2ejjeh REST API
Public API for 2ejjeh management. Base URL:
/api/v1
Status
Online - use GET /api/v1/health for health checks.
Authentication
POST /api/v1/auth/login- exchange Firebase ID token for access + refresh tokens.POST /api/v1/auth/refresh- rotate refresh token and return new access token.POST /api/v1/auth/logout- revoke refresh token.POST /api/v1/auth/verify- verify API JWT.- Protected routes require
Authorization: Bearer <accessToken>.
Main Resources (CRUD)
/api/v1/users/api/v1/clients/api/v1/clients/:clientId/imports/api/v1/clients/:clientId/imports/:importId/orders/api/v1/clients/:clientId/paid/api/v1/clients/:clientId/returned/api/v1/clients/:clientId/inventory/api/v1/clients/:clientId/inventory/:itemId/stock-movements
Pagination
- List endpoints support
?limit=25(max 100). - Use
?cursor=<lastItemId>for next page. - List response includes
meta: { limit, count, nextCursor, hasNextPage }.
Rate Limits
- Global:
300 requests / 15 minutes / IP. - Auth routes:
60 requests / 15 minutes / IP. - Read routes:
500 requests / 15 minutes / IP. - Write routes:
200 requests / 15 minutes / IP.
Security Defaults
- JWT issuer/audience validation enabled.
- Wildcard CORS blocked in production mode.
- Request IDs returned in
X-Request-Idand error payloads. - Security headers enabled with Helmet + HSTS in production.
Error Format
All error responses use a consistent schema:
{ success: false, code, message, requestId, details }
Sample Requests & Responses
Login request:
POST /api/v1/auth/login
Content-Type: application/json
{
"idToken": "FIREBASE_ID_TOKEN"
}
Login response:
{
"success": true,
"data": {
"accessToken": "eyJhbGciOi...",
"refreshToken": "eyJhbGciOi...",
"accessTokenExpiresIn": "24h",
"refreshTokenExpiresIn": "30d",
"user": {
"uid": "abc123",
"email": "user@example.com"
}
}
}
Refresh request:
POST /api/v1/auth/refresh
Content-Type: application/json
{
"refreshToken": "eyJhbGciOi..."
}
Paginated list response:
{
"success": true,
"data": [
{ "id": "doc_1", "name": "Item 1" },
{ "id": "doc_2", "name": "Item 2" }
],
"meta": {
"limit": 25,
"count": 2,
"nextCursor": "doc_2",
"hasNextPage": true
}
}
Standard error response:
{
"success": false,
"code": "VALIDATION_ERROR",
"message": "Validation failed",
"requestId": "f1e4a641-0b5f-4ce7-8a83-4c20d74bb62f",
"details": {
"source": "body",
"errors": [
{ "path": "idToken", "message": "Required" }
]
}
}
Quick Test
Run from terminal:
curl https://api.2ejjeh.com/api/v1/health