Developer API Documentation

Build your restaurant frontend using these REST APIs

Base URLhttps://your-saas-domain.com

Getting Started

Everything you need to integrate with the restaurant platform API.

Base URL

url
https://your-saas-domain.com

All API endpoints are relative to this base URL.

Bearer Token

Protected endpoints require a JWT token from login. Send it in the Authorization header.

http
Authorization: Bearer <jwt_token>

API Key

Send your restaurant API key in the x-api-key header alongside the Bearer token for additional security. Generate keys from your API Keys settings page.

http
x-api-key: <your_api_key>

About API Keys

All /api/r/ routes require a valid x-api-key header, including publicly browsable endpoints like the menu and restaurant info. Requests without a key are rejected with 401 API key required.

Key scoping: A key generated from the Restaurant Admin can only access that restaurant's data. A key generated by a SaaS Admin (no restaurantId attached) is global and works for any restaurant.

Store your API key in an environment variable (e.g. NEXT_PUBLIC_API_KEY) and include it in every request. Generate keys from the API Keys page in your restaurant dashboard.

API Client (JavaScript)

javascript
const BASE_URL = "https://your-saas-domain.com";
const API_KEY = process.env.NEXT_PUBLIC_API_KEY || "";

async function apiRequest(endpoint, options = {}) {
  const token = localStorage.getItem("token");
  const res = await fetch(`${BASE_URL}${endpoint}`, {
    headers: {
      "Content-Type": "application/json",
      ...(token   && { Authorization: `Bearer ${token}` }),
      ...(API_KEY && { "x-api-key": API_KEY }),
    },
    ...options,
  });
  const data = await res.json();
  if (!res.ok) throw new Error(data.error || "Request failed");
  return data;
}

export const api = {
  get:    (url)          => apiRequest(url),
  post:   (url, body)    => apiRequest(url, { method: "POST",   body: JSON.stringify(body) }),
  patch:  (url, body)    => apiRequest(url, { method: "PATCH",  body: JSON.stringify(body) }),
  delete: (url)          => apiRequest(url, { method: "DELETE" }),
};

Response Format

Success

json
{
  "success": true,
  "data": { ... }
}

Error

json
{
  "success": false,
  "error": "Error message here"
}

Authentication

Register, log in, and manage customer sessions.

Restaurant Info

Fetch public restaurant details and branding.

Orders

Create and manage customer orders.

Payments

Stripe payment integration and discount code validation.

Promotions

Fetch active promotions and banners for the restaurant.

Global

Platform-wide APIs for branding, restaurant listing, and static content.

Reference

Order Statuses

pendingOrder placed, awaiting confirmation
confirmedConfirmed by restaurant
preparingBeing prepared in kitchen
readyReady for pickup / rider
outForDeliveryRider is on the way
deliveredSuccessfully delivered
completedDine-in order completed
cancelledOrder was cancelled

Endpoint Summary

POST/api/auth/login
POST/api/auth/register
GET/api/auth/me
GET/api/r/{slug}/info
GET/api/r/{slug}/menu
GET/api/r/{slug}/menu/{itemId}
GET/api/r/{slug}/promotions
POST/api/r/{slug}/orders
GET/api/r/{slug}/orders
GET/api/r/{slug}/orders/{id}
POST/api/r/{slug}/orders/{id}/confirm-payment
GET/api/r/{slug}/orders/{id}/rider-location
POST/api/r/{slug}/validate-coupon
POST/api/r/{slug}/create-payment-intent
GET/api/restaurants
GET/api/branding
GET/api/faqs