Backend API Routes

Admin API Routes

All admin routes require authentication (AUTHENTICATE=true).

Orders

Method	Endpoint	Purpose
GET	`/admin/aplt/orders`	List orders with pagination/search
POST	`/admin/aplt/orders`	Create order
PUT	`/admin/aplt/orders`	Update order
DELETE	`/admin/aplt/orders`	Delete order
GET/POST	`/admin/aplt/orders/lines`	Order line items CRUD
GET	`/admin/aplt/orders/pdf`	Generate order PDF
POST	`/admin/aplt/orders/eml`	Download .eml with PDF attached
POST	`/admin/aplt/orders/shipping`	Manage shipping info
POST	`/admin/aplt/orders/status`	Update order status

Quotations

Method	Endpoint	Purpose
GET	`/admin/aplt/quotations`	List quotations
POST	`/admin/aplt/quotations`	Create quotation
PUT	`/admin/aplt/quotations`	Update quotation
DELETE	`/admin/aplt/quotations`	Delete quotation
GET/POST	`/admin/aplt/quotations/lines`	Line items CRUD
POST	`/admin/aplt/quotations/lines/generate`	AI-generate lines
GET	`/admin/aplt/quotations/pdf`	Generate PDF
POST	`/admin/aplt/quotations/eml`	Download .eml with PDF attached
POST	`/admin/aplt/quotations/confirm`	Convert to order
POST	`/admin/aplt/quotations/shipping`	Shipping calculations

Invoices & Credit Notes

Method	Endpoint	Purpose
GET/POST	`/admin/aplt/invoices`	Invoice CRUD
GET	`/admin/aplt/invoices/pdf`	Generate invoice PDF
POST	`/admin/aplt/invoices/eml`	Download .eml with PDF attached
GET/POST	`/admin/aplt/credit-notes`	Credit note CRUD
GET	`/admin/aplt/credit-notes/pdf`	Generate credit note PDF

Products

Method	Endpoint	Purpose
GET	`/admin/aplt/products`	List products with filters
GET/POST	`/admin/aplt/products/[sku]`	Single product operations
POST	`/admin/aplt/products/copy`	Clone product
GET	`/admin/aplt/product-techniques`	Product techniques
POST	`/admin/aplt/technique-pricing`	Set technique pricing

CRM & Customers

Method	Endpoint	Purpose
GET/POST	`/admin/aplt/customers`	Customer CRUD
GET/POST	`/admin/aplt/leads`	Lead management
POST	`/admin/aplt/leads/activities`	Log lead activity
POST	`/admin/aplt/leads/tasks`	Create lead task

Financial

Method	Endpoint	Purpose
GET/POST	`/admin/aplt/payments`	Payment tracking
GET/POST	`/admin/aplt/subscriptions`	Subscription management
POST	`/admin/aplt/subscriptions/generate`	Auto-generate invoices
GET/POST	`/admin/aplt/discount-groups`	Discount configurations
GET/POST	`/admin/aplt/vat-codes`	VAT rates
GET/POST	`/admin/aplt/reports`	Reporting data

Data Connectors

Method	Endpoint	Purpose
GET/POST	`/admin/connectors`	List/configure connectors
POST	`/admin/connectors/sync`	Trigger supplier sync
POST	`/admin/connectors/conversion`	Data format conversion
POST	`/admin/connectors/medusa-sync`	Sync to Medusa tables

CMS & Branding

Method	Endpoint	Purpose
GET/POST	`/admin/cms/pages`	CMS page CRUD
GET/POST	`/admin/cms/settings`	CMS settings
GET/POST	`/admin/cms/footer`	Footer configuration
GET/POST	`/admin/cms-modules`	CMS modules
GET/POST	`/admin/page-manager`	Page layout management
GET/POST	`/admin/menu-manager`	Menu management
POST	`/admin/brand-wizard`	Brand configuration
POST	`/admin/brand-upload`	Brand asset upload

Dev Projects

Method	Endpoint	Purpose
GET/POST	`/admin/dev-projects`	Project CRUD
POST	`/admin/dev-projects/files`	Track project files
POST	`/admin/dev-projects/changelog`	Log changes
POST	`/admin/dev-projects/commit`	Git commit
GET	`/admin/dev-projects/diff`	File diff
POST	`/admin/dev-projects/rebuild`	Rebuild containers
GET	`/admin/dev-projects/browse`	Browse project files

Access Control

Method	Endpoint	Purpose
GET/POST	`/admin/aplt/access-requests`	Access request CRUD
GET/PUT	`/admin/aplt/access-requests/[id]`	Single request operations

Integration (Chloe)

Method	Endpoint	Purpose
GET/POST	`/admin/aplt/chloe-product`	Chloe integration (products)
GET/POST	`/admin/aplt/chloe-order`	Chloe integration (orders, 50MB limit)
GET/POST	`/admin/aplt/chloe-customer`	Chloe integration (customer)

AI & Assistants

Method	Endpoint	Purpose
POST	`/admin/aplt/ai-generate-lines`	AI-powered line generation for all document types
POST	`/admin/aplt/wayne-assist`	AI assistant endpoint
POST	`/admin/agent/product-search`	AI agent product search

System & Sync

Method	Endpoint	Purpose
GET	`/admin/aplt/app-version`	Application version info
GET/POST	`/admin/aplt/document-chain`	Document relationships/linking
POST	`/admin/aplt/migrations`	Data migrations
POST	`/admin/aplt/sync-to-sales-channel`	Sync to Medusa sales channel
GET/POST	`/admin/custom`	Custom admin routes

Auth API Routes

Public endpoints (no authentication required, AUTHENTICATE=false).

Password Reset

Method	Endpoint	Purpose
POST	`/auth/[actor_type]/[auth_provider]/reset-password`	Generate reset token & send email

Custom override van het standaard Medusa reset-password endpoint. Stuurt een branded e-mail met reset-link via nodemailer (SMTP: mail.magiceverse.nl).

Request body:

{ "identifier": "user@example.com" }

Gedrag:

Genereert een JWT reset token (15 min geldig) via generateResetPasswordTokenWorkflow
Stuurt een branded HTML e-mail naar het opgegeven adres met een reset-link
Retourneert altijd 201 Created (ook als het e-mailadres niet bestaat, om information leakage te voorkomen)
Reset-link verwijst naar /app/reset-password?token=...&email=...

Locatie: backend/src/api/auth/[actor_type]/[auth_provider]/reset-password/route.ts

Store API Routes

Public endpoints (no authentication required).

Products

Method	Endpoint	Purpose
GET	`/store/aplt/products`	List products (search, filters)
GET	`/store/aplt/products/[sku]`	Product details
GET	`/store/aplt/products/[sku]/techniques`	Product techniques
GET	`/store/aplt/categories`	Product categories

CMS

Method	Endpoint	Purpose
GET	`/store/cms`	Pages, settings, footer (multi-lang)
GET	`/store/mega-menu`	Navigation menu

Customer

Method	Endpoint	Purpose
GET	`/store/access-check`	Check IP access status
POST	`/store/access-request`	Request store access
GET	`/store/customer-logos`	Customer logos
GET	`/store/customer-logos/active`	Active customer logos
GET	`/store/agent-context`	AI agent context

Sales Channels

Method	Endpoint	Purpose
GET	`/store/sales-channels/bulk-products`	Bulk product listing

Custom & Quotations

Method	Endpoint	Purpose
GET/POST	`/store/custom`	Custom store routes
GET/POST	`/store/aplt/quotations`	Customer quote requests
POST	`/store/aplt/quotations/lines`	Add items to quote

Static Asset Routes

Method	Endpoint	Purpose
GET	`/api/branding/logo.png`	Brand logo
GET	`/api/products/images/[supplier]/[filename]`	Product images (auth)
GET	`/api/static/products/[supplier]/[filename]`	Product images (public)