API Reference

PosStar exposes a RESTful API at /api/v1. All endpoints require JWT authentication unless marked as public.

Base URL

# Cloud hosted
https://api.posstar.net/api/v1

# Self-hosted
http://localhost:4000/api/v1

Authentication

All authenticated requests must include a Bearer token in the Authorization header:

Authorization: Bearer <your-jwt-token>

Quick Reference

POST/api/v1/auth/loginLogin with email/password POST/api/v1/auth/registerRegister a new vendor GET/api/v1/auth/meGet current user profile GET/api/v1/productsList all products POST/api/v1/productsCreate a new product GET/api/v1/salesList all sales POST/api/v1/salesCreate a new sale GET/api/v1/customersList all customers POST/api/v1/customersCreate a customer

Response Format

All API responses follow this structure:

// Success response
{
  "id": "uuid-here",
  "name": "Product Name",
  "price": 1999,
  "created_at": "2025-05-18T12:00:00Z"
}

// List response
[
  { "id": "...", "name": "..." },
  { "id": "...", "name": "..." }
]

// Error response
{
  "statusCode": 400,
  "message": "Validation failed",
  "error": "Bad Request"
}

Swagger / OpenAPI

Interactive API documentation is available at /api/docs on your PosStar instance. This Swagger UI lets you test endpoints directly from the browser.