Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/CodexaCP/DG_BACK/llms.txt

Use this file to discover all available pages before exploring further.

The Supreme API (/api/supreme) is the platform-level administration surface of Dragon Guard. All endpoints require a valid JWT with isSuperAdmin = true (role SUPERADMIN_SUPREMO). These endpoints are not available to regular tenant users.
All endpoints on this page require Authorization: Bearer <token> where the token was issued to a SUPERADMIN_SUPREMO account. Any request from a non-super-admin JWT returns 403 Forbidden.

GET /api/supreme/dashboard

Returns a platform-wide health and metrics snapshot including company counts, plan distribution, recent activity, and missing warehouse setup indicators. Authentication: Bearer JWT with isSuperAdmin = true (required).
totalCompanies
integer
Total registered tenants.
activeCompanies
integer
Tenants with status Active.
inactiveCompanies
integer
Inactive or suspended tenants.
totalUsers
integer
Total active users across all tenants.
totalLocations
integer
Total warehouse locations.
totalBins
integer
Total bins.
totalItems
integer
Total item catalog records.
totalInventoryQuantity
decimal
Sum of all inventory movement quantities.
totalReceipts
integer
Total receiving headers.
totalShipments
integer
Total shipment headers.
totalMovements
integer
Total inventory movements.
monthlyRecurringRevenue
decimal
MRR from active plan subscriptions.
activePlansByType
array
Breakdown of companies per plan name.
companiesMissingSetup
array
Companies missing default locations, bins, or items.
recentActivity
array
Last 10 receipts and shipments across all tenants.
curl -X GET "https://api.example.com/api/supreme/dashboard" \
  -H "Authorization: Bearer <superadmin-token>"

GET /api/supreme/companies

Returns all registered tenant companies with plan and integration summary. Authentication: Bearer JWT with isSuperAdmin = true (required).
data
array
curl -X GET "https://api.example.com/api/supreme/companies" \
  -H "Authorization: Bearer <superadmin-token>"

GET /api/supreme/companies/

Returns full detail for a single company including integration settings, RFID configuration, GrupoMAS polling state, user count, and assigned roles. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
address1
string
Street address.
city
string
City.
country
string
Country.
currencyCode
string
Currency (default USD).
timeZone
string
Time zone (default UTC).
isWmsEnabled
boolean
WMS module enabled flag.
allowNegativeStock
boolean
Whether negative stock is permitted.
callbackUrl
string
ERP outbound callback URL.
grupoMasNativeSettings
object
GrupoMAS connection settings and polling state (present only when provider is GrupoMasNative).
businessCentralNativeSettings
object
BC connection settings (present only when provider is BusinessCentralNative).
rfidSettings
object
RFID feature settings for the tenant.
hasApiKey
boolean
Whether an API key has been provisioned.
userCount
integer
Number of users assigned to this tenant.
roleCodes
array
Role codes present in this tenant.
deviceLimit
integer
Maximum registered handheld devices.
notes
string
Internal notes.
Error codes
StatusMeaning
404Company not found.
curl -X GET "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6" \
  -H "Authorization: Bearer <superadmin-token>"

POST /api/supreme/companies

Creates a new tenant company. code and name are required. GrupoMAS Native tenants require a non-empty code (used as codigo_empresa on every MAS request). Authentication: Bearer JWT with isSuperAdmin = true (required).
code
string
required
Unique company code (used as ERP identifier).
name
string
required
Company display name.
Legal entity name.
taxId
string
Tax ID / RUC.
email
string
Primary contact email.
userEmailDomain
string
Restrict self-service registration to this email domain (e.g., @warehouse.com).
planId
string (uuid)
Assigned subscription plan ID.
integrationMode
string
Integration mode (Standard, GrupoMasNative, BusinessCentralNative).
apiAccessEnabled
boolean
Whether to enable API key access immediately.
deviceLimit
integer
Maximum handheld device count override.
notes
string
Internal notes.
curl -X POST "https://api.example.com/api/supreme/companies" \
  -H "Authorization: Bearer <superadmin-token>" \
  -H "Content-Type: application/json" \
  -d '{"code": "WH-EAST", "name": "East Warehouse LLC", "planId": "plan-guid-here"}'

PUT /api/supreme/companies/

Full update for a company record. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company to update.
Accepts the same body as POST /api/supreme/companies plus additional fields.
curl -X PUT "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6" \
  -H "Authorization: Bearer <superadmin-token>" \
  -H "Content-Type: application/json" \
  -d '{"code": "WH-EAST", "name": "East Warehouse Updated", "email": "[email protected]"}'

PATCH /api/supreme/companies//status

Changes a company’s operational status. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
status
string
required
New status. Must be Active, Inactive, or Suspended.
curl -X PATCH "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/status" \
  -H "Authorization: Bearer <superadmin-token>" \
  -H "Content-Type: application/json" \
  -d '{"status": "Suspended"}'

PATCH /api/supreme/companies//integration-access

Enables or disables API key access for the tenant’s integration endpoint. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
apiAccessEnabled
boolean
required
Set to true to enable, false to disable.
curl -X PATCH "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/integration-access" \
  -H "Authorization: Bearer <superadmin-token>" \
  -H "Content-Type: application/json" \
  -d '{"apiAccessEnabled": true}'

PATCH /api/supreme/companies//integration/grupomas-native-settings

Updates the GrupoMAS Native connection settings for a tenant. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
baseUrl
string
GrupoMAS API base URL.
apiKey
string
GrupoMAS API key (mutually exclusive with bearerToken).
bearerToken
string
GrupoMAS bearer token (mutually exclusive with apiKey).
clearApiKey
boolean
Set to true to clear the stored API key.
clearBearerToken
boolean
Set to true to clear the stored bearer token.
timeoutSeconds
integer
HTTP timeout for MAS calls.
pollingEnabled
boolean
Enable background polling for released work.
pollingIntervalSeconds
integer
Background polling interval in seconds.
pollingLocationCode
string
Location code filter for polling.
curl -X PATCH "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/integration/grupomas-native-settings" \
  -H "Authorization: Bearer <superadmin-token>" \
  -H "Content-Type: application/json" \
  -d '{"baseUrl": "https://mas.example.com/api", "pollingEnabled": true, "pollingIntervalSeconds": 300}'

PATCH /api/supreme/companies//integration/businesscentral-native-settings

Updates Business Central Native connection settings for a tenant. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
baseUrl
string
BC OData API base URL.
tenantId
string
Azure AD tenant ID.
environmentName
string
BC environment name (e.g., production).
companyId
string
BC company ID.
companyName
string
BC company name.
username
string
BC service account username.
accessKey
string
BC access key / password (stored encrypted).
clearAccessKey
boolean
Set to true to clear the stored access key.
timeoutSeconds
integer
HTTP timeout for BC calls.
itemsPath
string
Custom items OData path override.
receiptsPath
string
Custom receipts path override.
shipmentsPath
string
Custom shipments path override.
movementsPath
string
Custom movements path override.
curl -X PATCH "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/integration/businesscentral-native-settings" \
  -H "Authorization: Bearer <superadmin-token>" \
  -H "Content-Type: application/json" \
  -d '{"baseUrl": "https://api.businesscentral.dynamics.com/v2.0", "environmentName": "production"}'

PATCH /api/supreme/companies//integration/rfid-settings

Updates the top-level RFID feature settings for a tenant. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
enabled
boolean
Enable or disable RFID features company-wide.
mode
string
Default RFID mode (Disabled, InquiryOnly, OperationalAssist, StrictValidation).
inquiryEnabled
boolean
Enable RFID for the inquiry module.
receiptsEnabled
boolean
Enable RFID for the receiving module.
shipmentsEnabled
boolean
Enable RFID for the shipments module.
movementsEnabled
boolean
Enable RFID for the inventory movements module.
curl -X PATCH "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/integration/rfid-settings" \
  -H "Authorization: Bearer <superadmin-token>" \
  -H "Content-Type: application/json" \
  -d '{"enabled": true, "mode": "StrictValidation", "receiptsEnabled": true}'

POST /api/supreme/companies//integration/regenerate-key

Generates a new API key for the company, invalidating the previous key immediately. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
apiKey
string
The newly generated plain-text API key. Store it immediately — it is not retrievable again.
The plain-text key is returned only once in this response. Dragon Guard stores only the hash. Treat the key as a secret.
curl -X POST "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/integration/regenerate-key" \
  -H "Authorization: Bearer <superadmin-token>"

POST /api/supreme/companies//integration/grupomas-native/test-connection

Tests the current GrupoMAS Native connection settings by making a live probe request to the MAS API. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
curl -X POST "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/integration/grupomas-native/test-connection" \
  -H "Authorization: Bearer <superadmin-token>"

POST /api/supreme/companies//integration/businesscentral-native/test-connection

Tests the BC Native connection with current settings. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
curl -X POST "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/integration/businesscentral-native/test-connection" \
  -H "Authorization: Bearer <superadmin-token>"

POST /api/supreme/companies//integration/grupomas-native/polling/refresh

Immediately triggers a background polling refresh cycle for released work from GrupoMAS. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
curl -X POST "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/integration/grupomas-native/polling/refresh" \
  -H "Authorization: Bearer <superadmin-token>"

GET /api/supreme/companies//integration/rfid-policies

Returns the RFID validation policies configured for the tenant. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
curl -X GET "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/integration/rfid-policies" \
  -H "Authorization: Bearer <superadmin-token>"

GET /api/supreme/companies//integration/rfid-policies/

Returns a single RFID policy by ID. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
policyId
string (uuid)
required
Policy ID.
curl -X GET "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/integration/rfid-policies/policy-guid-here" \
  -H "Authorization: Bearer <superadmin-token>"

POST /api/supreme/companies//integration/rfid-policies

Creates a new RFID validation policy for the tenant. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
module
string
required
Module this policy applies to (ITEMS, RECEIPTS, SHIPMENTS, MOVEMENTS).
mode
string
Validation mode.
isEnabled
boolean
Whether this policy is active.
allowManualFallback
boolean
Allow manual entry fallback when RFID fails.
allowBarcodeFallback
boolean
Allow barcode scanning fallback.
blockOnUnknownTag
boolean
Block on unrecognized tags.
blockOnInactiveTag
boolean
Block on deactivated tags.
blockOnValidationMismatch
boolean
Block when tag does not match expected document item.
requireRfidEvidence
boolean
Require RFID scan evidence before posting.
curl -X POST "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/integration/rfid-policies" \
  -H "Authorization: Bearer <superadmin-token>" \
  -H "Content-Type: application/json" \
  -d '{"module": "RECEIPTS", "isEnabled": true, "allowManualFallback": true}'

PUT /api/supreme/companies//integration/rfid-policies

Replaces all RFID validation policies for the tenant. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
curl -X PUT "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/integration/rfid-policies" \
  -H "Authorization: Bearer <superadmin-token>" \
  -H "Content-Type: application/json" \
  -d '[]'

PUT /api/supreme/companies//integration/rfid-policies/

Replaces a single RFID policy by ID. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
policyId
string (uuid)
required
Policy ID to update.
curl -X PUT "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/integration/rfid-policies/policy-guid-here" \
  -H "Authorization: Bearer <superadmin-token>" \
  -H "Content-Type: application/json" \
  -d '{"module": "RECEIPTS", "isEnabled": false}'

DELETE /api/supreme/companies//integration/rfid-policies/

Deletes a single RFID policy. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
policyId
string (uuid)
required
Policy ID to delete.
curl -X DELETE "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/integration/rfid-policies/policy-guid-here" \
  -H "Authorization: Bearer <superadmin-token>"

GET /api/supreme/companies//integration/rfid-events

Returns RFID scan events scoped to the tenant for Supreme-level inspection and audit. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
curl -X GET "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/integration/rfid-events" \
  -H "Authorization: Bearer <superadmin-token>"

GET /api/supreme/companies//integration/rfid-device-profiles

Returns all RFID device profiles for the tenant. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
curl -X GET "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/integration/rfid-device-profiles" \
  -H "Authorization: Bearer <superadmin-token>"

POST /api/supreme/companies//integration/rfid-device-profiles

Creates a new RFID device profile for the tenant. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
curl -X POST "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/integration/rfid-device-profiles" \
  -H "Authorization: Bearer <superadmin-token>" \
  -H "Content-Type: application/json" \
  -d '{}'

GET /api/supreme/companies//integration/rfid-device-profiles/

Returns a single RFID device profile by ID. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
profileId
string (uuid)
required
Device profile ID.
curl -X GET "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/integration/rfid-device-profiles/profile-guid-here" \
  -H "Authorization: Bearer <superadmin-token>"

PUT /api/supreme/companies//integration/rfid-device-profiles/

Replaces an RFID device profile. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
profileId
string (uuid)
required
Device profile ID.
curl -X PUT "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/integration/rfid-device-profiles/profile-guid-here" \
  -H "Authorization: Bearer <superadmin-token>" \
  -H "Content-Type: application/json" \
  -d '{}'

DELETE /api/supreme/companies//integration/rfid-device-profiles/

Deletes an RFID device profile. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Company ID.
profileId
string (uuid)
required
Device profile ID to delete.
curl -X DELETE "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/integration/rfid-device-profiles/profile-guid-here" \
  -H "Authorization: Bearer <superadmin-token>"

GET /api/supreme/plans

Returns all subscription plans available in the platform. Authentication: Bearer JWT with isSuperAdmin = true (required).
data
array
List of plan records with ID, name, price, and feature limits.
curl -X GET "https://api.example.com/api/supreme/plans" \
  -H "Authorization: Bearer <superadmin-token>"

POST /api/supreme/plans

Creates a new subscription plan. Authentication: Bearer JWT with isSuperAdmin = true (required).
name
string
required
Plan display name.
price
decimal
required
Monthly price.
maxHandheldDevices
integer
required
Maximum allowed handheld devices (minimum 1).
currencyCode
string
required
Currency code (USD or PYG).
renewalPeriod
string
required
Renewal period (Monthly, Quarterly, Semiannual, Annual, Weekly).
curl -X POST "https://api.example.com/api/supreme/plans" \
  -H "Authorization: Bearer <superadmin-token>" \
  -H "Content-Type: application/json" \
  -d '{"name": "Pro Plan", "price": 299.00, "maxHandheldDevices": 10, "currencyCode": "USD", "renewalPeriod": "Monthly"}'

PUT /api/supreme/plans/

Updates an existing plan. Authentication: Bearer JWT with isSuperAdmin = true (required).
id
string (uuid)
required
Plan ID.
curl -X PUT "https://api.example.com/api/supreme/plans/plan-guid-here" \
  -H "Authorization: Bearer <superadmin-token>" \
  -H "Content-Type: application/json" \
  -d '{"name": "Pro Plan v2", "price": 349.00, "maxHandheldDevices": 10, "currencyCode": "USD", "renewalPeriod": "Monthly"}'

GET /api/supreme/plans/history

Returns the plan change history across all tenants. Authentication: Bearer JWT with isSuperAdmin = true (required).
curl -X GET "https://api.example.com/api/supreme/plans/history" \
  -H "Authorization: Bearer <superadmin-token>"

POST /api/supreme/companies//plans/assign

Assigns a subscription plan to a tenant. Authentication: Bearer JWT with isSuperAdmin = true (required).
tenantId
string (uuid)
required
Tenant company ID.
planId
string (uuid)
required
Plan to assign.
curl -X POST "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/plans/assign" \
  -H "Authorization: Bearer <superadmin-token>" \
  -H "Content-Type: application/json" \
  -d '{"planId": "plan-guid-here"}'

GET /api/supreme/companies//plans/history

Returns the plan change history for a specific tenant. Authentication: Bearer JWT with isSuperAdmin = true (required).
tenantId
string (uuid)
required
Tenant company ID.
curl -X GET "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/plans/history" \
  -H "Authorization: Bearer <superadmin-token>"

GET /api/supreme/companies//users

Returns all users assigned to a specific tenant. Authentication: Bearer JWT with isSuperAdmin = true (required).
tenantId
string (uuid)
required
Tenant company ID.
curl -X GET "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/users" \
  -H "Authorization: Bearer <superadmin-token>"

POST /api/supreme/companies//users/admin

Creates an admin user account and assigns it directly to a tenant with the ADMIN role. Authentication: Bearer JWT with isSuperAdmin = true (required).
tenantId
string (uuid)
required
Tenant company ID.
email
string
required
New admin’s email.
fullName
string
required
Full name.
password
string
required
Initial password (must meet complexity policy).
curl -X POST "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/users/admin" \
  -H "Authorization: Bearer <superadmin-token>" \
  -H "Content-Type: application/json" \
  -d '{"email": "[email protected]", "fullName": "Jane Admin", "password": "Adm1nP@ss!"}'

GET /api/supreme/companies//devices

Returns all registered handheld devices for a tenant. Authentication: Bearer JWT with isSuperAdmin = true (required).
tenantId
string (uuid)
required
Tenant company ID.
curl -X GET "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/devices" \
  -H "Authorization: Bearer <superadmin-token>"

POST /api/supreme/companies//devices

Creates/registers a new handheld device for a tenant. Authentication: Bearer JWT with isSuperAdmin = true (required).
tenantId
string (uuid)
required
Tenant company ID.
deviceKey
string
required
Normalized device MAC/key (uppercase, colon-separated).
deviceName
string
Human-readable device name.
isActive
boolean
Whether the device is active. Defaults to true.
curl -X POST "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/devices" \
  -H "Authorization: Bearer <superadmin-token>" \
  -H "Content-Type: application/json" \
  -d '{"deviceKey": "AA:BB:CC:DD:EE:FF", "deviceName": "Scanner-01", "isActive": true}'

GET /api/supreme/companies//devices/

Returns a single registered handheld device by ID. Authentication: Bearer JWT with isSuperAdmin = true (required).
tenantId
string (uuid)
required
Tenant company ID.
deviceId
string (uuid)
required
Device record ID.
curl -X GET "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/devices/device-guid-here" \
  -H "Authorization: Bearer <superadmin-token>"

PUT /api/supreme/companies//devices

Bulk-updates device records for a tenant (activate/deactivate, rename). Authentication: Bearer JWT with isSuperAdmin = true (required).
tenantId
string (uuid)
required
Tenant company ID.
devices
array
Array of device objects to upsert.
curl -X PUT "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/devices" \
  -H "Authorization: Bearer <superadmin-token>" \
  -H "Content-Type: application/json" \
  -d '[{"deviceKey": "AA:BB:CC:DD:EE:FF", "deviceName": "Scanner-01", "isActive": true}]'

PUT /api/supreme/companies//devices/

Updates a single handheld device record. Authentication: Bearer JWT with isSuperAdmin = true (required).
tenantId
string (uuid)
required
Tenant company ID.
deviceId
string (uuid)
required
Device record ID.
curl -X PUT "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/devices/device-guid-here" \
  -H "Authorization: Bearer <superadmin-token>" \
  -H "Content-Type: application/json" \
  -d '{"deviceName": "Scanner-Updated", "isActive": false}'

DELETE /api/supreme/companies//devices/

Deletes a handheld device registration. Authentication: Bearer JWT with isSuperAdmin = true (required).
tenantId
string (uuid)
required
Tenant company ID.
deviceId
string (uuid)
required
Device record ID to delete.
curl -X DELETE "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/devices/device-guid-here" \
  -H "Authorization: Bearer <superadmin-token>"

GET /api/supreme/companies//summary

Returns a compact summary of a company’s warehouse setup including location and bin counts. Authentication: Bearer JWT with isSuperAdmin = true (required).
companyId
string (uuid)
required
Company ID.
curl -X GET "https://api.example.com/api/supreme/companies/3fa85f64-5717-4562-b3fc-2c963f66afa6/summary" \
  -H "Authorization: Bearer <superadmin-token>"

GET /api/audit/logs

Returns the platform audit log. Supports rich filtering by company, table, action, user, entity, client application, search term, and date range. Authentication: Bearer JWT (required). Super-admins can filter across all companies; regular admins are limited to their own tenant.
companyId
string (uuid)
Filter by tenant.
tableName
string
Filter by audited table name (e.g., auth.Users, wms.Items).
action
string
Filter by action code (e.g., UserRegistered, PasswordChanged).
userEmail
string
Filter by the user who performed the action.
entityId
string
Filter by entity ID (UUID format).
clientApp
string
Filter by client application identifier.
Free-text search across table name, action, user email, changed columns, request path, old values, and new values.
from
string (ISO 8601)
Start of date range (inclusive).
to
string (ISO 8601)
End of date range (inclusive).
pageNumber
integer
Page number. Defaults to 1.
pageSize
integer
Page size. Defaults to 25, max 100.
data
array
Audit log entries.
totalRecords
integer
Total matching log entries.
curl -X GET "https://api.example.com/api/audit/logs?tableName=auth.Users&action=PasswordChanged&pageSize=50" \
  -H "Authorization: Bearer <superadmin-token>"

GET /api/audit/modules

Returns the distinct list of WMS modules that have audit log entries. Used to populate filter dropdowns in the audit UI. Authentication: Bearer JWT (required).
modules
array
List of module name strings with audit records.
curl -X GET "https://api.example.com/api/audit/modules" \
  -H "Authorization: Bearer <superadmin-token>"

GET /api/audit/action-options

Returns the distinct list of action codes that have audit log entries. Used to populate the action filter dropdown. Authentication: Bearer JWT (required).
actions
array
List of action code strings.
curl -X GET "https://api.example.com/api/audit/action-options" \
  -H "Authorization: Bearer <superadmin-token>"

GET /api/audit/tables

Returns the list of distinct table names that have audit log entries for a given company. Used to populate filter dropdowns in the audit UI. Authentication: Bearer JWT (required).
companyId
string (uuid)
Tenant company ID.
tables
array
List of table name strings with audit records.
curl -X GET "https://api.example.com/api/audit/tables?companyId=3fa85f64-5717-4562-b3fc-2c963f66afa6" \
  -H "Authorization: Bearer <superadmin-token>"

Build docs developers (and LLMs) love