API overview
Authentication, base URL, and getting started.
Overview
Katura provides a comprehensive REST API for managing your store programmatically. The API powers both the admin panel and the customer-facing storefront.
API architecture
Katura's API is built with Next.js Route Handlers:
- Admin API β routes under
/api/admin/*(requires authentication + role check) - Storefront API β routes under
/api/*(public or customer-auth required) - Webhook API β routes for receiving webhooks from Stripe, Shopify, etc.
Admin API endpoints
The admin API has 60+ route groups covering:
| Group | Endpoints |
|---|---|
| Products | CRUD operations, variants, images, bulk operations |
| Orders | List, create, update status, assign sales rep |
| Customers | List, create, update, import/export |
| Collections | CRUD, product management, sort order |
| CRM | Deals, pipeline stages, contacts, notes |
| Marketing | Email campaigns, promotions, segments |
| Payroll | Runs, periods, employees, reports |
| Wholesale | Accounts, leads, settings |
| Analytics | Revenue, products, customers, team performance |
| Settings | Store config, payment, shipping, notifications |
Authentication
Admin API routes require a valid session token from Supabase Auth. The middleware checks authentication on every request and verifies the user's role meets the minimum requirement for the endpoint.
Note
The API uses the same Prisma models as the admin UI, so data is always consistent. There's no separate API database or sync process.