Appearance
API Documentation
Base URL
http://localhost:3000Authentication
All authenticated endpoints require a Bearer token in the Authorization header.
Seller API
Seller endpoints use seller-specific JWT tokens obtained during login/registration.
Authorization: Bearer <seller_token>Admin API
Admin endpoints use admin-specific JWT tokens.
Authorization: Bearer <admin_token>Response Format
Success Response
Data is returned directly without wrapper fields.
json
{
"field_name": { ... }
}For list endpoints:
json
{
"items": [...],
"count": 100,
"limit": 20,
"offset": 0
}Error Response Format
json
{
"error": "Human-readable error description",
"errorCode": "ERROR_CODE"
}HTTP Status Codes
| Status | Meaning |
|---|---|
| 200 | Success |
| 201 | Created |
| 204 | No Content (deleted successfully) |
| 400 | Bad Request (invalid input) |
| 401 | Unauthorized (missing/invalid token) |
| 404 | Not Found |
| 422 | Validation Error |
| 500 | Internal Server Error |
Time/Date Fields
All timestamps are returned as ISO 8601 strings in UTC format: 2026-05-17T12:00:00Z
Pagination
List endpoints support pagination via limit and offset query parameters.
| Parameter | Type | Default | Max | Description |
|---|---|---|---|---|
| limit | integer | 20 | 100 | Number of items to return |
| offset | integer | 0 | - | Number of items to skip |
Directory Structure
docs/api/
README.md # This file
auth.md # Authentication API (login endpoints)
admin/
README.md # Admin API overview
me.md # Admin profile endpoint
product-category.md # Product category management
seller/
README.md # Seller API overview
auth.md # Seller authentication (register, login, logout, password reset)
tenant.md # Tenant management
payonner.md # Payoneer integration
uploads.md # File uploads
product-category.md # Product categoriesAPI Areas
| Area | Base Path | Description |
|---|---|---|
| Auth | /api/auth | Login endpoints |
| Admin | /api/admin | Admin API |
| Seller | /api/seller | Seller API |
| Tenant | /api/tenant | Tenant management (public) |
| Private | /api/private | Private endpoints (auth required) |
| OpenAPI | /openapi | External callbacks |
| Hooks | /hooks | Partner webhooks |