All Endpoints¶

Complete reference of every HTTP endpoint exposed by Craft Easy. Endpoints are grouped by domain. Standard CRUD resources provide five auto-generated endpoints (list, create, get, update, delete); custom endpoints are listed separately.

Conditional Modules

Many endpoint groups are only available when the corresponding setting is enabled. See the Requires column for each section.

Health & System¶

Always available

Method	Path	Description
GET	`/health`	Liveness probe — returns version and timestamp
GET	`/ready`	Readiness probe — checks MongoDB and registered health checks (200 or 503)
GET	`/admin/schema`	Admin schema for all registered resources, filtered by user access (supports ETag caching)
GET	`/admin/health/detailed`	Detailed health with per-module status
GET	`/erd`	Interactive Entity Relationship Diagram (Cytoscape.js UI)
GET	`/erd/data`	Raw ERD data as JSON — entities, fields, relationships

Requires: ACCESS_DEBUG_ENABLED=true

Method	Path	Description
GET	`/access/capabilities`	List every registered capability and route binding
GET	`/access/me`	Effective access for the current principal — roles, capabilities, scoped capabilities

Authentication¶

Requires: AUTH_ENABLED=true

Method	Path	Description
POST	`/auth/login/email`	Request OTP code via email
POST	`/auth/login/sms`	Request OTP code via SMS
POST	`/auth/verify-otp`	Verify OTP code and receive JWT
POST	`/auth/setup-2fa`	Initialize TOTP two-factor authentication
POST	`/auth/verify-2fa`	Verify TOTP code
POST	`/auth/refresh`	Refresh JWT access token
POST	`/auth/logout`	Logout and invalidate session
GET	`/auth/oauth2/{provider}/authorize`	OAuth2 authorization redirect (Google, Microsoft, GitHub)
GET	`/auth/oauth2/{provider}/callback`	OAuth2 callback handler

Requires: M2M_ENABLED=true

Method	Path	Description
POST	`/auth/token`	M2M token endpoint (OAuth 2.0 Client Credentials / RFC 7523)

Sessions¶

Requires: AUTH_ENABLED=true

Method	Path	Description
GET	`/me/sessions`	List current user's active sessions
DELETE	`/me/sessions/{session_id}`	Terminate a specific session
DELETE	`/me/sessions`	Terminate all sessions except current
GET	`/admin/users/{user_id}/sessions`	Admin: list sessions for a user
DELETE	`/admin/users/{user_id}/sessions`	Admin: terminate all sessions for a user

Users¶

Standard CRUD Resource — always available

Method	Path	Description
GET	`/users`	List users (paginated, filterable, sortable)
POST	`/users`	Create user
GET	`/users/{id}`	Get user by ID
PATCH	`/users/{id}`	Update user (ETag required)
DELETE	`/users/{id}`	Soft-delete user

API Key Management:

Method	Path	Description
POST	`/users/{id}/api-keys`	Generate API key (returned once)
DELETE	`/users/{id}/api-keys`	Revoke API key
PUT	`/users/{id}/api-keys/rotate`	Rotate API key
PUT	`/users/{id}/ip-whitelist`	Update IP whitelist for API key auth
POST	`/users/{id}/public-keys`	Add public key for signed JWT auth
DELETE	`/users/{id}/public-keys/{key_index}`	Remove public key

Roles & Access¶

Standard CRUD Resources

Method	Path	Description
GET	`/roles`	List roles
POST	`/roles`	Create role with capabilities
GET	`/roles/{id}`	Get role
PATCH	`/roles/{id}`	Update role
DELETE	`/roles/{id}`	Delete role
GET	`/role-assignments`	List role assignments
POST	`/role-assignments`	Assign role to user
GET	`/role-assignments/{id}`	Get assignment
PATCH	`/role-assignments/{id}`	Update assignment
DELETE	`/role-assignments/{id}`	Remove assignment

User Roles (convenience):

Method	Path	Description
GET	`/user-roles/{user_id}`	Get all roles for a user
POST	`/user-roles/{user_id}`	Assign role to user
DELETE	`/user-roles/{user_id}/{role_id}`	Revoke role from user

Tenants¶

Requires: MULTI_TENANT_ENABLED=true

Standard CRUD Resource:

Method	Path	Description
GET	`/tenants`	List tenants
POST	`/tenants`	Create tenant
GET	`/tenants/{id}`	Get tenant
PATCH	`/tenants/{id}`	Update tenant (ETag required)
DELETE	`/tenants/{id}`	Delete tenant

Partners¶

Requires: MULTI_TENANT_ENABLED=true — System-scope only

Standard CRUD Resource:

Method	Path	Description
GET	`/partners`	List partners
POST	`/partners`	Create partner
GET	`/partners/{id}`	Get partner
PATCH	`/partners/{id}`	Update partner
DELETE	`/partners/{id}`	Delete partner

Agreements¶

Requires: MULTI_TENANT_ENABLED=true

Method	Path	Description
GET	`/agreements`	List agreements (filterable by tenant, status)
POST	`/agreements`	Create agreement with revenue splits and fees
GET	`/agreements/{id}`	Get agreement
PATCH	`/agreements/{id}`	Update agreement
DELETE	`/agreements/{id}`	Delete agreement

Organization Hierarchy¶

Requires: MULTI_TENANT_ENABLED=true

Standard CRUD Resource:

Method	Path	Description
GET	`/org-nodes`	List organization nodes
POST	`/org-nodes`	Create node
GET	`/org-nodes/{id}`	Get node
PATCH	`/org-nodes/{id}`	Update node
DELETE	`/org-nodes/{id}`	Delete node

Custom:

Method	Path	Description
POST	`/org-nodes/{id}/move`	Move node to new parent
GET	`/org-nodes/{id}/descendants`	Get all descendants
GET	`/org-nodes/tree`	Get full hierarchy tree

Tags¶

Standard CRUD Resource — always available

Method	Path	Description
GET	`/tags`	List tags
POST	`/tags`	Create tag
GET	`/tags/{id}`	Get tag
PATCH	`/tags/{id}`	Update tag
DELETE	`/tags/{id}`	Delete tag

Custom:

Method	Path	Description
GET	`/tags/by-category/{category}`	Get tags in a category (ordered by sort_order)
GET	`/tags/tree/{category}`	Get hierarchical tag tree for category
GET	`/tags/stats/{model_name}`	Tag usage statistics (document count per tag)

Subcontractor Access¶

Method	Path	Description
POST	`/subcontractor-access`	Grant cross-tenant access
GET	`/subcontractor-access`	List active access grants
PATCH	`/subcontractor-access/{id}`	Update access scope and permissions
DELETE	`/subcontractor-access/{id}`	Revoke access

Payments¶

Requires: PAYMENTS_ENABLED=true

Standard CRUD Resource:

Method	Path	Description
GET	`/payments`	List payments
POST	`/payments`	Create payment
GET	`/payments/{id}`	Get payment
PATCH	`/payments/{id}`	Update payment
DELETE	`/payments/{id}`	Delete payment

Custom:

Method	Path	Description
POST	`/payments/{id}/complete`	Mark payment as completed
POST	`/payments/{id}/refund`	Refund payment (full or partial)

Payouts:

Method	Path	Description
GET	`/payouts`	List payout batches
POST	`/payouts`	Create payout batch
POST	`/payouts/{id}/execute`	Execute payout

Payment Matching¶

Requires: PAYMENTS_ENABLED=true

Method	Path	Description
POST	`/payment-matching/match`	Match incoming payment to claim(s)
POST	`/payment-matching/batch`	Batch-match multiple payments
GET	`/unmatched-payments`	List unmatched payments
GET	`/unmatched-payments/{id}`	Get unmatched payment details
POST	`/unmatched-payments/{id}/resolve`	Manually match to claim
POST	`/unmatched-payments/{id}/write-off`	Write off unmatched payment

Payment Accounts¶

Requires: PAYMENTS_ENABLED=true

Method	Path	Description
GET	`/payment-accounts`	List payment accounts
POST	`/payment-accounts`	Create account (bankgiro, plusgiro, IBAN, Stripe)
GET	`/payment-accounts/{id}`	Get account
PUT	`/payment-accounts/{id}`	Update account
DELETE	`/payment-accounts/{id}`	Delete account

Cost Types¶

Method	Path	Description
GET	`/cost-types`	List cost types (filterable by category)
POST	`/cost-types`	Create tenant-specific cost type
PUT	`/cost-types/{id}`	Update cost type
DELETE	`/cost-types/{id}`	Delete cost type (system types protected)

Claims & Collections¶

Requires: PAYMENTS_ENABLED=true

Claims:

Method	Path	Description
GET	`/claims`	List claims (filterable by status, tenant)
POST	`/claims`	Create claim
GET	`/claims/{id}`	Get claim details
PATCH	`/claims/{id}`	Update claim
POST	`/claims/{id}/register-payment`	Register payment against claim
POST	`/claims/{id}/add-fee`	Add reminder or collection fee
POST	`/claims/{id}/escalate`	Escalate to next collection stage
POST	`/claims/{id}/dispute`	Register debtor dispute
POST	`/claims/{id}/resolve-dispute`	Resolve dispute (accept or reject)
POST	`/claims/{id}/pause`	Pause escalation
POST	`/claims/{id}/payment-plan`	Create installment payment plan
GET	`/claims/{id}/timeline`	Claim event timeline
POST	`/claims/{id}/export`	Export claim as PDF

Collection Flows:

Method	Path	Description
GET	`/collections/flows`	List collection flows
GET	`/collections/flows/{id}`	Get flow details
GET	`/collections/flows/by-claim/{claim_id}`	Get flow for a claim
POST	`/collections/flows/{id}/transition`	Manually transition flow stage
POST	`/collections/configs`	Create collection flow config
GET	`/collections/configs/{id}`	Get config
PATCH	`/collections/configs/{id}`	Update config
POST	`/collections/reminders/{flow_id}`	Record reminder sent

Revenue Splits¶

Requires: PAYMENTS_ENABLED=true

Method	Path	Description
POST	`/revenue-splits/rules`	Create revenue split rule
GET	`/revenue-splits/rules`	List rules for tenant
GET	`/revenue-splits/rules/{id}`	Get rule
PATCH	`/revenue-splits/rules/{id}`	Update rule
DELETE	`/revenue-splits/rules/{id}`	Delete rule
POST	`/revenue-splits/calculate`	Calculate split for period
GET	`/revenue-splits/preview`	Preview split calculation
GET	`/revenue-splits/history`	Split calculation history

Settlements¶

Requires: PAYMENTS_ENABLED=true

Method	Path	Description
GET	`/settlements`	List settlements
GET	`/settlements/{id}`	Get settlement details
POST	`/settlements/{id}/finalize`	Finalize settlement (lock allocation)
POST	`/settlements/{id}/payout`	Execute settlement payout
GET	`/settlements/tenants/{tenant_id}/settlement-order`	Get allocation order
PUT	`/settlements/tenants/{tenant_id}/settlement-order`	Update allocation order
POST	`/settlements/allocate`	Allocate payment to claims

Client Funds¶

Requires: PAYMENTS_ENABLED=true

Method	Path	Description
GET	`/client-funds/{tenant_id}`	Get client fund account and recent transactions
POST	`/client-funds/{tenant_id}/deposit`	Deposit into client fund
POST	`/client-funds/{tenant_id}/withdrawal`	Withdraw from client fund
GET	`/client-funds/{tenant_id}/statement`	Statement for period
POST	`/client-funds/{tenant_id}/reconcile`	Reconcile client funds

Reconciliation¶

Requires: PAYMENTS_ENABLED=true

Method	Path	Description
POST	`/reconciliation/upload/bgmax`	Upload and reconcile bank payment file
GET	`/reconciliation/runs`	List reconciliation runs
GET	`/reconciliation/runs/{id}`	Get run details
POST	`/reconciliation/runs/{id}/reprocess`	Reprocess reconciliation
GET	`/reconciliation/dashboard`	Reconciliation summary dashboard

Billing & Subscriptions¶

Requires: PAYMENTS_ENABLED=true

Billing Plans (Standard CRUD Resource):

Method	Path	Description
GET	`/billing-plans`	List billing plans
POST	`/billing-plans`	Create plan
GET	`/billing-plans/{id}`	Get plan
PATCH	`/billing-plans/{id}`	Update plan
DELETE	`/billing-plans/{id}`	Delete plan

Subscriptions:

Method	Path	Description
GET	`/subscriptions`	List subscriptions
POST	`/subscriptions`	Create subscription
GET	`/subscriptions/{id}`	Get subscription
POST	`/subscriptions/{id}/cancel`	Cancel subscription
POST	`/subscriptions/{id}/renew`	Renew subscription

Bookkeeping¶

Requires: BOOKKEEPING_ENABLED=true

Ledger Entries (Standard CRUD Resource):

Method	Path	Description
GET	`/ledger-entries`	List ledger entries
POST	`/ledger-entries`	Create entry
GET	`/ledger-entries/{id}`	Get entry
PATCH	`/ledger-entries/{id}`	Update entry
DELETE	`/ledger-entries/{id}`	Delete entry
POST	`/ledger-entries/{id}/post`	Post ledger entry

Invoices (Standard CRUD Resource):

Method	Path	Description
GET	`/invoices`	List invoices
POST	`/invoices`	Create invoice
GET	`/invoices/{id}`	Get invoice
PATCH	`/invoices/{id}`	Update invoice
DELETE	`/invoices/{id}`	Delete invoice
POST	`/invoices/{id}/send`	Send invoice to recipient
GET	`/invoices/{id}/pdf`	Download invoice as PDF

Reports:

Method	Path	Description
POST	`/bookkeeping/transaction`	Create balanced double-entry transaction
GET	`/bookkeeping/trial-balance`	Trial balance for period
GET	`/bookkeeping/income-statement`	Income statement
GET	`/bookkeeping/balance-sheet`	Balance sheet
POST	`/bookkeeping/export/sie4`	Export to SIE4 format

Notifications¶

Method	Path	Description
GET	`/admin/notification-templates`	List notification templates
POST	`/admin/notification-templates`	Create template with locales
GET	`/admin/notification-templates/{id}`	Get template
PATCH	`/admin/notification-templates/{id}`	Update template
DELETE	`/admin/notification-templates/{id}`	Delete template
POST	`/admin/notification-templates/{id}/status`	Update status (draft, active, archived)
POST	`/admin/notification-templates/{id}/preview`	Preview rendered template with test variables

Webhooks¶

Requires: WEBHOOKS_ENABLED=true

Method	Path	Description
POST	`/webhooks/{provider}`	Receive webhook (signature verification, deduplication)
GET	`/webhooks/events`	List webhook events
GET	`/webhooks/events/{id}`	Get event details
DELETE	`/webhooks/dead-letter/{id}`	Retry failed webhook from dead letter queue

Jobs¶

Requires: JOBS_ENABLED=true

Method	Path	Description
GET	`/jobs/schedules`	List job schedules
POST	`/jobs/schedules`	Create schedule with cron expression
GET	`/jobs/schedules/{id}`	Get schedule
PATCH	`/jobs/schedules/{id}`	Update schedule
DELETE	`/jobs/schedules/{id}`	Delete schedule
POST	`/jobs/schedules/{id}/run`	Manually trigger scheduled job
GET	`/jobs/runs`	List job runs (filterable by schedule, status)
GET	`/jobs/runs/{id}`	Get run details and output
POST	`/jobs/{job_type}/run`	Run a job by type

File Import¶

Requires: FILE_IMPORT_ENABLED=true

Method	Path	Description
GET	`/import-templates`	List import templates
POST	`/import-templates`	Create import template
GET	`/import-templates/{id}`	Get template
PATCH	`/import-templates/{id}`	Update template
DELETE	`/import-templates/{id}`	Delete template
POST	`/imports/run`	Execute file import
GET	`/imports/runs`	List import runs
GET	`/imports/runs/{id}`	Get run details and rejections
POST	`/imports/validate`	Validate file without importing

BI Export¶

Requires: BI_EXPORT_ENABLED=true

Method	Path	Description
GET	`/bi/export/{resource}`	Export resource data (JSON/CSV) with date filtering
GET	`/bi/summary/{resource}`	Aggregated summary grouped by field
GET	`/bi/dashboard`	Dashboard overview with counts and activity
GET	`/bi/report/revenue`	Revenue report for period

Requires: GDPR_ENABLED=true

Method	Path	Description
GET	`/gdpr/schema`	List all models with GDPR-tagged fields
POST	`/gdpr/depersonalize/{collection}/{item_id}`	Depersonalize a document
POST	`/gdpr/export/{user_id}`	Export user's personal data (JSON/CSV)
POST	`/gdpr/consent`	Create consent record
GET	`/gdpr/consent/{user_id}`	Get user's consent records
DELETE	`/gdpr/consent/{user_id}`	Withdraw consent

Audit Log¶

Requires: AUDIT_LOG_ENABLED=true

Method	Path	Description
GET	`/admin/audit-log`	Query audit log with filtering by resource, operation, user, date range
POST	`/admin/audit-log/export`	Export audit log (CSV or JSON)
GET	`/admin/audit-log/stats`	Audit statistics (entries per day, operations breakdown)

Metrics¶

Requires: METRICS_ENABLED=true

Method	Path	Description
GET	`/metrics`	Prometheus-formatted metrics

Common Patterns¶

Standard CRUD Resource¶

Every registered Resource automatically exposes:

GET    /{resource}          List (paginated, filterable, sortable)
POST   /{resource}          Create
GET    /{resource}/{id}     Get by ID
PATCH  /{resource}/{id}     Update (If-Match ETag required)
DELETE /{resource}/{id}     Soft-delete (If-Match ETag required)

Authentication¶

All endpoints (except /health, /ready, /auth/*) require a valid JWT when AUTH_ENABLED=true:

Authorization: Bearer <token>

ETag Concurrency¶

Update and delete operations require the If-Match header:

If-Match: "<etag-value>"

The ETag is returned in the response headers of GET requests.

Pagination¶

List endpoints support both offset and cursor pagination:

GET /users?page=1&per_page=25
GET /users?cursor=<signed-cursor>

Filtering¶

All list endpoints support filtering via query parameters:

GET /users?name=John
GET /users?status__in=active,pending
GET /users?created_at__gte=2024-01-01
GET /users?where={"role": "admin"}

Tenant Scoping¶

When MULTI_TENANT_ENABLED=true, all queries are automatically scoped to the authenticated user's tenant. System-scope users can access all tenants.

All Endpoints¶

Health & System¶

Authentication¶

Sessions¶

Users¶

Roles & Access¶

Tenants¶

Partners¶

Agreements¶

Organization Hierarchy¶

Tags¶

Subcontractor Access¶

Payments¶

Payment Matching¶

Payment Accounts¶

Cost Types¶

Claims & Collections¶

Revenue Splits¶

Settlements¶

Client Funds¶

Reconciliation¶

Billing & Subscriptions¶

Bookkeeping¶

Notifications¶

Webhooks¶

Jobs¶

File Import¶

BI Export¶

GDPR¶

Audit Log¶

Metrics¶

Common Patterns¶

Standard CRUD Resource¶

Authentication¶

ETag Concurrency¶

Pagination¶

Filtering¶

Tenant Scoping¶