Backoffice API
Base URL: http://localhost:3001 (dev) · port 8001 (Docker)
JWT audience: backoffice — all routes require a valid Bearer token unless noted.
Roles: operator, photographer
Auth
POST /v1/auth/register
Register a new operator account.
Public — no token required.
Body
{ "name": "string", "email": "string", "password": "string", "timezone": "string?" }Response 201
{ "token": "string" }POST /v1/auth/login
Log in as an operator or photographer.
Public — no token required.
Body
{ "email": "string", "password": "string" }Response 200
{ "token": "string" }POST /v1/auth/register-photographer
Register a new photographer under the authenticated operator.
Role operator
Body
{ "name": "string", "email": "string", "password": "string" }Response 201
{ "id": "uuid", "name": "string", "email": "string" }Projects
GET /v1/projects
List all projects belonging to the authenticated operator.
Role operator
Response 200 — array of project summaries.
POST /v1/projects
Create a new project.
Role operator
Body
{
"name": "string",
"locationName": "string?",
"startAt": "ISO 8601?",
"endAt": "ISO 8601?",
"projectLink": "url?",
"termsAndConditions": "string?",
"timezone": "string?"
}Response 201 — project detail with empty photographers and packages arrays.
GET /v1/projects/:id
Get project detail including assigned photographers and linked packages.
Role operator, photographer
PATCH /v1/projects/:id
Update project fields (currently timezone).
Role operator
POST /v1/projects/:id/photographers
Assign a photographer to a project.
Role operator
Body { "photographerId": "uuid" }
Response 204
DELETE /v1/projects/:id/photographers/:photographerId
Remove a photographer from a project.
Role operator · Response 204
POST /v1/projects/:id/packages
Link a pricing package to a project.
Role operator
Body { "packageId": "uuid" }
Response 204
DELETE /v1/projects/:id/packages/:packageId
Unlink a package from a project.
Role operator · Response 204
Photographers
GET /v1/photographers/me/projects
List projects the authenticated photographer is assigned to.
Role photographer
GET /v1/photographers/me/projects/:id
Get a single project the photographer is assigned to.
Role photographer
GET /v1/photographers
List all photographers belonging to the authenticated operator.
Role operator
PATCH /v1/photographers/:id
Update a photographer's name or email.
Role operator
DELETE /v1/photographers/:id
Delete a photographer. Fails with 409 if the photographer is assigned to any project.
Role operator
Packages
GET /v1/packages
List all packages belonging to the authenticated operator.
Role operator
POST /v1/packages
Create a pricing package.
Role operator
Body
{ "name": "string", "price": 1000, "photoCount": 10 }price is in cents.
PATCH /v1/packages/:id
Update a package.
Role operator
DELETE /v1/packages/:id
Delete a package.
Role operator · Response 204
Operators
GET /v1/operators/me
Get the authenticated operator's profile.
Role operator
PATCH /v1/operators/me
Update profile fields (name, address, billing address, currency, locale, timezone, profile picture URL).
Role operator
Analytics
GET /v1/analytics
Returns KPIs, photos by photographer, package sales, and conversion funnel for the operator's account.
Role operator
Query ?projectId=uuid — optional, scopes data to a single project.
Response
{
"kpis": {
"membersEnrolled": 0,
"revenueInCents": 0,
"photosUploaded": 0,
"usersTagged": 0,
"packagesSold": 0
},
"photosByPhotographer": [{ "name": "string", "photoCount": 0 }],
"packageSales": [{ "name": "string", "count": 0, "revenueInCents": 0 }],
"conversionFunnel": { "enrolled": 0, "tagged": 0, "purchased": 0 }
}