# Orizon BFF _Built: 12 Jun 2026, 21:08 (Asia/Yerevan)_ > Error shape (all 4xx/5xx): `{"error": {"code": "string", "message": "string", "details": {}}}` ## health #### Liveness probe `GET {baseUrl}/health` Returns 200/UP as long as the process is running. 200 OK: ```json { "status": "" } ``` #### Readiness probe `GET {baseUrl}/ready` Returns 200/READY when Supabase is reachable; 503/DEGRADED otherwise. 200 OK: ```json { "status": "" } ``` 503 Service Unavailable: ```json { "status": "" } ``` ## auth #### Check if email is new or existing, send OTP, and return a uid for the OTP request `POST {baseUrl}/api/v1/auth/initiate` Body: ```json { "email": "", "isSignupToBeAdmin": "" } ``` 200 OK: ```json { "data": { "isNewUser": "", "uid": "" } } ``` 400 Bad Request: error #### Resend the email OTP for an existing initiation request `POST {baseUrl}/api/v1/auth/resend-otp` Body: ```json { "uid": "" } ``` 202 Accepted: (no body) #### Verify OTP using the uid from /initiate — completes sign-in or sign-up `POST {baseUrl}/api/v1/auth/verify-otp` Body: ```json { "otp": "", "uid": "" } ``` 200 OK: ```json { "data": { "accessToken": "", "availableShops": [ { "id": "", "isOwner": "", "name": "", "roleKind": "", "status": "", "logoUrl": "" } ], "expiresAt": "", "isNewUser": "", "isProfileComplete": "", "memberships": [ { "isOwner": "", "roleKind": "", "serviceId": "", "serviceKind": "" } ], "pendingTasks": [ "" ], "refreshToken": "", "tokenType": "", "user": { "accountKind": "", "email": "", "emailConfirmed": "", "id": "", "role": "", "username": "" } } } ``` 401 Unauthorized: error #### Refresh access token `POST {baseUrl}/api/v1/auth/refresh` Body: ```json { "refreshToken": "" } ``` 200 OK: ```json { "data": { "accessToken": "", "availableShops": [ { "id": "", "isOwner": "", "name": "", "roleKind": "", "status": "", "logoUrl": "" } ], "expiresAt": "", "isNewUser": "", "isProfileComplete": "", "memberships": [ { "isOwner": "", "roleKind": "", "serviceId": "", "serviceKind": "" } ], "pendingTasks": [ "" ], "refreshToken": "", "tokenType": "", "user": { "accountKind": "", "email": "", "emailConfirmed": "", "id": "", "role": "", "username": "" } } } ``` 401 Unauthorized: error #### Current session context: identity, account kind, memberships, pending tasks `GET {baseUrl}/api/v1/auth/session` 200 OK: ```json { "data": { "availableShops": [ { "id": "", "isOwner": "", "name": "", "roleKind": "", "status": "", "logoUrl": "" } ], "memberships": [ { "isOwner": "", "roleKind": "", "serviceId": "", "serviceKind": "" } ], "pendingTasks": [ "" ], "user": { "accountKind": "", "email": "", "emailConfirmed": "", "id": "", "role": "", "username": "" } } } ``` 401 Unauthorized: error #### Account type (user/admin) and the caller's service memberships with lifecycle status `GET {baseUrl}/api/v1/auth/permissions` 200 OK: ```json { "data": { "accountType": "", "memberships": [ { "role": "", "serviceId": "", "serviceKind": "", "serviceName": "", "status": "", "email": "" } ] } } ``` 401 Unauthorized: error #### Sign out `POST {baseUrl}/api/v1/auth/sign-out` 204 No Content: (no body) #### Permanently delete the caller's account (consumer or admin). Frees the email to register again as the other account type. `DELETE {baseUrl}/api/v1/auth/account` 204 No Content: (no body) 401 Unauthorized: error #### Complete essential profile data after first sign-in `POST {baseUrl}/api/v1/auth/complete-profile` Body: ```json { "fullName": "" } ``` 200 OK: (no body) 400 Bad Request: error ## profile #### Get current user profile `GET {baseUrl}/api/v1/profile` Returns the authenticated normal user's profile fields from public.profiles. 200 OK: ```json { "data": { "id": "", "isDeveloper": "", "isEmailVerified": "", "isPhoneVerified": "", "avatarUrlLarge": "", "avatarUrlSmall": "", "dateOfBirth": "", "email": "", "firstName": "", "gender": "", "lastName": "", "phoneNumber": "", "updatedAt": "", "userSignupDate": "", "username": "" } } ``` 401 Unauthorized: error 403 Forbidden: error 404 Not Found: error ## shops #### Create a new shop `POST {baseUrl}/api/v1/shops` Body: ```json { "cartReservationHours": "", "currencyCode": "", "email": "", "name": "", "slug": "", "socialLinks": { "": "" }, "taxRate": "", "addressLine1": "", "addressLine2": "", "bannerUrl": "", "city": "", "countryCode": "", "description": "", "latitude": "", "logoUrl": "", "longitude": "", "phone": "", "postalCode": "", "stateProvince": "", "websiteUrl": "" } ``` 201 Created: ```json { "data": "" } ``` 400 Bad Request: error 409 Conflict: error #### Get shop by ID `GET {baseUrl}/api/v1/shops/:shopId` 200 OK: ```json { "data": { "cartReservationHours": "", "currencyCode": "", "email": "", "id": "", "isActive": "", "isVerified": "", "name": "", "slug": "", "socialLinks": { "": "" }, "status": "", "taxRate": "", "addressLine1": "", "addressLine2": "", "bannerUrl": "", "city": "", "countryCode": "", "description": "", "latitude": "", "logoUrl": "", "longitude": "", "phone": "", "postalCode": "", "stateProvince": "", "websiteUrl": "" } } ``` 404 Not Found: error #### Soft-delete shop `DELETE {baseUrl}/api/v1/shops/:shopId` 204 No Content: (no body) 403 Forbidden: error 404 Not Found: error #### Update shop fields `PATCH {baseUrl}/api/v1/shops/:shopId` Body: ```json { "addressLine1": "", "addressLine2": "", "bannerUrl": "", "cartReservationHours": "", "city": "", "countryCode": "", "currencyCode": "", "description": "", "email": "", "latitude": "", "logoUrl": "", "longitude": "", "name": "", "phone": "", "postalCode": "", "socialLinks": { "": "" }, "stateProvince": "", "taxRate": "", "websiteUrl": "" } ``` 200 OK: (no body) 403 Forbidden: error 404 Not Found: error #### Approve a pending shop `POST {baseUrl}/api/v1/shops/:shopId/approve` 200 OK: (no body) 403 Forbidden: error 404 Not Found: error #### Reject a pending shop `POST {baseUrl}/api/v1/shops/:shopId/reject` 200 OK: (no body) 403 Forbidden: error 404 Not Found: error #### List shop members `GET {baseUrl}/api/v1/shops/:shopId/members` 200 OK: ```json { "data": [ { "isOwner": "", "joinedAt": "", "roleKind": "", "status": "", "userId": "", "profileEmail": "", "username": "" } ] } ``` 404 Not Found: error #### Invite a member to the shop `POST {baseUrl}/api/v1/shops/:shopId/members/invite` Body: ```json { "email": "", "roleKind": "", "desiredUsername": "" } ``` 201 Created: ```json { "data": { "invitationId": "", "token": "" } } ``` 400 Bad Request: error #### Remove a member from the shop `DELETE {baseUrl}/api/v1/shops/:shopId/members/:targetUserId` 204 No Content: (no body) 403 Forbidden: error 404 Not Found: error #### List pending invitations for the shop `GET {baseUrl}/api/v1/shops/:shopId/invitations` 200 OK: ```json { "data": [ { "createdAt": "", "email": "", "expiresAt": "", "id": "", "invitedBy": "", "roleKind": "", "status": "", "desiredUsername": "" } ] } ``` 404 Not Found: error #### Revoke a shop invitation `DELETE {baseUrl}/api/v1/shops/invitations/:invitationId` 204 No Content: (no body) 403 Forbidden: error 404 Not Found: error #### Consume a shop invitation token `POST {baseUrl}/api/v1/shops/invitations/consume` Body: ```json { "token": "" } ``` 200 OK: (no body) 400 Bad Request: error 401 Unauthorized: error ## clinics #### Register a veterinary clinic (admin accounts only). Starts pending verification. `POST {baseUrl}/api/v1/clinics` Body: ```json { "appointmentDurationMinutes": "", "email": "", "emergencyAvailable": "", "name": "", "slug": "", "addressLine1": "", "addressLine2": "", "city": "", "countryCode": "", "description": "", "emergencyPhone": "", "latitude": "", "logoUrl": "", "longitude": "", "phone": "", "postalCode": "", "stateProvince": "", "websiteUrl": "" } ``` 201 Created: ```json { "data": "" } ``` 400 Bad Request: error 403 Forbidden: error 409 Conflict: error #### Get a clinic by id `GET {baseUrl}/api/v1/clinics/:clinicId` 200 OK: ```json { "data": { "appointmentDurationMinutes": "", "email": "", "emergencyAvailable": "", "id": "", "isActive": "", "isVerified": "", "name": "", "slug": "", "status": "", "addressLine1": "", "addressLine2": "", "city": "", "countryCode": "", "description": "", "emergencyPhone": "", "latitude": "", "logoUrl": "", "longitude": "", "phone": "", "postalCode": "", "stateProvince": "", "websiteUrl": "" } } ``` 404 Not Found: error #### Soft-delete a clinic (owner only) `DELETE {baseUrl}/api/v1/clinics/:clinicId` 204 No Content: (no body) 403 Forbidden: error 404 Not Found: error #### Update clinic fields (clinic members) `PATCH {baseUrl}/api/v1/clinics/:clinicId` Body: ```json { "addressLine1": "", "addressLine2": "", "appointmentDurationMinutes": "", "city": "", "countryCode": "", "description": "", "email": "", "emergencyAvailable": "", "emergencyPhone": "", "latitude": "", "logoUrl": "", "longitude": "", "name": "", "phone": "", "postalCode": "", "stateProvince": "", "websiteUrl": "" } ``` 200 OK: (no body) 403 Forbidden: error 404 Not Found: error #### Approve a pending clinic (platform superadmin only) `POST {baseUrl}/api/v1/clinics/:clinicId/approve` 200 OK: (no body) 403 Forbidden: error 404 Not Found: error #### Reject/suspend a clinic (platform superadmin only) `POST {baseUrl}/api/v1/clinics/:clinicId/reject` 200 OK: (no body) 403 Forbidden: error 404 Not Found: error #### List clinic members `GET {baseUrl}/api/v1/clinics/:clinicId/members` 200 OK: ```json { "data": [ { "isOwner": "", "joinedAt": "", "roleKind": "", "status": "", "userId": "", "email": "", "firstName": "", "lastName": "" } ] } ``` 404 Not Found: error #### Invite a member to the clinic (owner only) `POST {baseUrl}/api/v1/clinics/:clinicId/members/invite` Body: ```json { "email": "", "roleKind": "" } ``` 201 Created: ```json { "data": { "invitationId": "", "token": "" } } ``` 400 Bad Request: error 403 Forbidden: error #### Remove a member from the clinic (owner only) `DELETE {baseUrl}/api/v1/clinics/:clinicId/members/:targetUserId` 204 No Content: (no body) 403 Forbidden: error 404 Not Found: error #### List pending clinic invitations (owner only) `GET {baseUrl}/api/v1/clinics/:clinicId/invitations` 200 OK: ```json { "data": [ { "createdAt": "", "email": "", "expiresAt": "", "id": "", "invitedBy": "", "roleKind": "", "status": "" } ] } ``` 403 Forbidden: error #### Revoke a clinic invitation (owner only) `DELETE {baseUrl}/api/v1/clinics/invitations/:invitationId` 204 No Content: (no body) 403 Forbidden: error 404 Not Found: error #### Consume a clinic invitation token (admin accounts only) `POST {baseUrl}/api/v1/clinics/invitations/consume` Body: ```json { "token": "" } ``` 200 OK: (no body) 400 Bad Request: error 403 Forbidden: error ## admin #### Admin portal landing context: which portal(s) to open, the admin's name, and memberships `GET {baseUrl}/api/v1/admin/dashboard` 200 OK: ```json { "data": { "accountType": "", "memberships": [ { "role": "", "serviceId": "", "serviceKind": "", "serviceName": "", "status": "", "email": "" } ], "portals": [ "" ], "user": { "email": "", "firstName": "", "lastName": "" } } } ``` 403 Forbidden: error