API Overview
This section catalogs the public endpoints exposed by the Reformer Platform backend. Each entry includes method, path, purpose, required headers, sample requests, and expected responses.
Base URLs
| Environment | Base URL |
|---|---|
| Development | http://localhost:10000 |
| Production | https://reformer-platform.onrender.com |
All requests must include Content-Type: application/json and authentication headers where noted.
Core Endpoints
Onboarding v2
| Method | POST |
| Path | /api/onboarding-v2 |
| Purpose | Kick off full automation cascade for a new member/company. |
| Auth | x-api-key (internal service token) |
| Body |
{
"email": "client@example.com",
"companyName": "Client Co",
"companyUrl": "https://client.co",
"plan": "growth",
"metadata": {
"referrer": "landing-page"
}
}
| Success (200) | {"status":"ok","integrations":{"clickup":"success","dropbox":"success", ...}} |
| Failure (4xx/5xx) | Returns per-integration errors with context field. |
Checkout Session
| Method | POST |
| Path | /api/checkout/session |
| Purpose | Create a Stripe Checkout session for subscription onboarding. |
| Auth | None (public flow); anti-bot measures via captcha recommended. |
| Body | { "planId": "growth", "email": "client@example.com" } |
| Response | { "url": "https://checkout.stripe.com/..." } |
Health Checks
GET /healthz– Basic liveness.GET /status– Extended status including integration reachability.
Firecrawl Intelligence
| Method | GET |
| Path | /api/firecrawl/accounts/:accountId/summary |
| Purpose | Get Firecrawl intelligence summary (job stats, recent jobs, events, geo targets). |
| Auth | Internal (admin dashboard) |
| Response | {"success": true, "summary": {"stats": [...], "recentJobs": [...], "recentEvents": [...], "geoTargets": [...]}} |
| Method | POST |
| Path | /api/firecrawl/accounts/:accountId/refresh |
| Purpose | Trigger Firecrawl refresh with industry/location context. |
| Auth | Internal (admin dashboard) |
| Body | {"url": "https://example.com", "industry": "fitness", "city": "Los Angeles", "region": "CA"} |
Authentication
| Method | Path | Purpose |
|---|---|---|
POST | /api/auth/signup | Create new user account |
POST | /api/auth/login | Authenticate user |
POST | /api/auth/forgot-password | Request password reset email |
POST | /api/auth/reset-password | Reset password with recovery token |
POST | /api/verify-email | Verify email token |
See Authentication Endpoints for detailed documentation.
Webhooks
| Path | Source | Purpose |
|---|---|---|
POST /webhooks/memberstack/:secret | Memberstack | Sync member signups/updates into Supabase and orchestrator. |
POST /webhooks/stripe | Stripe | Handle subscription events (checkout.session.completed, invoice.paid). |
POST /webhooks/cal/:secret | Cal.com | Booking notifications to create ClickUp tasks + Slack alerts. |
Environment Variables Used
See reformer-platform/ENV-TEMPLATE.md for the complete list. Critical keys:
CLICKUP_*for task automationSLACK_WEBHOOK_URLfor notificationsRESEND_API_KEYfor email sending (primary email service)DROPBOX_ACCESS_TOKENfor folder provisioningCURSOR_API_KEYfor Cloud Agent automation- MCP Servers: See MCP Servers documentation for configuration
Testing
- cURL examples stored in
docs/api/examples/(to be populated). - Automated tests run via
npm run test:apiandnpm run test:e2e. - Sample Postman/Insomnia collections exported to
/docs/api/collections/(if used).***