API architecture
All data flows through REST APIs. JSON request/response; consistent conventions across modules.
REST conventions
| Pattern | Example |
|---|---|
| List | GET /api/{module}/{resource}?page=1&pageSize=25 |
| Get one | GET /api/{module}/{resource}/{id} |
| Create | POST /api/{module}/{resource} |
| Update | PUT /api/{module}/{resource}/{id} |
| Delete | DELETE /api/{module}/{resource}/{id} |
| Action | POST /api/{module}/{resource}/{id}/{action} |
Response format
{
"data": [],
"totalCount": 0,
"page": 1,
"pageSize": 25
}Error format
{
"status": 400,
"message": "string",
"errors": [
{ "field": "string", "message": "string" }
]
}Headers
Authorization: Bearer {jwt}— Required for all API callsX-Tenant-Id: {tenantId}— If not using subdomainIf-None-Match: {etag}— For 304 cachingAccept-Language: {locale}— Regional
Status codes
200 OK, 304 Not Modified, 400 Bad Request, 401 Unauthorized, 403 Forbidden, 404 Not Found, 500 Internal Server Error.