14 — API endpoint catalog
A categorised reference of the backend endpoints the frontend calls. Roughly 150 unique endpoints across pages, components, store, and middleware.
This catalog is derived from grepping the source, not from a backend OpenAPI spec. Treat it as a roadmap — for authoritative request/response shapes, look at the call site or ask the backend team.
Conventions
/auth/* endpoints are authenticated. The axios interceptor in middleware/axios.js adds token and accountId headers automatically. Most write endpoints accept account_id in the JSON body too.- Non-
/auth/* endpoints are unauthenticated from the frontend's perspective (the interceptor doesn't add identity headers). Some are still backend-side authenticated by signed tokens or by the originating cookie domain.
- All endpoints use the base URL
process.env.API_URL.
- The
apptype header (base64 of process.env.APP_TYPE) is added to every request.
- Many endpoints follow the response shape
{ status, data: { ... } } or { status, data: [...] }. The convention in store actions is to read data.data[0] for "single resource" endpoints — be aware of this when calling them.
Authentication & session
| Method |
Path |
Caller(s) |
Notes |
| POST |
/webauthenticate |
@nuxtjs/auth local strategy |
Email/password login. Returns { data: { token, ... } }. |
| GET |
/me |
@nuxtjs/auth local strategy |
User-fetch endpoint after login. Returns the user record under data. |
| POST |
/login |
loginuser action |
Alternate login endpoint. Verify with the team if still in use. |
| POST |
/sociallogin |
getUserData action |
Generic social-login token exchange. |
| POST |
/socialRegister |
socialRegister action |
Social sign-up. Sets login cookies. |
| POST |
/linkedInRegister |
linkedInLogin action |
LinkedIn signup/login. |
| POST |
/linkedinauth |
linkedinauth action |
LinkedIn auth-link (re-link existing account). |
| POST |
/auth/linkedinuserdetail |
linkedinuserdtl action |
LinkedIn profile fetch after auth. |
| POST |
/twitterRegister |
twitterLogin action |
Twitter signup/login (OAuth v1). |
| POST |
/twitterAuth |
twitterRLAuth action |
Twitter relink for existing accounts. |
| POST |
/auth/tiktokRegister |
TikTok signup flow |
TikTok signup/login. |
| POST |
/sociallink |
sociallink action |
Link a provider to the user. |
| POST |
/auth/sociallinkstatus |
sociallinkstatus action |
Get current social-link status for the user. |
| POST |
/socialreconnect |
Social-account reconnection flow |
Trigger backend to refresh provider tokens. |
| GET |
/auth/socialAccountStatus |
sociallink action (post-link) |
Mark a social account as freshly linked. |
| POST |
/tokenRefresh |
sociallink action |
Refresh provider tokens (Facebook & Instagram especially). |
| POST |
/sendForgotPasswordResetLink |
sendForgotPasswordLink action |
Initiates password reset. |
| POST |
/sendMFA |
MFA flow |
Send MFA challenge (SMS/email OTP). |
| POST |
/MFAauthenticate |
MFA flow |
Verify MFA challenge. |
| POST |
/existinguserCheck |
Signup flow |
Check whether an email is already registered. |
| POST |
/mailVerificationAccepted |
Email-verification landing |
Mark email-verification token consumed. |
Accounts (the workspace)
| Method |
Path |
Caller(s) |
Notes |
| POST |
/accountRegister |
Account creation flow |
Creates a new account. |
| POST |
/auth/createAccount |
Account creation flow |
Internal account creation (auth'd). |
| POST |
/auth/getaccountdetails |
middleware/redirect.js, api/fetchAccountDetails |
Returns account record incl. landing_url, Onboarding_type_id, roleType, etc. |
| POST |
/auth/accountDetailsCreation |
Onboarding flow |
Initial account-detail capture. |
| POST |
/auth/getaccountowner |
Multi-account UI |
Owner's user record. |
| POST |
/auth/getOwnerPersonalDetails |
Owner profile UI |
Owner's personal details. |
| GET |
/auth/getuaccounts |
Account switcher |
List of accounts the user belongs to (lower-case 'u'). |
| GET |
/auth/getUAccounts |
Account switcher |
Same as above (capital 'U'). Verify with the team which is canonical. |
| GET |
/auth/getDefaultAccount |
defaultAccount action |
The user's default account. |
| POST |
/addOrUpdateDefaultAccount |
addOrUpdateDefaultAccount action |
Set default account. |
| GET |
/auth/getAccountinactiveusers |
Member-management UI |
Inactive users on the account. |
| POST |
/auth/updateAccountDetails |
Account-settings UI |
Update org-level account fields. |
| POST |
/auth/setlandingaccount |
Account-settings UI |
Persist the user's landing account choice. |
User profile
| Method |
Path |
Caller(s) |
Notes |
| GET |
/auth/getUserdetail |
api/fetchUserDetails |
Cached. Profile fields, preferences. |
| POST |
/updateProfile |
getUTZ (in redirect.js), profile UI |
Update last-login and other profile fields. |
| POST |
/auth/UpdateUsertaxid |
Billing UI |
Update tax ID for invoicing. |
Member / team management
| Method |
Path |
Caller(s) |
Notes |
| POST |
/userlist |
Team UI |
List of users. |
| POST |
/addOrUpdateAccountMembers |
Team UI |
Add/update a member on the account. |
| GET |
/auth/getAllcorpInvitedUsers |
Team UI |
All invited users on a corporate account. |
| POST |
/addOrUpdateUserInvitationCorp |
Invite flow |
Send/update an invite. |
| POST |
/UpdateAccountMembersactive |
Team UI |
Activate/deactivate a member. |
| POST |
/DeleteinactiveUser |
Team UI |
Remove an inactive user. |
| POST |
/DeleteInviteUsercorp |
Invite UI |
Delete a pending corporate invite. |
| POST |
/getAllcreateInviteUserCorp |
Invite UI |
List of invitable users on a corporate account. |
| POST |
/AcceptOrRejectInvite |
Invite acceptance landing |
Accept or reject an invite. |
| POST |
/updateUserInvite |
Invite acceptance landing |
Update invite state during acceptance. |
| POST |
/getinvtokeninfo |
Invite acceptance landing |
Inspect invite token for prefilled data. |
| POST |
/auth/getConfirmationDetails |
Invite confirmation |
Confirmation-page bootstrap data. |
Settings, languages, tone
| Method |
Path |
Caller(s) |
Notes |
| GET |
/auth/getSetting |
api/fetchSettings |
Cached. User-level setting object. |
| POST |
/auth/addOrUpdateSetting |
Settings UI |
Persist user setting changes. |
| GET |
/auth/getObjective |
Onboarding / objectives UI |
Fetch objectives. |
| GET |
/getLanguages |
api/fetchLanguages |
Cached. Available content languages. |
| GET |
/getToneOfVoice |
api/fetchToneOfVoice |
Cached. Tone-of-voice presets. |
| GET |
/getDiy_text |
api/fetchDIYPost |
Cached. DIY post template text. |
| GET |
/getCountries |
Address forms |
|
| GET |
/getStates |
Address forms |
|
| GET |
/getVariants |
Content/template variants UI |
Verify with the team what variants this returns. |
Onboarding
| Method |
Path |
Caller(s) |
Notes |
| POST |
/getonboardingtype |
onboarding/fetchOnboardingFlow |
Fetch the onboarding flow JSON for a given Onboarding_type_id. |
| GET |
/getdefaultonboardingtype |
Onboarding bootstrap |
The fallback type when no Onboarding_type_id is set. |
| GET |
/auth/getOnboardingDetails |
onboarding/fetchOnboardingDetails |
Cached (3-min TTL). Detailed onboarding state. |
Subscriptions & billing
| Method |
Path |
Caller(s) |
Notes |
| GET |
/auth/getSubscriptions |
api/fetchSubscription |
Cached. Side effect: writes subs cookie. Read by redirect.js. |
| GET |
/auth/getSubscriptions0 |
(specific UI flow) |
Verify with the team what the 0 variant returns. |
| POST |
/auth/addOrUpdateSubscriptions |
Billing UI |
Create/update a subscription. |
| POST |
/auth/createpaymentintent |
Stripe checkout |
Create a Stripe payment intent. |
| GET |
/auth/getPaddleSubData |
Paddle billing UI |
Paddle subscription details. |
| GET |
/auth/paddleManagementUrl |
Paddle billing UI |
URL to Paddle's customer-portal for self-service. |
| POST |
/auth/paddlePaymentUpdate |
Paddle payment-update UI |
Webhook-like update from frontend. |
| GET |
/auth/getBillingInfo |
Billing UI |
Billing/invoice info. |
| GET |
/auth/getBillinginfo |
Billing UI |
Same as above (case variant). Verify which is canonical. |
| POST |
/auth/addOrUpdateUserBillingInfo |
Billing UI |
Persist billing info. |
| POST |
/auth/addUpdateBillingData |
Billing UI |
Alternate billing-info endpoint. |
| POST |
/auth/impact-conversion |
Affiliate flow |
Track an affiliate conversion (Impact Radius / FirstPromoter). |
| POST |
/auth/cancel-impact-conversion |
Affiliate flow |
Cancel an in-flight conversion. |
| GET |
/auth/Notify?isFrom=billing |
Billing UI |
Billing-flow notifications. |
Posts (lifecycle)
See 13-post-lifecycle.md for what each status means.
| Method |
Path |
Caller(s) |
Notes |
| POST |
/auth/getpost |
api/fetchPosts |
Paginated. Cached per page. |
| POST |
/auth/getfavouriteposts |
api/fetchFavPosts |
Paginated. Cached per page. |
| POST |
/getPendingpost |
Approval queue UI |
Posts awaiting approval. |
| GET |
/auth/getMyListPosts |
getMyPosts action |
Root-store list-posts fetch (legacy — prefer api/fetchPosts). |
| POST |
/auth/getALLEventposts |
Holiday/event UI |
All event posts. |
| POST |
/auth/getEventposts |
Holiday/event UI |
Single-event posts. |
| POST |
/auth/scheduleEventposts |
Holiday/event UI |
Schedule an event post. |
| POST |
/auth/userScheduleArticle |
Article scheduling UI |
Schedule a regular post. |
| POST |
/auth/rescheduleArticle |
Calendar drag/drop |
Move a scheduled post to a new date. |
| POST |
/auth/userScheduleAccountNews |
Account-news scheduling UI |
Schedule an account-news post. |
| POST |
/auth/userScheduleCarousal |
Carousel scheduling |
Schedule a carousel post. |
| POST |
/auth/userContentSchedulePost |
Custom-content scheduling UI |
Schedule custom content. |
| POST |
/auth/getcarousalpost |
Carousel editor |
Fetch a carousel post. |
| POST |
/auth/geteditcarousalpost |
Carousel editor |
Editable carousel-post payload. |
| POST |
/auth/postlanding |
Post-landing UI |
Post landing-page metadata. |
| POST |
/auth/setpostcount |
Post counter UI |
Increment/update a post counter. |
| POST |
/auth/postGeneratingGmail |
AI generation flow |
Verify with the team — likely an email-template generation step. |
| POST |
/auth/getGenerateContentStatus |
AI generation flow |
Poll for AI-generation completion. |
| GET |
/getGenerateContentStatus |
AI generation flow |
Unauthenticated variant. Verify which is canonical. |
| POST |
/generateMoreContent |
AI generation flow |
"Generate more" button. |
| POST |
/auth/rephraseAndTranslateContent |
AI generation flow |
Rephrase or translate generated content. |
| POST |
/auth/deletecuspost |
Custom-post UI |
Delete a custom post. |
| POST |
/auth/approveSkeletonPost |
Approval modal |
Approve a skeleton (raw-AI) post. |
| POST |
/saveUserposts |
Post-editor save |
Persist post JSON from the Polotno editor host page. |
| POST |
/getTemplate |
Post-editor load |
Fetch a template by ID for editing. |
| POST |
/addOrUpdateContent |
Content UI |
Generic content insert/update. |
| POST |
/addOrUpdateConversation |
Chat / conversation UI |
Conversation insert/update. |
| POST |
/addOrUpdateReGenerate |
AI regenerate flow |
Trigger a regenerate. |
| POST |
/addOrUpdateSaveSubCustomContentUserLib |
Custom-content library UI |
Save sub-custom content into the user library. |
| Method |
Path |
Caller(s) |
Notes |
| GET |
/auth/getAllLibrary |
api/fetchLibraryPosts |
Cached. The user's library aggregate. |
| GET |
/auth/getMyLibraryPost/<page> |
api/fetchImageLibrary |
Paginated. Cached per page. Note path-param style here. |
| POST |
/auth/getAllSharedImages |
api/fetchSharedImages |
Paginated. Cached per page. |
| POST |
/auth/getAllSharedFolderImages |
Shared-folder UI |
Per-folder shared images. |
| POST |
/auth/getAllImageFolder |
Folder browser |
Image folders. |
| POST |
/auth/getAllSharedFolderTemps |
Template browser |
Per-folder shared templates. |
| POST |
/auth/addOrUpdateUserLibrary |
Library UI |
Add/update a library entry. |
| POST |
/auth/addUserFolderTemplatesById |
Template UI |
Add a template to a user folder. |
| POST |
/auth/addOrUpdateSharedUserFolder |
Shared-folder UI |
Manage shared folders. |
| POST |
/addOrUpdateUserFolder |
Folder UI |
Manage user folders. |
| GET |
/auth/getLogo |
Brand-kit UI |
Account logo. |
| POST |
/auth/uploadLogo |
Brand-kit UI |
Upload a new logo. |
| POST |
/auth/Removelogo |
Brand-kit UI |
Remove the logo. |
| GET |
/auth/getfooter |
Brand-kit UI |
Footer asset. |
| POST |
/auth/getUsermediaedit |
User-media editor |
Edit-time payload. |
| POST |
/auth/geteditusermedia |
User-media editor |
Same family. Verify with the team which is canonical. |
| POST |
/auth/geteditcusmedia |
Custom-media editor |
Edit-time payload (custom variant). |
| POST |
/changeusermedia |
User-media editor |
Change/swap media on a post. |
| POST |
/uploadCsvFile |
Bulk-import UI |
CSV upload (bulk content import). |
| POST |
/uploadReelVideo |
Reel UI |
Reel video upload. |
| POST |
/auth/uploadAccountsAssets |
Brand-kit UI |
Generic account-asset upload (likely S3 metadata). |
| POST |
/archiveContentFolder |
Folder UI |
Archive a folder. |
Brand kit, AI brand assets, organisation profile
| Method |
Path |
Caller(s) |
Notes |
| POST |
/auth/getBrandPositioning |
Brand-kit UI |
Fetch brand positioning. |
| POST |
/auth/getAiBrandPositioning |
Brand-kit UI |
Fetch AI-suggested brand positioning. |
| POST |
/auth/addOrUpdateBrandPositioning |
Brand-kit UI |
Persist brand positioning. |
| POST |
/auth/replaceAIBrandPositioning |
Brand-kit UI |
Replace with AI-regenerated version. |
| POST |
/auth/approveBrandPositioning |
Approval modal |
Approve brand positioning copy. |
| POST |
/auth/getCompanyData |
Org-profile UI |
Company data. |
| POST |
/auth/AICompanyData |
Org-profile UI |
AI-generated company data. |
| POST |
/auth/addOrUpdateCompanyData |
Org-profile UI |
Persist company data. |
| POST |
/auth/replaceAICompanyData |
Org-profile UI |
Replace with AI-regenerated. |
| POST |
/auth/getAiObjective |
Goals/objectives UI |
AI-suggested objective. |
| POST |
/auth/replaceAIObjective |
Goals/objectives UI |
Replace with AI-regenerated. |
| POST |
/auth/approveObjective |
Approval modal |
Approve objective. |
| GET |
/auth/getDetailForWelcomeModal |
Welcome modal |
Bootstrap data for welcome. |
| POST |
/auth/processOrgDetails |
Org-profile UI |
Process org details (likely stream-then-persist). |
| POST |
/auth/brandTemplateSet |
Brand-kit UI |
Persist a template set. |
| POST |
/auth/savecolorset |
Brand-kit UI |
Save brand colours. |
| POST |
/auth/saveFont |
Brand-kit UI |
Save brand fonts. |
| POST |
/auth/addFavaccTempset |
Template-set UI |
Mark a template set as favourite. |
| GET |
/generate-organization-profile?stream=true |
Org-profile UI |
Streaming AI generation. |
| POST |
/process-organization-profile |
Org-profile UI |
Post-process the streamed result. |
| POST |
/generate-chapter-profile |
Chapter (BNI) UI |
Generate chapter profile. |
| POST |
/update-chapter-profile |
Chapter (BNI) UI |
Update chapter profile. |
| POST |
/auth/approveChapterData |
Approval modal |
Approve chapter data. |
| POST |
/auth/bni-corporate-profile |
BNI-flow UI |
BNI-specific corporate profile endpoint. |
Topics, subjects, industries, categories
| Method |
Path |
Caller(s) |
Notes |
| GET |
/getCategories |
getCategories action |
|
| POST |
/addupdateCategories |
Admin / category UI |
|
| GET |
/getDefaultCategories |
getDefaultCategories action |
|
| GET |
/getIndustries |
getIndustries action |
|
| GET |
/getOffsetIndustry |
Industry-paged UI |
|
| POST |
/addupdateIndustries |
Admin / industry UI |
|
| POST |
/classify-industry |
Onboarding |
Classify a free-text input into an industry. |
| POST |
/generate-topics-suggestion |
Topics UI |
AI topic suggestions. |
| POST |
/auth/getRecommendedTopics |
Topics UI |
Per-account recommended topics. |
| POST |
/auth/addOrUpdateRecommendedTopics |
Topics UI |
Persist topic preferences. |
| POST |
/auth/chooseRecomSubject |
Subjects-services UI |
Pick a recommended subject. |
| POST |
/auth/removeRecomSubject |
Subjects-services UI |
Unpick a subject. |
| POST |
/auth/getUserChosenSubjects |
Subjects-services UI |
List the user's chosen subjects. |
| POST |
/getGoalsObjects |
Goals/objectives UI |
Goals catalogue. |
Approval / scheduling pipeline
| Method |
Path |
Caller(s) |
Notes |
| GET |
/auth/getApprovedDates |
api/fetchApprovedDates |
Cached. Dates with at least one approved post. |
| POST |
/auth/getSchedulingStatus |
getStatusMyPosts action |
Per-post scheduling status. |
| POST |
/auth/startSchedulingStatus |
Scheduling job UI |
Trigger backend scheduling job. |
| POST |
/auth/startSchedulingFeed |
Feed UI |
Start scheduling for a feed. |
| POST |
/auth/addOrUpdateFeed |
Feed UI |
Manage account feeds. |
| GET |
/auth/getAccountsFeed |
Feed UI |
List account feeds. |
Reels & ideas
| Method |
Path |
Caller(s) |
Notes |
| GET |
/auth/getAllReelIdeasFolder |
api/fetchAllReelIdeas |
Cached. |
Logging, activity, web scraping
| Method |
Path |
Caller(s) |
Notes |
| POST |
/auth/addOrUpdateAccountActivelog |
Activity logger |
Append to activity log. |
| POST |
/auth/webscrapingProcess |
Onboarding / brand-kit |
Trigger web scraping of a website. |
| POST |
/auth/addBusinessInformation |
Onboarding |
Persist business info (post-scrape). |
| POST |
/auth/addAccountWebsites |
Onboarding |
Add account websites. |
| GET |
/auth/getAccountWebsiteFolders |
Onboarding |
Per-website folders. |
| GET |
/getDefaultBrandColor |
Brand-kit UI |
Suggested default brand colour. |
Member chat
| Method |
Path |
Caller(s) |
Notes |
| POST |
/getMemberschatMessages |
Chat UI |
List messages between members. |
Nuxt server middleware
These are mounted by nuxt.config.js → serverMiddleware and run inside the Nuxt Node process — not the backend.
| Method |
Path |
Handler |
Notes |
| GET |
/api/youtube-videos |
api/index.js |
YouTube Data API proxy. Uses YOUTUBE_API_KEY (build-time env). |
| GET/POST |
/api/twitter* |
api/twitter-middleware.js |
OAuth callbacks for Twitter (cannot be done client-side). |
| — |
api/test-middleware |
api/test-middleware.js |
Verify with the team what this is for. |
Patterns to be aware of
/auth/getuaccounts vs /auth/getUAccounts — both exist in the codebase. The difference is just casing. Pick one when you call from new code; ask which the backend prefers./auth/getBillingInfo vs /auth/getBillinginfo — same caveat./getGenerateContentStatus vs /auth/getGenerateContentStatus — same path, two auth conventions. Behaviour may differ.- GET endpoints with body params — some "GET" endpoints expect a body (
/auth/getMyLibraryPost/<page> is a path param, not a body). Always check the existing call site.
pData.msp[0] and data.data[0] patterns — many endpoints return a single resource as an array of length 1. The frontend convention is to read [0] after destructuring data.
Adding a new endpoint
- Confirm with the backend team that it exists (or is planned).
- Decide whether it's cacheable. If it's read-heavy and account-scoped, add it to
store/api.js following the existing pattern (see 05-state-management.md).
- If it's a one-off, call it directly from the page or component with
this.$axios.get/post.
- Update this catalog with the new endpoint.
Maintenance
This catalog drifts if not maintained. To regenerate the rough endpoint list:
grep -rohE "axios\.(post|get|put|delete)\([\"'][^\"']+[\"']" pages components store middleware api 2>/dev/null \
| grep -oE "[\"'][^\"']+[\"']" \
| grep -E "^['\"]/" \
| sort -u
Compare the output to this catalog and add entries for any new paths.