StockManager ships a built-in REST API that lets you interact with inventory, sales, users, and analytics data programmatically. The API is served by a Waitress WSGI server embedded inside the desktop application, so it is available whenever StockManager is running — no separate server process is required. It is primarily intended for third-party integrations, automated scripts, and headless tooling such as Postman or curl.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/InnoDev69/StockManager/llms.txt
Use this file to discover all available pages before exploring further.
Base URL
All API routes are mounted under the/api prefix. With the default host and port the base URL is:
main.py via the FLASK_HOST and FLASK_PORT constants (defaults 127.0.0.1 and 5000).
Response Format
Every endpoint returnsapplication/json. Successful responses carry the resource or a confirmation message in the body. Error responses always use the shape:
Authentication
The API uses Flask session cookies. Obtain a session by sending credentials toPOST /api/login. The server responds with a Set-Cookie header; include that cookie in every subsequent request. No API keys or bearer tokens are involved. See the Authentication page for full details.
Endpoint Groups
All blueprints are registered under the/api prefix in api/__init__.py and mounted via app.register_blueprint(api_bp, url_prefix="/api") in main.py.
| Group | Paths |
|---|---|
| Products | /api/products, /api/products_all, /api/items |
| Sales | /api/sales, /api/sales/bulk |
| Users | /api/users, /api/login, /api/register |
| Metrics | /api/stats, /api/metrics, /api/never-sold |
| Notifications | /api/notifications/* |
| Applications | /api/applications |
| Audit | /api/user/<id>, /api/all, /api/entity/<type>/<id> |
| Settings | /api/api/settings/profile, /api/api/settings/password |
| Debug | /api/debug/log, /api/debug/logs, /api/debug/command |
| Health | /api/health |
The
settings_api blueprint is defined with url_prefix='/api' and is then registered on api_bp, which is itself mounted at /api. This means the settings routes are accessible at /api/api/settings/profile and /api/api/settings/password — a double-prefix that reflects the current source configuration.Pagination
List endpoints that can return large result sets support server-side pagination through two query parameters:| Parameter | Type | Default | Description |
|---|---|---|---|
page | integer | 1 | 1-based page number |
limit | integer | varies by endpoint | Maximum records per page |
data array:
total— total number of records matching any active filterspages— total number of pages at the requestedlimitpage— the current page number echoed back
HTTP Status Codes
| Code | Meaning |
|---|---|
200 | Success — request processed, resource returned or updated |
201 | Created — new resource was successfully persisted |
400 | Bad request — missing required fields or validation failure |
401 | Unauthenticated — no valid session cookie present |
403 | Forbidden — authenticated but role lacks permission |
404 | Not found — the requested resource does not exist |
409 | Conflict — duplicate value (e.g. username or email already taken) |
500 | Internal server error — unexpected server-side failure |
Explore the API
Authentication
Log in, manage session cookies, understand roles, and register new accounts.
Products
List, create, update, and delete products and inventory items.
Sales
Record individual sales and submit bulk transactions.
Users
Manage user accounts, roles, status, and password resets.
Metrics
Retrieve dashboard stats, aggregated metrics, and never-sold product reports.
Notifications
Read, mark, and stream real-time in-app notifications.
Audit
Query the audit log by user, entity type, or across all recorded actions.
Health
Check that the server is running and accepting requests.