Skip to content

added erp docs. #20

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
jitendra-webkul merged 4 commits into from
Mar 20, 2026
Merged

added erp docs. #20

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
234f93e
add erp docs.
suraj-webkul Mar 16, 2026
e67fcdb
refactor docs.
suraj-webkul Mar 17, 2026
ab3e95d
add the scribe api generations.
suraj-webkul Mar 17, 2026
6635ead
Minor change.
suraj-webkul Mar 17, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions .vitepress/routes/master.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -215,6 +215,13 @@ const routes = [
]
}
]
},
{
text: 'AureusERP API',
collapsed: false,
items: [
{ text: 'Introduction', link: '/master/api-reference/index' },
]
}
]

Expand Down
289 changes: 289 additions & 0 deletions src/master/api-reference/index.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,289 @@
# REST API Reference

AureusERP exposes a full-featured REST API that gives you programmatic access to every module in the platform. Whether you are building third-party integrations, automating internal workflows, or syncing data with external systems, the API covers the complete lifecycle of your ERP data — from partners and inventory to purchases, employees, and beyond.

The API is documented and served interactively by [Scribe](https://scribe.knuckles.wtf/). You can browse every endpoint, inspect request and response schemas, and fire live requests without writing a single line of code.

> **💡 Interactive API Explorer**
> Open **[/api/docs](/api/docs)** to explore every available endpoint with a built-in request builder.

---

## Base URL

All API endpoints are relative to your installation's base URL:

```
https://{your-domain}/admin/api/v1
```

Replace `{your-domain}` with the domain where AureusERP is installed (e.g., `erp.example.com`).

---

## API Versioning

The current API version is **v1**. The version is included in every endpoint path:

```
/admin/api/v1/{resource}
```
---

## Authentication

The AureusERP API uses [Laravel Sanctum](https://laravel.com/docs/sanctum) for stateless, token-based authentication. You must obtain a Bearer token before making any protected request.

### Obtaining a Token

Send your credentials to the login endpoint:

```http
POST /admin/api/v1/login
Content-Type: application/json

{
"email": "admin@example.com",
"password": "your-password"
}
```

A successful response returns a token:

```json
{
"data": {
"token": "1|abc123XYZ..."
}
}
```

### Using the Token

Include the token as a `Bearer` header on every subsequent request:

```http
GET /admin/api/v1/partners/partners/partners
Authorization: Bearer {YOUR_AUTH_TOKEN}
Accept: application/json
```

### Revoking a Token

To log out and invalidate the current token:

```http
POST /admin/api/v1/logout
Authorization: Bearer {YOUR_AUTH_TOKEN}
```

> **⚠️ Keep tokens secret**
> Never expose your API token in client-side code, public repositories, or logs. Treat it like a password.

---

## Request Format

- All request bodies must be sent as **JSON** with the `Content-Type: application/json` header.
- Always include `Accept: application/json` so error responses are returned as JSON rather than HTML.

```http
POST /admin/api/v1/partners/partners
Authorization: Bearer {YOUR_AUTH_TOKEN}
Content-Type: application/json
Accept: application/json

{
"name": "Acme Corp",
"email": "contact@acme.com"
}
```

---

## Response Format

All responses follow a consistent JSON envelope:

### Success — Single Resource

```json
{
"data": {
"id": 1,
"name": "Acme Corp",
"email": "contact@acme.com",
"created_at": "2026-03-17T10:00:00.000000Z",
"updated_at": "2026-03-17T10:00:00.000000Z"
}
}
```

### Success — Collection

```json
{
"data": [
{
"id": 1,
"name": "Acme Corp"
},
{
"id": 2,
"name": "Beta Ltd"
}
],
"links": {
"first": "https://erp.example.com/admin/api/v1/partners/partners?page=1",
"last": "https://erp.example.com/admin/api/v1/partners/partners?page=5",
"prev": null,
"next": "https://erp.example.com/admin/api/v1/partners/partners?page=2"
},
"meta": {
"current_page": 1,
"from": 1,
"last_page": 5,
"per_page": 15,
"to": 15,
"total": 72
}
}
```

### Error

```json
{
"message": "The given data was invalid.",
"errors": {
"email": [
"The email field is required."
]
}
}
```

---

## HTTP Status Codes

The API uses standard HTTP status codes to indicate the outcome of every request.

| Code | Meaning |
|------|---------|
| `200 OK` | Request succeeded. |
| `201 Created` | Resource was successfully created. |
| `204 No Content` | Request succeeded with no response body (e.g., DELETE). |
| `400 Bad Request` | The request was malformed or missing required parameters. |
| `401 Unauthorized` | Missing or invalid authentication token. |
| `403 Forbidden` | The authenticated user lacks permission for this action. |
| `404 Not Found` | The requested resource does not exist. |
| `422 Unprocessable Entity` | Validation failed. Check the `errors` object in the response. |
| `429 Too Many Requests` | Rate limit exceeded. Slow down and retry after the indicated period. |
| `500 Internal Server Error` | An unexpected server-side error occurred. |

---

## Pagination

List endpoints return paginated results. Use the `page` and `per_page` query parameters to control pagination:

| Parameter | Default | Description |
|-----------|---------|-------------|
| `page` | `1` | The page number to retrieve. |
| `per_page` | `15` | Number of records per page (max `100`). |

**Example:**

```http
GET /admin/api/v1/partners/partners?page=2&per_page=25
Authorization: Bearer {YOUR_AUTH_TOKEN}
```

Pagination metadata is returned in the `meta` and `links` objects of every collection response (see [Response Format](#response-format) above).

---

## Filtering & Sorting

Most list endpoints support filtering by passing query parameters that match field names, as well as a `sort` parameter:

```http
GET /admin/api/v1/partners/partners?filter[name]=Acme&sort=-created_at
```

- Prefix a sort field with `-` for **descending** order.
- Multiple sort fields can be comma-separated: `sort=name,-created_at`.

> **ℹ️ Note**
> Refer to each resource's endpoint documentation in the [interactive explorer](/api/docs) for the full list of supported filters and sort fields.

---

## Regenerating API Documentation with Scribe

After making any changes to your API — such as adding new endpoints, updating request/response structures, or modifying permissions — you must regenerate the Scribe documentation so the interactive explorer stays in sync with your codebase.

### Regenerate Docs

Run the following Artisan command from your project root:

```bash
php artisan scribe:generate
```

This scans all your API routes, reads docblock annotations and FormRequest rules, and outputs a fresh set of documentation files.

### When to Regenerate

You should run `scribe:generate` whenever you:

- Add, rename, or remove an API endpoint.
- Change request validation rules or response fields.
- Update route middleware (e.g., permission or authentication guards).
- Change the Scribe configuration file.

### Useful Flags

| Flag | Description |
|------|-------------|
| `--force` | Overwrite any manually edited docs without prompting. Cannot be combined with `--no-extraction`. |
| `--no-extraction` | Skip extracting example responses from your app (useful in CI). Cannot be combined with `--force`. |
| `--env=testing` | Run generation against a specific environment. |

> **⚠️ Note**
> The `--force` and `--no-extraction` flags are mutually exclusive — Scribe will throw an error if you pass both at the same time. Choose one based on your use case.

**Example — force overwrite manually edited docs:**

```bash
php artisan scribe:generate --force
```

**Example — skip response extraction (useful in CI where the app may not be fully bootable):**

```bash
php artisan scribe:generate --no-extraction
```

> **💡 Tip**
> Add `php artisan scribe:generate` to your deployment script or CI/CD pipeline so docs are always up to date after every release.

---

### Generate and Preview

After adding annotations, regenerate and review:

```bash
# Regenerate the documentation
php artisan scribe:generate

# Preview locally (docs are served at /api/docs by default)
php artisan serve
```

Open `http://localhost:8000/api/docs` to verify your new endpoints appear correctly.

> **⚠️ Important**
> If your new endpoints are behind permission middleware, make sure the Scribe config includes the correct authentication headers so that example requests work in the interactive explorer.