API Reference

The API has 39 route modules organized by domain. All routes are prefixed with /api/v1. Authentication is via Authorization: Bearer <token> header. Request and response bodies use JSON.

Authentication & Users

Route	Method(s)	Endpoints	Middleware
`/api/v1/auth`	POST, GET	`register`, `login`, `login/phone`, `oauth/:provider`, `otp/send`, `otp/verify`, `onboarding`, `refresh`, `logout`, `me`, `change-password`, `forgot-password`, `reset-password`	`authLimiter` on login/register
`/api/v1/workspaces`	CRUD	Create, read, update, delete workspaces + `members` sub-routes	`authenticate`, `requireWorkspace`
`/api/v1/accounts`	CRUD	Social account connection and management	`authenticate`, `requireWorkspace('EDITOR')`

Content & Publishing

Route	Method(s)	Endpoints	Middleware
`/api/v1/posts`	CRUD	Create, read, update, delete + `publish`, `duplicate`	`authenticate`, `requireWorkspace('EDITOR')`, `requireQuota('posts')`
`/api/v1/schedules`	CRUD	Schedule management for timed publishing	`authenticate`, `requireWorkspace('EDITOR')`
`/api/v1/media`	POST, GET, DELETE	File upload, listing, deletion	`authenticate`, `upload` middleware
`/api/v1/brand-voice`	CRUD	Brand voice configuration and training	`authenticate`, `requireWorkspace('EDITOR')`
`/api/v1/repurpose`	POST	Content repurposing (transform formats)	`authenticate`, `requireWorkspace('EDITOR')`, `requireFeature`
`/api/v1/calendars`	CRUD	AI-generated content calendars	`authenticate`, `requireWorkspace('EDITOR')`
`/api/v1/trends`	GET	Trending topic detection	`authenticate`, `requireWorkspace('VIEWER')`

AI

Route	Method(s)	Endpoints	Middleware
`/api/v1/ai`	POST	`caption/generate`, `caption/rewrite`, `hashtags/generate`, `cta/generate`, `translate`, `image/generate`	`authenticate`, `requireWorkspace('EDITOR')`, `requireQuota('ai_generations')`, `aiLimiter`
`/api/v1/ai/chat`	POST	AI chat conversations	`authenticate`, `aiLimiter`
`/api/v1/ai/suggestions`	GET	AI-generated content suggestions	`authenticate`, `requireFeature('ai_suggestions')`

Analytics & Intelligence

Route	Method(s)	Endpoints	Middleware
`/api/v1/analytics`	GET	`dashboard`, `timeseries`, `timeseries/by-platform`, `posts/:postId`, `sync/:publicationId`	`authenticate`, `requireWorkspace('VIEWER')`
`/api/v1/analytics/ab-tests`	CRUD	A/B test creation, management, and evaluation	`authenticate`, `requireWorkspace('EDITOR')`
`/api/v1/analytics/advisor`	GET	AI-powered performance recommendations	`authenticate`, `requireWorkspace('VIEWER')`
`/api/v1/predictions`	GET	Engagement and revenue predictions	`authenticate`, `requireFeature('predictions')`
`/api/v1/intelligence`	GET	Gap analysis, algorithmic insights	`authenticate`, `requireWorkspace('VIEWER')`
`/api/v1/competitors`	CRUD	Competitor tracking and snapshots	`authenticate`, `requireWorkspace('EDITOR')`

Conversations (ICE - Intelligent Conversational Engine)

Route	Method(s)	Endpoints	Middleware
`/api/v1/ice`	GET, POST, PATCH	`threads`, `messages`, `reply`, `ai-suggest`, `resolve`, `reopen`	`authenticate`, `requireWorkspace('EDITOR')`
`/api/v1/ice`	GET, PATCH	`bot-toggle`, `bot-config`	`authenticate`, `requireWorkspace('ADMIN')`
`/api/v1/ice`	CRUD	`escalation-rules`, `escalations`	`authenticate`, `requireWorkspace('ADMIN')`
`/api/v1/ice`	GET	`experiments`, `stats`	`authenticate`, `requireWorkspace('VIEWER')`
`/api/v1/conversations`	GET	Legacy inbox endpoints	`authenticate`

E-Commerce & Commerce

Route	Method(s)	Endpoints	Middleware
`/api/v1/ecommerce`	POST, GET	`shopify`, `woocommerce`, `easyorders` (store connection)	`authenticate`, `requireWorkspace('ADMIN')`
`/api/v1/ecommerce`	GET	`products`, `templates`, `sync`	`authenticate`, `requireWorkspace('EDITOR')`
`/api/v1/commerce`	GET	`revenue/dashboard`, `revenue/posts`, `orders`, `segments`, `coupons`	`authenticate`, `requireWorkspace('VIEWER')`

Automation & Workflows

Route	Method(s)	Endpoints	Middleware
`/api/v1/workflows`	CRUD	Create, read, update, delete workflows	`authenticate`, `requireWorkspace('EDITOR')`
`/api/v1/workflows`	POST	`activate`, `pause`, `runs`, `test`	`authenticate`, `requireWorkspace('EDITOR')`

Route	Method(s)	Endpoints	Middleware
`/api/v1/ads`	CRUD	Ad campaigns, auto-boost rules, performance data	`authenticate`, `requireWorkspace('EDITOR')`, `requireFeature('ads')`

Audience & CRM

Route	Method(s)	Endpoints	Middleware
`/api/v1/audience`	GET	Audience profiles, segments, tags, interactions	`authenticate`, `requireWorkspace('VIEWER')`

Agency & Collaboration

Route	Method(s)	Endpoints	Middleware
`/api/v1/approvals`	CRUD	Approval request workflows	`authenticate`, `requireWorkspace('EDITOR')`
`/api/v1/reports`	CRUD	Client report generation	`authenticate`, `requireWorkspace('EDITOR')`

Integrations & Webhooks

Route	Method(s)	Endpoints	Middleware
`/api/v1/integrations`	CRUD	Third-party integration management	`authenticate`, `requireWorkspace('ADMIN')`
`/api/v1/webhooks`	CRUD	Webhook configuration and management	`authenticate`, `requireWorkspace('ADMIN')`

Billing & Payments

Route	Method(s)	Endpoints	Middleware
`/api/v1/payments`	POST	Stripe/Paymob webhook handlers	Signature verification
`/api/v1/plans`	GET	Available subscription plans	Public
`/api/v1/usage`	GET	Workspace usage statistics	`authenticate`, `requireWorkspace('ADMIN')`

Admin (Super Admin)

Route	Method(s)	Endpoints	Middleware
`/api/v1/admin`	GET, POST, PATCH, DELETE	Platform-wide dashboard, user management, AI usage monitoring, billing management	`authenticate`, `requireSuperAdmin`

Request Validation

All request bodies are validated using Zod schemas from the @unipulse/shared package via the validate.ts middleware. Invalid requests receive a 400 response:

{
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Validation failed",
    "details": [
      {
        "field": "caption",
        "message": "String must contain at least 1 character(s)"
      }
    ]
  }
}

Rate Limiting

Limiter	Scope	Limit	Routes
`authLimiter`	Per IP	Strict	`/api/v1/auth/login`, `/api/v1/auth/register`, `/api/v1/auth/otp/*`
`aiLimiter`	Per workspace	Plan-based	`/api/v1/ai/*`
Global	Per IP	Liberal	All other routes

Standard Error Response

{
  "error": {
    "code": "NOT_FOUND",
    "message": "Post not found",
    "details": {}
  }
}

Code	HTTP Status
`VALIDATION_ERROR`	400
`UNAUTHORIZED`	401
`FORBIDDEN`	403
`NOT_FOUND`	404
`CONFLICT`	409
`RATE_LIMITED`	429
`INTERNAL_ERROR`	500

Cross-Reference

Services -- business logic layer behind each route
Middleware -- middleware stack details
Error Handling -- error patterns and codes
Auth Flow -- authentication details
Shared Validators -- Zod schemas

Authentication & Users​

Content & Publishing​

AI​

Analytics & Intelligence​

Conversations (ICE - Intelligent Conversational Engine)​

E-Commerce & Commerce​

Automation & Workflows​

Ads​

Audience & CRM​

Agency & Collaboration​

Integrations & Webhooks​

Billing & Payments​

Admin (Super Admin)​

Request Validation​

Rate Limiting​

Standard Error Response​