API Endpoints
This page provides an overview of the available API endpoints, grouped by domain. For full request/response schemas, refer to the interactive API documentation.
Authentication
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/v1/auth/login | Authenticate with email/password (built-in IdP). |
| POST | /api/v1/auth/refresh | Refresh an access token using a refresh token. |
| POST | /api/v1/auth/logout | Invalidate the current refresh token. |
| POST | /api/v1/auth/change-password | Change the current user's password. |
| GET | /api/v1/auth/oidc/authorize | Initiate OIDC login flow. |
| GET | /api/v1/auth/oidc/callback | OIDC callback (handles IdP response). |
Visits
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/v1/visits | List visits for the current site (filterable by status, date). |
| POST | /api/v1/visits | Create a new visit (pre-registration). |
| GET | /api/v1/visits/:id | Get visit details. |
| POST | /api/v1/visits/:id/check-in | Check in a visitor. |
| POST | /api/v1/visits/:id/check-out | Check out a visitor. |
| POST | /api/v1/visits/:id/cancel | Cancel a pre-registered visit. |
| POST | /api/v1/visits/validate-qr | Validate a QR token (used by kiosk). |
Visitors
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/v1/visitors | List all visitors (visitor directory). |
| GET | /api/v1/visitors/:id | Get visitor profile with visit history. |
| DELETE | /api/v1/visitors/:id | Delete a visitor and all associated data. |
Documents
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/v1/document-templates | List document templates for the current tenant. |
| POST | /api/v1/document-templates | Create a new template. |
| GET | /api/v1/document-templates/:id | Get template details including versions. |
| POST | /api/v1/document-templates/:id/versions | Publish a new version. |
| POST | /api/v1/visits/:id/documents | Submit signed documents (used by kiosk). |
| GET | /api/v1/visits/:id/documents/:docId/pdf | Download the archived PDF. |
Sites
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/v1/sites | List sites accessible to the current user. |
| POST | /api/v1/sites | Create a new site (Tenant-Admin only). |
| GET | /api/v1/sites/:id | Get site details. |
| PUT | /api/v1/sites/:id | Update site configuration. |
Users
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/v1/users | List users in the current tenant. |
| POST | /api/v1/users | Create a new user (Tenant-Admin only). |
| GET | /api/v1/users/:id | Get user details. |
| PUT | /api/v1/users/:id | Update user (role, site assignments). |
| POST | /api/v1/users/:id/reset-password | Reset a user's password (Tenant-Admin only). |
System
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/v1/system/license | Get current license status and entitlements. |
| GET | /api/v1/system/health | Health check endpoint (no auth required). |
Kiosk
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/v1/kiosk/templates | Get document templates for the kiosk's site. |
| GET | /api/v1/kiosk/site | Get site information for the kiosk's bound site. |
Token types
Most endpoints require a user token type. Kiosk endpoints (/api/v1/kiosk/* and /api/v1/visits/validate-qr) accept kiosk tokens. The token type is checked before role-based authorization.