DashboardDeveloper Portal

API Reference

Base URL: https://api.elevatedpos.com.au · All endpoints require Authorization: Bearer <token>

Authentication

ElevatedPOS supports Bearer JWT for internal integrations and OAuth 2.0 (Authorization Code) for partner apps.

Authorization header

Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...
POST/api/v1/auth/loginExchange credentials for a JWT access token and refresh token
POST/api/v1/auth/refreshObtain a new access token using a refresh token
POST/api/v1/auth/logoutRevoke the current session tokens
GET/api/v1/auth/meReturn the authenticated user profile
POST/api/v1/oauth/tokenOAuth 2.0 token exchange (authorization_code / refresh_token)

POST /api/v1/auth/login — Request

{
  "email": "admin@store.com",
  "password": "••••••••"
}

Response 200

{
  "data": {
    "accessToken": "eyJhbGci...",
    "refreshToken": "eyJhbGci...",
    "expiresIn": 900,
    "user": { "id": "uuid", "email": "admin@store.com", "orgId": "uuid" }
  }
}

Catalog

GET
/api/v1/products

List products for the authenticated org with pagination

POST
/api/v1/products

Create a new product

GET
/api/v1/products/:id

Retrieve a single product by ID

PATCH
/api/v1/products/:id

Update product fields

DELETE
/api/v1/products/:id

Archive (soft-delete) a product

GET
/api/v1/categories

List product categories

POST
/api/v1/categories

Create a category

GET
/api/v1/modifiers

List modifier groups and options

POST
/api/v1/price-lists

Create a price list

GET
/graphql

GraphQL endpoint — products, categories, variants queries

Inventory

GET
/api/v1/inventory/levels

Get stock levels across locations

POST
/api/v1/inventory/adjust

Manual stock adjustment with reason code

POST
/api/v1/inventory/transfer

Inter-location stock transfer

GET
/api/v1/inventory/movements

Audit trail of all inventory movements

GET
/api/v1/inventory/alerts

List low-stock and out-of-stock alerts

Orders

GET
/api/v1/orders

List orders with filters (status, date range, location)

POST
/api/v1/orders

Create a new order

GET
/api/v1/orders/:id

Retrieve order with line items, payments, and history

PATCH
/api/v1/orders/:id/status

Update order status (e.g., completed, voided)

POST
/api/v1/orders/:id/refund

Initiate a full or partial refund

Payments

POST
/api/v1/payments

Create a payment intent for an order

GET
/api/v1/payments/:id

Retrieve payment details and status

POST
/api/v1/payments/:id/capture

Capture a pre-authorized payment

POST
/api/v1/payments/:id/void

Void an uncaptured payment

GET
/api/v1/payments/methods

List configured payment methods for the org

Customers

GET
/api/v1/customers

Search and list customers

POST
/api/v1/customers

Create or upsert a customer record

GET
/api/v1/customers/:id

Get customer profile with purchase history

PATCH
/api/v1/customers/:id

Update customer fields and preferences

GET
/api/v1/customers/:id/orders

List all orders for a customer

Loyalty

GET
/api/v1/loyalty/programs

List loyalty programs for the org

POST
/api/v1/loyalty/programs

Create a loyalty program

POST
/api/v1/loyalty/points/accrue

Manually accrue points for a customer

POST
/api/v1/loyalty/points/redeem

Redeem points for a reward

GET
/api/v1/loyalty/members/:customerId

Get loyalty membership and tier for a customer

Campaigns

GET
/api/v1/campaigns

List marketing campaigns

POST
/api/v1/campaigns

Create a campaign (discount, offer, promotion)

PATCH
/api/v1/campaigns/:id

Update campaign status or rules

GET
/api/v1/campaigns/:id/stats

Campaign performance metrics

Automations

GET
/api/v1/automations

List automation rules for the org

POST
/api/v1/automations

Create an automation rule (trigger + conditions + actions)

PATCH
/api/v1/automations/:id

Update automation rule

DELETE
/api/v1/automations/:id

Delete an automation rule

POST
/api/v1/automations/trigger

Manually fire a trigger event for testing

Integrations

GET
/api/v1/integrations

List installed integrations for the org

POST
/api/v1/integrations

Install a new integration

GET
/api/v1/integrations/:id/webhooks

List webhooks for an integration

POST
/api/v1/integrations/:id/webhooks

Register a webhook endpoint

POST
/api/v1/integrations/:id/webhooks/test

Send a test webhook payload

Rate Limits

All API endpoints enforce rate limits per org. Limits vary by plan:

PlanRequests / minuteBurst
Starter100150
Growth500750
Pro2,0003,000
EnterpriseCustomCustom

Rate limit headers: X-RateLimit-Limit, X-RateLimit-Remaining, Retry-After

Error Codes (RFC 7807)

All errors follow the RFC 7807 Problem Details format:

{
  "type": "https://elevatedpos.com.au/errors/validation",
  "title": "Validation Error",
  "status": 422,
  "detail": "sku is required",
  "instance": "/api/v1/products"
}
400

Bad Request

Malformed request body or query parameters.

401

Unauthorized

Missing or invalid Bearer token.

403

Forbidden

Authenticated but insufficient scope or org mismatch.

404

Not Found

Resource does not exist or is outside your org.

422

Unprocessable Entity

Validation failed — see errors array for field details.

429

Too Many Requests

Rate limit exceeded. Retry after the Retry-After header value.

500

Internal Server Error

Unexpected server error. Contact support with the request ID.