API Overview

The SalonERP REST API runs on http://localhost:4000/api and provides endpoints for all modules of the system.

Base URL

http://localhost:4000/api

Authentication

Most endpoints require a JWT Bearer token via the Authorization header:

Authorization: Bearer <jwt>

Tokens are obtained via POST /api/auth/login and expire after 8 hours. Mobile clients can use a refresh token with POST /api/auth/refresh for 30-day sessions.

Public endpoints under /api/public/* require no authentication.

Error Format

All errors follow a consistent JSON format:

{
  "error": "Error message in Dutch",
  "details": {}
}

Status	Meaning
400	Validation errors, invalid input
401	Missing or invalid token
403	Insufficient permissions
404	Resource not found
409	Duplicate or conflicting
500	Unexpected server error

Pagination

List endpoints support optional pagination via query parameters:

GET /api/bookings?page=2&limit=20

Paginated Response

{
  "items": [ ... ],
  "total": 148,
  "page": 2,
  "limit": 20,
  "pages": 8
}

Without `?page`

Returns a plain array (backward compatible).

Defaults: limit=50, max limit=200.

Modules

Module	Base path	Description
Authentication	`/api/auth`	Login, registration, setup, tokens
Bookings	`/api/bookings`	Appointments CRUD
Clients	`/api/crm`	Client management (CRM)
Services	`/api/services`	Services and categories
POS	`/api/pos`	Point of Sale
Inventory	`/api/inventory` + `/api/suppliers`	Products, categories, stock, purchase orders
Internal Consumption	`/api/internal-consumption`	Internal product usage
Staff	`/api/staff`	Staff and schedules
Reporting	`/api/reporting`	Reports and statistics
Notifications	`/api/notifications`	In-app notifications
Settings	`/api/settings`	Configuration and feature toggles
Campaigns	`/api/campaigns`	Marketing email campaigns
Backup	`/api/backup`	Backup and restore
Public	`/api/public`	Online booking page (no auth)

Additional modules (not separately documented)

Module	Base path	Description
Payments	`/api/payments`	Stripe webhook + payment handling
Calendar	`/api/calendar`	Google Calendar integration
Reviews	`/api/reviews`	Client reviews
Waitlist	`/api/waitlist`	Waitlist management
Loyalty	`/api/loyalty`	Loyalty programme
Gift Cards	`/api/gift-cards`	Gift card management
Promotions	`/api/promotions`	Discount codes and promotions
Packages	`/api/packages`	Service packages
Recurring	`/api/recurring`	Recurring bookings
Audit	`/api/audit`	Audit log
Locations	`/api/locations`	Multi-location support
WhatsApp	`/api/whatsapp`	WhatsApp messaging
Accounting Export	`/api/accounting-export`	Accounting data export

Base URL​

Authentication​

Error Format​

Pagination​

Paginated Response​

Without ?page​

Modules​

Additional modules (not separately documented)​