Skip to main content

Admin API

The Admin API provides full access to manage your Switchyard store, including products, orders, inventory, customers, and more.

Base URL

https://api.switchyard.run

Authentication

All Admin API endpoints require authentication. You can authenticate using:
  • Session Cookie: Automatically included when logged into the admin dashboard
  • Bearer Token: Supabase JWT in the Authorization header
curl 'https://api.switchyard.run/admin/products' \
  -H 'Authorization: Bearer YOUR_SUPABASE_JWT'

Actively Used Endpoints

These are the endpoints actively used in Switchyard operations:

Core Operations

CategoryEndpointsPurpose
Products/admin/products/*Manage product catalog from retailer scraping
Inventory/admin/inventory-items/*Track stock levels at RFC and retailers
Stock Locations/admin/stock-locations/*Manage RFC warehouse zones and retailer locations
Orders/admin/orders/*View and manage customer orders
Draft Orders/admin/draft-orders/*Create test orders manually
Customers/admin/customers/*Manage customer accounts
Users/admin/users/*Manage admin users and roles

Secondary Operations

CategoryEndpointsPurpose
Price Lists/admin/price-lists/*Manage retailer cost prices and selling prices
Sales Channels/admin/sales-channels/*Configure storefronts
Regions/admin/regions/*Geographic configuration
Notifications/admin/notifications/*View system notifications

Not Used

These endpoints are included for completeness but are not used in Switchyard operations:
  • Cart endpoints (cart handled in mobile app)
  • Payment endpoints (payments in mobile app via Stripe)
  • Gift Card endpoints
  • Tax endpoints
  • Promotion/Campaign endpoints

Permissions

Admin API endpoints require specific permissions based on the RBAC system. See the RBAC documentation for details on roles and permissions. Common permission requirements:
ResourceReadWriteDelete
Productsproducts.readproducts.writeproducts.delete
Ordersorders.readorders.writeorders.delete
Inventoryinventory.readinventory.writeinventory.scan
Customerscustomers.readcustomers.writecustomers.delete

Response Format

All responses are JSON with consistent structure:
Success Response
{
  "products": [...],
  "count": 100,
  "offset": 0,
  "limit": 20
}
Error Response
{
  "type": "invalid_data",
  "message": "Invalid request body"
}

Explore Endpoints

Browse the Admin API endpoints below to see all available operations. Focus on the actively used categories listed above for Switchyard-specific functionality.