System & Admin API
Base paths: /api/system, /api/admin, /api/audit
All endpoints require a system admin token (userType: SYSTEM, role SUPER_ADMIN or PLATFORM_ADMIN).
System Settings
Get Settings
GET /api/system/settings
Authorization: Bearer <systemAdminToken>
Returns platform-level configuration. Sensitive values are encrypted at rest.
Update Settings
PUT /api/system/settings
Authorization: Bearer <systemAdminToken>
{
"allowPublicRegistration": true,
"maxOrganisationsPerUser": 5,
"defaultStorageProvider": "gcs"
}
Organisation Administration
Create Org with Owner (admin shortcut)
POST /api/admin/orgs/create-with-owner
Authorization: Bearer <systemAdminToken>
{
"orgName": "New Association",
"orgSlug": "new-association",
"ownerEmail": "[email protected]",
"ownerFirstName": "Alice",
"ownerLastName": "Smith",
"sendWelcomeEmail": true
}
Creates the organisation and its owner account in a single operation.
List All Organisations
GET /api/orgs
Authorization: Bearer <systemAdminToken>
User Administration
List All Users
GET /api/admin/users
Authorization: Bearer <systemAdminToken>
Get User
GET /api/admin/users/{userId}
Authorization: Bearer <systemAdminToken>
Audit Logs
List Audit Logs
GET /api/audit/logs
Authorization: Bearer <systemAdminToken>
Query Parameters:
| Param | Type | Description |
|---|---|---|
organizationId | UUID | Filter by organisation |
userId | UUID | Filter by user |
action | string | Filter by action type |
from | date | Start date |
to | date | End date |
page | int | Page number |
size | int | Page size |
Response:
{
"content": [
{
"id": "audit-uuid",
"userId": "user-uuid",
"userEmail": "[email protected]",
"organizationId": "org-uuid",
"action": "USER_SUSPENDED",
"resourceType": "USER",
"resourceId": "target-user-uuid",
"ipAddress": "192.168.1.1",
"userAgent": "Mozilla/5.0...",
"createdAt": "2024-06-01T10:00:00Z"
}
]
}
Get User Audit Trail
GET /api/audit/logs/{userId}
Authorization: Bearer <systemAdminToken>
Connectors
List Connector Types
GET /api/connectors/types
Authorization: Bearer <adminToken>
Returns available integration types (CRM, HRM, etc.).
Create Connector
POST /api/orgs/{orgId}/connectors
Authorization: Bearer <adminToken>
{
"connectorTypeId": "type-uuid",
"name": "Our CRM",
"config": {
"apiUrl": "https://crm.example.com",
"apiKey": "your-key"
}
}
List Connectors
GET /api/orgs/{orgId}/connectors
Authorization: Bearer <adminToken>
Update Connector
PUT /api/orgs/{orgId}/connectors/{connectorId}
Authorization: Bearer <adminToken>
Test Connection
POST /api/orgs/{orgId}/connectors/{connectorId}/test
Authorization: Bearer <adminToken>
Trigger Sync
POST /api/orgs/{orgId}/connectors/{connectorId}/sync
Authorization: Bearer <adminToken>
Manually triggers a data sync job.
List Sync Jobs
GET /api/orgs/{orgId}/connectors/{connectorId}/sync-jobs
Authorization: Bearer <adminToken>
Get Connector Stats
GET /api/orgs/{orgId}/connectors/{connectorId}/stats
Authorization: Bearer <adminToken>
Payments & Billing (Partial)
List Payments
GET /api/orgs/{organizationId}/payments
Authorization: Bearer <adminToken>
Get Payment
GET /api/orgs/{organizationId}/payments/{paymentId}
Authorization: Bearer <adminToken>
List Invoices
GET /api/orgs/{organizationId}/invoices
Authorization: Bearer <adminToken>
Platform Subscriptions (admin)
GET /api/admin/subscriptions
Authorization: Bearer <systemAdminToken>
info
The billing module is partially implemented. Full payment gateway integration is planned for a future release.