Overview

API Statistics

• Public Endpoints: — endpoints (no authentication required)
• Client Endpoints: — endpoints (throttle:client)
• Admin Endpoints: — endpoints (auth:sanctum, throttle:admin)
• Webhook Endpoints: — endpoints (external integrations)

Key Features

• Laravel Sanctum Authentication (token-based)
• Comprehensive rate limiting by endpoint type
• API Versioning support
• Webhook integrations (QuickBooks, Twilio, GoHighLevel)
• Role-based permissions system
• Real-time chat and push notifications
• Complete production and work order management
• Multi-type inventory tracking (Fix, Dynamic, Foam)
• QuickBooks, Twilio, and GoHighLevel integration
• Comprehensive order and invoice management
• CMS capabilities for storefront content

Note: This is auto-generated documentation from Laravel route files. Endpoints are loaded from routes.js — edit that file to update the list.

Authentication

The API uses Laravel Sanctum for token-based authentication. Tokens are required for all admin endpoints and some client endpoints.

Using Authentication Tokens

Include the token in the Authorization header for all authenticated requests:

Token Management

• Logout: POST /api/logout (revokes current token)
• Get User: GET /api/user (returns authenticated user info)
• Password Reset: POST /api/forgot-password and /api/reset-password

Rate Limits

Rate limits are enforced to ensure API stability and fair usage across all clients.

Rate Limit Headers

All API responses include rate limit information in headers:

• X-RateLimit-Limit — Maximum requests allowed
• X-RateLimit-Remaining — Requests remaining in current window
• Retry-After — Seconds until limit resets (when exceeded)