Open Mercato
Open Mercato API
Version 0.4.5
OpenAPI JSONMarkdown Docs

OpenAPI Explorer

Auto-generated OpenAPI definition for all enabled modules.

Default server: https://admin-dev.getcovo.com/api

Authentication & Accounts

28 endpoints
GET/auth/admin/nav
Auth required

Resolve sidebar entries

Returns the backend navigation tree available to the authenticated administrator after applying role and personal sidebar preferences.

Responses

200Sidebar navigation structure
Content-Type: application/json
{
  "groups": [
    {
      "id": "string",
      "name": "string",
      "defaultName": "string",
      "items": [
        {
          "href": "string",
          "title": "string",
          "defaultTitle": "string",
          "enabled": true
        }
      ]
    }
  ]
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/auth/admin/nav" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/auth/feature-check
Auth required

Check feature grants for the current user

Evaluates which of the requested features are available to the signed-in user within the active tenant / organization context.

Request body (application/json)

{
  "features": [
    "string"
  ]
}

Responses

200Evaluation result
Content-Type: application/json
{
  "ok": true,
  "granted": [
    "string"
  ],
  "userId": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/auth/feature-check" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"features\": [
    \"string\"
  ]
}"
GET/auth/features
Auth requiredauth.acl.manage

List declared feature flags

Returns all static features contributed by the enabled modules along with their module source. Requires features: auth.acl.manage

Responses

200Aggregated feature catalog
Content-Type: application/json
{
  "items": [
    {
      "id": "string",
      "title": "string",
      "module": "string"
    }
  ],
  "modules": [
    {
      "id": "string",
      "title": "string"
    }
  ]
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/auth/features" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/auth/locale

GET /auth/locale

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://admin-dev.getcovo.com/api/auth/locale" \
  -H "Accept: application/json"
POST/auth/locale

POST /auth/locale

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://admin-dev.getcovo.com/api/auth/locale" \
  -H "Accept: application/json"
POST/auth/login

Authenticate user credentials

Validates the submitted credentials and issues a bearer token cookie for subsequent API calls.

Request body (application/x-www-form-urlencoded)

email=user%40example.com&password=string

Responses

200Authentication succeeded
Content-Type: application/json
{
  "ok": true,
  "token": "string",
  "redirect": null
}
400Validation failed
Content-Type: application/json
{
  "ok": false,
  "error": "string"
}
401Invalid credentials
Content-Type: application/json
{
  "ok": false,
  "error": "string"
}
403User lacks required role
Content-Type: application/json
{
  "ok": false,
  "error": "string"
}
429Too many login attempts
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/auth/login" \
  -H "Accept: application/json" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "email=user%40example.com&password=string"
GET/auth/logout
Auth required

Log out (legacy GET)

For convenience, the GET variant performs the same logout logic as POST and issues a redirect.

Responses

200Success response
Content-Type: application/json
{}
302Redirect to login after successful logout
Content-Type: text/html
{}

Example

curl -X GET "https://admin-dev.getcovo.com/api/auth/logout" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/auth/logout
Auth required

Invalidate session and redirect

Clears authentication cookies and redirects the browser to the login page.

Responses

201Success response
Content-Type: application/json
{}
302Redirect to login after successful logout
Content-Type: text/html
{}

Example

curl -X POST "https://admin-dev.getcovo.com/api/auth/logout" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/auth/profile
Auth required

Get current profile

Returns the email address for the signed-in user.

Responses

200Profile payload
Content-Type: application/json
{
  "email": "user@example.com",
  "roles": [
    "string"
  ]
}
404User not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/auth/profile" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/auth/profile
Auth required

Update current profile

Updates the email address or password for the signed-in user.

Request body (application/json)

{}

Responses

200Profile updated
Content-Type: application/json
{
  "ok": true,
  "email": "user@example.com"
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/auth/profile" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{}"
POST/auth/reset

Send reset email

Requests a password reset email for the given account. The endpoint always returns `ok: true` to avoid leaking account existence.

Request body (application/x-www-form-urlencoded)

email=user%40example.com

Responses

200Reset email dispatched (or ignored for unknown accounts)
Content-Type: application/json
{
  "ok": true
}
429Too many password reset requests
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/auth/reset" \
  -H "Accept: application/json" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "email=user%40example.com"
POST/auth/reset/confirm

Complete password reset

Validates the reset token and updates the user password.

Request body (application/x-www-form-urlencoded)

token=string&password=string

Responses

200Password reset succeeded
Content-Type: application/json
{
  "ok": true,
  "redirect": "string"
}
400Invalid token or payload
Content-Type: application/json
{
  "ok": false,
  "error": "string"
}
429Too many reset confirmation attempts
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/auth/reset/confirm" \
  -H "Accept: application/json" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "token=string&password=string"
GET/auth/roles
Auth requiredauth.roles.list

List roles

Returns available roles within the current tenant. Super administrators receive visibility across tenants. Requires features: auth.roles.list

Parameters

NameInRequiredSchemaDescription
idqueryNostring
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
tenantIdqueryNostring

Responses

200Role collection
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "usersCount": 1,
      "tenantId": null,
      "tenantName": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/auth/roles?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/auth/roles
Auth requiredauth.roles.manage

Create role

Creates a new role for the current tenant or globally when `tenantId` is omitted. Requires features: auth.roles.manage

Request body (application/json)

{
  "name": "string",
  "tenantId": null
}

Responses

201Role created
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000"
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/auth/roles" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"name\": \"string\",
  \"tenantId\": null
}"
PUT/auth/roles
Auth requiredauth.roles.manage

Update role

Updates mutable fields on an existing role. Requires features: auth.roles.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "tenantId": null
}

Responses

200Role updated
Content-Type: application/json
{
  "ok": true
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
404Role not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/auth/roles" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": null
}"
DELETE/auth/roles
Auth requiredauth.roles.manage

Delete role

Deletes a role by identifier. Fails when users remain assigned. Requires features: auth.roles.manage

Parameters

NameInRequiredSchemaDescription
idqueryYesstringRole identifier

Responses

200Role deleted
Content-Type: application/json
{
  "ok": true
}
400Role cannot be deleted
Content-Type: application/json
{
  "error": "string"
}
404Role not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/auth/roles?id=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/auth/roles/acl
Auth requiredauth.acl.manage

Fetch role ACL

Returns the feature and organization assignments associated with a role within the current tenant. Requires features: auth.acl.manage

Parameters

NameInRequiredSchemaDescription
roleIdqueryYesstring
tenantIdqueryNostring

Responses

200Role ACL entry
Content-Type: application/json
{
  "isSuperAdmin": true,
  "features": [
    "string"
  ],
  "organizations": null
}
400Invalid role id
Content-Type: application/json
{
  "error": "string"
}
404Role not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/auth/roles/acl?roleId=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/auth/roles/acl
Auth requiredauth.acl.manage

Update role ACL

Replaces the feature list, super admin flag, and optional organization assignments for a role. Requires features: auth.acl.manage

Request body (application/json)

{
  "roleId": "00000000-0000-4000-8000-000000000000",
  "organizations": null
}

Responses

200Role ACL updated
Content-Type: application/json
{
  "ok": true,
  "sanitized": true
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
404Role not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/auth/roles/acl" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"roleId\": \"00000000-0000-4000-8000-000000000000\",
  \"organizations\": null
}"
GET/auth/session/refresh

Refresh auth cookie from session token (browser)

Exchanges an existing `session_token` cookie for a fresh JWT auth cookie and redirects the browser.

Parameters

NameInRequiredSchemaDescription
redirectqueryNostringAbsolute or relative URL to redirect after refresh

Responses

200Success response
Content-Type: application/json
{}
302Redirect to target location when session is valid
Content-Type: text/html
{}

Example

curl -X GET "https://admin-dev.getcovo.com/api/auth/session/refresh" \
  -H "Accept: application/json"
POST/auth/session/refresh

Refresh access token (API/mobile)

Exchanges a refresh token for a new JWT access token. Pass the refresh token obtained from login in the request body.

Request body (application/json)

{
  "refreshToken": "string"
}

Responses

200New access token issued
Content-Type: application/json
{
  "ok": true,
  "accessToken": "string",
  "expiresIn": 1
}
400Missing refresh token
Content-Type: application/json
{
  "ok": false,
  "error": "string"
}
401Invalid or expired token
Content-Type: application/json
{
  "ok": false,
  "error": "string"
}
429Too many refresh attempts
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/auth/session/refresh" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d "{
  \"refreshToken\": \"string\"
}"
GET/auth/sidebar/preferences
Auth required

Get sidebar preferences

Returns personal sidebar customization and any role-level preferences the user can manage.

Responses

200Current sidebar configuration
Content-Type: application/json
{
  "locale": "string",
  "settings": {
    "version": 1,
    "groupOrder": [
      "string"
    ],
    "groupLabels": {
      "key": "string"
    },
    "itemLabels": {
      "key": "string"
    },
    "hiddenItems": [
      "string"
    ]
  },
  "canApplyToRoles": true,
  "roles": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "hasPreference": true
    }
  ]
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/auth/sidebar/preferences" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/auth/sidebar/preferences
Auth required

Update sidebar preferences

Updates personal sidebar configuration and, optionally, applies the same settings to selected roles.

Request body (application/json)

{}

Responses

200Preferences saved
Content-Type: application/json
{
  "locale": "string",
  "settings": {
    "version": 1,
    "groupOrder": [
      "string"
    ],
    "groupLabels": {
      "key": "string"
    },
    "itemLabels": {
      "key": "string"
    },
    "hiddenItems": [
      "string"
    ]
  },
  "canApplyToRoles": true,
  "roles": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "hasPreference": true
    }
  ],
  "appliedRoles": [
    "00000000-0000-4000-8000-000000000000"
  ],
  "clearedRoles": [
    "00000000-0000-4000-8000-000000000000"
  ]
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
403Missing features for role-wide updates
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/auth/sidebar/preferences" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{}"
GET/auth/users
Auth requiredauth.users.list

List users

Returns users for the current tenant. Super administrators may scope the response via organization or role filters. Requires features: auth.users.list

Parameters

NameInRequiredSchemaDescription
idqueryNostring
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
organizationIdqueryNostring
roleIdsqueryNoarray

Responses

200User collection
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "email": "user@example.com",
      "organizationId": null,
      "organizationName": null,
      "tenantId": null,
      "tenantName": null,
      "roles": [
        "string"
      ]
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/auth/users?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/auth/users
Auth requiredauth.users.create

Create user

Creates a new confirmed user within the specified organization and optional roles. Requires features: auth.users.create

Request body (application/json)

{
  "email": "user@example.com",
  "password": "string",
  "organizationId": "00000000-0000-4000-8000-000000000000"
}

Responses

201User created
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000"
}
400Invalid payload or duplicate email
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/auth/users" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"email\": \"user@example.com\",
  \"password\": \"string\",
  \"organizationId\": \"00000000-0000-4000-8000-000000000000\"
}"
PUT/auth/users
Auth requiredauth.users.edit

Update user

Updates profile fields, organization assignment, credentials, or role memberships. Requires features: auth.users.edit

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200User updated
Content-Type: application/json
{
  "ok": true
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
404User not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/auth/users" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
DELETE/auth/users
Auth requiredauth.users.delete

Delete user

Deletes a user by identifier. Undo support is provided via the command bus. Requires features: auth.users.delete

Parameters

NameInRequiredSchemaDescription
idqueryYesstringUser identifier

Responses

200User deleted
Content-Type: application/json
{
  "ok": true
}
400User cannot be deleted
Content-Type: application/json
{
  "error": "string"
}
404User not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/auth/users?id=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/auth/users/acl
Auth requiredauth.acl.manage

Fetch user ACL

Returns custom ACL overrides for a user within the current tenant, if any. Requires features: auth.acl.manage

Parameters

NameInRequiredSchemaDescription
userIdqueryYesstring

Responses

200User ACL entry
Content-Type: application/json
{
  "hasCustomAcl": true,
  "isSuperAdmin": true,
  "features": [
    "string"
  ],
  "organizations": null
}
400Invalid user id
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/auth/users/acl?userId=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/auth/users/acl
Auth requiredauth.acl.manage

Update user ACL

Configures per-user ACL overrides, including super admin access, feature list, and organization scope. Requires features: auth.acl.manage

Request body (application/json)

{
  "userId": "00000000-0000-4000-8000-000000000000",
  "organizations": null
}

Responses

200User ACL updated
Content-Type: application/json
{
  "ok": true,
  "sanitized": true
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/auth/users/acl" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"userId\": \"00000000-0000-4000-8000-000000000000\",
  \"organizations\": null
}"

Directory (Tenants & Organizations)

1 endpoints
GET/directory/tenants/lookup

GET /directory/tenants/lookup

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://admin-dev.getcovo.com/api/directory/tenants/lookup" \
  -H "Accept: application/json"

Audit & Action Logs

4 endpoints
GET/audit_logs/audit-logs/access
Auth requiredaudit_logs.view_self

Retrieve access logs

Fetches paginated access audit logs scoped to the authenticated user. Tenant administrators can optionally expand the search to other actors or organizations. Requires features: audit_logs.view_self

Parameters

NameInRequiredSchemaDescription
organizationIdqueryNostringLimit results to a specific organization
actorUserIdqueryNostringFilter by actor user id (tenant administrators only)
resourceKindqueryNostringRestrict to a resource kind such as `order` or `product`
accessTypequeryNostringAccess type filter, e.g. `read` or `export`
pagequeryNostringPage number (default 1)
pageSizequeryNostringPage size (default 50)
limitqueryNostringExplicit maximum number of records when paginating manually
beforequeryNostringReturn logs created before this ISO-8601 timestamp
afterqueryNostringReturn logs created after this ISO-8601 timestamp

Responses

200Access logs returned successfully
Content-Type: application/json
{
  "items": [
    {
      "id": "string",
      "resourceKind": "string",
      "resourceId": "string",
      "accessType": "string",
      "actorUserId": null,
      "actorUserName": null,
      "tenantId": null,
      "tenantName": null,
      "organizationId": null,
      "organizationName": null,
      "fields": [
        "string"
      ],
      "context": null,
      "createdAt": "string"
    }
  ],
  "canViewTenant": true,
  "page": 1,
  "pageSize": 1,
  "total": 1,
  "totalPages": 1
}
400Invalid filters supplied
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/audit_logs/audit-logs/access" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/audit_logs/audit-logs/actions
Auth requiredaudit_logs.view_self

Fetch action logs

Returns recent action audit log entries. Tenant administrators can widen the scope to other actors or organizations, and callers can optionally restrict results to undoable actions. Requires features: audit_logs.view_self

Parameters

NameInRequiredSchemaDescription
organizationIdqueryNostringLimit results to a specific organization
actorUserIdqueryNostringFilter logs created by a specific actor (tenant administrators only)
resourceKindqueryNostringFilter by resource kind (e.g., "order", "product")
resourceIdqueryNostringFilter by resource ID (UUID of the specific record)
includeRelatedqueryNostringWhen `true`, also returns changes to child entities linked via parentResourceKind/parentResourceId
undoableOnlyqueryNostringWhen `true`, only undoable actions are returned
limitqueryNostringMaximum number of records to return (default 50)
beforequeryNostringReturn actions created before this ISO-8601 timestamp
afterqueryNostringReturn actions created after this ISO-8601 timestamp

Responses

200Action logs retrieved successfully
Content-Type: application/json
{
  "items": [
    {
      "id": "string",
      "commandId": "string",
      "actionLabel": null,
      "executionState": "done",
      "actorUserId": null,
      "actorUserName": null,
      "tenantId": null,
      "tenantName": null,
      "organizationId": null,
      "organizationName": null,
      "resourceKind": null,
      "resourceId": null,
      "parentResourceKind": null,
      "parentResourceId": null,
      "undoToken": null,
      "createdAt": "string",
      "updatedAt": "string",
      "snapshotBefore": null,
      "snapshotAfter": null,
      "changes": null,
      "context": null
    }
  ],
  "canViewTenant": true
}
400Invalid filter values
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/audit_logs/audit-logs/actions?includeRelated=false&undoableOnly=false" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/audit_logs/audit-logs/actions/redo
Auth requiredaudit_logs.redo_self

Redo by action log id

Redoes the latest undone command owned by the caller. Requires the action to still be eligible for redo within tenant and organization scope. Requires features: audit_logs.redo_self

Request body (application/json)

{
  "logId": "string"
}

Responses

200Redo executed successfully
Content-Type: application/json
{
  "ok": true,
  "logId": null,
  "undoToken": null
}
400Log not eligible for redo
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/audit_logs/audit-logs/actions/redo" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"logId\": \"string\"
}"
POST/audit_logs/audit-logs/actions/undo
Auth requiredaudit_logs.undo_self

Undo action by token

Replays the undo handler registered for a command. The provided undo token must match the latest undoable log entry accessible to the caller. Requires features: audit_logs.undo_self

Request body (application/json)

{
  "undoToken": "string"
}

Responses

200Undo applied successfully
Content-Type: application/json
{
  "ok": true,
  "logId": "string"
}
400Invalid or unavailable undo token
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/audit_logs/audit-logs/actions/undo" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"undoToken\": \"string\"
}"

Attachments

14 endpoints
GET/attachments
Auth requiredattachments.view

List attachments for a record

Returns uploaded attachments for the given entity record, ordered by newest first. Requires features: attachments.view

Parameters

NameInRequiredSchemaDescription
entityIdqueryYesstringEntity identifier that owns the attachments
recordIdqueryYesstringRecord identifier within the entity

Responses

200Attachments found for the record
Content-Type: application/json
{
  "items": [
    {
      "id": "string",
      "url": "string",
      "fileName": "string",
      "fileSize": 1,
      "createdAt": "string",
      "mimeType": null,
      "content": null
    }
  ]
}
400Missing entity or record identifiers
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/attachments?entityId=string&recordId=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/attachments
Auth requiredattachments.manage

Upload attachment

Uploads a new attachment using multipart form-data and stores metadata for later retrieval. Requires features: attachments.manage

Request body (multipart/form-data)

entityId=string
recordId=string
file=string

Responses

200Attachment stored successfully
Content-Type: application/json
{
  "ok": true,
  "item": {
    "id": "string",
    "url": "string",
    "fileName": "string",
    "fileSize": 1,
    "content": null
  }
}
400Payload validation error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/attachments" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: multipart/form-data" \
  -d "{
  \"entityId\": \"string\",
  \"recordId\": \"string\",
  \"file\": \"string\"
}"
DELETE/attachments
Auth requiredattachments.manage

Delete attachment

Removes an uploaded attachment and deletes the stored asset. Requires features: attachments.manage

Parameters

NameInRequiredSchemaDescription
idqueryYesstring

Responses

200Attachment deleted
Content-Type: application/json
{
  "ok": true
}
400Missing attachment identifier
Content-Type: application/json
{
  "error": "string"
}
404Attachment not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/attachments?id=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/attachments/file/{id}

Download or serve attachment file

Returns the raw file content for an attachment. Path parameter: {id} - Attachment UUID. Query parameter: ?download=1 - Force file download with Content-Disposition header. Access control is enforced based on partition settings.

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200File content with appropriate MIME type
Content-Type: application/json
"string"
400Missing attachment ID
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized - authentication required for private partitions
Content-Type: application/json
{
  "error": "string"
}
403Forbidden - insufficient permissions
Content-Type: application/json
{
  "error": "string"
}
404Attachment or file not found
Content-Type: application/json
{
  "error": "string"
}
500Partition misconfigured
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/attachments/file/:id" \
  -H "Accept: application/json"
GET/attachments/image/{id}/{slug}

Serve image with optional resizing

Returns an image attachment with optional on-the-fly resizing and cropping. Resized images are cached for performance. Only works with image MIME types. Path parameter: {id} - Attachment UUID. Query parameters: ?width=N (1-4000 pixels), ?height=N (1-4000 pixels), ?cropType=cover|contain (resize behavior).

Parameters

NameInRequiredSchemaDescription
idpathYesstring
slugpathNostring

Responses

200Binary image content (Content-Type: image/jpeg, image/png, etc.)
Content-Type: application/json
"string"
400Invalid parameters, missing ID, or non-image attachment
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized - authentication required for private partitions
Content-Type: application/json
{
  "error": "string"
}
403Forbidden - insufficient permissions
Content-Type: application/json
{
  "error": "string"
}
404Image not found
Content-Type: application/json
{
  "error": "string"
}
500Partition misconfigured or image rendering failed
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/attachments/image/:id/:slug" \
  -H "Accept: application/json"
GET/attachments/library
Auth requiredattachments.view

List attachments

Returns paginated list of attachments with optional filtering by search term, partition, and tags. Includes available tags and partitions. Requires features: attachments.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumberPage number for pagination
pageSizequeryNonumberNumber of items per page (max 100)
searchqueryNostringSearch by file name (case-insensitive)
partitionqueryNostringFilter by partition code
tagsqueryNostringFilter by tags (comma-separated)
sortFieldqueryNostringField to sort by
sortDirqueryNostringSort direction

Responses

200Attachments list with pagination and metadata
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "fileName": "string",
      "fileSize": 1,
      "mimeType": "string",
      "partitionCode": "string",
      "partitionTitle": null,
      "url": null,
      "createdAt": "string",
      "tags": [
        "string"
      ],
      "assignments": [],
      "content": null
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1,
  "availableTags": [
    "string"
  ],
  "partitions": [
    {
      "code": "string",
      "title": "string",
      "description": null,
      "isPublic": true
    }
  ]
}
400Invalid query parameters
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/attachments/library?page=1&pageSize=25" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/attachments/library/{id}
Auth requiredattachments.view

Get attachment details

Returns complete details of an attachment including metadata, tags, assignments, and custom fields. Requires features: attachments.view

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Attachment details
Content-Type: application/json
{
  "item": {
    "id": "00000000-0000-4000-8000-000000000000",
    "fileName": "string",
    "fileSize": 1,
    "mimeType": "string",
    "partitionCode": "string",
    "partitionTitle": null,
    "tags": [
      "string"
    ],
    "assignments": [],
    "content": null,
    "customFields": null
  }
}
400Invalid attachment ID
Content-Type: application/json
{
  "error": "string"
}
404Attachment not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/attachments/library/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PATCH/attachments/library/{id}
Auth requiredattachments.manage

Update attachment metadata

Updates attachment tags, assignments, and custom fields. Emits CRUD side effects for indexing and events. Requires features: attachments.manage

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Request body (application/json)

{}

Responses

200Attachment updated successfully
Content-Type: application/json
{
  "ok": true
}
400Invalid payload or attachment ID
Content-Type: application/json
{
  "error": "string"
}
404Attachment not found
Content-Type: application/json
{
  "error": "string"
}
500Failed to save attributes
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PATCH "https://admin-dev.getcovo.com/api/attachments/library/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{}"
DELETE/attachments/library/{id}
Auth requiredattachments.manage

Delete attachment

Permanently deletes an attachment file from storage and database. Emits CRUD side effects. Requires features: attachments.manage

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Attachment deleted successfully
Content-Type: application/json
{
  "ok": true
}
400Invalid attachment ID
Content-Type: application/json
{
  "error": "string"
}
404Attachment not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/attachments/library/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/attachments/partitions
Auth requiredattachments.manage

List all attachment partitions

Returns all configured attachment partitions with storage settings, OCR configuration, and access control settings. Requires features: attachments.manage

Responses

200List of partitions
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "code": "string",
      "title": "string",
      "description": null,
      "isPublic": true,
      "requiresOcr": true,
      "ocrModel": null,
      "createdAt": null,
      "updatedAt": null,
      "envKey": "string"
    }
  ]
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/attachments/partitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/attachments/partitions
Auth requiredattachments.manage

Create new partition

Creates a new attachment partition with specified storage and OCR settings. Requires unique partition code. Requires features: attachments.manage

Request body (application/json)

{
  "code": "string",
  "title": "string",
  "description": null,
  "ocrModel": null
}

Responses

201Partition created successfully
Content-Type: application/json
{
  "item": {
    "id": "00000000-0000-4000-8000-000000000000",
    "code": "string",
    "title": "string",
    "description": null,
    "isPublic": true,
    "requiresOcr": true,
    "ocrModel": null,
    "createdAt": null,
    "updatedAt": null,
    "envKey": "string"
  }
}
400Invalid payload or partition code
Content-Type: application/json
{
  "error": "string"
}
409Partition code already exists
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/attachments/partitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"code\": \"string\",
  \"title\": \"string\",
  \"description\": null,
  \"ocrModel\": null
}"
PUT/attachments/partitions
Auth requiredattachments.manage

Update partition

Updates an existing partition. Partition code cannot be changed. Title, description, OCR settings, and access control can be modified. Requires features: attachments.manage

Request body (application/json)

{
  "code": "string",
  "title": "string",
  "description": null,
  "ocrModel": null,
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Partition updated successfully
Content-Type: application/json
{
  "item": {
    "id": "00000000-0000-4000-8000-000000000000",
    "code": "string",
    "title": "string",
    "description": null,
    "isPublic": true,
    "requiresOcr": true,
    "ocrModel": null,
    "createdAt": null,
    "updatedAt": null,
    "envKey": "string"
  }
}
400Invalid payload or code change attempt
Content-Type: application/json
{
  "error": "string"
}
404Partition not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/attachments/partitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"code\": \"string\",
  \"title\": \"string\",
  \"description\": null,
  \"ocrModel\": null,
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
DELETE/attachments/partitions
Auth requiredattachments.manage

Delete partition

Deletes a partition. Default partitions cannot be deleted. Partitions with existing attachments cannot be deleted. Requires features: attachments.manage

Responses

200Partition deleted successfully
Content-Type: application/json
{
  "ok": true
}
400Invalid ID or default partition deletion attempt
Content-Type: application/json
{
  "error": "string"
}
404Partition not found
Content-Type: application/json
{
  "error": "string"
}
409Partition in use
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/attachments/partitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/attachments/transfer
Auth requiredattachments.manage

Transfer attachments to different record

Transfers one or more attachments from one record to another within the same entity type. Updates attachment assignments and metadata to reflect the new record. Requires features: attachments.manage

Request body (application/json)

{
  "entityId": "string",
  "attachmentIds": [
    "00000000-0000-4000-8000-000000000000"
  ],
  "toRecordId": "string"
}

Responses

200Attachments transferred successfully
Content-Type: application/json
{
  "ok": true,
  "updated": 1
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
404Attachments not found
Content-Type: application/json
{
  "error": "string"
}
500Attachment model missing
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/attachments/transfer" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\",
  \"attachmentIds\": [
    \"00000000-0000-4000-8000-000000000000\"
  ],
  \"toRecordId\": \"string\"
}"

API Keys

3 endpoints
GET/api_keys/keys
Auth requiredapi_keys.view

List API keys

Returns paginated API keys visible to the current user, including per-key role assignments and organization context. Requires features: api_keys.view

Parameters

NameInRequiredSchemaDescription
pagequeryNostring
pageSizequeryNostring
searchqueryNostring

Responses

200Collection of API keys
Content-Type: application/json
{
  "items": [
    {
      "id": "string",
      "name": "string",
      "description": null,
      "keyPrefix": "string",
      "organizationId": null,
      "organizationName": null,
      "createdAt": "string",
      "lastUsedAt": null,
      "expiresAt": null,
      "roles": [
        {
          "id": "string",
          "name": null
        }
      ]
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}
400Tenant context missing
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/api_keys/keys" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/api_keys/keys
Auth requiredapi_keys.create

Create API key

Creates a new API key, returning the one-time secret value together with the generated key prefix and scope details. Requires features: api_keys.create

Request body (application/json)

{
  "name": "string",
  "description": null,
  "tenantId": null,
  "organizationId": null,
  "roles": [],
  "expiresAt": null
}

Responses

201API key created successfully
Content-Type: application/json
{
  "id": "string",
  "name": "string",
  "keyPrefix": "string",
  "tenantId": null,
  "organizationId": null,
  "roles": [
    {
      "id": "string",
      "name": null
    }
  ]
}
400Invalid payload or missing tenant context
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/api_keys/keys" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"name\": \"string\",
  \"description\": null,
  \"tenantId\": null,
  \"organizationId\": null,
  \"roles\": [],
  \"expiresAt\": null
}"
DELETE/api_keys/keys
Auth requiredapi_keys.delete

Delete API key

Removes an API key by identifier. The key must belong to the current tenant and fall within the requester organization scope. Requires features: api_keys.delete

Parameters

NameInRequiredSchemaDescription
idqueryYesstringAPI key identifier to delete

Responses

200Key deleted successfully
Content-Type: application/json
{
  "success": true
}
400Missing or invalid identifier
Content-Type: application/json
{
  "error": "string"
}
404Key not found within scope
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/api_keys/keys?id=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Feature Toggles

12 endpoints
GET/feature_toggles/check/boolean
Auth required

Check if feature is enabled

Checks if a feature toggle is enabled for the current context.

Parameters

NameInRequiredSchemaDescription
identifierqueryYesstringFeature toggle identifier

Responses

200Feature status
Content-Type: application/json
{
  "enabled": true,
  "source": "override",
  "toggleId": "string",
  "identifier": "string",
  "tenantId": "string"
}
400Bad Request
Content-Type: application/json
{
  "error": "string"
}
404Tenant not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/feature_toggles/check/boolean?identifier=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/feature_toggles/check/json
Auth required

Get json config

Gets the json configuration for a feature toggle.

Parameters

NameInRequiredSchemaDescription
identifierqueryYesstringFeature toggle identifier

Responses

200Json config
Content-Type: application/json
{
  "valueType": "json",
  "source": "override",
  "toggleId": "string",
  "identifier": "string",
  "tenantId": "string"
}
400Bad Request
Content-Type: application/json
{
  "error": "string"
}
404Tenant not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/feature_toggles/check/json?identifier=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/feature_toggles/check/number
Auth required

Get number config

Gets the number configuration for a feature toggle.

Parameters

NameInRequiredSchemaDescription
identifierqueryYesstringFeature toggle identifier

Responses

200Number config
Content-Type: application/json
{
  "valueType": "number",
  "value": 1,
  "source": "override",
  "toggleId": "string",
  "identifier": "string",
  "tenantId": "string"
}
400Bad Request
Content-Type: application/json
{
  "error": "string"
}
404Tenant not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/feature_toggles/check/number?identifier=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/feature_toggles/check/string
Auth required

Get string config

Gets the string configuration for a feature toggle.

Parameters

NameInRequiredSchemaDescription
identifierqueryYesstringFeature toggle identifier

Responses

200String config
Content-Type: application/json
{
  "valueType": "string",
  "value": "string",
  "source": "override",
  "toggleId": "string",
  "identifier": "string",
  "tenantId": "string"
}
400Bad Request
Content-Type: application/json
{
  "error": "string"
}
404Tenant not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/feature_toggles/check/string?identifier=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/feature_toggles/global
Auth required

List global feature toggles

Returns all global feature toggles with filtering and pagination. Requires superadmin role. Requires roles: superadmin

Parameters

NameInRequiredSchemaDescription
pagequeryNonumberPage number for pagination
pageSizequeryNonumberNumber of items per page (max 200)
searchqueryNostringCase-insensitive search across identifier, name, description, and category
typequeryNostringFilter by toggle type (boolean, string, number, json)
categoryqueryNostringFilter by category (case-insensitive partial match)
namequeryNostringFilter by name (case-insensitive partial match)
identifierqueryNostringFilter by identifier (case-insensitive partial match)
sortFieldqueryNostringField to sort by
sortDirqueryNostringSort direction (ascending or descending)

Responses

200Feature toggles collection
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "identifier": "string",
      "name": "string",
      "description": null,
      "category": null,
      "type": "boolean",
      "defaultValue": null
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}
400Invalid query parameters
Content-Type: application/json
{
  "error": "string"
}
403Forbidden - superadmin role required
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/feature_toggles/global?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/feature_toggles/global
Auth required

Create global feature toggle

Creates a new global feature toggle. Requires superadmin role. Requires roles: superadmin

Request body (application/json)

{
  "identifier": "string",
  "name": "string",
  "description": null,
  "category": null,
  "type": "boolean",
  "defaultValue": null
}

Responses

201Feature toggle created
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000"
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
403Forbidden - superadmin role required
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/feature_toggles/global" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"identifier\": \"string\",
  \"name\": \"string\",
  \"description\": null,
  \"category\": null,
  \"type\": \"boolean\",
  \"defaultValue\": null
}"
PUT/feature_toggles/global
Auth required

Update global feature toggle

Updates an existing global feature toggle. Requires superadmin role. Requires roles: superadmin

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "description": null,
  "category": null,
  "defaultValue": null
}

Responses

200Feature toggle updated
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000"
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
403Forbidden - superadmin role required
Content-Type: application/json
{
  "error": "string"
}
404Feature toggle not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/feature_toggles/global" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"description\": null,
  \"category\": null,
  \"defaultValue\": null
}"
DELETE/feature_toggles/global
Auth required

Delete global feature toggle

Soft deletes a global feature toggle by ID. Requires superadmin role. Requires roles: superadmin

Parameters

NameInRequiredSchemaDescription
idqueryYesstringFeature toggle identifier

Responses

200Feature toggle deleted
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000"
}
400Invalid identifier
Content-Type: application/json
{
  "error": "string"
}
403Forbidden - superadmin role required
Content-Type: application/json
{
  "error": "string"
}
404Feature toggle not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/feature_toggles/global?id=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/feature_toggles/global/{id}
Auth required

Fetch feature toggle by ID

Returns complete details of a feature toggle. Requires roles: superadmin

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Feature toggle detail
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "identifier": "string",
  "name": "string",
  "description": null,
  "category": null,
  "type": "boolean",
  "defaultValue": null
}
400Invalid identifier
Content-Type: application/json
{
  "error": "string"
}
404Feature toggle not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/feature_toggles/global/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/feature_toggles/global/{id}/override
Auth required

Fetch feature toggle override

Returns feature toggle override. Requires roles: superadmin

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Feature toggle overrides
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "tenantName": "string",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "toggleType": "boolean"
}
400Invalid request
Content-Type: application/json
{
  "error": "string"
}
404Feature toggle not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/feature_toggles/global/:id/override" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/feature_toggles/overrides
Auth required

List overrides

Returns list of feature toggle overrides. Requires roles: superadmin

Parameters

NameInRequiredSchemaDescription
categoryqueryNostring
namequeryNostring
identifierqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
pagequeryNonumber
pageSizequeryNonumber

Responses

200List of overrides
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "toggleId": "00000000-0000-4000-8000-000000000000",
      "overrideState": "enabled",
      "identifier": "string",
      "name": "string",
      "category": null,
      "defaultState": true,
      "tenantName": null
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1,
  "isSuperAdmin": true
}
400Invalid query parameters
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/feature_toggles/overrides?page=1&pageSize=25" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/feature_toggles/overrides
Auth required

Change override state

Enable, disable or inherit a feature toggle for a specific tenant. Requires roles: superadmin

Request body (application/json)

{
  "toggleId": "00000000-0000-4000-8000-000000000000",
  "isOverride": true
}

Responses

200Override updated
Content-Type: application/json
{
  "ok": true,
  "overrideToggleId": null
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}
404Not found
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/feature_toggles/overrides" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"toggleId\": \"00000000-0000-4000-8000-000000000000\",
  \"isOverride\": true
}"

Business Rules

17 endpoints
POST/business_rules/execute
Auth requiredbusiness_rules.execute

Execute rules for given context

Manually executes applicable business rules for the specified entity type, event, and data. Supports dry-run mode to test rules without executing actions. Requires features: business_rules.execute

Request body (application/json)

{
  "entityType": "string",
  "dryRun": false
}

Responses

200Rules executed successfully
Content-Type: application/json
{
  "allowed": true,
  "executedRules": [
    {
      "ruleId": "string",
      "ruleName": "string",
      "conditionResult": true,
      "executionTime": 1
    }
  ],
  "totalExecutionTime": 1
}
400Invalid request payload
Content-Type: application/json
{
  "error": "string"
}
500Execution error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/business_rules/execute" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityType\": \"string\",
  \"dryRun\": false
}"
POST/business_rules/execute/{ruleId}
Auth requiredbusiness_rules.execute

Execute a specific rule by its database UUID

Directly executes a specific business rule identified by its UUID, bypassing the normal entityType/eventType discovery mechanism. Useful for workflows and targeted rule execution. Requires features: business_rules.execute

Parameters

NameInRequiredSchemaDescription
ruleIdpathYesstringThe database UUID of the business rule to execute

Request body (application/json)

{
  "dryRun": false
}

Responses

200Rule executed successfully
Content-Type: application/json
{
  "success": true,
  "ruleId": "string",
  "ruleName": "string",
  "conditionResult": true,
  "actionsExecuted": null,
  "executionTime": 1
}
400Invalid request payload or rule ID
Content-Type: application/json
{
  "error": "string"
}
404Rule not found
Content-Type: application/json
{
  "error": "string"
}
500Execution error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/business_rules/execute/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"dryRun\": false
}"
GET/business_rules/logs
Auth requiredbusiness_rules.view_logs

List rule execution logs

Returns rule execution history for the current tenant and organization with filtering and pagination. Useful for audit trails and debugging. Requires features: business_rules.view_logs

Parameters

NameInRequiredSchemaDescription
idqueryNointeger
pagequeryNonumber
pageSizequeryNonumber
ruleIdqueryNostring
entityIdqueryNostring
entityTypequeryNostring
executionResultqueryNostring
executedByqueryNostring
executedAtFromqueryNostring
executedAtToqueryNostring
sortFieldqueryNostring
sortDirqueryNostring

Responses

200Rule execution logs collection
Content-Type: application/json
{
  "items": [
    {
      "id": "string",
      "ruleId": "string",
      "ruleName": "string",
      "ruleType": "string",
      "entityId": "00000000-0000-4000-8000-000000000000",
      "entityType": "string",
      "executionResult": "SUCCESS",
      "inputContext": null,
      "outputContext": null,
      "errorMessage": null,
      "executionTimeMs": 1,
      "executedAt": "string",
      "tenantId": "00000000-0000-4000-8000-000000000000",
      "organizationId": null,
      "executedBy": null
    }
  ],
  "total": 1,
  "totalPages": 1
}
400Invalid query parameters
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/business_rules/logs?page=1&pageSize=50&sortDir=desc" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/business_rules/logs/{id}
Auth requiredbusiness_rules.view_logs

Get execution log detail

Returns detailed information about a specific rule execution, including full context and results. Requires features: business_rules.view_logs

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Log entry details
Content-Type: application/json
{
  "id": "string",
  "rule": {
    "id": "00000000-0000-4000-8000-000000000000",
    "ruleId": "string",
    "ruleName": "string",
    "ruleType": "string",
    "entityType": "string"
  },
  "entityId": "00000000-0000-4000-8000-000000000000",
  "entityType": "string",
  "executionResult": "SUCCESS",
  "inputContext": null,
  "outputContext": null,
  "errorMessage": null,
  "executionTimeMs": 1,
  "executedAt": "string",
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": null,
  "executedBy": null
}
400Invalid log id
Content-Type: application/json
{
  "error": "string"
}
404Log entry not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/business_rules/logs/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/business_rules/rules
Auth requiredbusiness_rules.view

List business rules

Returns business rules for the current tenant and organization with filtering and pagination. Requires features: business_rules.view

Parameters

NameInRequiredSchemaDescription
idqueryNostring
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
ruleIdqueryNostring
ruleTypequeryNostring
entityTypequeryNostring
eventTypequeryNostring
enabledqueryNoboolean
ruleCategoryqueryNostring
sortFieldqueryNostring
sortDirqueryNostring

Responses

200Business rules collection
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "ruleId": "string",
      "ruleName": "string",
      "description": null,
      "ruleType": "GUARD",
      "ruleCategory": null,
      "entityType": "string",
      "eventType": null,
      "enabled": true,
      "priority": 1,
      "version": 1,
      "effectiveFrom": null,
      "effectiveTo": null,
      "tenantId": "00000000-0000-4000-8000-000000000000",
      "organizationId": "00000000-0000-4000-8000-000000000000",
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "total": 1,
  "totalPages": 1
}
400Invalid query parameters
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/business_rules/rules?page=1&pageSize=50&sortDir=desc" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/business_rules/rules
Auth requiredbusiness_rules.manage

Create business rule

Creates a new business rule for the current tenant and organization. Requires features: business_rules.manage

Request body (application/json)

{
  "ruleId": "string",
  "ruleName": "string",
  "description": null,
  "ruleType": "GUARD",
  "ruleCategory": null,
  "entityType": "string",
  "eventType": null,
  "enabled": true,
  "priority": 100,
  "version": 1,
  "effectiveFrom": null,
  "effectiveTo": null,
  "tenantId": "string",
  "organizationId": "string",
  "createdBy": null,
  "successActions": null,
  "failureActions": null
}

Responses

201Business rule created
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000"
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/business_rules/rules" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"ruleId\": \"string\",
  \"ruleName\": \"string\",
  \"description\": null,
  \"ruleType\": \"GUARD\",
  \"ruleCategory\": null,
  \"entityType\": \"string\",
  \"eventType\": null,
  \"enabled\": true,
  \"priority\": 100,
  \"version\": 1,
  \"effectiveFrom\": null,
  \"effectiveTo\": null,
  \"tenantId\": \"string\",
  \"organizationId\": \"string\",
  \"createdBy\": null,
  \"successActions\": null,
  \"failureActions\": null
}"
PUT/business_rules/rules
Auth requiredbusiness_rules.manage

Update business rule

Updates an existing business rule. Requires features: business_rules.manage

Request body (application/json)

{
  "description": null,
  "ruleCategory": null,
  "eventType": null,
  "enabled": true,
  "priority": 100,
  "version": 1,
  "effectiveFrom": null,
  "effectiveTo": null,
  "createdBy": null,
  "successActions": null,
  "failureActions": null,
  "id": "string"
}

Responses

200Business rule updated
Content-Type: application/json
{
  "ok": true
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
404Business rule not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/business_rules/rules" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"description\": null,
  \"ruleCategory\": null,
  \"eventType\": null,
  \"enabled\": true,
  \"priority\": 100,
  \"version\": 1,
  \"effectiveFrom\": null,
  \"effectiveTo\": null,
  \"createdBy\": null,
  \"successActions\": null,
  \"failureActions\": null,
  \"id\": \"string\"
}"
DELETE/business_rules/rules
Auth requiredbusiness_rules.manage

Delete business rule

Soft deletes a business rule by identifier. Requires features: business_rules.manage

Parameters

NameInRequiredSchemaDescription
idqueryYesstringBusiness rule identifier

Responses

200Business rule deleted
Content-Type: application/json
{
  "ok": true
}
400Invalid identifier
Content-Type: application/json
{
  "error": "string"
}
404Business rule not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/business_rules/rules?id=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/business_rules/rules/{id}
Auth requiredbusiness_rules.view

Fetch business rule by ID

Returns complete details of a business rule including conditions and actions. Requires features: business_rules.view

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Business rule detail
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "ruleId": "string",
  "ruleName": "string",
  "description": null,
  "ruleType": "GUARD",
  "ruleCategory": null,
  "entityType": "string",
  "eventType": null,
  "successActions": null,
  "failureActions": null,
  "enabled": true,
  "priority": 1,
  "version": 1,
  "effectiveFrom": null,
  "effectiveTo": null,
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "createdBy": null,
  "updatedBy": null,
  "createdAt": "string",
  "updatedAt": "string"
}
400Invalid identifier
Content-Type: application/json
{
  "error": "string"
}
404Business rule not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/business_rules/rules/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/business_rules/sets
Auth requiredbusiness_rules.view

List rule sets

Returns rule sets for the current tenant and organization with filtering and pagination. Requires features: business_rules.view

Parameters

NameInRequiredSchemaDescription
idqueryNostring
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
setIdqueryNostring
enabledqueryNoboolean
sortFieldqueryNostring
sortDirqueryNostring

Responses

200Rule sets collection
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "setId": "string",
      "setName": "string",
      "description": null,
      "enabled": true,
      "tenantId": "00000000-0000-4000-8000-000000000000",
      "organizationId": "00000000-0000-4000-8000-000000000000",
      "createdBy": null,
      "updatedBy": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "total": 1,
  "totalPages": 1
}
400Invalid query parameters
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/business_rules/sets?page=1&pageSize=50&sortDir=asc" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/business_rules/sets
Auth requiredbusiness_rules.manage_sets

Create rule set

Creates a new rule set for organizing business rules. Requires features: business_rules.manage_sets

Request body (application/json)

{
  "setId": "string",
  "setName": "string",
  "description": null,
  "enabled": true,
  "tenantId": "string",
  "organizationId": "string",
  "createdBy": null
}

Responses

201Rule set created
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000"
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/business_rules/sets" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"setId\": \"string\",
  \"setName\": \"string\",
  \"description\": null,
  \"enabled\": true,
  \"tenantId\": \"string\",
  \"organizationId\": \"string\",
  \"createdBy\": null
}"
PUT/business_rules/sets
Auth requiredbusiness_rules.manage_sets

Update rule set

Updates an existing rule set. Requires features: business_rules.manage_sets

Request body (application/json)

{
  "description": null,
  "enabled": true,
  "createdBy": null,
  "id": "string"
}

Responses

200Rule set updated
Content-Type: application/json
{
  "ok": true
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
404Rule set not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/business_rules/sets" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"description\": null,
  \"enabled\": true,
  \"createdBy\": null,
  \"id\": \"string\"
}"
DELETE/business_rules/sets
Auth requiredbusiness_rules.manage_sets

Delete rule set

Soft deletes a rule set by identifier. Requires features: business_rules.manage_sets

Parameters

NameInRequiredSchemaDescription
idqueryYesstringRule set identifier

Responses

200Rule set deleted
Content-Type: application/json
{
  "ok": true
}
400Invalid identifier
Content-Type: application/json
{
  "error": "string"
}
404Rule set not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/business_rules/sets?id=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/business_rules/sets/{id}
Auth requiredbusiness_rules.view

Get rule set detail

Returns detailed information about a specific rule set, including all member rules. Requires features: business_rules.view

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Rule set details
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "setId": "string",
  "setName": "string",
  "description": null,
  "enabled": true,
  "tenantId": "00000000-0000-4000-8000-000000000000",
  "organizationId": "00000000-0000-4000-8000-000000000000",
  "createdBy": null,
  "updatedBy": null,
  "createdAt": "string",
  "updatedAt": "string",
  "members": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "ruleId": "00000000-0000-4000-8000-000000000000",
      "ruleName": "string",
      "ruleType": "string",
      "sequence": 1,
      "enabled": true
    }
  ]
}
400Invalid rule set id
Content-Type: application/json
{
  "error": "string"
}
404Rule set not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/business_rules/sets/:id" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/business_rules/sets/{id}/members
Auth requiredbusiness_rules.manage_sets

Add rule to set

Adds a business rule to a rule set with specified sequence and enabled state. Requires features: business_rules.manage_sets

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Request body (application/json)

{
  "ruleId": "00000000-0000-4000-8000-000000000000",
  "sequence": 0,
  "enabled": true
}

Responses

201Member added
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000"
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
404Rule set or rule not found
Content-Type: application/json
{
  "error": "string"
}
409Rule already in set
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/business_rules/sets/:id/members" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"ruleId\": \"00000000-0000-4000-8000-000000000000\",
  \"sequence\": 0,
  \"enabled\": true
}"
PUT/business_rules/sets/{id}/members
Auth requiredbusiness_rules.manage_sets

Update set member

Updates sequence or enabled state of a rule set member. Requires features: business_rules.manage_sets

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Request body (application/json)

{
  "memberId": "00000000-0000-4000-8000-000000000000"
}

Responses

200Member updated
Content-Type: application/json
{
  "ok": true
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
404Member not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/business_rules/sets/:id/members" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"memberId\": \"00000000-0000-4000-8000-000000000000\"
}"
DELETE/business_rules/sets/{id}/members
Auth requiredbusiness_rules.manage_sets

Remove rule from set

Removes a business rule from a rule set (hard delete). Requires features: business_rules.manage_sets

Parameters

NameInRequiredSchemaDescription
idpathYesstring
memberIdqueryYesstringMember identifier

Responses

200Member removed
Content-Type: application/json
{
  "ok": true
}
400Invalid identifier
Content-Type: application/json
{
  "error": "string"
}
404Member not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/business_rules/sets/:id/members?memberId=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Search

15 endpoints
GET/search/embeddings
Auth requiredsearch.embeddings.view

Get embeddings configuration

Returns current embedding provider and model configuration. Requires features: search.embeddings.view

Responses

200Embeddings settings
Content-Type: application/json
{
  "settings": {
    "openaiConfigured": true,
    "autoIndexingEnabled": true,
    "autoIndexingLocked": true,
    "lockReason": null,
    "embeddingConfig": null,
    "configuredProviders": [
      "openai"
    ],
    "indexedDimension": null,
    "reindexRequired": true,
    "documentCount": null
  }
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/search/embeddings" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/search/embeddings
Auth requiredsearch.embeddings.manage

Update embeddings configuration

Updates the embedding provider and model settings. Requires features: search.embeddings.manage

Request body (application/json)

{}

Responses

200Updated settings
Content-Type: application/json
{
  "settings": {
    "openaiConfigured": true,
    "autoIndexingEnabled": true,
    "autoIndexingLocked": true,
    "lockReason": null,
    "embeddingConfig": null,
    "configuredProviders": [
      "openai"
    ],
    "indexedDimension": null,
    "reindexRequired": true,
    "documentCount": null
  }
}
400Invalid request
Content-Type: application/json
{
  "error": "string"
}
409Auto-indexing disabled via environment
Content-Type: application/json
{
  "error": "string"
}
500Update failed
Content-Type: application/json
{
  "error": "string"
}
503Configuration service unavailable
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/search/embeddings" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{}"
POST/search/embeddings/reindex
Auth requiredsearch.embeddings.manage

Trigger vector reindex

Starts a vector embedding reindex operation. Requires features: search.embeddings.manage

Request body (application/json)

{}

Responses

200Reindex result
Content-Type: application/json
{
  "ok": true
}
409Reindex already in progress
Content-Type: application/json
{
  "error": "string",
  "lock": {
    "type": "fulltext",
    "action": "string",
    "startedAt": "string",
    "elapsedMinutes": 1,
    "processedCount": null,
    "totalCount": null
  }
}
500Reindex failed
Content-Type: application/json
{
  "error": "string"
}
503Search indexer unavailable
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/search/embeddings/reindex" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{}"
POST/search/embeddings/reindex/cancel
Auth requiredsearch.embeddings.manage

Cancel vector reindex

Cancels an in-progress vector reindex operation. Requires features: search.embeddings.manage

Responses

200Cancel result
Content-Type: application/json
{
  "ok": true,
  "jobsRemoved": 1
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/search/embeddings/reindex/cancel" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/search/index
Auth requiredsearch.view

List vector index entries

Returns paginated list of entries in the vector search index. Requires features: search.view

Parameters

NameInRequiredSchemaDescription
entityIdqueryNostringFilter by entity ID (e.g., "customers:customer_person_profile", "catalog:catalog_product")
limitqueryNonumberMaximum entries to return (default: 50, max: 200)
offsetqueryNonumberOffset for pagination (default: 0)

Responses

200Index entries
Content-Type: application/json
{
  "entries": [
    {
      "id": "string",
      "entityId": "string",
      "recordId": "string",
      "tenantId": "string",
      "organizationId": null
    }
  ],
  "limit": 1,
  "offset": 1
}
500Failed to fetch index
Content-Type: application/json
{
  "error": "string"
}
503Vector strategy unavailable
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/search/index" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
DELETE/search/index
Auth requiredsearch.embeddings.manage

Purge vector index

Purges entries from the vector search index. Requires confirmAll=true when purging all entities. Requires features: search.embeddings.manage

Parameters

NameInRequiredSchemaDescription
entityIdqueryNostringSpecific entity ID to purge (e.g., "customers:customer_person_profile", "catalog:catalog_product")
confirmAllqueryNostringRequired when purging all entities

Responses

200Purge result
Content-Type: application/json
{
  "ok": true
}
400Missing confirmAll parameter
Content-Type: application/json
{
  "error": "string"
}
500Purge failed
Content-Type: application/json
{
  "error": "string"
}
503Search indexer unavailable
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/search/index" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/search/reindex
Auth requiredsearch.reindex

Trigger fulltext reindex

Starts a fulltext (Meilisearch) reindex operation. Can clear, recreate, or fully reindex. Requires features: search.reindex

Request body (application/json)

{}

Responses

200Reindex result
Content-Type: application/json
{
  "ok": true,
  "action": "clear",
  "entityId": null
}
409Reindex already in progress
Content-Type: application/json
{
  "error": "string",
  "lock": {
    "type": "fulltext",
    "action": "string",
    "startedAt": "string",
    "elapsedMinutes": 1,
    "processedCount": null,
    "totalCount": null
  }
}
500Reindex failed
Content-Type: application/json
{
  "error": "string"
}
503Search service unavailable
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/search/reindex" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{}"
POST/search/reindex/cancel
Auth requiredsearch.reindex

Cancel fulltext reindex

Cancels an in-progress fulltext reindex operation. Requires features: search.reindex

Responses

200Cancel result
Content-Type: application/json
{
  "ok": true,
  "jobsRemoved": 1
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/search/reindex/cancel" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/search/search
Auth requiredsearch.view

Search across all indexed entities

Performs a search using configured strategies (fulltext, vector, tokens). Use for search playground. Requires features: search.view

Parameters

NameInRequiredSchemaDescription
qqueryYesstringSearch query (required)
limitqueryNonumberMaximum results to return (default: 50, max: 100)
strategiesqueryNostringComma-separated strategies to use: fulltext, vector, tokens (e.g., "fulltext,vector")
entityTypesqueryNostringComma-separated entity types to filter results (e.g., "customers:customer_person_profile,catalog:catalog_product,sales:sales_order")

Responses

200Search results
Content-Type: application/json
{
  "results": [
    {
      "entityId": "string",
      "recordId": "string",
      "score": 1,
      "source": "fulltext"
    }
  ],
  "strategiesUsed": [
    "fulltext"
  ],
  "timing": 1,
  "query": "string",
  "limit": 1
}
400Missing query parameter
Content-Type: application/json
{
  "error": "string"
}
500Search failed
Content-Type: application/json
{
  "error": "string"
}
503Search service unavailable
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/search/search?q=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/search/search/global
Auth requiredsearch.view

Global search (Cmd+K)

Performs a global search using saved tenant strategies. Does NOT accept strategies from URL. Requires features: search.view

Parameters

NameInRequiredSchemaDescription
qqueryYesstringSearch query (required)
limitqueryNonumberMaximum results to return (default: 50, max: 100)
entityTypesqueryNostringComma-separated entity types to filter results (e.g., "customers:customer_person_profile,catalog:catalog_product,sales:sales_order")

Responses

200Search results
Content-Type: application/json
{
  "results": [
    {
      "entityId": "string",
      "recordId": "string",
      "score": 1,
      "source": "fulltext"
    }
  ],
  "strategiesUsed": [
    "fulltext"
  ],
  "strategiesEnabled": [
    "fulltext"
  ],
  "timing": 1,
  "query": "string",
  "limit": 1
}
400Missing query parameter
Content-Type: application/json
{
  "error": "string"
}
500Search failed
Content-Type: application/json
{
  "error": "string"
}
503Search service unavailable
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/search/search/global?q=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/search/settings
Auth requiredsearch.view

Get search settings and status

Returns search module configuration, available strategies, and reindex lock status. Requires features: search.view

Responses

200Search settings
Content-Type: application/json
{
  "settings": {
    "strategies": [
      {
        "id": "string",
        "name": "string",
        "priority": 1,
        "available": true
      }
    ],
    "fulltextConfigured": true,
    "fulltextStats": null,
    "vectorConfigured": true,
    "tokensEnabled": true,
    "defaultStrategies": [
      "string"
    ],
    "reindexLock": null,
    "fulltextReindexLock": null,
    "vectorReindexLock": null
  }
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/search/settings" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/search/settings/fulltext
Auth requiredsearch.view

Get fulltext search configuration

Returns Meilisearch configuration status and index statistics. Requires features: search.view

Responses

200Fulltext settings
Content-Type: application/json
{
  "driver": null,
  "configured": true,
  "envVars": {
    "MEILISEARCH_HOST": {
      "set": true,
      "hint": "string"
    },
    "MEILISEARCH_API_KEY": {
      "set": true,
      "hint": "string"
    }
  },
  "optionalEnvVars": {
    "MEILISEARCH_INDEX_PREFIX": {
      "set": true,
      "hint": "string"
    },
    "SEARCH_EXCLUDE_ENCRYPTED_FIELDS": {
      "set": true,
      "hint": "string"
    }
  }
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/search/settings/fulltext" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/search/settings/global-search
Auth requiredsearch.view

Get global search strategies

Returns the enabled strategies for Cmd+K global search. Requires features: search.view

Responses

200Global search settings
Content-Type: application/json
{
  "enabledStrategies": [
    "fulltext"
  ]
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/search/settings/global-search" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/search/settings/global-search
Auth requiredsearch.manage

Update global search strategies

Sets which strategies are enabled for Cmd+K global search. Requires features: search.manage

Request body (application/json)

{
  "enabledStrategies": [
    "fulltext"
  ]
}

Responses

200Updated settings
Content-Type: application/json
{
  "ok": true,
  "enabledStrategies": [
    "fulltext"
  ]
}
400Invalid request
Content-Type: application/json
{
  "error": "string"
}
500Internal error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/search/settings/global-search" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"enabledStrategies\": [
    \"fulltext\"
  ]
}"
GET/search/settings/vector-store
Auth requiredsearch.view

Get vector store configuration

Returns vector store configuration status. Requires features: search.view

Responses

200Vector store settings
Content-Type: application/json
{
  "currentDriver": "pgvector",
  "configured": true,
  "drivers": [
    {
      "id": "pgvector",
      "name": "string",
      "configured": true,
      "implemented": true,
      "envVars": [
        {
          "name": "string",
          "set": true,
          "hint": "string"
        }
      ]
    }
  ]
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/search/settings/vector-store" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Currencies

14 endpoints
GET/currencies/currencies
Auth requiredcurrencies.view

List currencies

Returns a paginated collection of currencies scoped to the authenticated organization. Requires features: currencies.view

Parameters

NameInRequiredSchemaDescription
idqueryNostring
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
isBasequeryNostring
isActivequeryNostring
codequeryNostring

Responses

200Paginated currencies
Content-Type: application/json
{
  "items": [
    {
      "id": "string",
      "code": "string",
      "name": "string",
      "symbol": null,
      "decimalPlaces": 1,
      "thousandsSeparator": null,
      "decimalSeparator": null,
      "isBase": true,
      "isActive": true,
      "createdAt": null,
      "updatedAt": null,
      "organizationId": "string",
      "tenantId": "string"
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/currencies/currencies?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/currencies/currencies
Auth requiredcurrencies.manage

Create currency

Creates a new currency. Requires features: currencies.manage

Request body (application/json)

{
  "organizationId": "string",
  "tenantId": "string",
  "code": "string",
  "name": "string",
  "symbol": null,
  "thousandsSeparator": null,
  "decimalSeparator": null
}

Responses

201Currency created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/currencies/currencies" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"string\",
  \"tenantId\": \"string\",
  \"code\": \"string\",
  \"name\": \"string\",
  \"symbol\": null,
  \"thousandsSeparator\": null,
  \"decimalSeparator\": null
}"
PUT/currencies/currencies
Auth requiredcurrencies.manage

Update currency

Updates an existing currency by id. Requires features: currencies.manage

Request body (application/json)

{
  "id": "string",
  "symbol": null,
  "thousandsSeparator": null,
  "decimalSeparator": null
}

Responses

200Currency updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/currencies/currencies" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"string\",
  \"symbol\": null,
  \"thousandsSeparator\": null,
  \"decimalSeparator\": null
}"
DELETE/currencies/currencies
Auth requiredcurrencies.manage

Delete currency

Deletes a currency by id. Requires features: currencies.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Currency deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/currencies/currencies" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/currencies/currencies/options
Auth requiredcurrencies.view

List currency options

Returns currencies formatted for select inputs. Requires features: currencies.view

Parameters

NameInRequiredSchemaDescription
qqueryNostring
queryqueryNostring
searchqueryNostring
includeInactivequeryNostring
limitqueryNonumber

Responses

200Option list
Content-Type: application/json
{
  "items": [
    {
      "value": "string",
      "label": "string"
    }
  ]
}
400Invalid query
Content-Type: application/json
{
  "items": []
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/currencies/currencies/options?limit=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/currencies/exchange-rates
Auth requiredcurrencies.rates.view

List exchangerates

Returns a paginated collection of exchangerates scoped to the authenticated organization. Requires features: currencies.rates.view

Parameters

NameInRequiredSchemaDescription
idqueryNostring
pagequeryNonumber
pageSizequeryNonumber
sortFieldqueryNostring
sortDirqueryNostring
fromCurrencyCodequeryNostring
toCurrencyCodequeryNostring
isActivequeryNostring
sourcequeryNostring
typequeryNostring

Responses

200Paginated exchangerates
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "fromCurrencyCode": "string",
      "toCurrencyCode": "string",
      "rate": "string",
      "date": "string",
      "source": "string",
      "type": null,
      "isActive": true,
      "createdAt": null,
      "updatedAt": null,
      "organizationId": "00000000-0000-4000-8000-000000000000",
      "tenantId": "00000000-0000-4000-8000-000000000000"
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/currencies/exchange-rates?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/currencies/exchange-rates
Auth requiredcurrencies.rates.manage

Create exchangerate

Creates a new exchange rate. Requires features: currencies.rates.manage

Request body (application/json)

{
  "organizationId": "string",
  "tenantId": "string",
  "fromCurrencyCode": "string",
  "toCurrencyCode": "string",
  "rate": "string",
  "type": null
}

Responses

201ExchangeRate created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/currencies/exchange-rates" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"organizationId\": \"string\",
  \"tenantId\": \"string\",
  \"fromCurrencyCode\": \"string\",
  \"toCurrencyCode\": \"string\",
  \"rate\": \"string\",
  \"type\": null
}"
PUT/currencies/exchange-rates
Auth requiredcurrencies.rates.manage

Update exchangerate

Updates an existing exchange rate by id. Requires features: currencies.rates.manage

Request body (application/json)

{
  "id": "string",
  "type": null
}

Responses

200ExchangeRate updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/currencies/exchange-rates" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"string\",
  \"type\": null
}"
DELETE/currencies/exchange-rates
Auth requiredcurrencies.rates.manage

Delete exchangerate

Deletes an exchange rate by id. Requires features: currencies.rates.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200ExchangeRate deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/currencies/exchange-rates" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/currencies/fetch-configs

List currency fetch configurations

Returns all currency fetch configurations scoped to the authenticated organization.

Responses

200A list of currency fetch configurations
Content-Type: application/json
{
  "configs": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "organizationId": "00000000-0000-4000-8000-000000000000",
      "tenantId": "00000000-0000-4000-8000-000000000000",
      "provider": "string",
      "isEnabled": true,
      "syncTime": null,
      "lastSyncAt": null,
      "lastSyncStatus": null,
      "lastSyncMessage": null,
      "lastSyncCount": null,
      "config": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ]
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/currencies/fetch-configs" \
  -H "Accept: application/json"
POST/currencies/fetch-configs

Create currency fetch configuration

Creates a new currency fetch configuration.

Request body (application/json)

{
  "provider": "NBP",
  "isEnabled": false,
  "syncTime": null,
  "config": null
}

Responses

201Currency fetch configuration created successfully
Content-Type: application/json
{
  "config": {
    "id": "00000000-0000-4000-8000-000000000000",
    "organizationId": "00000000-0000-4000-8000-000000000000",
    "tenantId": "00000000-0000-4000-8000-000000000000",
    "provider": "string",
    "isEnabled": true,
    "syncTime": null,
    "lastSyncAt": null,
    "lastSyncStatus": null,
    "lastSyncMessage": null,
    "lastSyncCount": null,
    "config": null,
    "createdAt": "string",
    "updatedAt": "string"
  }
}
400Bad request
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/currencies/fetch-configs" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d "{
  \"provider\": \"NBP\",
  \"isEnabled\": false,
  \"syncTime\": null,
  \"config\": null
}"
PUT/currencies/fetch-configs

Update currency fetch configuration

Updates an existing currency fetch configuration by id.

Request body (application/json)

{
  "syncTime": null,
  "config": null,
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Currency fetch configuration updated successfully
Content-Type: application/json
{
  "config": {
    "id": "00000000-0000-4000-8000-000000000000",
    "organizationId": "00000000-0000-4000-8000-000000000000",
    "tenantId": "00000000-0000-4000-8000-000000000000",
    "provider": "string",
    "isEnabled": true,
    "syncTime": null,
    "lastSyncAt": null,
    "lastSyncStatus": null,
    "lastSyncMessage": null,
    "lastSyncCount": null,
    "config": null,
    "createdAt": "string",
    "updatedAt": "string"
  }
}
400Bad request
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/currencies/fetch-configs" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d "{
  \"syncTime\": null,
  \"config\": null,
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
DELETE/currencies/fetch-configs

Delete currency fetch configuration

Deletes a currency fetch configuration by id.

Parameters

NameInRequiredSchemaDescription
idqueryYesstringCurrency fetch configuration identifier to delete

Responses

200Currency fetch configuration deleted successfully
Content-Type: application/json
{
  "success": true
}
400Bad request
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/currencies/fetch-configs?id=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json"
POST/currencies/fetch-rates

Fetch currency rates

Fetches currency exchange rates from configured providers for a specific date.

Request body (application/json)

{}

Responses

200Currency rates fetched successfully
Content-Type: application/json
{
  "totalFetched": 1,
  "byProvider": {
    "key": {
      "count": 1
    }
  },
  "errors": [
    "string"
  ]
}
400Bad request
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "totalFetched": 1,
  "byProvider": {
    "key": {
      "count": 1
    }
  },
  "errors": [
    "string"
  ]
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/currencies/fetch-rates" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d "{}"

Events

1 endpoints
GET/events/stream
Auth required

GET /events/stream

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://admin-dev.getcovo.com/api/events/stream" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Notifications

13 endpoints
GET/notifications
Auth required

List notifications

Returns a paginated collection of notifications.

Parameters

NameInRequiredSchemaDescription
statusqueryNoany
typequeryNostring
severityqueryNostring
sourceEntityTypequeryNostring
sourceEntityIdqueryNostring
sincequeryNostring
pagequeryNonumber
pageSizequeryNonumber

Responses

200Paginated notifications
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "type": "string",
      "title": "string",
      "body": null,
      "titleKey": null,
      "bodyKey": null,
      "titleVariables": null,
      "bodyVariables": null,
      "icon": null,
      "severity": "string",
      "status": "string",
      "actions": [
        {
          "id": "string",
          "label": "string"
        }
      ],
      "sourceModule": null,
      "sourceEntityType": null,
      "sourceEntityId": null,
      "linkHref": null,
      "createdAt": "string",
      "readAt": null,
      "actionTaken": null
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/notifications?page=1&pageSize=20" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/notifications
Auth requirednotifications.create

Create notification

Creates a notification for a user. Requires features: notifications.create

Request body (application/json)

{
  "type": "string",
  "severity": "info",
  "recipientUserId": "00000000-0000-4000-8000-000000000000"
}

Responses

201Notification created
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/notifications" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"type\": \"string\",
  \"severity\": \"info\",
  \"recipientUserId\": \"00000000-0000-4000-8000-000000000000\"
}"
POST/notifications/batch
Auth requirednotifications.create

POST /notifications/batch

Requires features: notifications.create

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://admin-dev.getcovo.com/api/notifications/batch" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/notifications/feature
Auth requirednotifications.create

POST /notifications/feature

Requires features: notifications.create

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://admin-dev.getcovo.com/api/notifications/feature" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/notifications/mark-all-read
Auth required

PUT /notifications/mark-all-read

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/notifications/mark-all-read" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/notifications/role
Auth requirednotifications.create

POST /notifications/role

Requires features: notifications.create

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://admin-dev.getcovo.com/api/notifications/role" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/notifications/settings
Auth requirednotifications.manage

GET /notifications/settings

Requires features: notifications.manage

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://admin-dev.getcovo.com/api/notifications/settings" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/notifications/settings
Auth requirednotifications.manage

POST /notifications/settings

Requires features: notifications.manage

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://admin-dev.getcovo.com/api/notifications/settings" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/notifications/unread-count
Auth required

GET /notifications/unread-count

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://admin-dev.getcovo.com/api/notifications/unread-count" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/notifications/{id}/action
Auth required

POST /notifications/{id}/action

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://admin-dev.getcovo.com/api/notifications/:id/action" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/notifications/{id}/dismiss
Auth required

PUT /notifications/{id}/dismiss

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/notifications/:id/dismiss" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/notifications/{id}/read
Auth required

PUT /notifications/{id}/read

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/notifications/:id/read" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/notifications/{id}/restore
Auth required

PUT /notifications/{id}/restore

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/notifications/:id/restore" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

AI Assistant

7 endpoints
POST/ai_assistant/chat
Auth requiredai_assistant.view

POST /ai_assistant/chat

Requires features: ai_assistant.view

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://admin-dev.getcovo.com/api/ai_assistant/chat" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/ai_assistant/health
Auth requiredai_assistant.view

GET /ai_assistant/health

Requires features: ai_assistant.view

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://admin-dev.getcovo.com/api/ai_assistant/health" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/ai_assistant/route
Auth requiredai_assistant.view

POST /ai_assistant/route

Requires features: ai_assistant.view

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://admin-dev.getcovo.com/api/ai_assistant/route" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/ai_assistant/session-key
Auth requiredai_assistant.view

Generate session key

Generates a new session token that can be included in MCP tool calls via the _sessionToken parameter. The token inherits the calling user's roles and organization context. Requires features: ai_assistant.view

Responses

200Session key created successfully
Content-Type: application/json
{
  "sessionToken": "string",
  "expiresAt": "string"
}
500Failed to create session key
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/ai_assistant/session-key" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/ai_assistant/settings
Auth requiredai_assistant.view

GET /ai_assistant/settings

Requires features: ai_assistant.view

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://admin-dev.getcovo.com/api/ai_assistant/settings" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/ai_assistant/tools
Auth requiredai_assistant.view

GET /ai_assistant/tools

Requires features: ai_assistant.view

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://admin-dev.getcovo.com/api/ai_assistant/tools" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/ai_assistant/tools/execute
Auth requiredai_assistant.view

POST /ai_assistant/tools/execute

Requires features: ai_assistant.view

Responses

201Success response
Content-Type: application/json
{}

Example

curl -X POST "https://admin-dev.getcovo.com/api/ai_assistant/tools/execute" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Scheduler

8 endpoints
GET/scheduler/jobs
Auth requiredscheduler.jobs.view

List scheduledjobs

Returns a paginated collection of scheduledjobs scoped to the authenticated organization. Requires features: scheduler.jobs.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
idqueryNostring
searchqueryNostring
scopeTypequeryNostring
isEnabledqueryYesany
sourceTypequeryNostring
sourceModulequeryNostring
sortqueryNostring
orderqueryNostring

Responses

200Paginated scheduledjobs
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "description": null,
      "scopeType": "system",
      "organizationId": null,
      "tenantId": null,
      "scheduleType": "cron",
      "scheduleValue": "string",
      "timezone": "string",
      "targetType": "queue",
      "targetQueue": null,
      "targetCommand": null,
      "targetPayload": null,
      "requireFeature": null,
      "isEnabled": true,
      "lastRunAt": null,
      "nextRunAt": null,
      "sourceType": "user",
      "sourceModule": null,
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/scheduler/jobs?page=1&pageSize=20" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/scheduler/jobs
Auth requiredscheduler.jobs.manage

Create scheduledjob

Creates a new scheduled job with cron or interval-based scheduling. Requires features: scheduler.jobs.manage

Request body (application/json)

{
  "name": "string",
  "description": null,
  "scopeType": "system",
  "organizationId": null,
  "tenantId": null,
  "scheduleType": "cron",
  "scheduleValue": "string",
  "timezone": "UTC",
  "targetType": "queue",
  "targetQueue": null,
  "targetCommand": null,
  "targetPayload": null,
  "requireFeature": null,
  "isEnabled": true,
  "sourceType": "user",
  "sourceModule": null
}

Responses

201ScheduledJob created
Content-Type: application/json
{
  "id": null
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/scheduler/jobs" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"name\": \"string\",
  \"description\": null,
  \"scopeType\": \"system\",
  \"organizationId\": null,
  \"tenantId\": null,
  \"scheduleType\": \"cron\",
  \"scheduleValue\": \"string\",
  \"timezone\": \"UTC\",
  \"targetType\": \"queue\",
  \"targetQueue\": null,
  \"targetCommand\": null,
  \"targetPayload\": null,
  \"requireFeature\": null,
  \"isEnabled\": true,
  \"sourceType\": \"user\",
  \"sourceModule\": null
}"
PUT/scheduler/jobs
Auth requiredscheduler.jobs.manage

Update scheduledjob

Updates an existing scheduled job by ID. Requires features: scheduler.jobs.manage

Request body (application/json)

{
  "id": "string",
  "description": null,
  "targetQueue": null,
  "targetCommand": null,
  "targetPayload": null,
  "requireFeature": null
}

Responses

200ScheduledJob updated
Content-Type: application/json
{
  "ok": true
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/scheduler/jobs" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"string\",
  \"description\": null,
  \"targetQueue\": null,
  \"targetCommand\": null,
  \"targetPayload\": null,
  \"requireFeature\": null
}"
DELETE/scheduler/jobs
Auth requiredscheduler.jobs.manage

Delete scheduledjob

Deletes a scheduled job by ID. Requires features: scheduler.jobs.manage

Request body (application/json)

{
  "id": "string"
}

Responses

200ScheduledJob deleted
Content-Type: application/json
{
  "ok": true
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/scheduler/jobs" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"string\"
}"
GET/scheduler/jobs/{id}/executions

Get execution history for a schedule

Fetch recent executions from BullMQ for a scheduled job. Requires QUEUE_STRATEGY=async.

Parameters

NameInRequiredSchemaDescription
idpathYesstring
pageSizequeryNonumber

Responses

200Execution history
Content-Type: application/json
{
  "items": [
    {
      "id": "string",
      "scheduleId": "00000000-0000-4000-8000-000000000000",
      "startedAt": "string",
      "finishedAt": null,
      "status": "running",
      "triggerType": "scheduled",
      "triggeredByUserId": null,
      "errorMessage": null,
      "errorStack": null,
      "durationMs": null,
      "queueJobId": "string",
      "queueName": "string",
      "attemptsMade": 1,
      "result": null
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1
}
400Local strategy not supported
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
403Access denied
Content-Type: application/json
{
  "error": "string"
}
404Schedule not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/scheduler/jobs/:id/executions?pageSize=20" \
  -H "Accept: application/json"
GET/scheduler/queue-jobs/{jobId}

Get BullMQ job details and logs

Fetch detailed information and logs for a queue job. Requires QUEUE_STRATEGY=async.

Parameters

NameInRequiredSchemaDescription
jobIdpathYesstring
queuequeryYesstring

Responses

200Job details and logs
Content-Type: application/json
{
  "id": "string",
  "name": "string",
  "state": "waiting",
  "progress": null,
  "returnvalue": null,
  "failedReason": null,
  "stacktrace": null,
  "attemptsMade": 1,
  "processedOn": null,
  "finishedOn": null,
  "logs": [
    "string"
  ]
}
400Invalid request or local strategy not supported
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
403Access denied
Content-Type: application/json
{
  "error": "string"
}
404Job not found
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/scheduler/queue-jobs/:jobId?queue=string" \
  -H "Accept: application/json"
GET/scheduler/targets

List available queues and commands

Returns all registered queue names (from module workers) and command IDs (from the command registry) that can be used as schedule targets.

Responses

200Available targets
Content-Type: application/json
{
  "queues": [
    {
      "value": "string",
      "label": "string"
    }
  ],
  "commands": [
    {
      "value": "string",
      "label": "string"
    }
  ]
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/scheduler/targets" \
  -H "Accept: application/json"
POST/scheduler/trigger

Manually trigger a schedule

Executes a scheduled job immediately, bypassing the scheduled time. Only works with async queue strategy.

Request body (application/json)

{
  "id": "string"
}

Responses

200Schedule triggered successfully
Content-Type: application/json
{
  "ok": true,
  "jobId": "string",
  "message": "string"
}
400Invalid request or local strategy not supported
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
403Access denied
Content-Type: application/json
{
  "error": "string"
}
404Schedule not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/scheduler/trigger" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"string\"
}"

Health

2 endpoints
GET/health/live

GET /health/live

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://admin-dev.getcovo.com/api/health/live" \
  -H "Accept: application/json"
GET/health/ready

GET /health/ready

Responses

200Success response
Content-Type: application/json
{}

Example

curl -X GET "https://admin-dev.getcovo.com/api/health/ready" \
  -H "Accept: application/json"

Wallet

2 endpoints
GET/wallet/me/wallets
Auth requiredwallet.balance.view

Get current user wallets

Returns standard, bonus, and combined virtual wallet with balances. Requires features: wallet.balance.view

Responses

200User wallets
Content-Type: application/json
{
  "wallets": [
    {
      "id": null,
      "type": "standard",
      "balance": {
        "amount": 1,
        "currency": "string"
      }
    }
  ]
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/wallet/me/wallets" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/wallet/me/wallets/transactions
Auth requiredwallet.transactions.view

Get transaction history

Returns paginated transaction history across all wallets, sorted by date descending. Requires features: wallet.transactions.view

Parameters

NameInRequiredSchemaDescription
limitqueryNonumber
offsetqueryNonumber
typequeryNostring
walletTypequeryNostring

Responses

200Transaction list
Content-Type: application/json
{
  "transactions": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "walletId": "00000000-0000-4000-8000-000000000000",
      "walletType": "standard",
      "type": "credit",
      "amount": {
        "amount": 1,
        "currency": "string"
      },
      "description": "string",
      "referenceType": "top_up",
      "referenceId": null,
      "createdAt": "string"
    }
  ],
  "total": 1
}
400Invalid query
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/wallet/me/wallets/transactions?limit=20&offset=0" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

eSIMs

9 endpoints
POST/esims
Auth requiredesims.create

Create eSIM for authenticated consumer

Creates a new eSIM for the authenticated consumer. Provisions via 1Global. Requires features: esims.create

Request body (application/json)

{}

Responses

201eSIM created
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "status": "pending"
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
404Consumer profile not found
Content-Type: application/json
{
  "error": "string"
}
5021Global API error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/esims" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{}"
GET/esims/admin
Auth requiredesims.admin.list

List eSIMs

Returns eSIMs with pagination, search, and sorting. Pass id query param to get a single eSIM. Requires features: esims.admin.list

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
sortFieldqueryNostring
sortDirqueryNostring
searchqueryNostring
idqueryNostring
consumerIdqueryNostring

Responses

200eSIM list
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "status": "pending",
      "iccid": null,
      "consumerProfileId": "00000000-0000-4000-8000-000000000000",
      "consumerEmail": null,
      "qrCodeUrl": null,
      "oneGlobalOrderId": null,
      "oneGlobalSubscriptionId": null,
      "isThrottled": true,
      "createdAt": "string"
    }
  ],
  "total": 1,
  "totalPages": 1
}
400Invalid query
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/esims/admin?page=1&pageSize=50&sortField=createdAt&sortDir=desc" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/esims/admin
Auth requiredesims.admin.update

Update eSIM

Updates an eSIM name. Requires features: esims.admin.update

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "name": "string"
}

Responses

200eSIM updated
Content-Type: application/json
{
  "ok": true
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
404eSIM not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/esims/admin" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"name\": \"string\"
}"
POST/esims/admin/generate
Auth requiredesims.admin.generate

Generate eSIM for consumer

Creates 1Global account/subscriber if needed, then places an activate_subscription order. Returns immediately with pending status; actual eSIM provisioning happens async via webhooks. Requires features: esims.admin.generate

Request body (application/json)

{
  "consumerId": "00000000-0000-4000-8000-000000000000",
  "name": "string"
}

Responses

201eSIM generation started
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "status": "pending"
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
404Consumer not found or not active
Content-Type: application/json
{
  "error": "string"
}
5021Global API error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/esims/admin/generate" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"consumerId\": \"00000000-0000-4000-8000-000000000000\",
  \"name\": \"string\"
}"
GET/esims/list
Auth requiredesims.list

List user eSIMs

Returns list of eSIMs for the authenticated user with status and usage summary. Requires features: esims.list

Parameters

NameInRequiredSchemaDescription
statusqueryNostring
pagequeryNonumber
pageSizequeryNonumber

Responses

200eSIM list
Content-Type: application/json
{
  "esims": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "iccid": null,
      "status": "pending",
      "phoneNumber": null,
      "countryCode": null,
      "usedBytes": 1,
      "totalBytes": 1,
      "dataLimitBytes": null,
      "usagePercent": null,
      "homeZoneDisabled": true
    }
  ],
  "total": 1,
  "totalPages": 1
}
400Invalid query parameters
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/esims/list?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/esims/usage-summary
Auth requiredesims.usage

Get aggregated usage summary

Returns aggregated usage data across all active eSIMs. Requires features: esims.usage

Responses

200Usage summary
Content-Type: application/json
{
  "totalUsedBytes": 1,
  "totalAvailableBytes": null,
  "dataLimitBytes": null,
  "activeEsimCount": 1
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/esims/usage-summary" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/esims/{id}
Auth requiredesims.view

Get eSIM details

Returns full eSIM details including activation info and QR code. Requires features: esims.view

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200eSIM details
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "iccid": null,
  "qrCodeUrl": null,
  "activationCode": null,
  "matchingId": null,
  "status": "pending",
  "phoneNumber": null,
  "countryCode": null,
  "usedBytes": 1,
  "totalBytes": 1,
  "dataLimitBytes": null,
  "expiresAt": null,
  "homeZoneDisabled": true,
  "isThrottled": true
}
400Invalid ID
Content-Type: application/json
{
  "error": "string"
}
404eSIM not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/esims/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/esims/{id}/home-zone
Auth requiredesims.home-zone

Enable/disable home zone for eSIM

Toggles the home zone setting for the consumer's eSIM. Only the eSIM owner can update this. Requires features: esims.home-zone

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Request body (application/json)

{
  "disabled": true
}

Responses

200Home zone updated
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "homeZoneDisabled": true
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
404eSIM not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/esims/00000000-0000-4000-8000-000000000000/home-zone" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"disabled\": true
}"
GET/esims/{id}/usage
Auth requiredesims.usage

Get eSIM usage

Returns detailed usage data with 7-day timeline for charts. Requires features: esims.usage

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200eSIM usage data
Content-Type: application/json
{
  "usedBytes": 1,
  "totalBytes": 1,
  "dataLimitBytes": null,
  "usagePercent": null,
  "timeline": [
    {
      "date": "string",
      "usageBytes": 1,
      "totalBytes": 1
    }
  ]
}
400Invalid ID
Content-Type: application/json
{
  "error": "string"
}
404eSIM not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/esims/00000000-0000-4000-8000-000000000000/usage" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Invite Codes

7 endpoints
GET/invite_codes/admin
Auth requiredinvite-codes.admin.list

List all invite codes (admin)

Returns all invite codes with pagination, status filter, and search. Includes creator and redeemer info. Requires features: invite-codes.admin.list

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
sortFieldqueryNostring
sortDirqueryNostring
statusqueryNostring
createdByUserIdqueryNostring
searchqueryNostring

Responses

200Paginated list of invite codes
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "code": "string",
      "status": "available",
      "createdByUserId": "00000000-0000-4000-8000-000000000000",
      "createdByName": null,
      "createdByEmail": null,
      "usedByConsumerId": null,
      "usedByName": null,
      "usedByEmail": null,
      "usedAt": null,
      "createdAt": "string",
      "expiresAt": null,
      "revokedAt": null
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/invite_codes/admin?page=1&pageSize=25&sortField=createdAt&sortDir=desc" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/invite_codes/admin/generate
Auth requiredinvite-codes.admin.create

Generate invite code (admin)

Generates a new invite code without the 3-code consumer limit. Requires features: invite-codes.admin.create

Request body (application/json)

{
  "expiresAt": null
}

Responses

200Generated invite code
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "code": "string",
  "createdAt": "string",
  "expiresAt": null
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/invite_codes/admin/generate" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"expiresAt\": null
}"
POST/invite_codes/admin/revoke
Auth requiredinvite-codes.admin.revoke

Revoke an invite code (admin)

Revokes an unused invite code. Used codes cannot be revoked. Requires features: invite-codes.admin.revoke

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Code revoked
Content-Type: application/json
{
  "ok": true
}
422Code already used
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/invite_codes/admin/revoke" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
POST/invite_codes/apply
Auth requiredinvite-codes.apply

Apply an invite code to activate account

Applies an invite code to activate the consumer account. Rate limited to 3 requests/min per user. Requires features: invite-codes.apply

Request body (application/json)

{
  "code": "string"
}

Responses

200Account activated
Content-Type: application/json
{
  "activated": true
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
422Invalid code, already active, or code issue
Content-Type: application/json
{
  "error": "string"
}
429Rate limit exceeded
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/invite_codes/apply" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"code\": \"string\"
}"
POST/invite_codes/generate
Auth requiredinvite-codes.generate

Generate a new invite code

Generates a new invite code for the authenticated active consumer. Limited to 3 active codes per consumer. Requires features: invite-codes.generate

Responses

200Generated invite code
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "code": "string",
  "createdAt": "string",
  "expiresAt": null
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/invite_codes/generate" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/invite_codes/me
Auth requiredinvite-codes.list

List own invite codes

Returns all invite codes created by the authenticated consumer. Requires features: invite-codes.list

Responses

200List of invite codes
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "code": "string",
      "status": "available",
      "usedAt": null,
      "createdAt": "string",
      "expiresAt": null
    }
  ]
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/invite_codes/me" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/invite_codes/verify
Auth requiredinvite-codes.verify

Verify an invite code

Checks whether an invite code is valid without consuming it. Rate limited to 3 requests/min per user. Requires features: invite-codes.verify

Request body (application/json)

{
  "code": "string"
}

Responses

200Code verification result
Content-Type: application/json
{
  "valid": true,
  "type": "string"
}
422Invalid, expired, or used code
Content-Type: application/json
{
  "error": "string"
}
429Rate limit exceeded
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/invite_codes/verify" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"code\": \"string\"
}"

Authentication

2 endpoints
POST/better_auth/signup

Sign up with email and password

Creates a new user account with email and password. Returns JWT token, refresh token, and consumer profile.

Request body (application/json)

{
  "email": "user@example.com",
  "password": "string"
}

Responses

200Signup successful
Content-Type: application/json
{
  "token": "string",
  "refreshToken": "string",
  "user": {
    "id": "00000000-0000-4000-8000-000000000000",
    "userId": "00000000-0000-4000-8000-000000000000",
    "email": "user@example.com",
    "firstName": null,
    "lastName": null,
    "phone": null,
    "languageCode": null,
    "displayCurrency": null,
    "homeCountryCode": null,
    "travelProfile": null,
    "address": null,
    "active": true,
    "createdAt": "string"
  }
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
409Email already registered
Content-Type: application/json
{
  "error": "string"
}
500Signup failed
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/better_auth/signup" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d "{
  \"email\": \"user@example.com\",
  \"password\": \"string\"
}"
POST/better_auth/social

Sign in or sign up with a social provider

Verifies the provider ID token via BetterAuth, creates or finds the user, and returns a platform JWT.

Request body (application/json)

{
  "provider": "google",
  "token": "string"
}

Responses

200SSO authentication successful
Content-Type: application/json
{
  "token": "string",
  "refreshToken": "string",
  "user": {
    "id": "00000000-0000-4000-8000-000000000000",
    "userId": "00000000-0000-4000-8000-000000000000",
    "email": "user@example.com",
    "firstName": null,
    "lastName": null,
    "phone": null,
    "languageCode": null,
    "displayCurrency": null,
    "homeCountryCode": null,
    "travelProfile": null,
    "address": null,
    "active": true,
    "createdAt": "string"
  },
  "isNewUser": true
}
400Invalid payload or unsupported provider
Content-Type: application/json
{
  "error": "string"
}
401Invalid or expired token
Content-Type: application/json
{
  "error": "string"
}
500SSO processing failed
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/better_auth/social" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d "{
  \"provider\": \"google\",
  \"token\": \"string\"
}"

Configs

6 endpoints
GET/configs/cache
Auth requiredconfigs.cache.view

Get cache statistics

Returns detailed cache statistics including total entries and breakdown by cache segments. Requires cache service to be available. Requires features: configs.cache.view

Responses

200Cache statistics
Content-Type: application/json
{
  "total": 1,
  "segments": {
    "key": 1
  }
}
500Failed to resolve cache stats
Content-Type: application/json
{
  "error": "string"
}
503Cache service unavailable
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/configs/cache" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/configs/cache
Auth requiredconfigs.cache.manage

Purge cache

Purges cache entries. Supports two actions: purgeAll (clears entire cache) or purgeSegment (clears specific segment). Returns updated cache statistics after purge. Requires features: configs.cache.manage

Request body (application/json)

{
  "action": "purgeAll"
}

Responses

200Cache segment cleared successfully
Content-Type: application/json
{
  "action": "purgeSegment",
  "segment": "string",
  "deleted": 1,
  "stats": {
    "total": 1,
    "segments": {
      "key": 1
    }
  }
}
400Invalid request - missing segment identifier for purgeSegment action
Content-Type: application/json
{
  "error": "string"
}
500Failed to purge cache
Content-Type: application/json
{
  "error": "string"
}
503Cache service unavailable
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/configs/cache" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"action\": \"purgeAll\"
}"
GET/configs/system-status
Auth requiredconfigs.system_status.view

Get system health status

Returns comprehensive system health information including environment details, version, resource usage, and service connectivity status. Requires features: configs.system_status.view

Responses

200System status snapshot
Content-Type: application/json
{
  "generatedAt": "string",
  "runtimeMode": "development",
  "categories": [
    {
      "key": "profiling",
      "labelKey": "string",
      "descriptionKey": null,
      "items": [
        {
          "key": "string",
          "category": "profiling",
          "kind": "boolean",
          "labelKey": "string",
          "descriptionKey": "string",
          "docUrl": null,
          "defaultValue": null,
          "state": "enabled",
          "value": null,
          "normalizedValue": null
        }
      ]
    }
  ]
}
500Failed to load system status
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/configs/system-status" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/configs/system-status
Auth requiredconfigs.manage

Clear system cache

Purges the entire cache for the current tenant. Useful for troubleshooting or forcing fresh data loading. Requires features: configs.manage

Responses

200Cache cleared successfully
Content-Type: application/json
{
  "cleared": true
}
500Failed to purge cache
Content-Type: application/json
{
  "error": "string"
}
503Cache service unavailable
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/configs/system-status" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/configs/upgrade-actions
Auth requiredconfigs.manage

List pending upgrade actions

Returns a list of pending upgrade actions for the current version. These are one-time setup tasks that need to be executed after upgrading to a new version. Requires organization and tenant context. Requires features: configs.manage

Responses

200List of pending upgrade actions
Content-Type: application/json
{
  "version": "string",
  "actions": [
    {
      "id": "string",
      "version": "string",
      "message": "string",
      "ctaLabel": "string",
      "successMessage": "string",
      "loadingLabel": "string"
    }
  ]
}
400Missing organization or tenant context
Content-Type: application/json
{
  "error": "string"
}
500Failed to load upgrade actions
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/configs/upgrade-actions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/configs/upgrade-actions
Auth requiredconfigs.manage

Execute upgrade action

Executes a specific upgrade action by ID. Typically used for one-time setup tasks like seeding example data after version upgrade. Returns execution status and localized success message. Requires features: configs.manage

Request body (application/json)

{
  "actionId": "string"
}

Responses

200Upgrade action executed successfully
Content-Type: application/json
{
  "status": "string",
  "message": "string",
  "version": "string"
}
400Invalid request body or missing context
Content-Type: application/json
{
  "error": "string"
}
500Failed to execute upgrade action
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/configs/upgrade-actions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"actionId\": \"string\"
}"

Consumers

6 endpoints
GET/consumers/admin
Auth requiredconsumers.admin.list

List consumers

Returns consumers with pagination and search. Pass id query param to get a single consumer. Requires features: consumers.admin.list

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
sortFieldqueryNostring
sortDirqueryNostring
searchqueryNostring
idqueryNostring
userIdqueryNostring

Responses

200Consumer list
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "userId": "00000000-0000-4000-8000-000000000000",
      "email": "user@example.com",
      "firstName": null,
      "lastName": null,
      "phone": null,
      "languageCode": null,
      "displayCurrency": null,
      "homeCountryCode": null,
      "travelProfile": null,
      "address": null,
      "active": true,
      "createdAt": "string"
    }
  ],
  "total": 1,
  "totalPages": 1
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/consumers/admin?page=1&pageSize=50&sortField=createdAt&sortDir=desc" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/consumers/admin
Auth requiredconsumers.admin.create

Create consumer

Creates a new user and consumer profile. Requires features: consumers.admin.create

Request body (application/json)

{
  "email": "user@example.com",
  "password": "string",
  "firstName": null,
  "lastName": null,
  "phone": null,
  "languageCode": null,
  "displayCurrency": null,
  "homeCountryCode": null,
  "travelProfile": null,
  "address": null
}

Responses

201Consumer created
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000"
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
409Email already exists
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/consumers/admin" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"email\": \"user@example.com\",
  \"password\": \"string\",
  \"firstName\": null,
  \"lastName\": null,
  \"phone\": null,
  \"languageCode\": null,
  \"displayCurrency\": null,
  \"homeCountryCode\": null,
  \"travelProfile\": null,
  \"address\": null
}"
PUT/consumers/admin
Auth requiredconsumers.admin.update

Update consumer

Updates a consumer profile by id. Requires features: consumers.admin.update

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "firstName": null,
  "lastName": null,
  "phone": null,
  "languageCode": null,
  "displayCurrency": null,
  "homeCountryCode": null,
  "travelProfile": null,
  "address": null
}

Responses

200Consumer updated
Content-Type: application/json
{
  "ok": true
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
404Consumer not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/consumers/admin" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"firstName\": null,
  \"lastName\": null,
  \"phone\": null,
  \"languageCode\": null,
  \"displayCurrency\": null,
  \"homeCountryCode\": null,
  \"travelProfile\": null,
  \"address\": null
}"
DELETE/consumers/admin
Auth requiredconsumers.admin.delete

Delete consumer

Soft-deletes a consumer profile by id. Requires features: consumers.admin.delete

Parameters

NameInRequiredSchemaDescription
idqueryYesstringConsumer profile identifier

Responses

200Consumer deleted
Content-Type: application/json
{
  "ok": true
}
400Missing id
Content-Type: application/json
{
  "error": "string"
}
404Consumer not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/consumers/admin?id=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/consumers/me
Auth required

Get current consumer profile

Returns the authenticated consumer profile with Covo-specific fields.

Responses

200Consumer profile
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "userId": "00000000-0000-4000-8000-000000000000",
  "email": "user@example.com",
  "firstName": null,
  "lastName": null,
  "phone": null,
  "languageCode": null,
  "displayCurrency": null,
  "homeCountryCode": null,
  "travelProfile": null,
  "address": null,
  "active": true,
  "createdAt": "string"
}
404User not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/consumers/me" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PATCH/consumers/me
Auth required

Update consumer profile

Updates profile fields for the authenticated consumer. All fields are optional.

Request body (application/json)

{
  "firstName": null,
  "lastName": null,
  "phone": null,
  "languageCode": null,
  "displayCurrency": null,
  "homeCountryCode": null,
  "travelProfile": null,
  "address": null
}

Responses

200Updated profile
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "userId": "00000000-0000-4000-8000-000000000000",
  "email": "user@example.com",
  "firstName": null,
  "lastName": null,
  "phone": null,
  "languageCode": null,
  "displayCurrency": null,
  "homeCountryCode": null,
  "travelProfile": null,
  "address": null,
  "active": true,
  "createdAt": "string"
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
404User not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PATCH "https://admin-dev.getcovo.com/api/consumers/me" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"firstName\": null,
  \"lastName\": null,
  \"phone\": null,
  \"languageCode\": null,
  \"displayCurrency\": null,
  \"homeCountryCode\": null,
  \"travelProfile\": null,
  \"address\": null
}"

Dashboards

9 endpoints
GET/dashboards/layout
Auth requireddashboards.view

Load the current dashboard layout

Returns the saved widget layout together with the widgets the current user is allowed to place. Requires features: dashboards.view

Responses

200Current dashboard layout and available widgets.
Content-Type: application/json
{
  "layout": {
    "items": [
      {
        "id": "00000000-0000-4000-8000-000000000000",
        "widgetId": "string",
        "order": 1
      }
    ]
  },
  "allowedWidgetIds": [
    "string"
  ],
  "canConfigure": true,
  "context": {
    "userId": "00000000-0000-4000-8000-000000000000",
    "tenantId": null,
    "organizationId": null,
    "userName": null,
    "userEmail": null,
    "userLabel": "string"
  },
  "widgets": [
    {
      "id": "string",
      "title": "string",
      "description": null,
      "defaultSize": "sm",
      "defaultEnabled": true,
      "defaultSettings": null,
      "features": [
        "string"
      ],
      "moduleId": "string",
      "icon": null,
      "loaderKey": "string",
      "supportsRefresh": true
    }
  ]
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/dashboards/layout" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/dashboards/layout
Auth requireddashboards.configure

Persist dashboard layout changes

Saves the provided widget ordering, sizes, and settings for the current user. Requires features: dashboards.configure

Request body (application/json)

{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "widgetId": "string",
      "order": 1
    }
  ]
}

Responses

200Layout updated successfully.
Content-Type: application/json
{
  "ok": true
}
400Invalid layout payload
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/dashboards/layout" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"items\": [
    {
      \"id\": \"00000000-0000-4000-8000-000000000000\",
      \"widgetId\": \"string\",
      \"order\": 1
    }
  ]
}"
PATCH/dashboards/layout/{itemId}
Auth requireddashboards.configure

Update a dashboard layout item

Adjusts the size or settings for a single widget within the dashboard layout. Requires features: dashboards.configure

Parameters

NameInRequiredSchemaDescription
itemIdpathYesstring

Request body (application/json)

{}

Responses

200Layout item updated.
Content-Type: application/json
{
  "ok": true
}
400Invalid payload or missing item id
Content-Type: application/json
{
  "error": "string"
}
404Item not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PATCH "https://admin-dev.getcovo.com/api/dashboards/layout/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{}"
GET/dashboards/roles/widgets
Auth requireddashboards.admin.assign-widgets

Fetch widget assignments for a role

Returns the widgets explicitly assigned to the given role together with the evaluation scope. Requires features: dashboards.admin.assign-widgets

Parameters

NameInRequiredSchemaDescription
roleIdqueryYesstring
tenantIdqueryNostring
organizationIdqueryNostring

Responses

200Current widget configuration for the role.
Content-Type: application/json
{
  "widgetIds": [
    "string"
  ],
  "hasCustom": true,
  "scope": {
    "tenantId": null,
    "organizationId": null
  }
}
400Missing role identifier
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/dashboards/roles/widgets?roleId=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/dashboards/roles/widgets
Auth requireddashboards.admin.assign-widgets

Update widgets assigned to a role

Persists the widget list for a role within the provided tenant and organization scope. Requires features: dashboards.admin.assign-widgets

Request body (application/json)

{
  "roleId": "00000000-0000-4000-8000-000000000000",
  "tenantId": null,
  "organizationId": null,
  "widgetIds": [
    "string"
  ]
}

Responses

200Widgets updated successfully.
Content-Type: application/json
{
  "ok": true,
  "widgetIds": [
    "string"
  ]
}
400Invalid payload or unknown widgets
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/dashboards/roles/widgets" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"roleId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": null,
  \"organizationId\": null,
  \"widgetIds\": [
    \"string\"
  ]
}"
GET/dashboards/users/widgets
Auth requireddashboards.admin.assign-widgets

Read widget overrides for a user

Returns the widgets inherited and explicitly configured for the requested user within the current scope. Requires features: dashboards.admin.assign-widgets

Parameters

NameInRequiredSchemaDescription
userIdqueryYesstring
tenantIdqueryNostring
organizationIdqueryNostring

Responses

200Widget settings for the user.
Content-Type: application/json
{
  "mode": "inherit",
  "widgetIds": [
    "string"
  ],
  "hasCustom": true,
  "effectiveWidgetIds": [
    "string"
  ],
  "scope": {
    "tenantId": null,
    "organizationId": null
  }
}
400Missing user identifier
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/dashboards/users/widgets?userId=00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PUT/dashboards/users/widgets
Auth requireddashboards.admin.assign-widgets

Update user-specific dashboard widgets

Sets the widget override mode and allowed widgets for a user. Passing `mode: inherit` clears overrides. Requires features: dashboards.admin.assign-widgets

Request body (application/json)

{
  "userId": "00000000-0000-4000-8000-000000000000",
  "tenantId": null,
  "organizationId": null,
  "mode": "inherit",
  "widgetIds": [
    "string"
  ]
}

Responses

200Overrides saved.
Content-Type: application/json
{
  "ok": true,
  "mode": "inherit",
  "widgetIds": [
    "string"
  ]
}
400Invalid payload or unknown widgets
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/dashboards/users/widgets" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"userId\": \"00000000-0000-4000-8000-000000000000\",
  \"tenantId\": null,
  \"organizationId\": null,
  \"mode\": \"inherit\",
  \"widgetIds\": [
    \"string\"
  ]
}"
GET/dashboards/widgets/catalog
Auth requireddashboards.admin.assign-widgets

List available dashboard widgets

Returns the catalog of widgets that modules expose, including defaults and feature requirements. Requires features: dashboards.admin.assign-widgets

Responses

200Widgets available for assignment.
Content-Type: application/json
{
  "items": [
    {
      "id": "string",
      "title": "string",
      "description": null,
      "defaultSize": "sm",
      "defaultEnabled": true,
      "defaultSettings": null,
      "features": [
        "string"
      ],
      "moduleId": "string",
      "icon": null,
      "loaderKey": "string",
      "supportsRefresh": true
    }
  ]
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/dashboards/widgets/catalog" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/dashboards/widgets/data
Auth requiredanalytics.view

Fetch aggregated data for dashboard widgets

Executes an aggregation query against the specified entity type and returns the result. Supports date range filtering, grouping, and period-over-period comparison. Requires features: analytics.view

Request body (application/json)

{
  "entityType": "string",
  "metric": {
    "field": "string",
    "aggregate": "count"
  }
}

Responses

200Aggregated data for the widget.
Content-Type: application/json
{
  "value": null,
  "data": [
    {
      "value": null
    }
  ],
  "metadata": {
    "fetchedAt": "string",
    "recordCount": 1
  }
}
400Invalid request payload
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/dashboards/widgets/data" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityType\": \"string\",
  \"metric\": {
    \"field\": \"string\",
    \"aggregate\": \"count\"
  }
}"

Dictionaries

9 endpoints
GET/dictionaries
Auth requireddictionaries.view

List dictionaries

Returns dictionaries accessible to the current organization, optionally including inactive records. Requires features: dictionaries.view

Parameters

NameInRequiredSchemaDescription
includeInactivequeryNostring

Responses

200Dictionary collection.
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "key": "string",
      "name": "string",
      "description": null,
      "isSystem": true,
      "isActive": true,
      "managerVisibility": null,
      "organizationId": null,
      "createdAt": "string",
      "updatedAt": null
    }
  ]
}
500Failed to load dictionaries
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/dictionaries" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/dictionaries
Auth requireddictionaries.manage

Create dictionary

Registers a dictionary scoped to the current organization. Requires features: dictionaries.manage

Request body (application/json)

{
  "key": "string",
  "name": "string"
}

Responses

201Dictionary created.
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "key": "string",
  "name": "string",
  "description": null,
  "isSystem": true,
  "isActive": true,
  "managerVisibility": null,
  "organizationId": null,
  "createdAt": "string",
  "updatedAt": null
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}
409Dictionary key already exists
Content-Type: application/json
{
  "error": "string"
}
500Failed to create dictionary
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/dictionaries" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"key\": \"string\",
  \"name\": \"string\"
}"
GET/dictionaries/{dictionaryId}
Auth requireddictionaries.view

Get dictionary

Returns details for the specified dictionary, including inheritance flags. Requires features: dictionaries.view

Parameters

NameInRequiredSchemaDescription
dictionaryIdpathYesstring

Responses

200Dictionary details.
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "key": "string",
  "name": "string",
  "description": null,
  "isSystem": true,
  "isActive": true,
  "managerVisibility": null,
  "organizationId": null,
  "createdAt": "string",
  "updatedAt": null
}
400Invalid parameters
Content-Type: application/json
{
  "error": "string"
}
404Dictionary not found
Content-Type: application/json
{
  "error": "string"
}
500Failed to load dictionary
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/dictionaries/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
PATCH/dictionaries/{dictionaryId}
Auth requireddictionaries.manage

Update dictionary

Updates mutable attributes of the dictionary. Currency dictionaries are protected from modification. Requires features: dictionaries.manage

Parameters

NameInRequiredSchemaDescription
dictionaryIdpathYesstring

Request body (application/json)

{}

Responses

200Dictionary updated.
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "key": "string",
  "name": "string",
  "description": null,
  "isSystem": true,
  "isActive": true,
  "managerVisibility": null,
  "organizationId": null,
  "createdAt": "string",
  "updatedAt": null
}
400Validation failed or protected dictionary
Content-Type: application/json
{
  "error": "string"
}
404Dictionary not found
Content-Type: application/json
{
  "error": "string"
}
409Dictionary key already exists
Content-Type: application/json
{
  "error": "string"
}
500Failed to update dictionary
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PATCH "https://admin-dev.getcovo.com/api/dictionaries/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{}"
DELETE/dictionaries/{dictionaryId}
Auth requireddictionaries.manage

Delete dictionary

Soft deletes the dictionary unless it is the protected currency dictionary. Requires features: dictionaries.manage

Parameters

NameInRequiredSchemaDescription
dictionaryIdpathYesstring

Responses

200Dictionary archived.
Content-Type: application/json
{
  "ok": true
}
400Protected dictionary cannot be deleted
Content-Type: application/json
{
  "error": "string"
}
404Dictionary not found
Content-Type: application/json
{
  "error": "string"
}
500Failed to delete dictionary
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/dictionaries/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/dictionaries/{dictionaryId}/entries
Auth requireddictionaries.view

List dictionary entries

Returns entries for the specified dictionary ordered alphabetically. Requires features: dictionaries.view

Parameters

NameInRequiredSchemaDescription
dictionaryIdpathYesstring

Responses

200Dictionary entries.
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "value": "string",
      "label": "string",
      "color": null,
      "icon": null,
      "createdAt": "string",
      "updatedAt": null
    }
  ]
}
400Invalid parameters
Content-Type: application/json
{
  "error": "string"
}
404Dictionary not found
Content-Type: application/json
{
  "error": "string"
}
500Failed to load dictionary entries
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/dictionaries/00000000-0000-4000-8000-000000000000/entries" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/dictionaries/{dictionaryId}/entries
Auth requireddictionaries.manage

Create dictionary entry

Creates a new entry in the specified dictionary. Requires features: dictionaries.manage

Parameters

NameInRequiredSchemaDescription
dictionaryIdpathYesstring

Request body (application/json)

{
  "value": "string",
  "color": null,
  "icon": null
}

Responses

201Dictionary entry created.
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "value": "string",
  "label": "string",
  "color": null,
  "icon": null,
  "createdAt": "string",
  "updatedAt": null
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}
404Dictionary not found
Content-Type: application/json
{
  "error": "string"
}
500Failed to create dictionary entry
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/dictionaries/00000000-0000-4000-8000-000000000000/entries" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"value\": \"string\",
  \"color\": null,
  \"icon\": null
}"
PATCH/dictionaries/{dictionaryId}/entries/{entryId}
Auth requireddictionaries.manage

Update dictionary entry

Updates the specified dictionary entry using the command bus pipeline. Requires features: dictionaries.manage

Parameters

NameInRequiredSchemaDescription
dictionaryIdpathYesstring
entryIdpathYesstring

Request body (application/json)

{
  "color": null,
  "icon": null
}

Responses

200Dictionary entry updated.
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000",
  "value": "string",
  "label": "string",
  "color": null,
  "icon": null,
  "createdAt": "string",
  "updatedAt": null
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}
404Dictionary or entry not found
Content-Type: application/json
{
  "error": "string"
}
500Failed to update entry
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PATCH "https://admin-dev.getcovo.com/api/dictionaries/00000000-0000-4000-8000-000000000000/entries/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"color\": null,
  \"icon\": null
}"
DELETE/dictionaries/{dictionaryId}/entries/{entryId}
Auth requireddictionaries.manage

Delete dictionary entry

Deletes the specified dictionary entry via the command bus. Requires features: dictionaries.manage

Parameters

NameInRequiredSchemaDescription
dictionaryIdpathYesstring
entryIdpathYesstring

Responses

200Entry deleted.
Content-Type: application/json
{
  "ok": true
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}
404Dictionary or entry not found
Content-Type: application/json
{
  "error": "string"
}
500Failed to delete entry
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/dictionaries/00000000-0000-4000-8000-000000000000/entries/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Directory

9 endpoints
GET/directory/organization-switcher
Auth required

Load organization switcher menu

Returns the hierarchical menu of organizations the current user may switch to within the active tenant.

Responses

200Organization switcher payload.
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "depth": 1,
      "selectable": true,
      "children": []
    }
  ],
  "selectedId": null,
  "canManage": true,
  "tenantId": null,
  "tenants": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "isActive": true
    }
  ],
  "isSuperAdmin": true
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/directory/organization-switcher" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/directory/organizations
Auth requireddirectory.organizations.view

List organizations

Returns organizations using options, tree, or paginated manage view depending on the `view` parameter. Requires features: directory.organizations.view

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
viewqueryNostring
idsqueryNostring
tenantIdqueryNostring
includeInactivequeryNostring
statusqueryNostring

Responses

200Organization data for the requested view.
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "parentId": null,
      "parentName": null,
      "tenantId": null,
      "tenantName": null,
      "rootId": null,
      "treePath": null
    }
  ]
}
400Invalid query or tenant scope
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/directory/organizations?page=1&pageSize=50&view=options" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/directory/organizations
Auth requireddirectory.organizations.manage

Create organization

Creates a new organization within a tenant and optionally assigns hierarchy relationships. Requires features: directory.organizations.manage

Request body (application/json)

{
  "name": "string",
  "parentId": null
}

Responses

201Organization created.
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000"
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/directory/organizations" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"name\": \"string\",
  \"parentId\": null
}"
PUT/directory/organizations
Auth requireddirectory.organizations.manage

Update organization

Updates organization details and hierarchy assignments. Requires features: directory.organizations.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000",
  "parentId": null
}

Responses

200Organization updated.
Content-Type: application/json
{
  "ok": true
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/directory/organizations" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\",
  \"parentId\": null
}"
DELETE/directory/organizations
Auth requireddirectory.organizations.manage

Delete organization

Soft deletes an organization identified by id. Requires features: directory.organizations.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Organization deleted.
Content-Type: application/json
{
  "ok": true
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/directory/organizations" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/directory/tenants
Auth requireddirectory.tenants.view

List tenants

Returns tenants visible to the current user with optional search and pagination. Requires features: directory.tenants.view

Parameters

NameInRequiredSchemaDescription
idqueryNostring
pagequeryNonumber
pageSizequeryNonumber
searchqueryNostring
sortFieldqueryNostring
sortDirqueryNostring
isActivequeryNostring

Responses

200Paged list of tenants.
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "name": "string",
      "isActive": true,
      "createdAt": null,
      "updatedAt": null
    }
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}
400Invalid query parameters
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/directory/tenants?page=1&pageSize=50" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/directory/tenants
Auth requireddirectory.tenants.manage

Create tenant

Creates a new tenant and returns its identifier. Requires features: directory.tenants.manage

Request body (application/json)

{
  "name": "string"
}

Responses

201Tenant created.
Content-Type: application/json
{
  "id": "00000000-0000-4000-8000-000000000000"
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/directory/tenants" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"name\": \"string\"
}"
PUT/directory/tenants
Auth requireddirectory.tenants.manage

Update tenant

Updates tenant properties such as name or activation state. Requires features: directory.tenants.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Tenant updated.
Content-Type: application/json
{
  "ok": true
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/directory/tenants" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"
DELETE/directory/tenants
Auth requireddirectory.tenants.manage

Delete tenant

Soft deletes the tenant identified by id. Requires features: directory.tenants.manage

Request body (application/json)

{
  "id": "00000000-0000-4000-8000-000000000000"
}

Responses

200Tenant removed.
Content-Type: application/json
{
  "ok": true
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/directory/tenants" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"00000000-0000-4000-8000-000000000000\"
}"

Entities

17 endpoints
GET/entities/definitions
Auth required

List active custom field definitions

Returns active custom field definitions for the supplied entity ids, respecting tenant scope and tombstones.

Parameters

NameInRequiredSchemaDescription
entityIdqueryNoany
entityIdsqueryNostring
fieldsetqueryNostring

Responses

200Definition list
Content-Type: application/json
{
  "items": [
    {
      "key": "string",
      "kind": "string",
      "label": "string",
      "entityId": "string"
    }
  ]
}
400Missing entity id
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/entities/definitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/entities/definitions
Auth requiredentities.definitions.manage

Upsert custom field definition

Creates or updates a custom field definition for the current tenant/org scope. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string",
  "key": "string",
  "kind": "text"
}

Responses

200Definition saved
Content-Type: application/json
{
  "ok": true,
  "item": {
    "id": "00000000-0000-4000-8000-000000000000",
    "key": "string",
    "kind": "string",
    "configJson": {}
  }
}
400Validation failed
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/entities/definitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\",
  \"key\": \"string\",
  \"kind\": \"text\"
}"
DELETE/entities/definitions
Auth requiredentities.definitions.manage

Soft delete custom field definition

Marks the specified definition inactive and tombstones it for the current scope. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string",
  "key": "string"
}

Responses

200Definition deleted
Content-Type: application/json
{
  "ok": true
}
400Missing entity id or key
Content-Type: application/json
{
  "error": "string"
}
404Definition not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/entities/definitions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\",
  \"key\": \"string\"
}"
POST/entities/definitions.batch
Auth requiredentities.definitions.manage

Save multiple custom field definitions

Creates or updates multiple definitions for a single entity in one transaction. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string",
  "definitions": [
    {
      "key": "string",
      "kind": "text"
    }
  ]
}

Responses

200Definitions saved
Content-Type: application/json
{
  "ok": true
}
400Validation error
Content-Type: application/json
{
  "error": "string"
}
500Unexpected failure
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/entities/definitions.batch" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\",
  \"definitions\": [
    {
      \"key\": \"string\",
      \"kind\": \"text\"
    }
  ]
}"
GET/entities/definitions.manage
Auth requiredentities.definitions.manage

Get management snapshot

Returns scoped custom field definitions (including inactive tombstones) for administration interfaces. Requires features: entities.definitions.manage

Parameters

NameInRequiredSchemaDescription
entityIdqueryYesstring

Responses

200Scoped definitions and deleted keys
Content-Type: application/json
{
  "items": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "key": "string",
      "kind": "string",
      "configJson": null,
      "organizationId": null,
      "tenantId": null
    }
  ],
  "deletedKeys": [
    "string"
  ]
}
400Missing entity id
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/entities/definitions.manage?entityId=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/entities/definitions.restore
Auth requiredentities.definitions.manage

Restore definition

Reactivates a previously soft-deleted definition within the current tenant/org scope. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string",
  "key": "string"
}

Responses

200Definition restored
Content-Type: application/json
{
  "ok": true
}
400Missing entity id or key
Content-Type: application/json
{
  "error": "string"
}
404Definition not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/entities/definitions.restore" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\",
  \"key\": \"string\"
}"
GET/entities/encryption
Auth requiredentities.definitions.manage

Fetch encryption map

Returns the encrypted field map for the current tenant/organization scope. Requires features: entities.definitions.manage

Parameters

NameInRequiredSchemaDescription
entityIdqueryYesstring

Responses

200Map
Content-Type: application/json
{
  "entityId": "string",
  "fields": [
    {
      "field": "string",
      "hashField": null
    }
  ]
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/entities/encryption?entityId=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/entities/encryption
Auth requiredentities.definitions.manage

Upsert encryption map

Creates or updates the encryption map for the current tenant/organization scope. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string",
  "tenantId": null,
  "organizationId": null,
  "fields": [
    {
      "field": "string",
      "hashField": null
    }
  ]
}

Responses

200Saved
Content-Type: application/json
{
  "ok": true
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/entities/encryption" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\",
  \"tenantId\": null,
  \"organizationId\": null,
  \"fields\": [
    {
      \"field\": \"string\",
      \"hashField\": null
    }
  ]
}"
GET/entities/entities
Auth required

List available entities

Returns generated and custom entities scoped to the caller with field counts per entity.

Responses

200List of entities
Content-Type: application/json
{
  "items": [
    {
      "entityId": "string",
      "source": "code",
      "label": "string",
      "count": 1
    }
  ]
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/entities/entities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/entities/entities
Auth requiredentities.definitions.manage

Upsert custom entity

Creates or updates a tenant/org scoped custom entity definition. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string",
  "label": "string",
  "description": null,
  "showInSidebar": false
}

Responses

200Entity saved
Content-Type: application/json
{
  "ok": true,
  "item": {
    "id": "00000000-0000-4000-8000-000000000000",
    "entityId": "string",
    "label": "string"
  }
}
400Validation error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/entities/entities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\",
  \"label\": \"string\",
  \"description\": null,
  \"showInSidebar\": false
}"
DELETE/entities/entities
Auth requiredentities.definitions.manage

Soft delete custom entity

Marks the specified custom entity inactive within the current scope. Requires features: entities.definitions.manage

Request body (application/json)

{
  "entityId": "string"
}

Responses

200Entity deleted
Content-Type: application/json
{
  "ok": true
}
400Missing entity id
Content-Type: application/json
{
  "error": "string"
}
404Entity not found in scope
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/entities/entities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\"
}"
GET/entities/records
Auth requiredentities.records.view

List records

Returns paginated records for the supplied entity. Supports custom field filters, exports, and soft-delete toggles. Requires features: entities.records.view

Parameters

NameInRequiredSchemaDescription
entityIdqueryYesstring
pagequeryNonumber
pageSizequeryNonumber
sortFieldqueryNostring
sortDirqueryNostring
withDeletedqueryNoboolean
formatqueryNostring
exportScopequeryNostring
export_scopequeryNostring
allqueryNoboolean
fullqueryNoboolean

Responses

200Paginated records
Content-Type: application/json
{
  "items": [
    {}
  ],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}
400Missing entity id
Content-Type: application/json
{
  "error": "string"
}
500Unexpected failure
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/entities/records?entityId=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/entities/records
Auth requiredentities.records.manage

Create record

Creates a record for the given entity. When `recordId` is omitted or not a UUID the data engine will generate one automatically. Requires features: entities.records.manage

Request body (application/json)

{
  "entityId": "string",
  "values": {}
}

Responses

200Record created
Content-Type: application/json
{
  "ok": true
}
400Validation failure
Content-Type: application/json
{
  "error": "string"
}
500Unexpected failure
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/entities/records" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\",
  \"values\": {}
}"
PUT/entities/records
Auth requiredentities.records.manage

Update record

Updates an existing record. If the provided recordId is not a UUID the record will be created instead to support optimistic flows. Requires features: entities.records.manage

Request body (application/json)

{
  "entityId": "string",
  "recordId": "string",
  "values": {}
}

Responses

200Record updated
Content-Type: application/json
{
  "ok": true
}
400Validation failure
Content-Type: application/json
{
  "error": "string"
}
500Unexpected failure
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/entities/records" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\",
  \"recordId\": \"string\",
  \"values\": {}
}"
DELETE/entities/records
Auth requiredentities.records.manage

Delete record

Soft deletes the specified record within the current tenant/org scope. Requires features: entities.records.manage

Request body (application/json)

{
  "entityId": "string",
  "recordId": "string"
}

Responses

200Record deleted
Content-Type: application/json
{
  "ok": true
}
400Missing entity id or record id
Content-Type: application/json
{
  "error": "string"
}
404Record not found
Content-Type: application/json
{
  "error": "string"
}
500Unexpected failure
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/entities/records" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityId\": \"string\",
  \"recordId\": \"string\"
}"
GET/entities/relations/options
Auth requiredentities.definitions.view

List relation options

Returns up to 50 option entries for populating relation dropdowns, automatically resolving label fields when omitted. Requires features: entities.definitions.view

Parameters

NameInRequiredSchemaDescription
entityIdqueryYesstring
labelFieldqueryNostring
qqueryNostring

Responses

200Option list
Content-Type: application/json
{
  "items": [
    {
      "value": "string",
      "label": "string"
    }
  ]
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/entities/relations/options?entityId=string" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
GET/entities/sidebar-entities
Auth required

Get sidebar entities

Returns custom entities flagged with `showInSidebar` for the current tenant/org scope.

Responses

200Sidebar entities for navigation
Content-Type: application/json
{
  "items": [
    {
      "entityId": "string",
      "label": "string",
      "href": "string"
    }
  ]
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/entities/sidebar-entities" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Webhooks

1 endpoints
POST/esims/webhooks/1global

Receive 1Global event notifications

Public endpoint secured by Basic Authentication. Handles eSIM lifecycle events from 1Global Connect API.

Request body (application/json)

{
  "id": "string",
  "type": "string"
}

Responses

200Event received and processed
Content-Type: application/json
{}
400Invalid payload
Content-Type: application/json
{}
401Authentication failed
Content-Type: application/json
{}
413Payload too large
Content-Type: application/json
{}
500Processing failed
Content-Type: application/json
{}

Example

curl -X POST "https://admin-dev.getcovo.com/api/esims/webhooks/1global" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d "{
  \"id\": \"string\",
  \"type\": \"string\"
}"

Query Index

3 endpoints
POST/query_index/purge
Auth requiredquery_index.purge

Purge query index records

Queues a purge job to remove indexed records for an entity type within the active scope. Requires features: query_index.purge

Request body (application/json)

{
  "entityType": "string"
}

Responses

200Purge job accepted.
Content-Type: application/json
{
  "ok": true
}
400Missing entity type
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/query_index/purge" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityType\": \"string\"
}"
POST/query_index/reindex
Auth requiredquery_index.reindex

Trigger query index rebuild

Queues a reindex job for the specified entity type within the current tenant scope. Requires features: query_index.reindex

Request body (application/json)

{
  "entityType": "string"
}

Responses

200Reindex job accepted.
Content-Type: application/json
{
  "ok": true
}
400Missing entity type
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/query_index/reindex" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"entityType\": \"string\"
}"
GET/query_index/status
Auth requiredquery_index.status.view

Inspect query index coverage

Returns entity counts comparing base tables with the query index along with the latest job status. Requires features: query_index.status.view

Responses

200Current query index status.
Content-Type: application/json
{
  "items": [
    {
      "entityId": "string",
      "label": "string",
      "baseCount": null,
      "indexCount": null,
      "vectorCount": null,
      "ok": true,
      "job": {
        "status": "idle",
        "startedAt": null,
        "finishedAt": null,
        "heartbeatAt": null,
        "processedCount": null,
        "totalCount": null,
        "scope": null
      }
    }
  ],
  "errors": [
    {
      "id": "string",
      "source": "string",
      "handler": "string",
      "entityType": null,
      "recordId": null,
      "tenantId": null,
      "organizationId": null,
      "message": "string",
      "stack": null,
      "payload": null,
      "occurredAt": "string"
    }
  ],
  "logs": [
    {
      "id": "string",
      "source": "string",
      "handler": "string",
      "level": "info",
      "entityType": null,
      "recordId": null,
      "tenantId": null,
      "organizationId": null,
      "message": "string",
      "details": null,
      "occurredAt": "string"
    }
  ]
}
400Tenant or organization context required
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/query_index/status" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"

Wallet Admin

4 endpoints
GET/wallet/admin/wallets
Auth requiredwallet.admin.list

List all wallets

Returns paginated list of all wallets with optional type filter. Requires features: wallet.admin.list

Parameters

NameInRequiredSchemaDescription
idqueryNostring
searchqueryNostring
typequeryNostring
limitqueryNonumber
offsetqueryNonumber

Responses

200Wallet list
Content-Type: application/json
{
  "wallets": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "userId": "00000000-0000-4000-8000-000000000000",
      "userEmail": "string",
      "userName": null,
      "type": "standard",
      "balance": {
        "amount": 1,
        "currency": "string"
      },
      "lastTransactionAt": null
    }
  ],
  "total": 1
}
400Invalid query
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/wallet/admin/wallets?limit=20&offset=0" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/wallet/admin/wallets
Auth requiredwallet.admin.create

Create wallets for user

Creates standard and bonus wallets for a user. Idempotent — returns existing wallets if already created. Requires features: wallet.admin.create

Request body (application/json)

{
  "userId": "00000000-0000-4000-8000-000000000000"
}

Responses

201Wallets created
Content-Type: application/json
{
  "standardId": "00000000-0000-4000-8000-000000000000",
  "bonusId": "00000000-0000-4000-8000-000000000000"
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/wallet/admin/wallets" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"userId\": \"00000000-0000-4000-8000-000000000000\"
}"
GET/wallet/admin/wallets/{id}/transactions
Auth requiredwallet.admin.list

List wallet transactions

Returns paginated list of transactions for a specific wallet. Requires features: wallet.admin.list

Parameters

NameInRequiredSchemaDescription
idpathYesstring
typequeryNostring
limitqueryNonumber
offsetqueryNonumber

Responses

200Transaction list
Content-Type: application/json
{
  "transactions": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "type": "credit",
      "amount": {
        "amount": 1,
        "currency": "string"
      },
      "description": "string",
      "referenceType": "top_up",
      "referenceId": null,
      "createdAt": "string"
    }
  ],
  "total": 1
}
400Invalid query
Content-Type: application/json
{
  "error": "string"
}
404Wallet not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/wallet/admin/wallets/00000000-0000-4000-8000-000000000000/transactions?limit=20&offset=0" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>"
POST/wallet/admin/wallets/{id}/transactions
Auth requiredwallet.admin.adjust

Create manual wallet adjustment

Credits or debits a wallet manually for support/adjustment purposes. Requires features: wallet.admin.adjust

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Request body (application/json)

{
  "type": "credit",
  "amountEuroCents": 1,
  "reason": "string"
}

Responses

200Transaction created
Content-Type: application/json
{
  "transactionId": "00000000-0000-4000-8000-000000000000",
  "newBalance": {
    "amount": 1,
    "currency": "string"
  }
}
400Invalid payload
Content-Type: application/json
{
  "error": "string"
}
404Wallet not found
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/wallet/admin/wallets/00000000-0000-4000-8000-000000000000/transactions" \
  -H "Accept: application/json" \
  -H "authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d "{
  \"type\": \"credit\",
  \"amountEuroCents\": 1,
  \"reason\": \"string\"
}"

Workflows

21 endpoints
GET/workflows/definitions

List workflow definitions

Get a list of workflow definitions with optional filters. Supports pagination and search.

Parameters

NameInRequiredSchemaDescription
workflowIdqueryYesstring
enabledqueryNoboolean
searchqueryNostring
limitqueryNonumber
offsetqueryNonumber

Responses

200List of workflow definitions with pagination
Content-Type: application/json
{
  "data": [
    {
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "workflowId": "checkout-flow",
      "workflowName": "Checkout Flow",
      "description": "Complete checkout workflow for processing orders",
      "version": 1,
      "definition": {
        "steps": [
          {
            "stepId": "start",
            "stepName": "Start",
            "stepType": "START"
          },
          {
            "stepId": "validate-cart",
            "stepName": "Validate Cart",
            "stepType": "AUTOMATED"
          },
          {
            "stepId": "end",
            "stepName": "End",
            "stepType": "END"
          }
        ],
        "transitions": [
          {
            "transitionId": "start-to-validate",
            "fromStepId": "start",
            "toStepId": "validate-cart",
            "trigger": "auto"
          },
          {
            "transitionId": "validate-to-end",
            "fromStepId": "validate-cart",
            "toStepId": "end",
            "trigger": "auto"
          }
        ]
      },
      "enabled": true,
      "tenantId": "123e4567-e89b-12d3-a456-426614174001",
      "organizationId": "123e4567-e89b-12d3-a456-426614174002",
      "createdAt": "2025-12-08T10:00:00.000Z",
      "updatedAt": "2025-12-08T10:00:00.000Z"
    }
  ],
  "pagination": {
    "total": 1,
    "limit": 50,
    "offset": 0,
    "hasMore": false
  }
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/workflows/definitions?workflowId=string&limit=50&offset=0" \
  -H "Accept: application/json"
POST/workflows/definitions

Create workflow definition

Create a new workflow definition. The definition must include at least START and END steps with at least one transition connecting them.

Request body (application/json)

{
  "workflowId": "checkout-flow",
  "workflowName": "Checkout Flow",
  "description": "Complete checkout workflow for processing orders",
  "version": 1,
  "definition": {
    "steps": [
      {
        "stepId": "start",
        "stepName": "Start",
        "stepType": "START"
      },
      {
        "stepId": "validate-cart",
        "stepName": "Validate Cart",
        "stepType": "AUTOMATED",
        "description": "Validate cart items and check inventory"
      },
      {
        "stepId": "payment",
        "stepName": "Process Payment",
        "stepType": "AUTOMATED",
        "description": "Charge payment method",
        "retryPolicy": {
          "maxAttempts": 3,
          "backoffMs": 1000
        }
      },
      {
        "stepId": "end",
        "stepName": "End",
        "stepType": "END"
      }
    ],
    "transitions": [
      {
        "transitionId": "start-to-validate",
        "fromStepId": "start",
        "toStepId": "validate-cart",
        "trigger": "auto"
      },
      {
        "transitionId": "validate-to-payment",
        "fromStepId": "validate-cart",
        "toStepId": "payment",
        "trigger": "auto"
      },
      {
        "transitionId": "payment-to-end",
        "fromStepId": "payment",
        "toStepId": "end",
        "trigger": "auto",
        "activities": [
          {
            "activityName": "Send Order Confirmation",
            "activityType": "SEND_EMAIL",
            "config": {
              "to": "{{context.customerEmail}}",
              "subject": "Order Confirmation #{{context.orderId}}",
              "template": "order_confirmation"
            }
          }
        ]
      }
    ]
  },
  "enabled": true
}

Responses

201Workflow definition created successfully
Content-Type: application/json
{
  "data": {
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "workflowId": "checkout-flow",
    "workflowName": "Checkout Flow",
    "description": "Complete checkout workflow for processing orders",
    "version": 1,
    "definition": {
      "steps": [
        {
          "stepId": "start",
          "stepName": "Start",
          "stepType": "START"
        },
        {
          "stepId": "validate-cart",
          "stepName": "Validate Cart",
          "stepType": "AUTOMATED"
        },
        {
          "stepId": "payment",
          "stepName": "Process Payment",
          "stepType": "AUTOMATED"
        },
        {
          "stepId": "end",
          "stepName": "End",
          "stepType": "END"
        }
      ],
      "transitions": [
        {
          "transitionId": "start-to-validate",
          "fromStepId": "start",
          "toStepId": "validate-cart",
          "trigger": "auto"
        },
        {
          "transitionId": "validate-to-payment",
          "fromStepId": "validate-cart",
          "toStepId": "payment",
          "trigger": "auto"
        },
        {
          "transitionId": "payment-to-end",
          "fromStepId": "payment",
          "toStepId": "end",
          "trigger": "auto"
        }
      ]
    },
    "enabled": true,
    "tenantId": "123e4567-e89b-12d3-a456-426614174001",
    "organizationId": "123e4567-e89b-12d3-a456-426614174002",
    "createdAt": "2025-12-08T10:00:00.000Z",
    "updatedAt": "2025-12-08T10:00:00.000Z"
  },
  "message": "Workflow definition created successfully"
}
400Validation error - invalid workflow structure
Content-Type: application/json
{
  "error": "Validation failed",
  "details": [
    {
      "code": "invalid_type",
      "message": "Workflow must have at least START and END steps",
      "path": [
        "definition",
        "steps"
      ]
    }
  ]
}
409Conflict - workflow with same ID and version already exists
Content-Type: application/json
{
  "error": "Workflow definition with ID \"checkout-flow\" and version 1 already exists"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/workflows/definitions" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d "{
  \"workflowId\": \"string\",
  \"workflowName\": \"string\",
  \"description\": null,
  \"version\": 1,
  \"definition\": {
    \"steps\": [
      {
        \"stepId\": \"string\",
        \"stepName\": \"string\",
        \"stepType\": \"START\"
      }
    ],
    \"transitions\": [
      {
        \"transitionId\": \"string\",
        \"fromStepId\": \"string\",
        \"toStepId\": \"string\",
        \"trigger\": \"auto\",
        \"continueOnActivityFailure\": true,
        \"priority\": 0
      }
    ]
  },
  \"metadata\": null,
  \"enabled\": true
}"
GET/workflows/definitions/{id}

Get workflow definition

Get a single workflow definition by ID. Returns the complete workflow structure including steps and transitions (with embedded activities).

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Workflow definition found
Content-Type: application/json
{
  "data": {
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "workflowId": "checkout-flow",
    "workflowName": "Checkout Flow",
    "description": "Complete checkout workflow for processing orders",
    "version": 1,
    "definition": {
      "steps": [
        {
          "stepId": "start",
          "stepName": "Start",
          "stepType": "START"
        },
        {
          "stepId": "validate-cart",
          "stepName": "Validate Cart",
          "stepType": "AUTOMATED",
          "description": "Validate cart items and check inventory"
        },
        {
          "stepId": "payment",
          "stepName": "Process Payment",
          "stepType": "AUTOMATED",
          "description": "Charge payment method",
          "retryPolicy": {
            "maxAttempts": 3,
            "backoffMs": 1000
          }
        },
        {
          "stepId": "end",
          "stepName": "End",
          "stepType": "END"
        }
      ],
      "transitions": [
        {
          "transitionId": "start-to-validate",
          "fromStepId": "start",
          "toStepId": "validate-cart",
          "trigger": "auto"
        },
        {
          "transitionId": "validate-to-payment",
          "fromStepId": "validate-cart",
          "toStepId": "payment",
          "trigger": "auto"
        },
        {
          "transitionId": "payment-to-end",
          "fromStepId": "payment",
          "toStepId": "end",
          "trigger": "auto",
          "activities": [
            {
              "activityName": "Send Order Confirmation",
              "activityType": "SEND_EMAIL",
              "config": {
                "to": "{{context.customerEmail}}",
                "subject": "Order Confirmation #{{context.orderId}}",
                "template": "order_confirmation"
              }
            }
          ]
        }
      ]
    },
    "enabled": true,
    "tenantId": "123e4567-e89b-12d3-a456-426614174001",
    "organizationId": "123e4567-e89b-12d3-a456-426614174002",
    "createdAt": "2025-12-08T10:00:00.000Z",
    "updatedAt": "2025-12-08T10:00:00.000Z"
  }
}
404Workflow definition not found
Content-Type: application/json
{
  "error": "Workflow definition not found"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/workflows/definitions/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json"
PUT/workflows/definitions/{id}

Update workflow definition

Update an existing workflow definition. Supports partial updates - only provided fields will be updated.

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Request body (application/json)

{
  "definition": {
    "steps": [
      {
        "stepId": "start",
        "stepName": "Start",
        "stepType": "START"
      },
      {
        "stepId": "validate-cart",
        "stepName": "Validate Cart",
        "stepType": "AUTOMATED"
      },
      {
        "stepId": "payment",
        "stepName": "Process Payment",
        "stepType": "AUTOMATED"
      },
      {
        "stepId": "confirmation",
        "stepName": "Order Confirmation",
        "stepType": "AUTOMATED"
      },
      {
        "stepId": "end",
        "stepName": "End",
        "stepType": "END"
      }
    ],
    "transitions": [
      {
        "transitionId": "start-to-validate",
        "fromStepId": "start",
        "toStepId": "validate-cart",
        "trigger": "auto"
      },
      {
        "transitionId": "validate-to-payment",
        "fromStepId": "validate-cart",
        "toStepId": "payment",
        "trigger": "auto"
      },
      {
        "transitionId": "payment-to-confirmation",
        "fromStepId": "payment",
        "toStepId": "confirmation",
        "trigger": "auto"
      },
      {
        "transitionId": "confirmation-to-end",
        "fromStepId": "confirmation",
        "toStepId": "end",
        "trigger": "auto"
      }
    ]
  },
  "enabled": true
}

Responses

200Workflow definition updated successfully
Content-Type: application/json
{
  "data": {
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "workflowId": "checkout-flow",
    "workflowName": "Checkout Flow",
    "description": "Complete checkout workflow for processing orders",
    "version": 1,
    "definition": {
      "steps": [
        {
          "stepId": "start",
          "stepName": "Start",
          "stepType": "START"
        },
        {
          "stepId": "validate-cart",
          "stepName": "Validate Cart",
          "stepType": "AUTOMATED"
        },
        {
          "stepId": "payment",
          "stepName": "Process Payment",
          "stepType": "AUTOMATED"
        },
        {
          "stepId": "confirmation",
          "stepName": "Order Confirmation",
          "stepType": "AUTOMATED"
        },
        {
          "stepId": "end",
          "stepName": "End",
          "stepType": "END"
        }
      ],
      "transitions": [
        {
          "transitionId": "start-to-validate",
          "fromStepId": "start",
          "toStepId": "validate-cart",
          "trigger": "auto"
        },
        {
          "transitionId": "validate-to-payment",
          "fromStepId": "validate-cart",
          "toStepId": "payment",
          "trigger": "auto"
        },
        {
          "transitionId": "payment-to-confirmation",
          "fromStepId": "payment",
          "toStepId": "confirmation",
          "trigger": "auto"
        },
        {
          "transitionId": "confirmation-to-end",
          "fromStepId": "confirmation",
          "toStepId": "end",
          "trigger": "auto"
        }
      ]
    },
    "enabled": true,
    "tenantId": "123e4567-e89b-12d3-a456-426614174001",
    "organizationId": "123e4567-e89b-12d3-a456-426614174002",
    "createdAt": "2025-12-08T10:00:00.000Z",
    "updatedAt": "2025-12-08T11:30:00.000Z"
  },
  "message": "Workflow definition updated successfully"
}
400Validation error
Content-Type: application/json
{
  "error": "Validation failed",
  "details": [
    {
      "code": "invalid_type",
      "message": "Expected object, received string",
      "path": [
        "definition"
      ]
    }
  ]
}
404Workflow definition not found
Content-Type: application/json
{
  "error": "Workflow definition not found"
}

Example

curl -X PUT "https://admin-dev.getcovo.com/api/workflows/definitions/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d "{}"
DELETE/workflows/definitions/{id}

Delete workflow definition

Soft delete a workflow definition. Cannot be deleted if there are active workflow instances (RUNNING or WAITING status) using this definition.

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Workflow definition deleted successfully
Content-Type: application/json
{
  "message": "Workflow definition deleted successfully"
}
404Workflow definition not found
Content-Type: application/json
{
  "error": "Workflow definition not found"
}
409Cannot delete - active workflow instances exist
Content-Type: application/json
{
  "error": "Cannot delete workflow definition with 3 active instance(s)"
}

Example

curl -X DELETE "https://admin-dev.getcovo.com/api/workflows/definitions/00000000-0000-4000-8000-000000000000" \
  -H "Accept: application/json"
GET/workflows/events

List all workflow events

Get a paginated list of all workflow events with filtering options

Parameters

NameInRequiredSchemaDescription
pagequeryNonumber
pageSizequeryNonumber
eventTypequeryNostring
workflowInstanceIdqueryNostring
userIdqueryNostring
occurredAtFromqueryNostring
occurredAtToqueryNostring
sortFieldqueryNostring
sortDirqueryNostring

Responses

200List of workflow events
Content-Type: application/json
{
  "items": [],
  "total": 1,
  "page": 1,
  "pageSize": 1,
  "totalPages": 1
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
403Insufficient permissions
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/workflows/events?page=1&pageSize=50&sortField=occurredAt&sortDir=desc" \
  -H "Accept: application/json"
GET/workflows/events/{id}

Get workflow event by ID

Get detailed information about a specific workflow event

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Workflow event details
Content-Type: application/json
{
  "id": "string",
  "workflowInstanceId": "string",
  "stepInstanceId": null,
  "eventType": "string",
  "occurredAt": "string",
  "userId": null,
  "workflowInstance": null
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
403Insufficient permissions
Content-Type: application/json
{
  "error": "string"
}
404Workflow event not found
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/workflows/events/:id" \
  -H "Accept: application/json"
GET/workflows/instances

List workflow instances

Get a list of workflow instances with optional filters. Supports pagination and filtering by status, workflowId, correlationKey, etc.

Parameters

NameInRequiredSchemaDescription
workflowIdqueryNostring
statusqueryNostring
correlationKeyqueryNostring
entityTypequeryNostring
entityIdqueryNostring
limitqueryNonumber
offsetqueryNonumber

Responses

200List of workflow instances
Content-Type: application/json
{
  "data": [],
  "pagination": {
    "total": 1,
    "limit": 1,
    "offset": 1,
    "hasMore": true
  }
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/workflows/instances?limit=50&offset=0" \
  -H "Accept: application/json"
POST/workflows/instances

Start workflow instance

Start a new workflow instance from a workflow definition. The workflow will execute immediately.

Request body (application/json)

{
  "workflowId": "string"
}

Responses

201Workflow started successfully
Content-Type: application/json
{
  "data": {},
  "message": "string"
}
400Bad request - Validation failed or definition disabled/invalid
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
403Forbidden - Insufficient permissions
Content-Type: application/json
{
  "error": "string"
}
404Workflow definition not found
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/workflows/instances" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d "{
  \"workflowId\": \"string\"
}"
POST/workflows/instances/validate-start

Validate if workflow can be started

Evaluates pre-conditions defined on the START step and returns validation errors with localized messages if any fail. Returns canStart: true/false with details.

Request body (application/json)

{
  "workflowId": "string"
}

Responses

200Validation result (canStart, errors, validatedRules)
Content-Type: application/json
{
  "canStart": true,
  "workflowId": "string"
}
400Invalid request body or missing context
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/workflows/instances/validate-start" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d "{
  \"workflowId\": \"string\"
}"
GET/workflows/instances/{id}

Get workflow instance

Get detailed information about a specific workflow instance including current state, context, and execution status.

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Workflow instance details
Content-Type: application/json
{}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
404Workflow instance not found
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/workflows/instances/:id" \
  -H "Accept: application/json"
POST/workflows/instances/{id}/advance

Manually advance workflow to next step

Manually advance a workflow instance to the next step. Useful for manual progression, step-by-step testing, user-triggered transitions, and approval flows. Validates transitions and auto-progresses if possible.

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Request body (application/json)

{}

Responses

200Workflow advanced successfully
Content-Type: application/json
{
  "data": {
    "instance": {
      "id": "00000000-0000-4000-8000-000000000000",
      "status": "string",
      "currentStepId": null,
      "previousStepId": null,
      "transitionFired": null
    }
  },
  "message": "string"
}
400Invalid request, no valid transitions, or workflow already completed/cancelled/failed
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
403Insufficient permissions
Content-Type: application/json
{
  "error": "string"
}
404Workflow instance not found
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/workflows/instances/:id/advance" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d "{}"
POST/workflows/instances/{id}/cancel

Cancel workflow instance

Cancel a running or paused workflow instance. The workflow will be marked as CANCELLED and will not execute further.

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Workflow cancelled successfully
Content-Type: application/json
{
  "message": "string"
}
400Bad request - Workflow cannot be cancelled in current status
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
403Forbidden - Insufficient permissions
Content-Type: application/json
{
  "error": "string"
}
404Workflow instance not found
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/workflows/instances/:id/cancel" \
  -H "Accept: application/json"
GET/workflows/instances/{id}/events

Get workflow instance events

Get a chronological list of events for a workflow instance. Events track all state changes, transitions, and activities.

Parameters

NameInRequiredSchemaDescription
idpathYesstring
eventTypequeryNostring
limitqueryNonumber
offsetqueryNonumber

Responses

200List of workflow events
Content-Type: application/json
{
  "data": [],
  "pagination": {
    "total": 1,
    "limit": 1,
    "offset": 1,
    "hasMore": true
  }
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
404Workflow instance not found
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/workflows/instances/:id/events?limit=100&offset=0" \
  -H "Accept: application/json"
POST/workflows/instances/{id}/retry

Retry failed workflow instance

Retry a failed workflow instance from its current step. The workflow will be reset to RUNNING status and execution will continue.

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Workflow retry initiated successfully
Content-Type: application/json
{
  "data": {},
  "message": "string"
}
400Bad request - Workflow cannot be retried in current status or execution error
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
403Forbidden - Insufficient permissions
Content-Type: application/json
{
  "error": "string"
}
404Workflow instance not found
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/workflows/instances/:id/retry" \
  -H "Accept: application/json"
POST/workflows/instances/{id}/signal

Send signal to specific workflow

Sends a signal to a specific workflow instance waiting for a signal. The workflow must be in PAUSED status and waiting for the specified signal.

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Request body (application/json)

{
  "signalName": "string"
}

Responses

200Signal sent successfully
Content-Type: application/json
{
  "success": true,
  "message": "string"
}
400Invalid request body or signal name mismatch
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
403Insufficient permissions
Content-Type: application/json
{
  "error": "string"
}
404Instance or definition not found
Content-Type: application/json
{
  "error": "string"
}
409Workflow not paused or not waiting for signal
Content-Type: application/json
{
  "error": "string"
}
500Internal server error or transition failed
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/workflows/instances/:id/signal" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d "{
  \"signalName\": \"string\"
}"
POST/workflows/signals

Send signal to workflows by correlation key

Sends a signal to all workflow instances waiting for the specified signal that match the correlation key. Returns the count of workflows that received the signal.

Request body (application/json)

{
  "correlationKey": "string",
  "signalName": "string"
}

Responses

200Signal sent to matching workflows
Content-Type: application/json
{
  "success": true,
  "message": "string",
  "count": 1
}
400Missing tenant or organization context
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
403Insufficient permissions
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/workflows/signals" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d "{
  \"correlationKey\": \"string\",
  \"signalName\": \"string\"
}"
GET/workflows/tasks

List user tasks

Returns paginated list of user tasks with optional filtering by status, assignee, workflow instance, overdue, and myTasks flags.

Parameters

NameInRequiredSchemaDescription
statusqueryNostringFilter by status (comma-separated for multiple: PENDING,IN_PROGRESS,COMPLETED,CANCELLED,ESCALATED)
assignedToqueryNostringFilter by assigned user ID
workflowInstanceIdqueryNostringFilter by workflow instance ID
overduequeryNobooleanFilter overdue tasks (true/false)
myTasksqueryNobooleanShow only tasks assigned to or claimable by current user
limitqueryNonumberNumber of results (max 100)
offsetqueryNonumberPagination offset

Responses

200User tasks list with pagination
Content-Type: application/json
{
  "data": [
    {
      "id": "00000000-0000-4000-8000-000000000000",
      "workflowInstanceId": "00000000-0000-4000-8000-000000000000",
      "stepInstanceId": "00000000-0000-4000-8000-000000000000",
      "taskName": "string",
      "description": null,
      "status": "PENDING",
      "formSchema": null,
      "formData": null,
      "assignedTo": null,
      "assignedToRoles": null,
      "claimedBy": null,
      "claimedAt": null,
      "dueDate": null,
      "escalatedAt": null,
      "escalatedTo": null,
      "completedBy": null,
      "completedAt": null,
      "tenantId": "00000000-0000-4000-8000-000000000000",
      "organizationId": "00000000-0000-4000-8000-000000000000",
      "createdAt": "string",
      "updatedAt": "string"
    }
  ],
  "pagination": {
    "total": 1,
    "limit": 1,
    "offset": 1,
    "hasMore": true
  }
}
400Invalid query parameters or missing tenant context
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/workflows/tasks?limit=50&offset=0" \
  -H "Accept: application/json"
GET/workflows/tasks/{id}

Get task details

Returns complete details of a user task by ID.

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200User task details
Content-Type: application/json
{
  "data": {
    "id": "00000000-0000-4000-8000-000000000000",
    "workflowInstanceId": "00000000-0000-4000-8000-000000000000",
    "stepInstanceId": "00000000-0000-4000-8000-000000000000",
    "taskName": "string",
    "description": null,
    "status": "PENDING",
    "formSchema": null,
    "formData": null,
    "assignedTo": null,
    "assignedToRoles": null,
    "claimedBy": null,
    "claimedAt": null,
    "dueDate": null,
    "escalatedAt": null,
    "escalatedTo": null,
    "completedBy": null,
    "completedAt": null,
    "tenantId": "00000000-0000-4000-8000-000000000000",
    "organizationId": "00000000-0000-4000-8000-000000000000",
    "createdAt": "string",
    "updatedAt": "string"
  }
}
400Missing tenant or organization context
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
404Task not found
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X GET "https://admin-dev.getcovo.com/api/workflows/tasks/:id" \
  -H "Accept: application/json"
POST/workflows/tasks/{id}/claim

Claim a task from role queue

Allows a user to claim a task assigned to their role(s). Once claimed, the task moves to IN_PROGRESS status and is assigned to the claiming user.

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Responses

200Task claimed successfully
Content-Type: application/json
{
  "data": {
    "id": "00000000-0000-4000-8000-000000000000",
    "workflowInstanceId": "00000000-0000-4000-8000-000000000000",
    "stepInstanceId": "00000000-0000-4000-8000-000000000000",
    "taskName": "string",
    "description": null,
    "status": "PENDING",
    "formSchema": null,
    "formData": null,
    "assignedTo": null,
    "assignedToRoles": null,
    "claimedBy": null,
    "claimedAt": null,
    "dueDate": null,
    "escalatedAt": null,
    "escalatedTo": null,
    "completedBy": null,
    "completedAt": null,
    "tenantId": "00000000-0000-4000-8000-000000000000",
    "organizationId": "00000000-0000-4000-8000-000000000000",
    "createdAt": "string",
    "updatedAt": "string"
  },
  "message": "string"
}
400Missing tenant or organization context
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
404Task not found
Content-Type: application/json
{
  "error": "string"
}
409Task already claimed
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/workflows/tasks/:id/claim" \
  -H "Accept: application/json"
POST/workflows/tasks/{id}/complete

Complete a task with form data

Validates form data against task schema, updates task with completion data, merges form data into workflow context, and resumes workflow execution.

Parameters

NameInRequiredSchemaDescription
idpathYesstring

Request body (application/json)

{
  "formData": {}
}

Responses

200Task completed successfully
Content-Type: application/json
{
  "data": {
    "id": "00000000-0000-4000-8000-000000000000",
    "workflowInstanceId": "00000000-0000-4000-8000-000000000000",
    "stepInstanceId": "00000000-0000-4000-8000-000000000000",
    "taskName": "string",
    "description": null,
    "status": "PENDING",
    "formSchema": null,
    "formData": null,
    "assignedTo": null,
    "assignedToRoles": null,
    "claimedBy": null,
    "claimedAt": null,
    "dueDate": null,
    "escalatedAt": null,
    "escalatedTo": null,
    "completedBy": null,
    "completedAt": null,
    "tenantId": "00000000-0000-4000-8000-000000000000",
    "organizationId": "00000000-0000-4000-8000-000000000000",
    "createdAt": "string",
    "updatedAt": "string"
  },
  "message": "string"
}
400Invalid request body, validation failed, or missing context
Content-Type: application/json
{
  "error": "string"
}
401Unauthorized
Content-Type: application/json
{
  "error": "string"
}
404Task not found
Content-Type: application/json
{
  "error": "string"
}
409Task already completed
Content-Type: application/json
{
  "error": "string"
}
500Internal server error
Content-Type: application/json
{
  "error": "string"
}

Example

curl -X POST "https://admin-dev.getcovo.com/api/workflows/tasks/:id/complete" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d "{
  \"formData\": {}
}"