Skip to content

API Overview

Last reviewed: 2026-06-30

The API is generated from packages/contracts/src/openapi.ts and served by the admin Worker at /openapi.json.

The API docs in this section explain the contract shape, route families, authentication model and error format. The interactive Scalar browser is hosted on a standalone route so it has the full viewport available.

Open the standalone Scalar API Reference.

  • Admin auth: /v1/auth/login, /v1/auth/me
  • Tenant and app control plane: /v1/tenants, /v1/tenants/{tenantId}/apps
  • Apple accounts and App Store Connect cache
  • Product catalog, billing definitions and provider mappings
  • Placements, experiences, experiments and entry flows
  • Storefront Optimize
  • Customers, identity and auth experiences
  • Purchases, entitlements and Qonversion import
  • Legal documents
  • Usage analytics, meters and summaries
  • Messaging, review moments and feedback
  • Support tickets and mailboxes
  • Attribution, SKAN and refund protection
  • Runtime paywall entry and provider notifications

Most admin API routes require an admin bearer token or session. /v1/auth/login is the login exception. Runtime and ingestion routes use route-specific validation, app domain checks and environment guards.

Contracted API errors use:

{
"ok": false,
"error": {
"code": "validation_error",
"message": "..."
}
}