API Reference
Admin API
User management, organizations, brands, and settings APIs
Admin API
The Admin API provides endpoints for managing users, organizations, brands, and system settings. All endpoints require session authentication.
Authentication
Login
POST /api/admin/auth
Content-Type: application/jsonRequest Body
{
"email": "admin@example.com",
"password": "your-password"
}Response
{
"success": true,
"session": {
"userId": "user_123",
"email": "admin@example.com",
"name": "Admin User",
"role": "owner"
}
}Sets an httpOnly session cookie for subsequent requests.
Check Auth Status
GET /api/admin/authResponse
{
"authenticated": true,
"session": {
"userId": "user_123",
"organizationId": "org_abc",
"brandId": "brand_xyz",
"email": "admin@example.com",
"name": "Admin User",
"role": "owner"
},
"organizations": [
{"id": "org_abc", "name": "My Org", "slug": "my-org"}
],
"brands": [
{"id": "brand_xyz", "name": "Main Brand", "slug": "main-brand"}
]
}Logout
DELETE /api/admin/authSwitch Organization
POST /api/admin/auth/switch-org
Content-Type: application/json{
"organizationId": "org_new123"
}Switch Brand
POST /api/admin/auth/switch-brand
Content-Type: application/json{
"brandId": "brand_new456"
}User Management
List Users
GET /api/admin/usersRequired role: Admin or Owner
Response
{
"users": [
{
"id": "user_123",
"email": "admin@example.com",
"name": "Admin User",
"role": "owner",
"createdAt": 1704067200000
}
],
"organizationId": "org_abc"
}Create/Invite User
POST /api/admin/users
Content-Type: application/jsonRequired role: Admin or Owner
Request Body
{
"email": "newuser@example.com",
"password": "secure-password",
"name": "New User",
"role": "member",
"brandIds": ["brand_xyz"]
}Get User
GET /api/admin/users/:userIdResponse
{
"user": {
"id": "user_123",
"email": "user@example.com",
"name": "User Name",
"role": "member"
},
"brandAccess": [
{"brandId": "brand_xyz", "role": "member"}
]
}Update User Role
PUT /api/admin/users/:userId
Content-Type: application/jsonRequired role: Admin or Owner
{
"role": "admin"
}Remove User
DELETE /api/admin/users/:userIdRequired role: Owner
Organizations
List Organizations
GET /api/admin/organizationsRequired role: Owner
Query Parameters
| Parameter | Type | Description |
|---|---|---|
includeDeleted | boolean | Include soft-deleted organizations |
deletedOnly | boolean | Only return deleted organizations |
Response
{
"organizations": [
{
"id": "org_abc",
"name": "My Organization",
"slug": "my-org",
"createdAt": 1704067200000
}
],
"currentOrganizationId": "org_abc",
"deletedCount": 0
}Create Organization
POST /api/admin/organizations
Content-Type: application/jsonRequired role: Owner
{
"name": "New Organization",
"slug": "new-org"
}Slug is auto-generated from name if not provided.
Brands
List Brands
GET /api/admin/brandsQuery Parameters
| Parameter | Type | Description |
|---|---|---|
includeDeleted | boolean | Include soft-deleted brands |
deletedOnly | boolean | Only return deleted brands (owners only) |
Response
{
"brands": [
{
"id": "brand_xyz",
"name": "Main Brand",
"slug": "main-brand",
"organizationId": "org_abc"
}
],
"currentBrandId": "brand_xyz",
"organizationId": "org_abc",
"deletedCount": 0
}Create Brand
POST /api/admin/brands
Content-Type: application/jsonRequired role: Admin or Owner
{
"name": "New Brand",
"slug": "new-brand"
}Settings
Get All Settings
GET /api/admin/settingsResponse
{
"settings": {
"stripe": {
"enabled": true,
"publishableKey": "pk_test_..."
},
"nmi": {
"enabled": false
}
},
"status": {
"stripe": "configured",
"nmi": "not_configured"
},
"providers": ["stripe", "nmi", "sticky", "konnektive"],
"categories": ["payment", "crm", "analytics"],
"brandId": "brand_xyz"
}Update Settings
POST /api/admin/settings
Content-Type: application/json{
"provider": "stripe",
"settings": {
"enabled": true,
"secretKey": "sk_test_...",
"publishableKey": "pk_test_..."
}
}Get Branding (No Auth)
GET /api/admin/brandingWhite-label branding settings. No authentication required.
{
"companyName": "Send Pay Links"
}Audit Logs
List Audit Logs
GET /api/admin/audit-logsQuery Parameters
| Parameter | Type | Description |
|---|---|---|
page | number | Page number (1-based) |
limit | number | Items per page (max 100) |
brandId | string | Filter by brand ID |
organizationId | string | Filter by organization ID |
actorType | string | user, system, or api |
action | string | Action type filter |
resourceType | string | Resource type filter |
success | boolean | Filter by success status |
startDate | number | Unix timestamp (ms) |
endDate | number | Unix timestamp (ms) |
search | string | Full-text search |
includeStats | boolean | Include statistics |
Response
{
"logs": [
{
"id": "log_123",
"actorType": "user",
"actorId": "user_123",
"action": "settings.updated",
"resourceType": "settings",
"resourceId": "stripe",
"success": true,
"createdAt": 1704067200000
}
],
"pagination": {
"page": 1,
"limit": 50,
"total": 127,
"totalPages": 3
},
"stats": {
"totalActions": 127,
"successRate": 0.98,
"actionsByType": {}
}
}Commissions
List Commissions
GET /api/admin/commissionsQuery Parameters
| Parameter | Type | Description |
|---|---|---|
page | number | Page number |
pageSize | number | Items per page (default 20) |
status | string | pending, approved, paid, cancelled, disputed |
salespersonId | string | Filter by salesperson |
startDate | number | Unix timestamp |
endDate | number | Unix timestamp |
report | boolean | Get full report with stats |
Response
{
"commissions": [
{
"id": "comm_123",
"orderId": "order_abc",
"salespersonId": "sp_001",
"salespersonName": "Jane Smith",
"orderAmount": 9999,
"commissionAmount": 999,
"commissionRate": 0.10,
"status": "pending",
"createdAt": 1704067200000
}
],
"pagination": {
"page": 1,
"pageSize": 20,
"total": 45
},
"brandId": "brand_xyz"
}Bulk Commission Actions
POST /api/admin/commissions
Content-Type: application/json{
"action": "approve",
"commissionIds": ["comm_123", "comm_456"],
"notes": "Approved for Q1 payout"
}Actions: approve, cancel, dispute
Webhooks Management
List Webhook Endpoints
GET /api/admin/webhooksResponse
{
"endpoints": [
{
"id": "wh_123",
"name": "Order Notifications",
"url": "https://example.com/webhooks/orders",
"events": ["payment.succeeded", "order.confirmed"],
"enabled": true,
"createdAt": 1704067200000
}
],
"stats": {
"totalDeliveries": 1250,
"successRate": 0.98
},
"availableEvents": [
"checkout.created",
"checkout.completed",
"payment.succeeded",
"payment.failed",
"order.confirmed",
"upsell.accepted",
"upsell.declined"
]
}Create Webhook Endpoint
POST /api/admin/webhooks
Content-Type: application/json{
"name": "Order Notifications",
"url": "https://example.com/webhooks/orders",
"secret": "whsec_your_secret_key",
"events": ["payment.succeeded", "order.confirmed"],
"headers": {
"X-Custom-Header": "value"
},
"enabled": true
}Use "*" for events to receive all event types.
Test Webhook
POST /api/admin/webhooks/:id/testSends a test payload to the endpoint.
Delete Webhook
DELETE /api/admin/webhooks/:idRole-Based Access Control
Roles
| Role | Scope | Permissions |
|---|---|---|
owner | Organization | Full access, user management, billing |
admin | Organization | Settings, brands, audit logs |
member | Brand | View-only access to assigned brands |
Brand Roles
| Role | Permissions |
|---|---|
admin | Full brand management |
member | View-only brand access |
Utility Endpoints
Generate Sales Link
POST /api/admin/tools/generate-link
Content-Type: application/jsonGenerate checkout link with sales attribution for commission tracking.
{
"salespersonId": "sp_001",
"salespersonName": "Jane Smith",
"commissionRate": 0.10,
"orderInfo": {
"productName": "Premium Plan",
"total": 9999,
"currency": "USD"
}
}Retry CRM Recording
POST /api/admin/crm-retry
Content-Type: application/json{
"orderId": "order_abc123"
}Test CRM Connection
POST /api/admin/test-crm
Content-Type: application/json{
"provider": "konnektive"
}