageSize=20" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/scheduler/jobs
Auth requiredscheduler.jobs.manage

Create scheduledjob

Creates a new scheduled job with cron or interval-based scheduling. Requires features: scheduler.jobs.manage

Request body (application/json)

{
  "name": "string",
  "description": null,
  "scopeType": "system",
  "organizationId": null,
  "tenantId": null,
  "scheduleType": "cron",
  "scheduleValue": "string",
  "timezone": "UTC",
  "targetType": "queue",
  "targetQueue": null,
  "targetCommand": null,
  "targetPayload": null,
  "requireFeature": null,
  "isEnabled": true,
  "sourceType": "user",
  "sourceModule": null
}

Responses

201ScheduledJob created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/scheduler/jobs" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"name\": \"string\",
  \"description\": null,
  \"scopeType\": \"system\",
  \"organizationId\": null,
  \"tenantId\": null,
  \"scheduleType\": \"cron\",
  \"scheduleValue\": \"string\",
  \"timezone\": \"UTC\",
  \"targetType\": \"queue\",
  \"targetQueue\": null,
  \"targetCommand\": null,
  \"targetPayload\": null,
  \"requireFeature\": null,
  \"isEnabled\": true,
  \"sourceType\": \"user\",
  \"sourceModule\": null
}"
PUT/scheduler/jobs
Auth requiredscheduler.jobs.manage

Update scheduledjob

Updates an existing scheduled job by ID. Requires features: scheduler.jobs.manage

Request body (application/json)

{
  "id": "string",
  "description": null,
  "targetQueue": null,
  "targetCommand": null,
  "targetPayload": null,
  "requireFeature": null
}

Responses

200ScheduledJob updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/scheduler/jobs" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"string\",
  \"description\": null,
  \"targetQueue\": null,
  \"targetCommand\": null,
  \"targetPayload\": null,
  \"requireFeature\": null
}"
DELETE/scheduler/jobs
Auth requiredscheduler.jobs.manage

Delete scheduledjob

Deletes a scheduled job by ID. Requires features: scheduler.jobs.manage

Request body (application/json)

{
  "id": "string"
}

Responses

200ScheduledJob deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/scheduler/jobs" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"string\"
}"
GET/scheduler/jobs/{id}/executions

Get execution history for a schedule

Fetch recent executions from BullMQ for a scheduled job. Requires QUEUE_STRATEGY=async.

Parameters

NameInRequiredSchemaDescription
idpathYesstring
pageSizequeryNonumber

Responses

200Execution history
Content-Type: application/json
{
  "items": [
    {
      "id": "string",
      "scheduleId": "00000000-0000-4000-8000-000000000000",
      "startedAt": "string",
      "finishedAt": null,
      "status": "running",
      "triggerType": "scheduled",
      "triggeredByUserId": null,
      "errorMessage": null,
      "errorStack": null,
      "durationMs": null,
      "queueJobId": "string",
      "queueName": "string",
      "attemptsMade": 1,
      "result": null
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1
}
400Local strategy not supported
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
403Access denied
Content-Type: application/json
{
  "error": "string"
}
404Schedule not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/scheduler/jobs/:id/executions?pageSize=20" \
  -H "Accept: application/json"
GET/scheduler/queue-jobs/{jobId}

Get BullMQ job details and logs

Fetch detailed information and logs for a queue job. Requires QUEUE_STRATEGY=async.

Parameters

NameInRequiredSchemaDescription
jobIdpathYesstring
queuequeryYesstring

Responses

200Job details and logs
Content-Type: application/json
{
  "id": "string",
  "name": "string",
  "state": "waiting",
  "progress": null,
  "returnvalue": null,
  "failedReason": null,
  "stacktrace": null,
  "attemptsMade": 1,
  "processedOn": null,
  "finishedOn": null,
  "logs": [
    "string"
  ]
}
400Invalid request or local strategy not supported
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
403Access denied
Content-Type: application/json
{
  "error": "string"
}
404Job not found
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/scheduler/queue-jobs/:jobId?queue=string" \
  -H "Accept: application/json"
GET/scheduler/targets

List available queues and commands

Returns all registered queue names (from module workers) and command IDs (from the command registry) that can be used as schedule targets.

Responses

200Available targets
Content-Type: application/json
{
  "queues": [
    {
      "value": "string",
      "label": "string"
    }
  ],
  "commands": [
    {
      "value": "string",
      "label": "string"
    }
  ]
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/scheduler/targets" \
  -H "Accept: application/json"
POST/scheduler/trigger

Manually trigger a schedule

Executes a scheduled job immediately, bypassing the scheduled time. Only works with async queue strategy.

Request body (application/json)

{
  "id": "string"
}

Responses

200Schedule triggered successfully
Content-Type: application/json
{
  "ok": true,
  "jobId": "string",
  "message": "string"
}
400Invalid request or local strategy not supported
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
403Access denied
Content-Type: application/json
{
  "error": "string"
}
404Schedule not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/scheduler/trigger" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"string\"
}"

AI Assistant

7 endpoints
POST/ai_assistant/chat
Auth requiredai_assistant.view

POST /ai_assistant/chat

Requires features: ai_assistant.view

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/ai_assistant/chat" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/ai_assistant/health
Auth requiredai_assistant.view

GET /ai_assistant/health

Requires features: ai_assistant.view

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/ai_assistant/health" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/ai_assistant/route
Auth requiredai_assistant.view

POST /ai_assistant/route

Requires features: ai_assistant.view

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/ai_assistant/route" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/ai_assistant/session-key
Auth requiredai_assistant.view

Generate session key

Generates a new session token that can be included in MCP tool calls via the _sessionToken parameter. The token inherits the calling user's roles and organization context. Requires features: ai_assistant.view

Responses

200Session key created successfully
Content-Type: application/json
{
  "sessionToken": "string",
  "expiresAt": "string"
}
500Failed to create session key
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/ai_assistant/session-key" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/ai_assistant/settings
Auth requiredai_assistant.view

GET /ai_assistant/settings

Requires features: ai_assistant.view

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/ai_assistant/settings" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/ai_assistant/tools
Auth requiredai_assistant.view

GET /ai_assistant/tools

Requires features: ai_assistant.view

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/ai_assistant/tools" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/ai_assistant/tools/execute
Auth requiredai_assistant.view

POST /ai_assistant/tools/execute

Requires features: ai_assistant.view

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/ai_assistant/tools/execute" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Notifications

13 endpoints
GET/notifications
Auth required

List notifications

Returns a paginated collection of notifications.

Parameters

NameInRequiredSchemaDescription
statusqueryNoany
typequeryNostring
severityqueryNostring
sourceEntityTypequeryNostring
sourceEntityIdqueryNostring
sincequeryNostring
pagequeryNonumber
pageSizequeryNonumber

Responses

200Paginated notifications
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "type": "string",
      "title": "string",
      "body": null,
      "titleKey": null,
      "bodyKey": null,
      "titleVariables": null,
      "bodyVariables": null,
      "icon": null,
      "severity": "string",
      "status": "string",
      "actions": [
        {
          "id": "string",
          "label": "string"
        }
      ],
      "sourceModule": null,
      "sourceEntityType": null,
      "sourceEntityId": null,
      "linkHref": null,
      "createdAt": "string",
      "readAt": null,
      "actionTaken": null
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/notifications?page=1&pageSize=20" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/notifications
Auth requirednotifications.create

Create notification

Creates a notification for a user. Requires features: notifications.create

Request body (application/json)

{
  "type": "string",
  "severity": "info",
  "recipientUserId": "00000000-0000-4000-8000-000000000000"
}

Responses

201Notification created
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/notifications" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"type\": \"string\",
  \"severity\": \"info\",
  \"recipientUserId\": \"00000000-0000-4000-8000-000000000000\"
}"
POST/notifications/batch
Auth requirednotifications.create

POST /notifications/batch

Requires features: notifications.create

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/notifications/batch" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/notifications/feature
Auth requirednotifications.create

POST /notifications/feature

Requires features: notifications.create

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/notifications/feature" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/notifications/mark-all-read
Auth required

PUT /notifications/mark-all-read

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/notifications/mark-all-read" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/notifications/role
Auth requirednotifications.create

POST /notifications/role

Requires features: notifications.create

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/notifications/role" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/notifications/settings
Auth requirednotifications.manage

GET /notifications/settings

Requires features: notifications.manage

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/notifications/settings" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/notifications/settings
Auth requirednotifications.manage

POST /notifications/settings

Requires features: notifications.manage

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/notifications/settings" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/notifications/unread-count
Auth required

GET /notifications/unread-count

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/notifications/unread-count" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/notifications/{id}/action
Auth required

POST /notifications/{id}/action

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/notifications/:id/action" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/notifications/{id}/dismiss
Auth required

PUT /notifications/{id}/dismiss

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/notifications/:id/dismiss" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/notifications/{id}/read
Auth required

PUT /notifications/{id}/read

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/notifications/:id/read" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/notifications/{id}/restore
Auth required

PUT /notifications/{id}/restore

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/notifications/:id/restore" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Contracts

75 endpoints
GET/contracts/appliances
Auth requiredcontracts.view

List appliances

Returns a paginated collection of appliances scoped to the authenticated organization. Requires features: contracts.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
contractIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated appliances
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "contract_id": "00000000-0000-4000-8000-000000000000",
      "rodzaj": null,
      "firma": null,
      "model": null,
      "cena": "string",
      "rabat": null,
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/appliances?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/contracts/appliances
Auth requiredcontracts.change_krok5

Create appliance

Creates a new appliance entry for a contract. Requires features: contracts.change_krok5

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "contractId": "00000000-0000-4000-8000-000000000000",
  "rodzaj": null,
  "firma": null,
  "model": null,
  "cena": 1,
  "rabat": null
}

Responses

201Appliance created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/contracts/appliances" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"contractId\": \"00000000-0000-4000-8000-000000000000\",
  \"rodzaj\": null,
  \"firma\": null,
  \"model\": null,
  \"cena\": 1,
  \"rabat\": null
}"
PUT/contracts/appliances
Auth requiredcontracts.change_krok5

Update appliance

Updates an appliance entry. Requires features: contracts.change_krok5

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "rodzaj": null,
  "firma": null,
  "model": null,
  "rabat": null
}

Responses

200Appliance updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/contracts/appliances" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"rodzaj\": null,
  \"firma\": null,
  \"model\": null,
  \"rabat\": null
}"
DELETE/contracts/appliances
Auth requiredcontracts.change_krok5

Delete appliance

Deletes an appliance entry by id. Requires features: contracts.change_krok5

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Appliance deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/contracts/appliances" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/contracts/assembly_notes
Auth requiredcontracts.view

List assemblynotess

Returns a paginated collection of assemblynotess scoped to the authenticated organization. Requires features: contracts.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
contractIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated assemblynotess
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "contract_id": "00000000-0000-4000-8000-000000000000",
      "uwagi": "string",
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/assembly_notes?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/contracts/assembly_notes
Auth requiredcontracts.change_krok7

Create assemblynotes

Creates a new assembly note for a contract. Requires features: contracts.change_krok7

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "contractId": "00000000-0000-4000-8000-000000000000",
  "uwagi": "string"
}

Responses

201AssemblyNotes created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/contracts/assembly_notes" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"contractId\": \"00000000-0000-4000-8000-000000000000\",
  \"uwagi\": \"string\"
}"
PUT/contracts/assembly_notes
Auth requiredcontracts.change_krok7

Update assemblynotes

Updates an assembly note. Requires features: contracts.change_krok7

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200AssemblyNotes updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/contracts/assembly_notes" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
DELETE/contracts/assembly_notes
Auth requiredcontracts.change_krok7

Delete assemblynotes

Deletes an assembly note by id. Requires features: contracts.change_krok7

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200AssemblyNotes deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/contracts/assembly_notes" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/contracts/contracts
Auth requiredcontracts.view

List contracts

Returns a paginated collection of contracts scoped to the authenticated organization. Requires features: contracts.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
typqueryNostring
customerIdqueryNostring
rozliczonaqueryNostring
zakonczonaqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated contracts
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "numer": "string",
      "typ": "string",
      "customer_id": "00000000-0000-4000-8000-000000000000",
      "uzytkownik_id": null,
      "data_podpisania": null,
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/contracts?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/contracts/contracts
Auth requiredcontracts.create

Create contract

Creates a new contract. Requires features: contracts.create

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "numer": "string",
  "typ": "kuchnia",
  "customerId": "00000000-0000-4000-8000-000000000000",
  "uzytkownikId": null,
  "dataPodpisania": null,
  "adresZamieszkaniaId": null,
  "adresMontazuId": null,
  "adresFakturyId": null,
  "opis": null,
  "uwagi": null
}

Responses

201Contract created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/contracts/contracts" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"numer\": \"string\",
  \"typ\": \"kuchnia\",
  \"customerId\": \"00000000-0000-4000-8000-000000000000\",
  \"uzytkownikId\": null,
  \"dataPodpisania\": null,
  \"adresZamieszkaniaId\": null,
  \"adresMontazuId\": null,
  \"adresFakturyId\": null,
  \"opis\": null,
  \"uwagi\": null
}"
PUT/contracts/contracts
Auth requiredcontracts.edit

Update contract

Updates an existing contract. Requires features: contracts.edit

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "uzytkownikId": null,
  "dataPodpisania": null,
  "adresZamieszkaniaId": null,
  "adresMontazuId": null,
  "adresFakturyId": null,
  "opis": null,
  "uwagi": null
}

Responses

200Contract updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/contracts/contracts" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"uzytkownikId\": null,
  \"dataPodpisania\": null,
  \"adresZamieszkaniaId\": null,
  \"adresMontazuId\": null,
  \"adresFakturyId\": null,
  \"opis\": null,
  \"uwagi\": null
}"
DELETE/contracts/contracts
Auth requiredcontracts.delete

Delete contract

Deletes a contract by id. Requires features: contracts.delete

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Contract deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/contracts/contracts" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/contracts/contracts/{id}/balance
Auth requiredcontracts.view

Get contract balance

Returns the total valuation, amount paid (confirmed payment methods), and remaining balance. Requires features: contracts.view

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Contract balance
Content-Type: application/json
{
  "suma": 1,
  "zaplacono": 1,
  "doZaplaty": 1
}
500Server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/contracts/:id/balance" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/contracts/contracts/{id}/print/invoice
Auth requiredcontracts.drukuj_faktura

GET /contracts/contracts/{id}/print/invoice

Requires features: contracts.drukuj_faktura

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/contracts/:id/print/invoice" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/contracts/contracts/{id}/print/kp
Auth requiredcontracts.drukuj_kp

GET /contracts/contracts/{id}/print/kp

Requires features: contracts.drukuj_kp

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/contracts/:id/print/kp" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/contracts/contracts/{id}/print/proforma
Auth requiredcontracts.drukuj_proforma

GET /contracts/contracts/{id}/print/proforma

Requires features: contracts.drukuj_proforma

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/contracts/:id/print/proforma" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/contracts/contracts/{id}/print/warranty
Auth requiredcontracts.view

GET /contracts/contracts/{id}/print/warranty

Requires features: contracts.view

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/contracts/:id/print/warranty" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/contracts/contracts/{id}/settle
Auth requiredcontracts.rozlicz_umowa

Settle a contract

Marks a contract as settled (rozliczona). Validates that the balance is zero before settling. Requires features: contracts.rozlicz_umowa

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Contract settled
Content-Type: application/json
{
  "ok": true
}
400Balance not zero or already settled
Content-Type: application/json
{
  "error": "string"
}
404Contract not found
Content-Type: application/json
{
  "error": "string"
}
500Server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/contracts/contracts/:id/settle" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/contracts/contracts/{id}/valuation
Auth requiredcontracts.view

Get contract valuation with computed total

Returns the valuation breakdown (meble, dodatki, sprzet), the computed sum, and the amount in Polish words. Requires features: contracts.view

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Valuation summary
Content-Type: application/json
{
  "meble": 1,
  "dodatki": 1,
  "sprzet": 1,
  "suma": 1,
  "slownie": "string"
}
500Server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/contracts/:id/valuation" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/contracts/fronts
Auth requiredcontracts.view

List fronts

Returns a paginated collection of fronts scoped to the authenticated organization. Requires features: contracts.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
contractIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated fronts
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "contract_id": "00000000-0000-4000-8000-000000000000",
      "typ": null,
      "material": null,
      "kolor": null,
      "uslojenie": null,
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/fronts?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/contracts/fronts
Auth requiredcontracts.change_krok1

Create front

Creates a new front config for a contract. Requires features: contracts.change_krok1

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "contractId": "00000000-0000-4000-8000-000000000000",
  "typ": null,
  "material": null,
  "kolor": null,
  "uslojenie": null
}

Responses

201Front created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/contracts/fronts" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"contractId\": \"00000000-0000-4000-8000-000000000000\",
  \"typ\": null,
  \"material\": null,
  \"kolor\": null,
  \"uslojenie\": null
}"
PUT/contracts/fronts
Auth requiredcontracts.change_krok1

Update front

Updates a front config. Requires features: contracts.change_krok1

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "typ": null,
  "material": null,
  "kolor": null,
  "uslojenie": null
}

Responses

200Front updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/contracts/fronts" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"typ\": null,
  \"material\": null,
  \"kolor\": null,
  \"uslojenie\": null
}"
DELETE/contracts/fronts
Auth requiredcontracts.change_krok1

Delete front

Deletes a front config by id. Requires features: contracts.change_krok1

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Front deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/contracts/fronts" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/contracts/furniture
Auth requiredcontracts.view

List furnitures

Returns a paginated collection of furnitures scoped to the authenticated organization. Requires features: contracts.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
contractIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated furnitures
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "contract_id": "00000000-0000-4000-8000-000000000000",
      "grupa_meblowa": null,
      "korpus": null,
      "pcv": null,
      "boki": null,
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/furniture?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/contracts/furniture
Auth requiredcontracts.change_krok1

Create furniture

Creates a new furniture config for a contract. Requires features: contracts.change_krok1

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "contractId": "00000000-0000-4000-8000-000000000000",
  "grupaMeblowa": null,
  "korpus": null,
  "pcv": null,
  "boki": null
}

Responses

201Furniture created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/contracts/furniture" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"contractId\": \"00000000-0000-4000-8000-000000000000\",
  \"grupaMeblowa\": null,
  \"korpus\": null,
  \"pcv\": null,
  \"boki\": null
}"
PUT/contracts/furniture
Auth requiredcontracts.change_krok1

Update furniture

Updates a furniture config. Requires features: contracts.change_krok1

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "grupaMeblowa": null,
  "korpus": null,
  "pcv": null,
  "boki": null
}

Responses

200Furniture updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/contracts/furniture" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"grupaMeblowa\": null,
  \"korpus\": null,
  \"pcv\": null,
  \"boki\": null
}"
DELETE/contracts/furniture
Auth requiredcontracts.change_krok1

Delete furniture

Deletes a furniture config by id. Requires features: contracts.change_krok1

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Furniture deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/contracts/furniture" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/contracts/handles
Auth requiredcontracts.view

List handles

Returns a paginated collection of handles scoped to the authenticated organization. Requires features: contracts.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
contractIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated handles
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "contract_id": "00000000-0000-4000-8000-000000000000",
      "typ": null,
      "kolor": null,
      "dlugosc": null,
      "sztuk": null,
      "uwagi": null,
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/handles?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/contracts/handles
Auth requiredcontracts.change_krok1

Create handle

Creates a new handle config for a contract. Requires features: contracts.change_krok1

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "contractId": "00000000-0000-4000-8000-000000000000",
  "typ": null,
  "kolor": null,
  "dlugosc": null,
  "sztuk": null,
  "uwagi": null
}

Responses

201Handle created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/contracts/handles" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"contractId\": \"00000000-0000-4000-8000-000000000000\",
  \"typ\": null,
  \"kolor\": null,
  \"dlugosc\": null,
  \"sztuk\": null,
  \"uwagi\": null
}"
PUT/contracts/handles
Auth requiredcontracts.change_krok1

Update handle

Updates a handle config. Requires features: contracts.change_krok1

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "typ": null,
  "kolor": null,
  "dlugosc": null,
  "sztuk": null,
  "uwagi": null
}

Responses

200Handle updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/contracts/handles" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"typ\": null,
  \"kolor\": null,
  \"dlugosc\": null,
  \"sztuk\": null,
  \"uwagi\": null
}"
DELETE/contracts/handles
Auth requiredcontracts.change_krok1

Delete handle

Deletes a handle config by id. Requires features: contracts.change_krok1

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Handle deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/contracts/handles" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/contracts/installation_dates
Auth requiredcontracts.view

List installationdates

Returns a paginated collection of installationdates scoped to the authenticated organization. Requires features: contracts.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
contractIdqueryNostring
idqueryNostring
sortFieldqueryNostring
sortDirqueryNostring

Responses

200Paginated installationdates
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "contract_id": "00000000-0000-4000-8000-000000000000",
      "data": "string",
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/installation_dates?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/contracts/installation_dates
Auth requiredcontracts.create

Create installationdate

Creates a new installation date for a contract. Requires features: contracts.create

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "contractId": "00000000-0000-4000-8000-000000000000",
  "data": "2025-01-01T00:00:00.000Z"
}

Responses

201InstallationDate created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/contracts/installation_dates" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"contractId\": \"00000000-0000-4000-8000-000000000000\",
  \"data\": \"2025-01-01T00:00:00.000Z\"
}"
DELETE/contracts/installation_dates
Auth requiredcontracts.delete

Delete installationdate

Deletes an installation date by id. Requires features: contracts.delete

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200InstallationDate deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/contracts/installation_dates" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/contracts/payment_methods
Auth requiredcontracts.view

List paymentmethods

Returns a paginated collection of paymentmethods scoped to the authenticated organization. Requires features: contracts.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
contractIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated paymentmethods
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "contract_id": "00000000-0000-4000-8000-000000000000",
      "typ": "string",
      "rodzaj": "string",
      "cena": "string",
      "data": null,
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/payment_methods?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/contracts/payment_methods
Auth requiredcontracts.change_krok6

Create paymentmethod

Creates a new payment method for a contract. Requires features: contracts.change_krok6

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "contractId": "00000000-0000-4000-8000-000000000000",
  "typ": "Zadatek",
  "rodzaj": "gotowka",
  "cena": 1,
  "data": null
}

Responses

201PaymentMethod created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/contracts/payment_methods" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"contractId\": \"00000000-0000-4000-8000-000000000000\",
  \"typ\": \"Zadatek\",
  \"rodzaj\": \"gotowka\",
  \"cena\": 1,
  \"data\": null
}"
PUT/contracts/payment_methods
Auth requiredcontracts.change_krok6

Update paymentmethod

Updates a payment method. Requires features: contracts.change_krok6

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "data": null
}

Responses

200PaymentMethod updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/contracts/payment_methods" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"data\": null
}"
DELETE/contracts/payment_methods
Auth requiredcontracts.change_krok6

Delete paymentmethod

Deletes a payment method by id. Requires features: contracts.change_krok6

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200PaymentMethod deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/contracts/payment_methods" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/contracts/planned_payments
Auth requiredcontracts.view

List plannedpayments

Returns a paginated collection of plannedpayments scoped to the authenticated organization. Requires features: contracts.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
contractIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated plannedpayments
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "contract_id": "00000000-0000-4000-8000-000000000000",
      "typ": "string",
      "rodzaj": "string",
      "cena": "string",
      "data": null,
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/planned_payments?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/contracts/planned_payments
Auth requiredcontracts.change_krok8

Create plannedpayment

Creates a new planned payment for a contract. Requires features: contracts.change_krok8

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "contractId": "00000000-0000-4000-8000-000000000000",
  "typ": "string",
  "rodzaj": "string",
  "cena": 1,
  "data": null
}

Responses

201PlannedPayment created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/contracts/planned_payments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"contractId\": \"00000000-0000-4000-8000-000000000000\",
  \"typ\": \"string\",
  \"rodzaj\": \"string\",
  \"cena\": 1,
  \"data\": null
}"
PUT/contracts/planned_payments
Auth requiredcontracts.change_krok8

Update plannedpayment

Updates a planned payment. Requires features: contracts.change_krok8

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "data": null
}

Responses

200PlannedPayment updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/contracts/planned_payments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"data\": null
}"
DELETE/contracts/planned_payments
Auth requiredcontracts.change_krok8

Delete plannedpayment

Deletes a planned payment by id. Requires features: contracts.change_krok8

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200PlannedPayment deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/contracts/planned_payments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/contracts/purchase_orders
Auth requiredcontracts.view

List purchaseorders

Returns a paginated collection of purchaseorders scoped to the authenticated organization. Requires features: contracts.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
contractIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated purchaseorders
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "contract_id": "00000000-0000-4000-8000-000000000000",
      "nazwa": "string",
      "ilosc": 1,
      "jednostka": null,
      "dostawca": null,
      "data_wyslania": null,
      "data_odbioru": null,
      "nr_faktury": null,
      "komentarz": null,
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/purchase_orders?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/contracts/purchase_orders
Auth requiredcontracts.purchase_orders.manage

Create purchaseorder

Creates a new purchase order for a contract. Requires features: contracts.purchase_orders.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "contractId": "00000000-0000-4000-8000-000000000000",
  "nazwa": "string",
  "ilosc": 1,
  "jednostka": null,
  "dostawca": null,
  "dataWyslania": null,
  "dataOdbioru": null,
  "nrFaktury": null,
  "komentarz": null
}

Responses

201PurchaseOrder created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/contracts/purchase_orders" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"contractId\": \"00000000-0000-4000-8000-000000000000\",
  \"nazwa\": \"string\",
  \"ilosc\": 1,
  \"jednostka\": null,
  \"dostawca\": null,
  \"dataWyslania\": null,
  \"dataOdbioru\": null,
  \"nrFaktury\": null,
  \"komentarz\": null
}"
PUT/contracts/purchase_orders
Auth requiredcontracts.purchase_orders.manage

Update purchaseorder

Updates a purchase order. Requires features: contracts.purchase_orders.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "jednostka": null,
  "dostawca": null,
  "dataWyslania": null,
  "dataOdbioru": null,
  "nrFaktury": null,
  "komentarz": null
}

Responses

200PurchaseOrder updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/contracts/purchase_orders" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"jednostka\": null,
  \"dostawca\": null,
  \"dataWyslania\": null,
  \"dataOdbioru\": null,
  \"nrFaktury\": null,
  \"komentarz\": null
}"
DELETE/contracts/purchase_orders
Auth requiredcontracts.purchase_orders.manage

Delete purchaseorder

Deletes a purchase order by id. Requires features: contracts.purchase_orders.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200PurchaseOrder deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/contracts/purchase_orders" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/contracts/stats
Auth requiredcontracts.view

Get contract statistics

Returns aggregated contract statistics for the dashboard widget. Requires features: contracts.view

Responses

200Contract statistics
Content-Type: application/json
{
  "total": 1,
  "active": 1,
  "completed": 1,
  "settled": 1
}
500Server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/stats" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/contracts/text_attachments
Auth requiredcontracts.view

List textattachments

Returns a paginated collection of textattachments scoped to the authenticated organization. Requires features: contracts.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
contractIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated textattachments
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "contract_id": "00000000-0000-4000-8000-000000000000",
      "template_id": "00000000-0000-4000-8000-000000000000",
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/text_attachments?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/contracts/text_attachments
Auth requiredcontracts.change_krok8

Create textattachment

Creates a new text attachment for a contract. Requires features: contracts.change_krok8

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "contractId": "00000000-0000-4000-8000-000000000000",
  "templateId": "00000000-0000-4000-8000-000000000000"
}

Responses

201TextAttachment created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/contracts/text_attachments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"contractId\": \"00000000-0000-4000-8000-000000000000\",
  \"templateId\": \"00000000-0000-4000-8000-000000000000\"
}"
PUT/contracts/text_attachments
Auth requiredcontracts.change_krok8

Update textattachment

Updates a text attachment. Requires features: contracts.change_krok8

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200TextAttachment updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/contracts/text_attachments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
DELETE/contracts/text_attachments
Auth requiredcontracts.change_krok8

Delete textattachment

Deletes a text attachment by id. Requires features: contracts.change_krok8

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200TextAttachment deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/contracts/text_attachments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/contracts/text_templates
Auth requiredcontracts.view

List texttemplates

Returns a paginated collection of texttemplates scoped to the authenticated organization. Requires features: contracts.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated texttemplates
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "nazwa": "string",
      "tresc": "string",
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/text_templates?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/contracts/text_templates
Auth requiredcontracts.change_krok8

Create texttemplate

Creates a new text template. Requires features: contracts.change_krok8

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "nazwa": "string",
  "tresc": "string"
}

Responses

201TextTemplate created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/contracts/text_templates" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"nazwa\": \"string\",
  \"tresc\": \"string\"
}"
PUT/contracts/text_templates
Auth requiredcontracts.change_krok8

Update texttemplate

Updates a text template. Requires features: contracts.change_krok8

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200TextTemplate updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/contracts/text_templates" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
DELETE/contracts/text_templates
Auth requiredcontracts.change_krok8

Delete texttemplate

Deletes a text template by id. Requires features: contracts.change_krok8

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200TextTemplate deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/contracts/text_templates" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/contracts/valuations
Auth requiredcontracts.view

List valuations

Returns a paginated collection of valuations scoped to the authenticated organization. Requires features: contracts.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
contractIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated valuations
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "contract_id": "00000000-0000-4000-8000-000000000000",
      "meble": "string",
      "dodatki": "string",
      "sprzet": "string",
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/valuations?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/contracts/valuations
Auth requiredcontracts.change_krok6

Create valuation

Creates a new valuation for a contract. Requires features: contracts.change_krok6

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "contractId": "00000000-0000-4000-8000-000000000000"
}

Responses

201Valuation created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/contracts/valuations" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"contractId\": \"00000000-0000-4000-8000-000000000000\"
}"
PUT/contracts/valuations
Auth requiredcontracts.change_krok6

Update valuation

Updates a valuation. Requires features: contracts.change_krok6

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Valuation updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/contracts/valuations" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
DELETE/contracts/valuations
Auth requiredcontracts.change_krok6

Delete valuation

Deletes a valuation by id. Requires features: contracts.change_krok6

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Valuation deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/contracts/valuations" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/contracts/vitrines
Auth requiredcontracts.view

List vitrines

Returns a paginated collection of vitrines scoped to the authenticated organization. Requires features: contracts.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
contractIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated vitrines
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "contract_id": "00000000-0000-4000-8000-000000000000",
      "typ_ramy": null,
      "kolor_ramy": null,
      "szyba": null,
      "kolor_szyby": null,
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/vitrines?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/contracts/vitrines
Auth requiredcontracts.change_krok1

Create vitrine

Creates a new vitrine config for a contract. Requires features: contracts.change_krok1

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "contractId": "00000000-0000-4000-8000-000000000000",
  "typRamy": null,
  "kolorRamy": null,
  "szyba": null,
  "kolorSzyby": null
}

Responses

201Vitrine created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/contracts/vitrines" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"contractId\": \"00000000-0000-4000-8000-000000000000\",
  \"typRamy\": null,
  \"kolorRamy\": null,
  \"szyba\": null,
  \"kolorSzyby\": null
}"
PUT/contracts/vitrines
Auth requiredcontracts.change_krok1

Update vitrine

Updates a vitrine config. Requires features: contracts.change_krok1

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "typRamy": null,
  "kolorRamy": null,
  "szyba": null,
  "kolorSzyby": null
}

Responses

200Vitrine updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/contracts/vitrines" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"typRamy\": null,
  \"kolorRamy\": null,
  \"szyba\": null,
  \"kolorSzyby\": null
}"
DELETE/contracts/vitrines
Auth requiredcontracts.change_krok1

Delete vitrine

Deletes a vitrine config by id. Requires features: contracts.change_krok1

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Vitrine deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/contracts/vitrines" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/contracts/work_ratings
Auth requiredcontracts.view

List workratings

Returns a paginated collection of workratings scoped to the authenticated organization. Requires features: contracts.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
contractIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated workratings
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "contract_id": "00000000-0000-4000-8000-000000000000",
      "uzytkownik_id": "00000000-0000-4000-8000-000000000000",
      "kwota": "string",
      "ocena": 1,
      "komentarz": null,
      "typ_pracownika": "string",
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/work_ratings?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/contracts/work_ratings
Auth requiredcontracts.change_krok7

Create workrating

Creates a new work rating for a contract. Requires features: contracts.change_krok7

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "contractId": "00000000-0000-4000-8000-000000000000",
  "uzytkownikId": "00000000-0000-4000-8000-000000000000",
  "kwota": 1,
  "ocena": 1,
  "komentarz": null,
  "typPracownika": "montazysta"
}

Responses

201WorkRating created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/contracts/work_ratings" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"contractId\": \"00000000-0000-4000-8000-000000000000\",
  \"uzytkownikId\": \"00000000-0000-4000-8000-000000000000\",
  \"kwota\": 1,
  \"ocena\": 1,
  \"komentarz\": null,
  \"typPracownika\": \"montazysta\"
}"
PUT/contracts/work_ratings
Auth requiredcontracts.change_krok7

Update workrating

Updates a work rating. Requires features: contracts.change_krok7

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "komentarz": null
}

Responses

200WorkRating updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/contracts/work_ratings" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"komentarz\": null
}"
DELETE/contracts/work_ratings
Auth requiredcontracts.change_krok7

Delete workrating

Deletes a work rating by id. Requires features: contracts.change_krok7

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200WorkRating deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/contracts/work_ratings" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/contracts/worker_assignments
Auth requiredcontracts.view

List workerassignments

Returns a paginated collection of workerassignments scoped to the authenticated organization. Requires features: contracts.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
contractIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated workerassignments
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "contract_id": "00000000-0000-4000-8000-000000000000",
      "uzytkownik_id": "00000000-0000-4000-8000-000000000000",
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/worker_assignments?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/contracts/worker_assignments
Auth requiredcontracts.change_krok7

Create workerassignment

Creates a new worker assignment for a contract. Requires features: contracts.change_krok7

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "contractId": "00000000-0000-4000-8000-000000000000",
  "uzytkownikId": "00000000-0000-4000-8000-000000000000"
}

Responses

201WorkerAssignment created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/contracts/worker_assignments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"contractId\": \"00000000-0000-4000-8000-000000000000\",
  \"uzytkownikId\": \"00000000-0000-4000-8000-000000000000\"
}"
PUT/contracts/worker_assignments
Auth requiredcontracts.change_krok7

Update workerassignment

Updates a worker assignment. Requires features: contracts.change_krok7

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200WorkerAssignment updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/contracts/worker_assignments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
DELETE/contracts/worker_assignments
Auth requiredcontracts.change_krok7

Delete workerassignment

Deletes a worker assignment by id. Requires features: contracts.change_krok7

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200WorkerAssignment deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/contracts/worker_assignments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/contracts/worker_profiles
Auth requiredcontracts.view

List workerprofiles

Returns a paginated collection of workerprofiles scoped to the authenticated organization. Requires features: contracts.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
userIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated workerprofiles
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "user_id": "00000000-0000-4000-8000-000000000000",
      "notatnik": null,
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contracts/worker_profiles?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/contracts/worker_profiles
Auth requiredcontracts.workers.manage

Create workerprofile

Creates a new worker profile. Requires features: contracts.workers.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "userId": "00000000-0000-4000-8000-000000000000",
  "notatnik": null
}

Responses

201WorkerProfile created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/contracts/worker_profiles" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"userId\": \"00000000-0000-4000-8000-000000000000\",
  \"notatnik\": null
}"
PUT/contracts/worker_profiles
Auth requiredcontracts.workers.manage

Update workerprofile

Updates a worker profile. Requires features: contracts.workers.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "notatnik": null
}

Responses

200WorkerProfile updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/contracts/worker_profiles" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"notatnik\": null
}"
DELETE/contracts/worker_profiles
Auth requiredcontracts.workers.manage

Delete workerprofile

Deletes a worker profile by id. Requires features: contracts.workers.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200WorkerProfile deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/contracts/worker_profiles" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"

Warehouse

12 endpoints
GET/warehouse/goods_issues
Auth requiredwarehouse.view

List goodsissues

Returns a paginated collection of goodsissues scoped to the authenticated organization. Requires features: warehouse.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
contractIdqueryNostring
locationIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated goodsissues
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "contract_id": "00000000-0000-4000-8000-000000000000",
      "nr": "string",
      "data": null,
      "kwota": "string",
      "location_id": "00000000-0000-4000-8000-000000000000",
      "uwagi": null,
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/warehouse/goods_issues?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/warehouse/goods_issues
Auth requiredwarehouse.create

Create goodsissue

Creates a new goods issue (WZ) document. Requires features: warehouse.create

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "contractId": "00000000-0000-4000-8000-000000000000",
  "nr": "string",
  "data": "2025-01-01T00:00:00.000Z",
  "kwota": "string",
  "locationId": "00000000-0000-4000-8000-000000000000",
  "uwagi": null
}

Responses

201GoodsIssue created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/warehouse/goods_issues" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"contractId\": \"00000000-0000-4000-8000-000000000000\",
  \"nr\": \"string\",
  \"data\": \"2025-01-01T00:00:00.000Z\",
  \"kwota\": \"string\",
  \"locationId\": \"00000000-0000-4000-8000-000000000000\",
  \"uwagi\": null
}"
PUT/warehouse/goods_issues
Auth requiredwarehouse.edit

Update goodsissue

Updates an existing goods issue (WZ) document. Requires features: warehouse.edit

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "uwagi": null
}

Responses

200GoodsIssue updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/warehouse/goods_issues" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"uwagi\": null
}"
DELETE/warehouse/goods_issues
Auth requiredwarehouse.delete

Delete goodsissue

Deletes a goods issue (WZ) document by id. Requires features: warehouse.delete

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200GoodsIssue deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/warehouse/goods_issues" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/warehouse/locations
Auth requiredwarehouse.view

List locations

Returns a paginated collection of locations scoped to the authenticated organization. Requires features: warehouse.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated locations
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "nazwa": "string",
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/warehouse/locations?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/warehouse/locations
Auth requiredwarehouse.create

Create location

Creates a new warehouse location. Requires features: warehouse.create

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "nazwa": "string"
}

Responses

201Location created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/warehouse/locations" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"nazwa\": \"string\"
}"
PUT/warehouse/locations
Auth requiredwarehouse.edit

Update location

Updates an existing warehouse location. Requires features: warehouse.edit

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Location updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/warehouse/locations" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
DELETE/warehouse/locations
Auth requiredwarehouse.delete

Delete location

Deletes a warehouse location by id. Requires features: warehouse.delete

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Location deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/warehouse/locations" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/warehouse/materials
Auth requiredwarehouse.view

List materials

Returns a paginated collection of materials scoped to the authenticated organization. Requires features: warehouse.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
typqueryNostring
contractIdqueryNostring
calaqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated materials
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "typ": "string",
      "producent": "string",
      "symbol": "string",
      "dlugosc": 1,
      "szerokosc": 1,
      "grubosc": null,
      "cala": true,
      "pozostalo": null,
      "ilosc": 1,
      "contract_id": null,
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/warehouse/materials?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/warehouse/materials
Auth requiredwarehouse.materials.manage

Create material

Creates a new warehouse material. Requires features: warehouse.materials.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "typ": "string",
  "producent": "string",
  "symbol": "string",
  "dlugosc": 1,
  "szerokosc": 1,
  "grubosc": null,
  "uwagi": null,
  "contractId": null,
  "cala": true,
  "pozostalo": null,
  "ilosc": 1,
  "legacyId": null
}

Responses

201Material created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/warehouse/materials" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"typ\": \"string\",
  \"producent\": \"string\",
  \"symbol\": \"string\",
  \"dlugosc\": 1,
  \"szerokosc\": 1,
  \"grubosc\": null,
  \"uwagi\": null,
  \"contractId\": null,
  \"cala\": true,
  \"pozostalo\": null,
  \"ilosc\": 1,
  \"legacyId\": null
}"
PUT/warehouse/materials
Auth requiredwarehouse.materials.manage

Update material

Updates an existing warehouse material. Requires features: warehouse.materials.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "grubosc": null,
  "uwagi": null,
  "contractId": null,
  "pozostalo": null,
  "legacyId": null
}

Responses

200Material updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/warehouse/materials" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"grubosc\": null,
  \"uwagi\": null,
  \"contractId\": null,
  \"pozostalo\": null,
  \"legacyId\": null
}"
DELETE/warehouse/materials
Auth requiredwarehouse.delete

Delete material

Deletes a warehouse material by id. Requires features: warehouse.delete

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Material deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/warehouse/materials" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"

Finance

14 endpoints
GET/finance/approvals
Auth requiredfinance.view

List approvals

Returns a paginated collection of approvals scoped to the authenticated organization. Requires features: finance.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
transactionIdqueryNostring
reviewerIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated approvals
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "transaction_id": "00000000-0000-4000-8000-000000000000",
      "reviewer_id": "00000000-0000-4000-8000-000000000000",
      "komentarz": null,
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/finance/approvals?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/finance/approvals
Auth requiredfinance.approve

Create approval

Creates a new approval queue entry. Requires features: finance.approve

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "transactionId": "00000000-0000-4000-8000-000000000000",
  "reviewerId": "00000000-0000-4000-8000-000000000000",
  "komentarz": null
}

Responses

201Approval created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/finance/approvals" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"transactionId\": \"00000000-0000-4000-8000-000000000000\",
  \"reviewerId\": \"00000000-0000-4000-8000-000000000000\",
  \"komentarz\": null
}"
PUT/finance/approvals
Auth requiredfinance.approve

Update approval

Updates an existing approval queue entry. Requires features: finance.approve

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "komentarz": null
}

Responses

200Approval updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/finance/approvals" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"komentarz\": null
}"
DELETE/finance/approvals
Auth requiredfinance.approve

Delete approval

Deletes an approval queue entry by id. Requires features: finance.approve

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Approval deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/finance/approvals" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
POST/finance/inter_cash_transfer
Auth requiredfinance.inter_cash_transfer

POST /finance/inter_cash_transfer

Requires features: finance.inter_cash_transfer

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/finance/inter_cash_transfer" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/finance/stats
Auth requiredfinance.view

Get finance summary statistics

Returns aggregated finance statistics (income, expense, balance) for the dashboard widget. Requires features: finance.view

Responses

200Finance statistics
Content-Type: application/json
{
  "income": 1,
  "expense": 1,
  "balance": 1,
  "pendingApprovals": 1
}
500Server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/finance/stats" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/finance/transactions
Auth requiredfinance.view

List transactions

Returns a paginated collection of transactions scoped to the authenticated organization. Requires features: finance.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
typqueryNostring
rodzajqueryNostring
kategoriaqueryNostring
oczekujequeryNostring
contractIdqueryNostring
dateFromqueryNostring
dateToqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated transactions
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "nazwa": "string",
      "kwota": "string",
      "typ": "string",
      "rodzaj": "string",
      "data": null,
      "kategoria": null,
      "contract_id": null,
      "uzytkownik_id": null,
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/finance/transactions?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/finance/transactions
Auth requiredfinance.create

Create transaction

Creates a new financial transaction. Requires features: finance.create

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "uzytkownikId": null,
  "data": "2025-01-01T00:00:00.000Z",
  "kwota": 1,
  "nazwa": "string",
  "komentarz": null,
  "typ": "przychod",
  "rodzaj": "gotowka",
  "kategoria": null,
  "contractId": null,
  "linkedEntityType": null,
  "linkedEntityId": null
}

Responses

201Transaction created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/finance/transactions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"uzytkownikId\": null,
  \"data\": \"2025-01-01T00:00:00.000Z\",
  \"kwota\": 1,
  \"nazwa\": \"string\",
  \"komentarz\": null,
  \"typ\": \"przychod\",
  \"rodzaj\": \"gotowka\",
  \"kategoria\": null,
  \"contractId\": null,
  \"linkedEntityType\": null,
  \"linkedEntityId\": null
}"
PUT/finance/transactions
Auth requiredfinance.edit

Update transaction

Updates an existing financial transaction. Requires features: finance.edit

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "uzytkownikId": null,
  "komentarz": null,
  "kategoria": null,
  "contractId": null,
  "linkedEntityType": null,
  "linkedEntityId": null
}

Responses

200Transaction updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/finance/transactions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"uzytkownikId\": null,
  \"komentarz\": null,
  \"kategoria\": null,
  \"contractId\": null,
  \"linkedEntityType\": null,
  \"linkedEntityId\": null
}"
DELETE/finance/transactions
Auth requiredfinance.delete

Delete transaction

Deletes a financial transaction by id. Requires features: finance.delete

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Transaction deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/finance/transactions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
POST/finance/transactions/{id}/approve
Auth requiredfinance.approve

POST /finance/transactions/{id}/approve

Requires features: finance.approve

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/finance/transactions/:id/approve" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/finance/transfer
Auth requiredfinance.transfer

POST /finance/transfer

Requires features: finance.transfer

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/finance/transfer" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/finance/transfer/{id}/accept
Auth requiredfinance.transfer

POST /finance/transfer/{id}/accept

Requires features: finance.transfer

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/finance/transfer/:id/accept" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/finance/transfer/{id}/reject
Auth requiredfinance.transfer

POST /finance/transfer/{id}/reject

Requires features: finance.transfer

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/finance/transfer/:id/reject" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Calendar

10 endpoints
GET/calendar/blocked_days
Auth requiredcalendar.view

List blockeddays

Returns a paginated collection of blockeddays scoped to the authenticated organization. Requires features: calendar.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated blockeddays
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "dzien": "string",
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/calendar/blocked_days?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/calendar/blocked_days
Auth requiredcalendar.blocked_days.manage

Create blockedday

Creates a new blocked day. Requires features: calendar.blocked_days.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "dzien": "2025-01-01T00:00:00.000Z"
}

Responses

201BlockedDay created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/calendar/blocked_days" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"dzien\": \"2025-01-01T00:00:00.000Z\"
}"
DELETE/calendar/blocked_days
Auth requiredcalendar.blocked_days.manage

Delete blockedday

Deletes a blocked day by id. Requires features: calendar.blocked_days.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200BlockedDay deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/calendar/blocked_days" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/calendar/events
Auth requiredcalendar.view

List calendarevents

Returns a paginated collection of calendarevents scoped to the authenticated organization. Requires features: calendar.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
typqueryNostring
pracownikIdqueryNostring
contractIdqueryNostring
customerIdqueryNostring
dateFromqueryNostring
dateToqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated calendarevents
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "pracownik_id": "00000000-0000-4000-8000-000000000000",
      "data": "string",
      "typ": "string",
      "opis": null,
      "opcje": null,
      "contract_id": null,
      "customer_id": null,
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/calendar/events?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/calendar/events
Auth requiredcalendar.create

Create calendarevent

Creates a new calendar event. Requires features: calendar.create

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "pracownikId": "00000000-0000-4000-8000-000000000000",
  "data": "2025-01-01T00:00:00.000Z",
  "typ": "montaz_kuchni",
  "opis": null,
  "opcje": null,
  "contractId": null,
  "customerId": null
}

Responses

201CalendarEvent created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/calendar/events" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"pracownikId\": \"00000000-0000-4000-8000-000000000000\",
  \"data\": \"2025-01-01T00:00:00.000Z\",
  \"typ\": \"montaz_kuchni\",
  \"opis\": null,
  \"opcje\": null,
  \"contractId\": null,
  \"customerId\": null
}"
PUT/calendar/events
Auth requiredcalendar.edit

Update calendarevent

Updates an existing calendar event. Requires features: calendar.edit

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "opis": null,
  "opcje": null,
  "contractId": null,
  "customerId": null
}

Responses

200CalendarEvent updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/calendar/events" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"opis\": null,
  \"opcje\": null,
  \"contractId\": null,
  \"customerId\": null
}"
DELETE/calendar/events
Auth requiredcalendar.delete

Delete calendarevent

Deletes a calendar event by id. Requires features: calendar.delete

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200CalendarEvent deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/calendar/events" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/calendar/reschedules
Auth requiredcalendar.view

List calendarreschedules

Returns a paginated collection of calendarreschedules scoped to the authenticated organization. Requires features: calendar.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
fromEventIdqueryNostring
toEventIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated calendarreschedules
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "from_event_id": "00000000-0000-4000-8000-000000000000",
      "to_event_id": "00000000-0000-4000-8000-000000000000",
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/calendar/reschedules?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/calendar/reschedules
Auth requiredcalendar.reschedules.manage

Create calendarreschedule

Creates a new calendar reschedule record. Requires features: calendar.reschedules.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "fromEventId": "00000000-0000-4000-8000-000000000000",
  "toEventId": "00000000-0000-4000-8000-000000000000"
}

Responses

201CalendarReschedule created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/calendar/reschedules" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"fromEventId\": \"00000000-0000-4000-8000-000000000000\",
  \"toEventId\": \"00000000-0000-4000-8000-000000000000\"
}"
DELETE/calendar/reschedules
Auth requiredcalendar.reschedules.manage

Delete calendarreschedule

Deletes a calendar reschedule by id. Requires features: calendar.reschedules.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200CalendarReschedule deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/calendar/reschedules" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"

Measurements

5 endpoints
GET/measurements/measurements
Auth requiredmeasurements.view

List measurements

Returns a paginated collection of measurements scoped to the authenticated organization. Requires features: measurements.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
customerIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated measurements
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "customer_id": "00000000-0000-4000-8000-000000000000",
      "uzytkownik_id": null,
      "adres_id": null,
      "kwota": "string",
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/measurements/measurements?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/measurements/measurements
Auth requiredmeasurements.create

Create measurement

Creates a new measurement. Requires features: measurements.create

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "uzytkownikId": null,
  "customerId": "00000000-0000-4000-8000-000000000000",
  "adresId": null,
  "kwota": 1
}

Responses

201Measurement created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/measurements/measurements" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"uzytkownikId\": null,
  \"customerId\": \"00000000-0000-4000-8000-000000000000\",
  \"adresId\": null,
  \"kwota\": 1
}"
PUT/measurements/measurements
Auth requiredmeasurements.edit

Update measurement

Updates an existing measurement. Requires features: measurements.edit

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "uzytkownikId": null,
  "adresId": null
}

Responses

200Measurement updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/measurements/measurements" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"uzytkownikId\": null,
  \"adresId\": null
}"
DELETE/measurements/measurements
Auth requiredmeasurements.delete

Delete measurement

Deletes a measurement by id. Requires features: measurements.delete

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Measurement deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/measurements/measurements" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
POST/measurements/measurements/{id}/approve
Auth requiredmeasurements.approve

Approve a measurement and create a linked finance transaction

Creates a FinanceTransaction linked to the measurement with linkedEntityType="measurement". Requires features: measurements.approve

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Measurement approved
Content-Type: application/json
{
  "transactionId": "00000000-0000-4000-8000-000000000000"
}
404Measurement not found
Content-Type: application/json
{
  "error": "string"
}
500Server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/measurements/measurements/:id/approve" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Messaging

3 endpoints
GET/messaging/messages
Auth requiredmessaging.view

List messages

Returns a paginated collection of messages scoped to the authenticated organization. Requires features: messaging.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
senderIdqueryNostring
recipientIdqueryNostring
przeczytanaqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring

Responses

200Paginated messages
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "sender_id": "00000000-0000-4000-8000-000000000000",
      "recipient_id": "00000000-0000-4000-8000-000000000000",
      "temat": "string",
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/messaging/messages?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/messaging/messages
Auth requiredmessaging.create

Create message

Sends a new message. Requires features: messaging.create

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "senderId": "00000000-0000-4000-8000-000000000000",
  "recipientId": "00000000-0000-4000-8000-000000000000",
  "temat": "string",
  "tresc": "string"
}

Responses

201Message created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/messaging/messages" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"senderId\": \"00000000-0000-4000-8000-000000000000\",
  \"recipientId\": \"00000000-0000-4000-8000-000000000000\",
  \"temat\": \"string\",
  \"tresc\": \"string\"
}"
DELETE/messaging/messages
Auth requiredmessaging.delete

Delete message

Deletes a message by id. Requires features: messaging.delete

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Message deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/messaging/messages" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"

Contacts

1 endpoints
GET/contacts/contacts
Auth requiredcontacts.view

List all contacts (people + companies)

Returns a paginated list of all customer entities regardless of type, with full-text search across people and company fields. Requires features: contacts.view

Responses

200Paginated contacts list
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "display_name": "string",
      "primary_email": null,
      "primary_phone": null,
      "status": null,
      "lifecycle_stage": null,
      "source": null,
      "kind": "person",
      "created_at": "string"
    }
  ],
  "total": 1,
  "page": 1,
  "totalPages": 1
}
500Server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/contacts/contacts" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Customers

45 endpoints
GET/customers/activities
Auth requiredcustomers.activities.view

List activitys

Returns a paginated collection of activitys scoped to the authenticated organization. Requires features: customers.activities.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
entityIdqueryNostring
dealIdqueryNostring
activityTypequeryNostring
sortFieldqueryNostring
sortDirqueryNostring

Responses

200Paginated activitys
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "entityId": null,
      "dealId": null,
      "activityType": "string",
      "subject": null,
      "body": null,
      "occurredAt": null,
      "createdAt": null,
      "authorUserId": null,
      "organizationId": null,
      "tenantId": null,
      "activityTypeLabel": null,
      "authorName": null,
      "authorEmail": null,
      "appearanceIcon": null,
      "appearanceColor": null,
      "dealTitle": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/customers/activities?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/customers/activities
Auth requiredcustomers.activities.manage

Create activity

Creates a timeline activity linked to an entity or deal. Requires features: customers.activities.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000",
  "activityType": "string",
  "appearanceIcon": null,
  "appearanceColor": null
}

Responses

201Activity created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/customers/activities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"entityId\": \"00000000-0000-4000-8000-000000000000\",
  \"activityType\": \"string\",
  \"appearanceIcon\": null,
  \"appearanceColor\": null
}"
PUT/customers/activities
Auth requiredcustomers.activities.manage

Update activity

Updates subject, body, scheduling, or custom fields for an existing activity. Requires features: customers.activities.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "appearanceIcon": null,
  "appearanceColor": null
}

Responses

200Activity updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/customers/activities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"appearanceIcon\": null,
  \"appearanceColor\": null
}"
DELETE/customers/activities
Auth requiredcustomers.activities.manage

Delete activity

Deletes an activity identified by `id`. Accepts id via body or query string. Requires features: customers.activities.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Activity deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/customers/activities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/customers/addresses
Auth requiredcustomers.activities.view

List addresss

Returns a paginated collection of addresss scoped to the authenticated organization. Requires features: customers.activities.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
entityIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring

Responses

200Paginated addresss
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "entity_id": "00000000-0000-4000-8000-000000000000",
      "name": null,
      "purpose": null,
      "company_name": null,
      "address_line1": null,
      "address_line2": null,
      "building_number": null,
      "flat_number": null,
      "city": null,
      "region": null,
      "postal_code": null,
      "country": null,
      "latitude": null,
      "longitude": null,
      "is_primary": null,
      "organization_id": null,
      "tenant_id": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/customers/addresses?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/customers/addresses
Auth requiredcustomers.activities.manage

Create address

Creates a customer address record and associates it with the referenced entity. Requires features: customers.activities.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000",
  "addressLine1": "string"
}

Responses

201Address created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/customers/addresses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"entityId\": \"00000000-0000-4000-8000-000000000000\",
  \"addressLine1\": \"string\"
}"
PUT/customers/addresses
Auth requiredcustomers.activities.manage

Update address

Updates fields on an existing customer address. Requires features: customers.activities.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Address updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/customers/addresses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
DELETE/customers/addresses
Auth requiredcustomers.activities.manage

Delete address

Deletes an address by id. The identifier may be included in the body or query. Requires features: customers.activities.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Address deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/customers/addresses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/customers/comments
Auth requiredcustomers.activities.view

List comments

Returns a paginated collection of comments scoped to the authenticated organization. Requires features: customers.activities.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
entityIdqueryNostring
dealIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring

Responses

200Paginated comments
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "entity_id": null,
      "deal_id": null,
      "body": null,
      "author_user_id": null,
      "appearance_icon": null,
      "appearance_color": null,
      "organization_id": null,
      "tenant_id": null,
      "created_at": null,
      "updated_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/customers/comments?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/customers/comments
Auth requiredcustomers.activities.manage

Create comment

Adds a comment to a customer timeline. Requires features: customers.activities.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000",
  "body": "string",
  "appearanceIcon": null,
  "appearanceColor": null
}

Responses

201Comment created
Content-Type: application/json
{
  "id": null,
  "authorUserId": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/customers/comments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"entityId\": \"00000000-0000-4000-8000-000000000000\",
  \"body\": \"string\",
  \"appearanceIcon\": null,
  \"appearanceColor\": null
}"
PUT/customers/comments
Auth requiredcustomers.activities.manage

Update comment

Updates an existing timeline comment. Requires features: customers.activities.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "appearanceIcon": null,
  "appearanceColor": null
}

Responses

200Comment updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/customers/comments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"appearanceIcon\": null,
  \"appearanceColor\": null
}"
DELETE/customers/comments
Auth requiredcustomers.activities.manage

Delete comment

Deletes a comment identified by `id` supplied via body or query string. Requires features: customers.activities.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Comment deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/customers/comments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/customers/companies
Auth requiredcustomers.companies.view

List companies

Returns a paginated collection of companies scoped to the authenticated organization. Requires features: customers.companies.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
emailqueryNostring
emailStartsWithqueryNostring
emailContainsqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
statusqueryNostring
lifecycleStagequeryNostring
sourcequeryNostring
hasEmailqueryNostring
hasPhonequeryNostring
hasNextInteractionqueryNostring
createdFromqueryNostring
createdToqueryNostring
idqueryNostring
tagIdsqueryNostring
tagIdsEmptyqueryNostring

Responses

200Paginated companies
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "description": null,
      "owner_user_id": null,
      "primary_email": null,
      "primary_phone": null,
      "status": null,
      "lifecycle_stage": null,
      "source": null,
      "next_interaction_at": null,
      "next_interaction_name": null,
      "next_interaction_ref_id": null,
      "next_interaction_icon": null,
      "next_interaction_color": null,
      "organization_id": null,
      "tenant_id": null,
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/customers/companies?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/customers/companies
Auth requiredcustomers.companies.manage

Create company

Creates a company record and associated profile data. Requires features: customers.companies.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "displayName": "string",
  "nextInteraction": null
}

Responses

201Company created
Content-Type: application/json
{
  "id": null,
  "companyId": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/customers/companies" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"displayName\": \"string\",
  \"nextInteraction\": null
}"
PUT/customers/companies
Auth requiredcustomers.companies.manage

Update company

Updates company profile fields, tags, or custom attributes. Requires features: customers.companies.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "nextInteraction": null
}

Responses

200Company updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/customers/companies" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"nextInteraction\": null
}"
DELETE/customers/companies
Auth requiredcustomers.companies.manage

Delete company

Deletes a company by id. The identifier can be provided via body or query. Requires features: customers.companies.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Company deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/customers/companies" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/customers/companies/{id}

Fetch company with related data

Returns a company customer record with optional related resources such as addresses, comments, activities, deals, todos, and linked people.

Parameters

NameInRequiredSchemaDescription
idpathYesstring
includequeryNostringComma-separated list of relations to include (addresses, comments, activities, deals, todos, people).

Responses

200Company detail payload
Content-Type: application/json
{
  "company": {
    "id": "00000000-0000-4000-8000-000000000000",
    "displayName": null,
    "description": null,
    "ownerUserId": null,
    "primaryEmail": null,
    "primaryPhone": null,
    "status": null,
    "lifecycleStage": null,
    "source": null,
    "nextInteractionAt": null,
    "nextInteractionName": null,
    "nextInteractionRefId": null,
    "nextInteractionIcon": null,
    "nextInteractionColor": null,
    "organizationId": null,
    "tenantId": null,
    "createdAt": "string",
    "updatedAt": "string"
  },
  "profile": null,
  "customFields": {},
  "tags": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "label": "string",
      "color": null
    }
  ],
  "addresses": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": null,
      "purpose": null,
      "addressLine1": null,
      "addressLine2": null,
      "buildingNumber": null,
      "flatNumber": null,
      "city": null,
      "region": null,
      "postalCode": null,
      "country": null,
      "latitude": null,
      "longitude": null,
      "isPrimary": null,
      "createdAt": "string"
    }
  ],
  "comments": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "body": null,
      "authorUserId": null,
      "authorName": null,
      "authorEmail": null,
      "dealId": null,
      "createdAt": "string",
      "appearanceIcon": null,
      "appearanceColor": null
    }
  ],
  "activities": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "activityType": "string",
      "subject": null,
      "body": null,
      "occurredAt": null,
      "dealId": null,
      "authorUserId": null,
      "authorName": null,
      "authorEmail": null,
      "createdAt": "string",
      "appearanceIcon": null,
      "appearanceColor": null
    }
  ],
  "deals": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "title": null,
      "status": null,
      "pipelineStage": null,
      "valueAmount": null,
      "valueCurrency": null,
      "probability": null,
      "expectedCloseAt": null,
      "ownerUserId": null,
      "source": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "todos": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "todoId": "00000000-0000-4000-8000-000000000000",
      "todoSource": "string",
      "createdAt": "string",
      "createdByUserId": null,
      "title": null,
      "isDone": null,
      "priority": null,
      "severity": null,
      "description": null,
      "dueAt": null,
      "todoOrganizationId": null,
      "customValues": null
    }
  ],
  "people": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "displayName": null,
      "primaryEmail": null,
      "primaryPhone": null,
      "status": null,
      "lifecycleStage": null,
      "jobTitle": null,
      "department": null,
      "createdAt": "string",
      "organizationId": null
    }
  ],
  "viewer": {
    "userId": null,
    "name": null,
    "email": null
  }
}
400Invalid identifier
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
403Forbidden for tenant/organization scope
Content-Type: application/json
{
  "error": "string"
}
404Company not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/customers/companies/:id" \
  -H "Accept: application/json"
GET/customers/dashboard/widgets/customer-todos
Auth requireddashboards.viewcustomers.widgets.todos

Fetch recent customer todo links

Returns the most recently created todo links for display on dashboards. Requires features: dashboards.view, customers.widgets.todos

Parameters

NameInRequiredSchemaDescription
limitqueryNonumber
tenantIdqueryNostring
organizationIdqueryNostring

Responses

200Widget payload
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "todoId": "00000000-0000-4000-8000-000000000000",
      "todoSource": "string",
      "todoTitle": null,
      "createdAt": "string",
      "organizationId": null,
      "entity": {
        "id": null,
        "displayName": null,
        "kind": null,
        "ownerUserId": null
      }
    }
  ]
}
400Invalid query parameters
Content-Type: application/json
{
  "error": "string"
}
500Widget failed to load
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/customers/dashboard/widgets/customer-todos?limit=5" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/customers/dashboard/widgets/new-customers
Auth requireddashboards.viewcustomers.widgets.new-customers

Fetch recently created customers

Returns the latest customers created within the scoped tenant/organization for dashboard display. Requires features: dashboards.view, customers.widgets.new-customers

Parameters

NameInRequiredSchemaDescription
limitqueryNonumber
tenantIdqueryNostring
organizationIdqueryNostring
kindqueryNostring

Responses

200Widget payload
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "displayName": null,
      "kind": null,
      "organizationId": null,
      "createdAt": "string",
      "ownerUserId": null
    }
  ]
}
400Invalid query parameters
Content-Type: application/json
{
  "error": "string"
}
500Widget failed to load
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/customers/dashboard/widgets/new-customers?limit=5" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/customers/dashboard/widgets/new-deals
Auth requireddashboards.viewcustomers.widgets.new-deals

Fetch recently created deals

Returns the latest deals created within the scoped tenant/organization for dashboard display. Requires features: dashboards.view, customers.widgets.new-deals

Parameters

NameInRequiredSchemaDescription
limitqueryNonumber
tenantIdqueryNostring
organizationIdqueryNostring

Responses

200Widget payload
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "title": null,
      "status": null,
      "organizationId": null,
      "createdAt": "string",
      "ownerUserId": null,
      "valueAmount": null,
      "valueCurrency": null
    }
  ]
}
400Invalid query parameters
Content-Type: application/json
{
  "error": "string"
}
500Widget failed to load
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/customers/dashboard/widgets/new-deals?limit=5" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/customers/dashboard/widgets/next-interactions
Auth requireddashboards.viewcustomers.widgets.next-interactions

Fetch upcoming customer interactions

Lists upcoming (or optionally past) customer interaction reminders ordered by interaction date. Requires features: dashboards.view, customers.widgets.next-interactions

Parameters

NameInRequiredSchemaDescription
limitqueryNonumber
tenantIdqueryNostring
organizationIdqueryNostring
includePastqueryNostring

Responses

200Widget payload
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "displayName": null,
      "kind": null,
      "organizationId": null,
      "nextInteractionAt": null,
      "nextInteractionName": null,
      "nextInteractionIcon": null,
      "nextInteractionColor": null,
      "ownerUserId": null
    }
  ],
  "now": "string"
}
400Invalid query parameters
Content-Type: application/json
{
  "error": "string"
}
500Widget failed to load
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/customers/dashboard/widgets/next-interactions?limit=5" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/customers/deals
Auth requiredcustomers.deals.view

List deals

Returns a paginated collection of deals scoped to the authenticated organization. Requires features: customers.deals.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
statusqueryNostring
pipelineStagequeryNostring
sortFieldqueryNostring
sortDirqueryNostring
personEntityIdqueryNostring
companyEntityIdqueryNostring

Responses

200Paginated deals
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "title": null,
      "description": null,
      "status": null,
      "pipeline_stage": null,
      "value_amount": null,
      "value_currency": null,
      "probability": null,
      "expected_close_at": null,
      "owner_user_id": null,
      "source": null,
      "organization_id": null,
      "tenant_id": null,
      "created_at": null,
      "updated_at": null,
      "organizationId": null,
      "tenantId": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/customers/deals?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/customers/deals
Auth requiredcustomers.deals.manage

Create deal

Creates a sales deal, optionally associating people and companies. Requires features: customers.deals.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "title": "string"
}

Responses

201Deal created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/customers/deals" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"title\": \"string\"
}"
PUT/customers/deals
Auth requiredcustomers.deals.manage

Update deal

Updates pipeline position, metadata, or associations for an existing deal. Requires features: customers.deals.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Deal updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/customers/deals" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
DELETE/customers/deals
Auth requiredcustomers.deals.manage

Delete deal

Deletes a deal by `id`. The identifier may be provided in the body or query parameters. Requires features: customers.deals.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Deal deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/customers/deals" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/customers/deals/{id}

Fetch deal with associations

Returns a deal with linked people, companies, custom fields, and viewer context.

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Deal detail payload
Content-Type: application/json
{
  "deal": {
    "id": "00000000-0000-4000-8000-000000000000",
    "title": null,
    "description": null,
    "status": null,
    "pipelineStage": null,
    "valueAmount": null,
    "valueCurrency": null,
    "probability": null,
    "expectedCloseAt": null,
    "ownerUserId": null,
    "source": null,
    "organizationId": null,
    "tenantId": null,
    "createdAt": "string",
    "updatedAt": "string"
  },
  "people": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "label": "string",
      "subtitle": null,
      "kind": "person"
    }
  ],
  "companies": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "label": "string",
      "subtitle": null,
      "kind": "company"
    }
  ],
  "customFields": {},
  "viewer": {
    "userId": null,
    "name": null,
    "email": null
  }
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
403Forbidden for tenant/organization scope
Content-Type: application/json
{
  "error": "string"
}
404Deal not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/customers/deals/:id" \
  -H "Accept: application/json"
GET/customers/dictionaries/currency
Auth requiredcustomers.people.view

Resolve currency dictionary

Returns the active currency dictionary for the current organization scope, falling back to shared entries when required. Requires features: customers.people.view

Responses

200Currency dictionary entries
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "entries": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "value": "string",
      "label": null
    }
  ]
}
404Currency dictionary missing
Content-Type: application/json
{
  "error": "string"
}
500Unexpected error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/customers/dictionaries/currency" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/customers/dictionaries/{kind}
Auth requiredcustomers.people.view

List dictionary entries

Returns the merged dictionary entries for the requested kind, including inherited values. Requires features: customers.people.view

Parameters

NameInRequiredSchemaDescription
kindpathYesstring

Responses

200Dictionary entries
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "value": "string",
      "label": null,
      "color": null,
      "icon": null,
      "organizationId": null
    }
  ]
}
400Failed to resolve dictionary context
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/customers/dictionaries/:kind" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/customers/dictionaries/{kind}
Auth requiredcustomers.settings.manage

Create or override dictionary entry

Creates a dictionary entry (or updates the existing entry for the same value) within the current organization scope. Requires features: customers.settings.manage

Parameters

NameInRequiredSchemaDescription
kindpathYesstring

Request body (application/json)

{
  "value": "string"
}

Responses

200Dictionary entry updated
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "value": "string",
  "label": null,
  "color": null,
  "icon": null,
  "organizationId": null
}
201Dictionary entry created
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "value": "string",
  "label": null,
  "color": null,
  "icon": null,
  "organizationId": null
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
409Duplicate value conflict
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/customers/dictionaries/:kind" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"value\": \"string\"
}"
PATCH/customers/dictionaries/{kind}/{id}
Auth requiredcustomers.settings.manage

Update dictionary entry

Updates value, label, color, or icon for an existing customer dictionary entry. Requires features: customers.settings.manage

Parameters

NameInRequiredSchemaDescription
kindpathYesstring
idpathYesstring

Request body (application/json)

{}

Responses

200Updated dictionary entry
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "value": "string",
  "label": null,
  "color": null,
  "icon": null,
  "organizationId": null
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
404Entry not found
Content-Type: application/json
{
  "error": "string"
}
409Duplicate value conflict
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PATCH "https://web-production-756174.up.railway.app/api/customers/dictionaries/:kind/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{}"
DELETE/customers/dictionaries/{kind}/{id}
Auth requiredcustomers.settings.manage

Delete dictionary entry

Removes a customer dictionary entry by identifier. Requires features: customers.settings.manage

Parameters

NameInRequiredSchemaDescription
kindpathYesstring
idpathYesstring

Responses

200Entry deleted
Content-Type: application/json
{
  "success": true
}
404Entry not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/customers/dictionaries/:kind/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/customers/people
Auth requiredcustomers.people.view

List people

Returns a paginated collection of people scoped to the authenticated organization. Requires features: customers.people.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
emailqueryNostring
emailStartsWithqueryNostring
emailContainsqueryNostring
statusqueryNostring
lifecycleStagequeryNostring
sourcequeryNostring
hasEmailqueryNostring
hasPhonequeryNostring
hasNextInteractionqueryNostring
createdFromqueryNostring
createdToqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
idqueryNostring
tagIdsqueryNostring
tagIdsEmptyqueryNostring

Responses

200Paginated people
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "description": null,
      "owner_user_id": null,
      "primary_email": null,
      "primary_phone": null,
      "status": null,
      "lifecycle_stage": null,
      "source": null,
      "next_interaction_at": null,
      "next_interaction_name": null,
      "next_interaction_ref_id": null,
      "next_interaction_icon": null,
      "next_interaction_color": null,
      "organization_id": null,
      "tenant_id": null,
      "created_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/customers/people?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/customers/people
Auth requiredcustomers.people.manage

Create person

Creates a person contact using scoped organization and tenant identifiers. Requires features: customers.people.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "nextInteraction": null,
  "firstName": "string",
  "lastName": "string",
  "companyEntityId": null
}

Responses

201Person created
Content-Type: application/json
{
  "id": null,
  "personId": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/customers/people" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"nextInteraction\": null,
  \"firstName\": \"string\",
  \"lastName\": \"string\",
  \"companyEntityId\": null
}"
PUT/customers/people
Auth requiredcustomers.people.manage

Update person

Updates contact details or custom fields for a person. Requires features: customers.people.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "nextInteraction": null,
  "companyEntityId": null
}

Responses

200Person updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/customers/people" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"nextInteraction\": null,
  \"companyEntityId\": null
}"
DELETE/customers/people
Auth requiredcustomers.people.manage

Delete person

Deletes a person by id. Request body or query may provide the identifier. Requires features: customers.people.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Person deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/customers/people" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/customers/people/check-phone
Auth requiredcustomers.people.view

Find person by phone digits

Performs an exact digits comparison (stripping non-numeric characters) to determine whether a customer contact matches the provided phone fragment. Requires features: customers.people.view

Parameters

NameInRequiredSchemaDescription
digitsqueryYesany

Responses

200Matching contact (if any)
Content-Type: application/json
{
  "match": null
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/customers/people/check-phone" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/customers/people/{id}

Fetch person with related data

Returns a person customer record with optional related resources such as addresses, comments, activities, deals, and todos.

Parameters

NameInRequiredSchemaDescription
idpathYesstring
includequeryNostringComma-separated list of relations to include (addresses, comments, activities, deals, todos).

Responses

200Person detail payload
Content-Type: application/json
{
  "person": {
    "id": "00000000-0000-4000-8000-000000000000",
    "displayName": null,
    "description": null,
    "ownerUserId": null,
    "primaryEmail": null,
    "primaryPhone": null,
    "status": null,
    "lifecycleStage": null,
    "source": null,
    "nextInteractionAt": null,
    "nextInteractionName": null,
    "nextInteractionRefId": null,
    "nextInteractionIcon": null,
    "nextInteractionColor": null,
    "organizationId": null,
    "tenantId": null,
    "createdAt": "string",
    "updatedAt": "string"
  },
  "profile": null,
  "customFields": {},
  "tags": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "label": "string",
      "color": null
    }
  ],
  "addresses": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": null,
      "purpose": null,
      "addressLine1": null,
      "addressLine2": null,
      "buildingNumber": null,
      "flatNumber": null,
      "city": null,
      "region": null,
      "postalCode": null,
      "country": null,
      "latitude": null,
      "longitude": null,
      "isPrimary": null,
      "createdAt": "string"
    }
  ],
  "comments": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "body": null,
      "authorUserId": null,
      "authorName": null,
      "authorEmail": null,
      "dealId": null,
      "createdAt": "string",
      "appearanceIcon": null,
      "appearanceColor": null
    }
  ],
  "activities": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "activityType": "string",
      "subject": null,
      "body": null,
      "occurredAt": null,
      "dealId": null,
      "authorUserId": null,
      "authorName": null,
      "authorEmail": null,
      "createdAt": "string",
      "appearanceIcon": null,
      "appearanceColor": null
    }
  ],
  "deals": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "title": null,
      "status": null,
      "pipelineStage": null,
      "valueAmount": null,
      "valueCurrency": null,
      "probability": null,
      "expectedCloseAt": null,
      "ownerUserId": null,
      "source": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "todos": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "todoId": "00000000-0000-4000-8000-000000000000",
      "todoSource": "string",
      "createdAt": "string",
      "createdByUserId": null,
      "title": null,
      "isDone": null,
      "priority": null,
      "severity": null,
      "description": null,
      "dueAt": null,
      "todoOrganizationId": null,
      "customValues": null
    }
  ],
  "viewer": {
    "userId": null,
    "name": null,
    "email": null
  }
}
400Invalid identifier
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
403Forbidden for tenant/organization scope
Content-Type: application/json
{
  "error": "string"
}
404Person not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/customers/people/:id" \
  -H "Accept: application/json"
GET/customers/settings/address-format
Auth requiredcustomers.settings.manage

Retrieve address format

Returns the current address formatting preference for the selected organization. Requires features: customers.settings.manage

Responses

200Current address format
Content-Type: application/json
{
  "addressFormat": "string"
}
400Organization context missing
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/customers/settings/address-format" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/customers/settings/address-format
Auth requiredcustomers.settings.manage

Update address format

Updates the address format preference for the selected organization. Requires features: customers.settings.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "addressFormat": "line_first"
}

Responses

200Updated address format
Content-Type: application/json
{
  "addressFormat": "string"
}
400Invalid payload or organization context
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/customers/settings/address-format" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"addressFormat\": \"line_first\"
}"
GET/customers/tags
Auth requiredcustomers.activities.view

List tags

Returns a paginated collection of tags scoped to the authenticated organization. Requires features: customers.activities.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
sortFieldqueryNostring
sortDirqueryNostring

Responses

200Paginated tags
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "slug": "string",
      "label": "string",
      "color": null,
      "description": null,
      "organization_id": null,
      "tenant_id": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/customers/tags?page=1&pageSize=100" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/customers/tags
Auth requiredcustomers.activities.manage

Create tag

Creates a tag scoped to the current tenant and organization. Requires features: customers.activities.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "slug": "string",
  "label": "string"
}

Responses

201Tag created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/customers/tags" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"slug\": \"string\",
  \"label\": \"string\"
}"
PUT/customers/tags
Auth requiredcustomers.activities.manage

Update tag

Updates label, color, or description for an existing tag. Requires features: customers.activities.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Tag updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/customers/tags" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
DELETE/customers/tags
Auth requiredcustomers.activities.manage

Delete tag

Deletes a tag identified by `id`. The identifier may be provided via body or query string. Requires features: customers.activities.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Tag deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/customers/tags" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
POST/customers/tags/assign
Auth requiredcustomers.activities.manage

Assign tag to customer entity

Links a tag to a customer entity within the validated tenant / organization scope. Requires features: customers.activities.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "tagId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000"
}

Responses

201Tag assigned to customer
Content-Type: application/json
{
  "id": null
}
400Validation or assignment failed
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/customers/tags/assign" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"tagId\": \"00000000-0000-4000-8000-000000000000\",
  \"entityId\": \"00000000-0000-4000-8000-000000000000\"
}"
POST/customers/tags/unassign
Auth requiredcustomers.activities.manage

Remove tag from customer entity

Detaches a tag from a customer entity within the validated tenant / organization scope. Requires features: customers.activities.manage

Request body (application/json)

{
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "tagId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000"
}

Responses

200Tag unassigned from customer
Content-Type: application/json
{
  "id": null
}
400Validation or unassignment failed
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/customers/tags/unassign" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"tagId\": \"00000000-0000-4000-8000-000000000000\",
  \"entityId\": \"00000000-0000-4000-8000-000000000000\"
}"

Dashboards

9 endpoints
GET/dashboards/layout
Auth requireddashboards.view

Load the current dashboard layout

Returns the saved widget layout together with the widgets the current user is allowed to place. Requires features: dashboards.view

Responses

200Current dashboard layout and available widgets.
Content-Type: application/json
{
  "layout": {
    "items": [
      {
        "id": "00000000-0000-4000-8000-000000000000",
        "widgetId": "string",
        "order": 1
      }
    ]
  },
  "allowedWidgetIds": [
    "string"
  ],
  "canConfigure": true,
  "context": {
    "userId": "00000000-0000-4000-8000-000000000000",
    "tenantId": null,
    "organizationId": null,
    "userName": null,
    "userEmail": null,
    "userLabel": "string"
  },
  "widgets": [
    {
      "id": "string",
      "title": "string",
      "description": null,
      "defaultSize": "sm",
      "defaultEnabled": true,
      "defaultSettings": null,
      "features": [
        "string"
      ],
      "moduleId": "string",
      "icon": null,
      "loaderKey": "string",
      "supportsRefresh": true
    }
  ]
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/dashboards/layout" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/dashboards/layout
Auth requireddashboards.configure

Persist dashboard layout changes

Saves the provided widget ordering, sizes, and settings for the current user. Requires features: dashboards.configure

Request body (application/json)

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "widgetId": "string",
      "order": 1
    }
  ]
}

Responses

200Layout updated successfully.
Content-Type: application/json
{
  "ok": true
}
400Invalid layout payload
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/dashboards/layout" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"items\": [
    {
      \"id\": \"00000000-0000-4000-8000-000000000000\",
      \"widgetId\": \"string\",
      \"order\": 1
    }
  ]
}"
PATCH/dashboards/layout/{itemId}
Auth requireddashboards.configure

Update a dashboard layout item

Adjusts the size or settings for a single widget within the dashboard layout. Requires features: dashboards.configure

Parameters

NameInRequiredSchemaDescription
itemIdpathYesstring

Request body (application/json)

{}

Responses

200Layout item updated.
Content-Type: application/json
{
  "ok": true
}
400Invalid payload or missing item id
Content-Type: application/json
{
  "error": "string"
}
404Item not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PATCH "https://web-production-756174.up.railway.app/api/dashboards/layout/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{}"
GET/dashboards/roles/widgets
Auth requireddashboards.admin.assign-widgets

Fetch widget assignments for a role

Returns the widgets explicitly assigned to the given role together with the evaluation scope. Requires features: dashboards.admin.assign-widgets

Parameters

NameInRequiredSchemaDescription
roleIdqueryYesstring
tenantIdqueryNostring
organizationIdqueryNostring

Responses

200Current widget configuration for the role.
Content-Type: application/json
{
  "widgetIds": [
    "string"
  ],
  "hasCustom": true,
  "scope": {
    "tenantId": null,
    "organizationId": null
  }
}
400Missing role identifier
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/dashboards/roles/widgets?roleId=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/dashboards/roles/widgets
Auth requireddashboards.admin.assign-widgets

Update widgets assigned to a role

Persists the widget list for a role within the provided tenant and organization scope. Requires features: dashboards.admin.assign-widgets

Request body (application/json)

{
  "roleId": "00000000-0000-4000-8000-000000000000",
  "tenantId": null,
  "organizationId": null,
  "widgetIds": [
    "string"
  ]
}

Responses

200Widgets updated successfully.
Content-Type: application/json
{
  "ok": true,
  "widgetIds": [
    "string"
  ]
}
400Invalid payload or unknown widgets
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/dashboards/roles/widgets" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"roleId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": null,
  \"organizationId\": null,
  \"widgetIds\": [
    \"string\"
  ]
}"
GET/dashboards/users/widgets
Auth requireddashboards.admin.assign-widgets

Read widget overrides for a user

Returns the widgets inherited and explicitly configured for the requested user within the current scope. Requires features: dashboards.admin.assign-widgets

Parameters

NameInRequiredSchemaDescription
userIdqueryYesstring
tenantIdqueryNostring
organizationIdqueryNostring

Responses

200Widget settings for the user.
Content-Type: application/json
{
  "mode": "inherit",
  "widgetIds": [
    "string"
  ],
  "hasCustom": true,
  "effectiveWidgetIds": [
    "string"
  ],
  "scope": {
    "tenantId": null,
    "organizationId": null
  }
}
400Missing user identifier
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/dashboards/users/widgets?userId=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/dashboards/users/widgets
Auth requireddashboards.admin.assign-widgets

Update user-specific dashboard widgets

Sets the widget override mode and allowed widgets for a user. Passing `mode: inherit` clears overrides. Requires features: dashboards.admin.assign-widgets

Request body (application/json)

{
  "userId": "00000000-0000-4000-8000-000000000000",
  "tenantId": null,
  "organizationId": null,
  "mode": "inherit",
  "widgetIds": [
    "string"
  ]
}

Responses

200Overrides saved.
Content-Type: application/json
{
  "ok": true,
  "mode": "inherit",
  "widgetIds": [
    "string"
  ]
}
400Invalid payload or unknown widgets
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/dashboards/users/widgets" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"userId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": null,
  \"organizationId\": null,
  \"mode\": \"inherit\",
  \"widgetIds\": [
    \"string\"
  ]
}"
GET/dashboards/widgets/catalog
Auth requireddashboards.admin.assign-widgets

List available dashboard widgets

Returns the catalog of widgets that modules expose, including defaults and feature requirements. Requires features: dashboards.admin.assign-widgets

Responses

200Widgets available for assignment.
Content-Type: application/json
{
  "items": [
    {
      "id": "string",
      "title": "string",
      "description": null,
      "defaultSize": "sm",
      "defaultEnabled": true,
      "defaultSettings": null,
      "features": [
        "string"
      ],
      "moduleId": "string",
      "icon": null,
      "loaderKey": "string",
      "supportsRefresh": true
    }
  ]
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/dashboards/widgets/catalog" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/dashboards/widgets/data
Auth requiredanalytics.view

Fetch aggregated data for dashboard widgets

Executes an aggregation query against the specified entity type and returns the result. Supports date range filtering, grouping, and period-over-period comparison. Requires features: analytics.view

Request body (application/json)

{
  "entityType": "string",
  "metric": {
    "field": "string",
    "aggregate": "count"
  }
}

Responses

200Aggregated data for the widget.
Content-Type: application/json
{
  "value": null,
  "data": [
    {
      "value": null
    }
  ],
  "metadata": {
    "fetchedAt": "string",
    "recordCount": 1
  }
}
400Invalid request payload
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/dashboards/widgets/data" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityType\": \"string\",
  \"metric\": {
    \"field\": \"string\",
    \"aggregate\": \"count\"
  }
}"

Dictionaries

9 endpoints
GET/dictionaries
Auth requireddictionaries.view

List dictionaries

Returns dictionaries accessible to the current organization, optionally including inactive records. Requires features: dictionaries.view

Parameters

NameInRequiredSchemaDescription
includeInactivequeryNostring

Responses

200Dictionary collection.
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "key": "string",
      "name": "string",
      "description": null,
      "isSystem": true,
      "isActive": true,
      "managerVisibility": null,
      "organizationId": null,
      "createdAt": "string",
      "updatedAt": null
    }
  ]
}
500Failed to load dictionaries
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/dictionaries" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/dictionaries
Auth requireddictionaries.manage

Create dictionary

Registers a dictionary scoped to the current organization. Requires features: dictionaries.manage

Request body (application/json)

{
  "key": "string",
  "name": "string"
}

Responses

201Dictionary created.
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "key": "string",
  "name": "string",
  "description": null,
  "isSystem": true,
  "isActive": true,
  "managerVisibility": null,
  "organizationId": null,
  "createdAt": "string",
  "updatedAt": null
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}
409Dictionary key already exists
Content-Type: application/json
{
  "error": "string"
}
500Failed to create dictionary
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/dictionaries" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"key\": \"string\",
  \"name\": \"string\"
}"
GET/dictionaries/{dictionaryId}
Auth requireddictionaries.view

Get dictionary

Returns details for the specified dictionary, including inheritance flags. Requires features: dictionaries.view

Parameters

NameInRequiredSchemaDescription
dictionaryIdpathYesstring

Responses

200Dictionary details.
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "key": "string",
  "name": "string",
  "description": null,
  "isSystem": true,
  "isActive": true,
  "managerVisibility": null,
  "organizationId": null,
  "createdAt": "string",
  "updatedAt": null
}
400Invalid parameters
Content-Type: application/json
{
  "error": "string"
}
404Dictionary not found
Content-Type: application/json
{
  "error": "string"
}
500Failed to load dictionary
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/dictionaries/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PATCH/dictionaries/{dictionaryId}
Auth requireddictionaries.manage

Update dictionary

Updates mutable attributes of the dictionary. Currency dictionaries are protected from modification. Requires features: dictionaries.manage

Parameters

NameInRequiredSchemaDescription
dictionaryIdpathYesstring

Request body (application/json)

{}

Responses

200Dictionary updated.
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "key": "string",
  "name": "string",
  "description": null,
  "isSystem": true,
  "isActive": true,
  "managerVisibility": null,
  "organizationId": null,
  "createdAt": "string",
  "updatedAt": null
}
400Validation failed or protected dictionary
Content-Type: application/json
{
  "error": "string"
}
404Dictionary not found
Content-Type: application/json
{
  "error": "string"
}
409Dictionary key already exists
Content-Type: application/json
{
  "error": "string"
}
500Failed to update dictionary
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PATCH "https://web-production-756174.up.railway.app/api/dictionaries/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{}"
DELETE/dictionaries/{dictionaryId}
Auth requireddictionaries.manage

Delete dictionary

Soft deletes the dictionary unless it is the protected currency dictionary. Requires features: dictionaries.manage

Parameters

NameInRequiredSchemaDescription
dictionaryIdpathYesstring

Responses

200Dictionary archived.
Content-Type: application/json
{
  "ok": true
}
400Protected dictionary cannot be deleted
Content-Type: application/json
{
  "error": "string"
}
404Dictionary not found
Content-Type: application/json
{
  "error": "string"
}
500Failed to delete dictionary
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/dictionaries/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/dictionaries/{dictionaryId}/entries
Auth requireddictionaries.view

List dictionary entries

Returns entries for the specified dictionary ordered alphabetically. Requires features: dictionaries.view

Parameters

NameInRequiredSchemaDescription
dictionaryIdpathYesstring

Responses

200Dictionary entries.
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "value": "string",
      "label": "string",
      "color": null,
      "icon": null,
      "createdAt": "string",
      "updatedAt": null
    }
  ]
}
400Invalid parameters
Content-Type: application/json
{
  "error": "string"
}
404Dictionary not found
Content-Type: application/json
{
  "error": "string"
}
500Failed to load dictionary entries
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/dictionaries/00000000-0000-4000-8000-000000000000/entries" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/dictionaries/{dictionaryId}/entries
Auth requireddictionaries.manage

Create dictionary entry

Creates a new entry in the specified dictionary. Requires features: dictionaries.manage

Parameters

NameInRequiredSchemaDescription
dictionaryIdpathYesstring

Request body (application/json)

{
  "value": "string",
  "color": null,
  "icon": null
}

Responses

201Dictionary entry created.
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "value": "string",
  "label": "string",
  "color": null,
  "icon": null,
  "createdAt": "string",
  "updatedAt": null
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}
404Dictionary not found
Content-Type: application/json
{
  "error": "string"
}
500Failed to create dictionary entry
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/dictionaries/00000000-0000-4000-8000-000000000000/entries" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"value\": \"string\",
  \"color\": null,
  \"icon\": null
}"
PATCH/dictionaries/{dictionaryId}/entries/{entryId}
Auth requireddictionaries.manage

Update dictionary entry

Updates the specified dictionary entry using the command bus pipeline. Requires features: dictionaries.manage

Parameters

NameInRequiredSchemaDescription
dictionaryIdpathYesstring
entryIdpathYesstring

Request body (application/json)

{
  "color": null,
  "icon": null
}

Responses

200Dictionary entry updated.
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "value": "string",
  "label": "string",
  "color": null,
  "icon": null,
  "createdAt": "string",
  "updatedAt": null
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}
404Dictionary or entry not found
Content-Type: application/json
{
  "error": "string"
}
500Failed to update entry
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PATCH "https://web-production-756174.up.railway.app/api/dictionaries/00000000-0000-4000-8000-000000000000/entries/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"color\": null,
  \"icon\": null
}"
DELETE/dictionaries/{dictionaryId}/entries/{entryId}
Auth requireddictionaries.manage

Delete dictionary entry

Deletes the specified dictionary entry via the command bus. Requires features: dictionaries.manage

Parameters

NameInRequiredSchemaDescription
dictionaryIdpathYesstring
entryIdpathYesstring

Responses

200Entry deleted.
Content-Type: application/json
{
  "ok": true
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}
404Dictionary or entry not found
Content-Type: application/json
{
  "error": "string"
}
500Failed to delete entry
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/dictionaries/00000000-0000-4000-8000-000000000000/entries/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Directory

9 endpoints
GET/directory/organization-switcher
Auth required

Load organization switcher menu

Returns the hierarchical menu of organizations the current user may switch to within the active tenant.

Responses

200Organization switcher payload.
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "depth": 1,
      "selectable": true,
      "children": []
    }
  ],
  "selectedId": null,
  "canManage": true,
  "tenantId": null,
  "tenants": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "isActive": true
    }
  ],
  "isSuperAdmin": true
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/directory/organization-switcher" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/directory/organizations
Auth requireddirectory.organizations.view

List organizations

Returns organizations using options, tree, or paginated manage view depending on the `view` parameter. Requires features: directory.organizations.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
viewqueryNostring
idsqueryNostring
tenantIdqueryNostring
includeInactivequeryNostring
statusqueryNostring

Responses

200Organization data for the requested view.
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "parentId": null,
      "parentName": null,
      "tenantId": null,
      "tenantName": null,
      "rootId": null,
      "treePath": null
    }
  ]
}
400Invalid query or tenant scope
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/directory/organizations?page=1&pageSize=50&view=options" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/directory/organizations
Auth requireddirectory.organizations.manage

Create organization

Creates a new organization within a tenant and optionally assigns hierarchy relationships. Requires features: directory.organizations.manage

Request body (application/json)

{
  "name": "string",
  "parentId": null
}

Responses

201Organization created.
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000"
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/directory/organizations" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"name\": \"string\",
  \"parentId\": null
}"
PUT/directory/organizations
Auth requireddirectory.organizations.manage

Update organization

Updates organization details and hierarchy assignments. Requires features: directory.organizations.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "parentId": null
}

Responses

200Organization updated.
Content-Type: application/json
{
  "ok": true
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/directory/organizations" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"parentId\": null
}"
DELETE/directory/organizations
Auth requireddirectory.organizations.manage

Delete organization

Soft deletes an organization identified by id. Requires features: directory.organizations.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Organization deleted.
Content-Type: application/json
{
  "ok": true
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/directory/organizations" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/directory/tenants
Auth requireddirectory.tenants.view

List tenants

Returns tenants visible to the current user with optional search and pagination. Requires features: directory.tenants.view

Parameters

NameInRequiredSchemaDescription
idqueryNostring
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
isActivequeryNostring

Responses

200Paged list of tenants.
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "isActive": true,
      "createdAt": null,
      "updatedAt": null
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}
400Invalid query parameters
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/directory/tenants?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/directory/tenants
Auth requireddirectory.tenants.manage

Create tenant

Creates a new tenant and returns its identifier. Requires features: directory.tenants.manage

Request body (application/json)

{
  "name": "string"
}

Responses

201Tenant created.
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000"
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/directory/tenants" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"name\": \"string\"
}"
PUT/directory/tenants
Auth requireddirectory.tenants.manage

Update tenant

Updates tenant properties such as name or activation state. Requires features: directory.tenants.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Tenant updated.
Content-Type: application/json
{
  "ok": true
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/directory/tenants" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
DELETE/directory/tenants
Auth requireddirectory.tenants.manage

Delete tenant

Soft deletes the tenant identified by id. Requires features: directory.tenants.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Tenant removed.
Content-Type: application/json
{
  "ok": true
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/directory/tenants" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"

Entities

17 endpoints
GET/entities/definitions
Auth required

List active custom field definitions

Returns active custom field definitions for the supplied entity ids, respecting tenant scope and tombstones.

Parameters

NameInRequiredSchemaDescription
entityIdqueryNoany
entityIdsqueryNostring
fieldsetqueryNostring

Responses

200Definition list
Content-Type: application/json
{
  "items": [
    {
      "key": "string",
      "kind": "string",
      "label": "string",
      "entityId": "string"
    }
  ]
}
400Missing entity id
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/entities/definitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/entities/definitions
Auth requiredentities.definitions.manage

Upsert custom field definition

Creates or updates a custom field definition for the current tenant/org scope. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string",
  "key": "string",
  "kind": "text"
}

Responses

200Definition saved
Content-Type: application/json
{
  "ok": true,
  "item": {
    "id": "00000000-0000-4000-8000-000000000000",
    "key": "string",
    "kind": "string",
    "configJson": {}
  }
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/entities/definitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\",
  \"key\": \"string\",
  \"kind\": \"text\"
}"
DELETE/entities/definitions
Auth requiredentities.definitions.manage

Soft delete custom field definition

Marks the specified definition inactive and tombstones it for the current scope. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string",
  "key": "string"
}

Responses

200Definition deleted
Content-Type: application/json
{
  "ok": true
}
400Missing entity id or key
Content-Type: application/json
{
  "error": "string"
}
404Definition not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/entities/definitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\",
  \"key\": \"string\"
}"
POST/entities/definitions.batch
Auth requiredentities.definitions.manage

Save multiple custom field definitions

Creates or updates multiple definitions for a single entity in one transaction. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string",
  "definitions": [
    {
      "key": "string",
      "kind": "text"
    }
  ]
}

Responses

200Definitions saved
Content-Type: application/json
{
  "ok": true
}
400Validation error
Content-Type: application/json
{
  "error": "string"
}
500Unexpected failure
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/entities/definitions.batch" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\",
  \"definitions\": [
    {
      \"key\": \"string\",
      \"kind\": \"text\"
    }
  ]
}"
GET/entities/definitions.manage
Auth requiredentities.definitions.manage

Get management snapshot

Returns scoped custom field definitions (including inactive tombstones) for administration interfaces. Requires features: entities.definitions.manage

Parameters

NameInRequiredSchemaDescription
entityIdqueryYesstring

Responses

200Scoped definitions and deleted keys
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "key": "string",
      "kind": "string",
      "configJson": null,
      "organizationId": null,
      "tenantId": null
    }
  ],
  "deletedKeys": [
    "string"
  ]
}
400Missing entity id
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/entities/definitions.manage?entityId=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/entities/definitions.restore
Auth requiredentities.definitions.manage

Restore definition

Reactivates a previously soft-deleted definition within the current tenant/org scope. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string",
  "key": "string"
}

Responses

200Definition restored
Content-Type: application/json
{
  "ok": true
}
400Missing entity id or key
Content-Type: application/json
{
  "error": "string"
}
404Definition not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/entities/definitions.restore" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\",
  \"key\": \"string\"
}"
GET/entities/encryption
Auth requiredentities.definitions.manage

Fetch encryption map

Returns the encrypted field map for the current tenant/organization scope. Requires features: entities.definitions.manage

Parameters

NameInRequiredSchemaDescription
entityIdqueryYesstring

Responses

200Map
Content-Type: application/json
{
  "entityId": "string",
  "fields": [
    {
      "field": "string",
      "hashField": null
    }
  ]
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/entities/encryption?entityId=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/entities/encryption
Auth requiredentities.definitions.manage

Upsert encryption map

Creates or updates the encryption map for the current tenant/organization scope. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string",
  "tenantId": null,
  "organizationId": null,
  "fields": [
    {
      "field": "string",
      "hashField": null
    }
  ]
}

Responses

200Saved
Content-Type: application/json
{
  "ok": true
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/entities/encryption" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\",
  \"tenantId\": null,
  \"organizationId\": null,
  \"fields\": [
    {
      \"field\": \"string\",
      \"hashField\": null
    }
  ]
}"
GET/entities/entities
Auth required

List available entities

Returns generated and custom entities scoped to the caller with field counts per entity.

Responses

200List of entities
Content-Type: application/json
{
  "items": [
    {
      "entityId": "string",
      "source": "code",
      "label": "string",
      "count": 1
    }
  ]
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/entities/entities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/entities/entities
Auth requiredentities.definitions.manage

Upsert custom entity

Creates or updates a tenant/org scoped custom entity definition. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string",
  "label": "string",
  "description": null,
  "showInSidebar": false
}

Responses

200Entity saved
Content-Type: application/json
{
  "ok": true,
  "item": {
    "id": "00000000-0000-4000-8000-000000000000",
    "entityId": "string",
    "label": "string"
  }
}
400Validation error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/entities/entities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\",
  \"label\": \"string\",
  \"description\": null,
  \"showInSidebar\": false
}"
DELETE/entities/entities
Auth requiredentities.definitions.manage

Soft delete custom entity

Marks the specified custom entity inactive within the current scope. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string"
}

Responses

200Entity deleted
Content-Type: application/json
{
  "ok": true
}
400Missing entity id
Content-Type: application/json
{
  "error": "string"
}
404Entity not found in scope
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/entities/entities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\"
}"
GET/entities/records
Auth requiredentities.records.view

List records

Returns paginated records for the supplied entity. Supports custom field filters, exports, and soft-delete toggles. Requires features: entities.records.view

Parameters

NameInRequiredSchemaDescription
entityIdqueryYesstring
pagequeryNonumber
pageSizequeryNonumber
sortFieldqueryNostring
sortDirqueryNostring
withDeletedqueryNoboolean
formatqueryNostring
exportScopequeryNostring
export_scopequeryNostring
allqueryNoboolean
fullqueryNoboolean

Responses

200Paginated records
Content-Type: application/json
{
  "items": [
    {}
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}
400Missing entity id
Content-Type: application/json
{
  "error": "string"
}
500Unexpected failure
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/entities/records?entityId=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/entities/records
Auth requiredentities.records.manage

Create record

Creates a record for the given entity. When `recordId` is omitted or not a UUID the data engine will generate one automatically. Requires features: entities.records.manage

Request body (application/json)

{
  "entityId": "string",
  "values": {}
}

Responses

200Record created
Content-Type: application/json
{
  "ok": true
}
400Validation failure
Content-Type: application/json
{
  "error": "string"
}
500Unexpected failure
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/entities/records" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\",
  \"values\": {}
}"
PUT/entities/records
Auth requiredentities.records.manage

Update record

Updates an existing record. If the provided recordId is not a UUID the record will be created instead to support optimistic flows. Requires features: entities.records.manage

Request body (application/json)

{
  "entityId": "string",
  "recordId": "string",
  "values": {}
}

Responses

200Record updated
Content-Type: application/json
{
  "ok": true
}
400Validation failure
Content-Type: application/json
{
  "error": "string"
}
500Unexpected failure
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/entities/records" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\",
  \"recordId\": \"string\",
  \"values\": {}
}"
DELETE/entities/records
Auth requiredentities.records.manage

Delete record

Soft deletes the specified record within the current tenant/org scope. Requires features: entities.records.manage

Request body (application/json)

{
  "entityId": "string",
  "recordId": "string"
}

Responses

200Record deleted
Content-Type: application/json
{
  "ok": true
}
400Missing entity id or record id
Content-Type: application/json
{
  "error": "string"
}
404Record not found
Content-Type: application/json
{
  "error": "string"
}
500Unexpected failure
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/entities/records" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\",
  \"recordId\": \"string\"
}"
GET/entities/relations/options
Auth requiredentities.definitions.view

List relation options

Returns up to 50 option entries for populating relation dropdowns, automatically resolving label fields when omitted. Requires features: entities.definitions.view

Parameters

NameInRequiredSchemaDescription
entityIdqueryYesstring
labelFieldqueryNostring
qqueryNostring

Responses

200Option list
Content-Type: application/json
{
  "items": [
    {
      "value": "string",
      "label": "string"
    }
  ]
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/entities/relations/options?entityId=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/entities/sidebar-entities
Auth required

Get sidebar entities

Returns custom entities flagged with `showInSidebar` for the current tenant/org scope.

Responses

200Sidebar entities for navigation
Content-Type: application/json
{
  "items": [
    {
      "entityId": "string",
      "label": "string",
      "href": "string"
    }
  ]
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/entities/sidebar-entities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Perspectives

4 endpoints
GET/perspectives/{tableId}
Auth requiredperspectives.use

Load perspectives for a table

Returns personal perspectives and available role defaults for the requested table identifier. Requires features: perspectives.use

Parameters

NameInRequiredSchemaDescription
tableIdpathYesstring

Responses

200Current perspectives and defaults.
Content-Type: application/json
{
  "tableId": "string",
  "perspectives": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "tableId": "string",
      "settings": {},
      "isDefault": true,
      "createdAt": "string",
      "updatedAt": null
    }
  ],
  "defaultPerspectiveId": null,
  "rolePerspectives": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "tableId": "string",
      "settings": {},
      "isDefault": true,
      "createdAt": "string",
      "updatedAt": null,
      "roleId": "00000000-0000-4000-8000-000000000000",
      "tenantId": null,
      "organizationId": null,
      "roleName": null
    }
  ],
  "roles": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "hasPerspective": true,
      "hasDefault": true
    }
  ],
  "canApplyToRoles": true
}
400Invalid table identifier
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/perspectives/string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/perspectives/{tableId}
Auth requiredperspectives.use

Create or update a perspective

Saves a personal perspective and optionally applies the same configuration to selected roles. Requires features: perspectives.use

Parameters

NameInRequiredSchemaDescription
tableIdpathYesstring

Request body (application/json)

{
  "name": "string",
  "settings": {}
}

Responses

200Perspective saved successfully.
Content-Type: application/json
{
  "perspective": {
    "id": "00000000-0000-4000-8000-000000000000",
    "name": "string",
    "tableId": "string",
    "settings": {},
    "isDefault": true,
    "createdAt": "string",
    "updatedAt": null
  },
  "rolePerspectives": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "tableId": "string",
      "settings": {},
      "isDefault": true,
      "createdAt": "string",
      "updatedAt": null,
      "roleId": "00000000-0000-4000-8000-000000000000",
      "tenantId": null,
      "organizationId": null,
      "roleName": null
    }
  ],
  "clearedRoleIds": [
    "00000000-0000-4000-8000-000000000000"
  ]
}
400Validation failed or invalid roles provided
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/perspectives/string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"name\": \"string\",
  \"settings\": {}
}"
DELETE/perspectives/{tableId}/roles/{roleId}
Auth requiredperspectives.role_defaults

Clear role perspectives for a table

Removes all role-level perspectives associated with the provided role identifier for the table. Requires features: perspectives.role_defaults

Parameters

NameInRequiredSchemaDescription
tableIdpathYesstring
roleIdpathYesstring

Responses

200Role perspectives cleared.
Content-Type: application/json
{
  "success": true
}
400Invalid identifiers supplied
Content-Type: application/json
{
  "error": "string"
}
404Role not found in scope
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/perspectives/string/roles/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
DELETE/perspectives/{tableId}/{perspectiveId}
Auth requiredperspectives.use

Delete a personal perspective

Removes a perspective owned by the current user for the given table. Requires features: perspectives.use

Parameters

NameInRequiredSchemaDescription
tableIdpathYesstring
perspectiveIdpathYesstring

Responses

200Perspective removed.
Content-Type: application/json
{
  "success": true
}
400Invalid identifiers supplied
Content-Type: application/json
{
  "error": "string"
}
404Perspective not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/perspectives/string/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Planner

10 endpoints
GET/planner/availability
Auth requiredplanner.view

List availability rules

Returns a paginated collection of availability rules scoped to the authenticated organization. Requires features: planner.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
subjectTypequeryNostring
subjectIdsqueryNostring
sortFieldqueryNostring
sortDirqueryNostring

Responses

200Paginated availability rules
Content-Type: application/json
{
  "items": [
    {
      "id": null,
      "organization_id": null,
      "tenant_id": null,
      "subject_type": null,
      "subject_id": null,
      "timezone": null,
      "rrule": null,
      "exdates": null,
      "kind": null,
      "note": null,
      "unavailability_reason_entry_id": null,
      "unavailability_reason_value": null,
      "created_at": null,
      "updated_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/planner/availability?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/planner/availability
Auth required

Create availability rule

Creates an availability rule for the selected subject.

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "subjectType": "member",
  "subjectId": "00000000-0000-4000-8000-000000000000",
  "timezone": "string",
  "rrule": "string",
  "exdates": [],
  "kind": "availability",
  "note": null,
  "unavailabilityReasonEntryId": null,
  "unavailabilityReasonValue": null
}

Responses

201Availability rule created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/planner/availability" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"subjectType\": \"member\",
  \"subjectId\": \"00000000-0000-4000-8000-000000000000\",
  \"timezone\": \"string\",
  \"rrule\": \"string\",
  \"exdates\": [],
  \"kind\": \"availability\",
  \"note\": null,
  \"unavailabilityReasonEntryId\": null,
  \"unavailabilityReasonValue\": null
}"
PUT/planner/availability
Auth required

Update availability rule

Updates an availability rule by id.

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "note": null,
  "unavailabilityReasonEntryId": null,
  "unavailabilityReasonValue": null
}

Responses

200Availability rule updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/planner/availability" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"note\": null,
  \"unavailabilityReasonEntryId\": null,
  \"unavailabilityReasonValue\": null
}"
DELETE/planner/availability
Auth required

Delete availability rule

Deletes an availability rule by id.

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Availability rule deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/planner/availability" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
POST/planner/availability-date-specific
Auth required

Replace date-specific availability

Replaces date-specific availability rules for the subject in a single request.

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "subjectType": "member",
  "subjectId": "00000000-0000-4000-8000-000000000000",
  "timezone": "string",
  "windows": [],
  "isAvailable": true,
  "note": null,
  "unavailabilityReasonEntryId": null,
  "unavailabilityReasonValue": null
}

Responses

200Date-specific availability updated
Content-Type: application/json
{
  "ok": true
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
403Forbidden
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/planner/availability-date-specific" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"subjectType\": \"member\",
  \"subjectId\": \"00000000-0000-4000-8000-000000000000\",
  \"timezone\": \"string\",
  \"windows\": [],
  \"isAvailable\": true,
  \"note\": null,
  \"unavailabilityReasonEntryId\": null,
  \"unavailabilityReasonValue\": null
}"
GET/planner/availability-rule-sets
Auth requiredplanner.view

List availability rule sets

Returns a paginated collection of availability rule sets scoped to the authenticated organization. Requires features: planner.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
idsqueryNostring
searchqueryNostring
sortFieldqueryNostring
sortDirqueryNostring

Responses

200Paginated availability rule sets
Content-Type: application/json
{
  "items": [
    {
      "id": null,
      "organization_id": null,
      "tenant_id": null,
      "name": null,
      "description": null,
      "timezone": null,
      "created_at": null,
      "updated_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/planner/availability-rule-sets?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/planner/availability-rule-sets
Auth requiredplanner.manage_availability

Create availability rule set

Creates a reusable availability rule set. Requires features: planner.manage_availability

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "description": null,
  "timezone": "string"
}

Responses

201Availability rule set created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/planner/availability-rule-sets" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"name\": \"string\",
  \"description\": null,
  \"timezone\": \"string\"
}"
PUT/planner/availability-rule-sets
Auth requiredplanner.manage_availability

Update availability rule set

Updates an availability rule set by id. Requires features: planner.manage_availability

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "description": null
}

Responses

200Availability rule set updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/planner/availability-rule-sets" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"description\": null
}"
DELETE/planner/availability-rule-sets
Auth requiredplanner.manage_availability

Delete availability rule set

Deletes an availability rule set by id. Requires features: planner.manage_availability

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Availability rule set deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/planner/availability-rule-sets" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
POST/planner/availability-weekly
Auth required

Replace weekly availability

Replaces weekly availability rules for the subject in a single request.

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "subjectType": "member",
  "subjectId": "00000000-0000-4000-8000-000000000000",
  "timezone": "string",
  "windows": []
}

Responses

200Weekly availability updated
Content-Type: application/json
{
  "ok": true
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
403Forbidden
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/planner/availability-weekly" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"subjectType\": \"member\",
  \"subjectId\": \"00000000-0000-4000-8000-000000000000\",
  \"timezone\": \"string\",
  \"windows\": []
}"

Query Index

3 endpoints
POST/query_index/purge
Auth requiredquery_index.purge

Purge query index records

Queues a purge job to remove indexed records for an entity type within the active scope. Requires features: query_index.purge

Request body (application/json)

{
  "entityType": "string"
}

Responses

200Purge job accepted.
Content-Type: application/json
{
  "ok": true
}
400Missing entity type
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/query_index/purge" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityType\": \"string\"
}"
POST/query_index/reindex
Auth requiredquery_index.reindex

Trigger query index rebuild

Queues a reindex job for the specified entity type within the current tenant scope. Requires features: query_index.reindex

Request body (application/json)

{
  "entityType": "string"
}

Responses

200Reindex job accepted.
Content-Type: application/json
{
  "ok": true
}
400Missing entity type
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/query_index/reindex" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityType\": \"string\"
}"
GET/query_index/status
Auth requiredquery_index.status.view

Inspect query index coverage

Returns entity counts comparing base tables with the query index along with the latest job status. Requires features: query_index.status.view

Responses

200Current query index status.
Content-Type: application/json
{
  "items": [
    {
      "entityId": "string",
      "label": "string",
      "baseCount": null,
      "indexCount": null,
      "vectorCount": null,
      "ok": true,
      "job": {
        "status": "idle",
        "startedAt": null,
        "finishedAt": null,
        "heartbeatAt": null,
        "processedCount": null,
        "totalCount": null,
        "scope": null
      }
    }
  ],
  "errors": [
    {
      "id": "string",
      "source": "string",
      "handler": "string",
      "entityType": null,
      "recordId": null,
      "tenantId": null,
      "organizationId": null,
      "message": "string",
      "stack": null,
      "payload": null,
      "occurredAt": "string"
    }
  ],
  "logs": [
    {
      "id": "string",
      "source": "string",
      "handler": "string",
      "level": "info",
      "entityType": null,
      "recordId": null,
      "tenantId": null,
      "organizationId": null,
      "message": "string",
      "details": null,
      "occurredAt": "string"
    }
  ]
}
400Tenant or organization context required
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/query_index/status" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Staff

38 endpoints
GET/staff/activities
Auth requiredstaff.view

List teammemberactivitys

Returns a paginated collection of teammemberactivitys scoped to the authenticated organization. Requires features: staff.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
entityIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring

Responses

200Paginated teammemberactivitys
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "member_id": null,
      "activity_type": null,
      "subject": null,
      "body": null,
      "occurred_at": null,
      "author_user_id": null,
      "appearance_icon": null,
      "appearance_color": null,
      "organization_id": null,
      "tenant_id": null,
      "created_at": null,
      "updated_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/staff/activities?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/staff/activities
Auth requiredstaff.manage_team

Create teammemberactivity

Adds an activity to a team member timeline. Requires features: staff.manage_team

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000",
  "activityType": "string",
  "appearanceIcon": null,
  "appearanceColor": null
}

Responses

201TeamMemberActivity created
Content-Type: application/json
{
  "id": null,
  "authorUserId": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/staff/activities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"entityId\": \"00000000-0000-4000-8000-000000000000\",
  \"activityType\": \"string\",
  \"appearanceIcon\": null,
  \"appearanceColor\": null
}"
PUT/staff/activities
Auth requiredstaff.manage_team

Update teammemberactivity

Updates a team member activity. Requires features: staff.manage_team

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "appearanceIcon": null,
  "appearanceColor": null
}

Responses

200TeamMemberActivity updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/staff/activities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"appearanceIcon\": null,
  \"appearanceColor\": null
}"
DELETE/staff/activities
Auth requiredstaff.manage_team

Delete teammemberactivity

Deletes a team member activity. Requires features: staff.manage_team

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200TeamMemberActivity deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/staff/activities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/staff/addresses
Auth requiredstaff.view

List teammemberaddresss

Returns a paginated collection of teammemberaddresss scoped to the authenticated organization. Requires features: staff.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
entityIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring

Responses

200Paginated teammemberaddresss
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "member_id": null,
      "name": null,
      "purpose": null,
      "company_name": null,
      "address_line1": null,
      "address_line2": null,
      "building_number": null,
      "flat_number": null,
      "city": null,
      "region": null,
      "postal_code": null,
      "country": null,
      "latitude": null,
      "longitude": null,
      "is_primary": null,
      "organization_id": null,
      "tenant_id": null,
      "created_at": null,
      "updated_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/staff/addresses?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/staff/addresses
Auth requiredstaff.manage_team

Create teammemberaddress

Adds a team member address. Requires features: staff.manage_team

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000",
  "addressLine1": "string"
}

Responses

201TeamMemberAddress created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/staff/addresses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"entityId\": \"00000000-0000-4000-8000-000000000000\",
  \"addressLine1\": \"string\"
}"
PUT/staff/addresses
Auth requiredstaff.manage_team

Update teammemberaddress

Updates a team member address. Requires features: staff.manage_team

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200TeamMemberAddress updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/staff/addresses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
DELETE/staff/addresses
Auth requiredstaff.manage_team

Delete teammemberaddress

Deletes a team member address. Requires features: staff.manage_team

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200TeamMemberAddress deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/staff/addresses" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/staff/comments
Auth requiredstaff.view

List teammembercomments

Returns a paginated collection of teammembercomments scoped to the authenticated organization. Requires features: staff.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
entityIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring

Responses

200Paginated teammembercomments
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "member_id": null,
      "body": null,
      "author_user_id": null,
      "appearance_icon": null,
      "appearance_color": null,
      "organization_id": null,
      "tenant_id": null,
      "created_at": null,
      "updated_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/staff/comments?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/staff/comments
Auth requiredstaff.manage_team

Create teammembercomment

Adds a note to a team member timeline. Requires features: staff.manage_team

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000",
  "body": "string",
  "appearanceIcon": null,
  "appearanceColor": null
}

Responses

201TeamMemberComment created
Content-Type: application/json
{
  "id": null,
  "authorUserId": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/staff/comments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"entityId\": \"00000000-0000-4000-8000-000000000000\",
  \"body\": \"string\",
  \"appearanceIcon\": null,
  \"appearanceColor\": null
}"
PUT/staff/comments
Auth requiredstaff.manage_team

Update teammembercomment

Updates a team member note. Requires features: staff.manage_team

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "appearanceIcon": null,
  "appearanceColor": null
}

Responses

200TeamMemberComment updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/staff/comments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"appearanceIcon\": null,
  \"appearanceColor\": null
}"
DELETE/staff/comments
Auth requiredstaff.manage_team

Delete teammembercomment

Deletes a team member note. Requires features: staff.manage_team

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200TeamMemberComment deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/staff/comments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/staff/job-histories
Auth requiredstaff.view

List teammemberjobhistorys

Returns a paginated collection of teammemberjobhistorys scoped to the authenticated organization. Requires features: staff.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
entityIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring

Responses

200Paginated teammemberjobhistorys
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "member_id": null,
      "name": null,
      "company_name": null,
      "description": null,
      "start_date": null,
      "end_date": null,
      "organization_id": null,
      "tenant_id": null,
      "created_at": null,
      "updated_at": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/staff/job-histories?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/staff/job-histories
Auth requiredstaff.manage_team

Create teammemberjobhistory

Adds a team member job history entry. Requires features: staff.manage_team

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "entityId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "companyName": null,
  "description": null,
  "startDate": "2025-01-01T00:00:00.000Z",
  "endDate": null
}

Responses

201TeamMemberJobHistory created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/staff/job-histories" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"entityId\": \"00000000-0000-4000-8000-000000000000\",
  \"name\": \"string\",
  \"companyName\": null,
  \"description\": null,
  \"startDate\": \"2025-01-01T00:00:00.000Z\",
  \"endDate\": null
}"
PUT/staff/job-histories
Auth requiredstaff.manage_team

Update teammemberjobhistory

Updates a team member job history entry. Requires features: staff.manage_team

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "companyName": null,
  "description": null,
  "endDate": null
}

Responses

200TeamMemberJobHistory updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/staff/job-histories" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"companyName\": null,
  \"description\": null,
  \"endDate\": null
}"
DELETE/staff/job-histories
Auth requiredstaff.manage_team

Delete teammemberjobhistory

Deletes a team member job history entry. Requires features: staff.manage_team

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200TeamMemberJobHistory deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/staff/job-histories" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/staff/leave-requests
Auth required

List leave requests

Returns a paginated collection of leave requests scoped to the authenticated organization.

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
statusqueryNostring
memberIdqueryNostring
idsqueryNostring
sortFieldqueryNostring
sortDirqueryNostring

Responses

200Paginated leave requests
Content-Type: application/json
{
  "items": [
    {
      "id": null,
      "organization_id": null,
      "tenant_id": null,
      "member_id": null,
      "start_date": null,
      "end_date": null,
      "timezone": null,
      "status": null,
      "unavailability_reason_entry_id": null,
      "unavailability_reason_value": null,
      "note": null,
      "decision_comment": null,
      "submitted_by_user_id": null,
      "decided_by_user_id": null,
      "decided_at": null,
      "created_at": null,
      "updated_at": null,
      "member": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/staff/leave-requests?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/staff/leave-requests
Auth required

Create leave request

Creates a leave request for a staff member.

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "memberId": "00000000-0000-4000-8000-000000000000",
  "timezone": "string",
  "startDate": "2025-01-01T00:00:00.000Z",
  "endDate": "2025-01-01T00:00:00.000Z",
  "unavailabilityReasonEntryId": null,
  "unavailabilityReasonValue": null,
  "note": null,
  "submittedByUserId": null
}

Responses

201Leave request created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/staff/leave-requests" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"memberId\": \"00000000-0000-4000-8000-000000000000\",
  \"timezone\": \"string\",
  \"startDate\": \"2025-01-01T00:00:00.000Z\",
  \"endDate\": \"2025-01-01T00:00:00.000Z\",
  \"unavailabilityReasonEntryId\": null,
  \"unavailabilityReasonValue\": null,
  \"note\": null,
  \"submittedByUserId\": null
}"
PUT/staff/leave-requests
Auth required

Update leave request

Updates a leave request by id.

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "unavailabilityReasonEntryId": null,
  "unavailabilityReasonValue": null,
  "note": null
}

Responses

200Leave request updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/staff/leave-requests" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"unavailabilityReasonEntryId\": null,
  \"unavailabilityReasonValue\": null,
  \"note\": null
}"
DELETE/staff/leave-requests
Auth required

Delete leave request

Deletes a leave request by id.

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Leave request deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/staff/leave-requests" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
POST/staff/leave-requests/accept
Auth requiredstaff.leave_requests.manage

Approve leave request

Approves a leave request and adds unavailability rules for the staff member. Requires features: staff.leave_requests.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "decisionComment": null,
  "decidedByUserId": null
}

Responses

200Leave request approved
Content-Type: application/json
{
  "ok": true,
  "id": null
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/staff/leave-requests/accept" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"decisionComment\": null,
  \"decidedByUserId\": null
}"
POST/staff/leave-requests/reject
Auth requiredstaff.leave_requests.manage

Reject leave request

Rejects a leave request with an optional comment. Requires features: staff.leave_requests.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "decisionComment": null,
  "decidedByUserId": null
}

Responses

200Leave request rejected
Content-Type: application/json
{
  "ok": true,
  "id": null
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/staff/leave-requests/reject" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"decisionComment\": null,
  \"decidedByUserId\": null
}"
GET/staff/team-members
Auth requiredstaff.view

List team members

Returns a paginated collection of team members scoped to the authenticated organization. Requires features: staff.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
isActivequeryNostring
teamIdqueryNostring
roleIdqueryNostring
idsqueryNostring
sortFieldqueryNostring
sortDirqueryNostring

Responses

200Paginated team members
Content-Type: application/json
{
  "items": [
    {
      "id": null,
      "organization_id": null,
      "tenant_id": null,
      "team_id": null,
      "display_name": null,
      "description": null,
      "user_id": null,
      "availability_rule_set_id": null,
      "is_active": null,
      "created_at": null,
      "updated_at": null,
      "user": null,
      "team": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/staff/team-members?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/staff/team-members
Auth requiredstaff.manage_team

Create team member

Creates a team member for staff assignments. Requires features: staff.manage_team

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "teamId": null,
  "displayName": "string",
  "description": null,
  "userId": null,
  "roleIds": [],
  "tags": [],
  "availabilityRuleSetId": null
}

Responses

201Team member created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/staff/team-members" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"teamId\": null,
  \"displayName\": \"string\",
  \"description\": null,
  \"userId\": null,
  \"roleIds\": [],
  \"tags\": [],
  \"availabilityRuleSetId\": null
}"
PUT/staff/team-members
Auth requiredstaff.manage_team

Update team member

Updates a team member by id. Requires features: staff.manage_team

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "teamId": null,
  "description": null,
  "userId": null,
  "availabilityRuleSetId": null
}

Responses

200Team member updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/staff/team-members" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"teamId\": null,
  \"description\": null,
  \"userId\": null,
  \"availabilityRuleSetId\": null
}"
DELETE/staff/team-members
Auth requiredstaff.manage_team

Delete team member

Deletes a team member by id. Requires features: staff.manage_team

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Team member deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/staff/team-members" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/staff/team-members/self
Auth requiredstaff.leave_requests.send

Get current user team member profile

Returns the staff team member linked to the current user, if any. Requires features: staff.leave_requests.send

Responses

200Team member profile
Content-Type: application/json
{
  "member": null
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/staff/team-members/self" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/staff/team-members/self
Auth requiredstaff.leave_requests.send

Create current user team member profile

Creates a team member profile for the signed-in user. Requires features: staff.leave_requests.send

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "displayName": "string",
  "description": null
}

Responses

201Team member created
Content-Type: application/json
{
  "id": null
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
409Already exists
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/staff/team-members/self" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"displayName\": \"string\",
  \"description\": null
}"
POST/staff/team-members/tags/assign
Auth requiredstaff.manage_team

Assign team member tag

Assigns a tag to a staff team member. Requires features: staff.manage_team

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "memberId": "00000000-0000-4000-8000-000000000000",
  "tag": "string"
}

Responses

201Tag assignment created
Content-Type: application/json
{
  "id": null
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/staff/team-members/tags/assign" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"memberId\": \"00000000-0000-4000-8000-000000000000\",
  \"tag\": \"string\"
}"
POST/staff/team-members/tags/unassign
Auth requiredstaff.manage_team

Unassign team member tag

Removes a tag from a staff team member. Requires features: staff.manage_team

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "memberId": "00000000-0000-4000-8000-000000000000",
  "tag": "string"
}

Responses

200Tag assignment removed
Content-Type: application/json
{
  "id": null
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/staff/team-members/tags/unassign" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"memberId\": \"00000000-0000-4000-8000-000000000000\",
  \"tag\": \"string\"
}"
GET/staff/team-roles
Auth requiredstaff.view

List team roles

Returns a paginated collection of team roles scoped to the authenticated organization. Requires features: staff.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
idsqueryNostring
teamIdqueryNostring
sortFieldqueryNostring
sortDirqueryNostring

Responses

200Paginated team roles
Content-Type: application/json
{
  "items": [
    {
      "id": null,
      "organization_id": null,
      "tenant_id": null,
      "team_id": null,
      "name": null,
      "description": null,
      "appearance_icon": null,
      "appearance_color": null,
      "created_at": null,
      "updated_at": null,
      "team": null,
      "memberCount": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/staff/team-roles?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/staff/team-roles
Auth requiredstaff.manage_team

Create team role

Creates a team role for staff team members. Requires features: staff.manage_team

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "teamId": null,
  "name": "string",
  "description": null,
  "appearanceIcon": null,
  "appearanceColor": null
}

Responses

201Team role created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/staff/team-roles" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"teamId\": null,
  \"name\": \"string\",
  \"description\": null,
  \"appearanceIcon\": null,
  \"appearanceColor\": null
}"
PUT/staff/team-roles
Auth requiredstaff.manage_team

Update team role

Updates a team role by id. Requires features: staff.manage_team

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "teamId": null,
  "description": null,
  "appearanceIcon": null,
  "appearanceColor": null
}

Responses

200Team role updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/staff/team-roles" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"teamId\": null,
  \"description\": null,
  \"appearanceIcon\": null,
  \"appearanceColor\": null
}"
DELETE/staff/team-roles
Auth requiredstaff.manage_team

Delete team role

Deletes a team role by id. Requires features: staff.manage_team

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Team role deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/staff/team-roles" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/staff/teams
Auth requiredstaff.view

List teams

Returns a paginated collection of teams scoped to the authenticated organization. Requires features: staff.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
idsqueryNostring
isActivequeryNostring
sortFieldqueryNostring
sortDirqueryNostring

Responses

200Paginated teams
Content-Type: application/json
{
  "items": [
    {
      "id": null,
      "organization_id": null,
      "tenant_id": null,
      "name": null,
      "description": null,
      "is_active": null,
      "created_at": null,
      "updated_at": null,
      "memberCount": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://web-production-756174.up.railway.app/api/staff/teams?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/staff/teams
Auth requiredstaff.manage_team

Create team

Creates a staff team. Requires features: staff.manage_team

Request body (application/json)

{
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "name": "string",
  "description": null
}

Responses

201Team created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://web-production-756174.up.railway.app/api/staff/teams" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"tenantId\": \"00000000-0000-4000-8000-000000000000\",
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\",
  \"name\": \"string\",
  \"description\": null
}"
PUT/staff/teams
Auth requiredstaff.manage_team

Update team

Updates a staff team by id. Requires features: staff.manage_team

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "description": null
}

Responses

200Team updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://web-production-756174.up.railway.app/api/staff/teams" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"description\": null
}"
DELETE/staff/teams
Auth requiredstaff.manage_team

Delete team

Deletes a staff team by id. Requires features: staff.manage_team

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Team deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://web-production-756174.up.railway.app/api/staff/teams" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"