API Reference
Salesperson API
Salesperson authentication and session management
Salesperson API
The Salesperson API provides authentication endpoints for sales team members to access their portal and manage sales links.
Overview
Salespersons have a separate authentication system from admin users. They can:
- Login to their sales portal
- Generate tracked checkout links
- View their commission reports
Login
Authenticate a salesperson with email and password.
POST /api/salesperson/auth
Content-Type: application/jsonRequest Body
{
"email": "sales@example.com",
"password": "secure-password"
}Success Response
{
"success": true,
"salesperson": {
"id": "sp_abc123",
"email": "sales@example.com",
"name": "Jane Smith",
"brandId": "brand_xyz",
"commissionRate": 0.10,
"status": "active",
"createdAt": 1704067200000
}
}Sets an httpOnly session cookie for subsequent requests.
Error Response
{
"success": false,
"error": "Invalid credentials"
}Get Current Salesperson
Check authentication status and get current salesperson info.
GET /api/salesperson/authAuthenticated Response
{
"authenticated": true,
"salesperson": {
"id": "sp_abc123",
"email": "sales@example.com",
"name": "Jane Smith",
"brandId": "brand_xyz",
"commissionRate": 0.10,
"status": "active",
"createdAt": 1704067200000
}
}Not Authenticated Response
{
"authenticated": false,
"salesperson": null
}Logout
End the salesperson session.
DELETE /api/salesperson/authResponse
{
"success": true
}Salesperson Object
| Field | Type | Description |
|---|---|---|
id | string | Unique salesperson ID |
email | string | Login email |
name | string | Display name |
brandId | string | Associated brand |
commissionRate | number | Default commission rate (0.10 = 10%) |
status | string | active or inactive |
createdAt | number | Unix timestamp (ms) |
Error Responses
| Status | Error | Description |
|---|---|---|
| 400 | Email and password required | Missing credentials |
| 401 | Invalid credentials | Wrong email or password |
| 500 | Login failed | Server error |
Code Example
Salesperson Login Flow
interface Salesperson {
id: string;
email: string;
name: string;
brandId: string;
commissionRate: number;
status: 'active' | 'inactive';
createdAt: number;
}
async function loginSalesperson(email: string, password: string): Promise<Salesperson | null> {
const response = await fetch('/api/salesperson/auth', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
credentials: 'include',
body: JSON.stringify({ email, password }),
});
const result = await response.json();
if (!result.success) {
throw new Error(result.error);
}
return result.salesperson;
}
async function checkSalespersonSession(): Promise<Salesperson | null> {
const response = await fetch('/api/salesperson/auth', {
credentials: 'include',
});
const result = await response.json();
return result.authenticated ? result.salesperson : null;
}
async function logoutSalesperson(): Promise<void> {
await fetch('/api/salesperson/auth', {
method: 'DELETE',
credentials: 'include',
});
}Protected Route Check
// In a React component or Next.js page
useEffect(() => {
async function checkAuth() {
const salesperson = await checkSalespersonSession();
if (!salesperson) {
// Redirect to login
window.location.href = '/salesperson/login';
return;
}
// User is authenticated
setSalesperson(salesperson);
}
checkAuth();
}, []);Related Endpoints
Salespersons can generate tracked links via the admin tools:
POST /api/admin/tools/generate-linkSee the Admin API for details on generating sales links with commission tracking.