API Overview
Last reviewed: 2026-06-30
The API is generated from packages/contracts/src/openapi.ts and served by the admin Worker at /openapi.json.
The API docs in this section explain the contract shape, route families, authentication model and error format. The interactive Scalar browser is hosted on a standalone route so it has the full viewport available.
Open the standalone Scalar API Reference.
API Families
Section titled “API Families”- Admin auth:
/v1/auth/login,/v1/auth/me - Tenant and app control plane:
/v1/tenants,/v1/tenants/{tenantId}/apps - Apple accounts and App Store Connect cache
- Product catalog, billing definitions and provider mappings
- Placements, experiences, experiments and entry flows
- Storefront Optimize
- Customers, identity and auth experiences
- Purchases, entitlements and Qonversion import
- Legal documents
- Usage analytics, meters and summaries
- Messaging, review moments and feedback
- Support tickets and mailboxes
- Attribution, SKAN and refund protection
- Runtime paywall entry and provider notifications
Authentication
Section titled “Authentication”Most admin API routes require an admin bearer token or session. /v1/auth/login is the login exception. Runtime and ingestion routes use route-specific validation, app domain checks and environment guards.
Error Shape
Section titled “Error Shape”Contracted API errors use:
{ "ok": false, "error": { "code": "validation_error", "message": "..." }}