01
Introduction
Getting started with the Plantyic API

The Plantyic API is organized around REST. All requests should be made to the base URL using application/json content type.

Format
JSON only
Auth Method
Bearer Token
API Version
v1.0.0
HTTPS
Required

User Roles

Super Admin Admin Staff Vendor Customer
02
Authentication
How to authenticate your requests

Plantyic uses Bearer token authentication. After logging in, include the token in the Authorization header for all protected routes.

HTTP Header 
Authorization: Bearer YOUR_TOKEN_HERE
Content-Type: application/json
Accept: application/json
03
Register
Create a new user account
POST /api/auth/register Create account
Body Parameters
Field Type Status Description
name string required User's full name
email string required Valid email address
password string required Min 8 characters
password_confirmation string required Must match password
04
Login
Authenticate and get your Bearer token
POST /api/auth/login Get token
Body Parameters
Field Type Status Description
email string required Registered email
password string required Account password
Can be used by any role
Super Admin Admin Staff Vendor Customer
05
Logout
Invalidate the current Bearer token
🔐 Requires a valid Bearer token in the Authorization header.
POST /api/auth/logout Revoke token
cURL
curl --request POST \
  --url https://yourapp.com/api/auth/logout \
  --header 'Authorization: Bearer YOUR_TOKEN' \
  --header 'Content-Type: application/json'
Response 200
{
  "status": "success",
  "message": "Logged out successfully"
}
06
Profile
Get the authenticated user's profile
🔐 Requires a valid Bearer token in the Authorization header.
GET /api/auth/profile Get user data
cURL
curl --request GET \
  --url https://yourapp.com/api/auth/profile \
  --header 'Authorization: Bearer YOUR_TOKEN'
Response 200
{
  "status": "success",
  "data": {
    "id": 1,
    "name": "John Doe",
    "email": "john@example.com",
    "role": "customer",
    "email_verified_at": "2024-01-01T00:00:00Z",
    "created_at": "2024-01-01T00:00:00Z"
  }
}
07
Forgot Password
Send a password reset link to email
POST /api/auth/forgot-password Send reset link
Body Parameters
Field Type Status Description
email string required Registered email address
08
Reset Password
Reset password using the token from email
POST /api/auth/reset-password Set new password
Body Parameters
Field Type Status Description
token string required Reset token from email
email string required User's email address
password string required New password (min 8 chars)
password_confirmation string required Must match password
09
Verify Email
Verify the user's email address
POST /api/auth/verify-email Confirm email
Body Parameters
Field Type Status Description
token string required Verification token from email
email string required User's email address
10
User Management
Admin panel — requires Super Admin role
🛡️ These endpoints require Super Admin role and a valid Bearer token.
GET /api/admin/users List all users
Query Parameters
Field Type Status Description
page integer optional Page number (default: 1)
per_page integer optional Results per page (default: 15)
role string optional Filter by role
GET /api/admin/users/{id} Get single user
URL Parameters
Field Type Status Description
id integer required User ID
DELETE /api/admin/users/{id} Delete user
URL Parameters
Field Type Status Description
id integer required User ID to delete
11
Vendor Status
Approve or reject vendor accounts
🛡️ Requires Super Admin role and Bearer token.
PUT /api/admin/vendors/{id}/status Update status
Body Parameters
Field Type Status Description
status string required approved, rejected, or pending
reason string optional Reason for rejection
cURL
curl --request PUT \
  --url https://yourapp.com/api/admin/vendors/5/status \
  --header 'Authorization: Bearer YOUR_TOKEN' \
  --header 'Content-Type: application/json' \
  --data '{
  "status": "approved"
}'