Expanse API
Sign up

Dual-auth routes on panel.expanse.host — Clerk session or sk_ Bearer key. Use the sidebar or search to jump; the right panel follows your scroll.

Panel HTTP API (dual authentication)

This document describes only the HTTP routes that were migrated to dual authentication in the API-first implementation: panel API keys (sk_…) or a normal Clerk session behave the same on these paths. It does not describe the rest of the /api/* surface.

In scope (dual-auth routes)

The following path prefixes accept either a Clerk session (browser cookies) or Authorization: Bearer sk_… using a key from Settings → API keys in CorePanel:

PrefixNotes
/api/servicesServices CRUD and related operations.
/api/teamsTeam membership, SSH keys, transfers, monitoring, database catalog/instances, etc.
/api/teams/.../backup/...Backup subpaths under teams use backup scopes (backups.read / backups.write) instead of teams.* alone.
/api/zonesDNS zones and records.
/api/domainsDomain registration and contacts.
/api/billingBilling, invoices, top-up, portal, etc. Except /api/billing/config (see below).
/api/ticketsSupport tickets and messages.

Keys are created in the UI (Settings → API keys). Key lifecycle is not exposed on the dual-auth surface documented here.

Out of scope (not covered here)

Do not treat the following as part of this dual-auth, API-key integration contract. They may use different auth, internal-only access, or no sk_ support:

  • /api/admin/*
  • /api/cron/*
  • /api/webhooks/*
  • /api/ingest/*
  • /api/settings/api-keys

Other /api/* routes not listed under In scope are also outside this document unless and until they are added to the dual-auth migration.

Authentication

  • Send Authorization: Bearer <token> where <token> is the full sk_… secret shown once at creation.
  • Expired key: 401 with JSON { "error": "API key expired" }.
  • Invalid / revoked key: 401 with a generic error string (do not rely on wording for automation).
  • IP whitelist: If the key has a non-empty ipWhitelist, the request client IP must match an entry or the key is rejected (401, generic message or IP-specific per implementation).

Permission scopes

Keys may carry an optional list of scopes (permissions). An empty permission list on a key means full access (legacy behavior).

When scopes are set, required scopes follow src/lib/api-route-permissions.ts (read vs write by HTTP method and path prefix):

PrefixGET / HEADMutating methods
/api/servicesservices.readservices.write
/api/zonesdns.readdns.write
/api/domainsdomains.readdomains.write
/api/billing (except /api/billing/config)billing.readbilling.write
/api/ticketstickets.readtickets.write
/api/teamsteams.read / backups.read when the path includes /backupteams.write / backups.write when the path includes /backup

Missing scope: 403 with { "error": "Insufficient API key permissions" }.

Rate limits

API key traffic on the dual-auth routes above is rate-limited per key id (see RATE_LIMITS.dashboardApiKey in src/lib/rate-limit.ts).

Public exception (billing)

  • GET /api/billing/config (exact path) remains unauthenticated for marketing / calculator use and does not require scopes.
  • All other /api/billing/* routes require authentication as in In scope.

Per-endpoint route catalog

Every dual-auth route.ts under src/app/api/{services,teams,zones,domains,billing,tickets} is listed in the per-endpoint route catalog on this page with exact URL, HTTP method, description (from route comments), query parameters (searchParams), request body Zod fields where detected, and an example success response extracted from return NextResponse.json(…) in the handler. The same catalog lives in the panel repo as docs/developer-api-routes.md (regenerate with node scripts/generate-dual-auth-route-docs.mjs).

Phase 2

A machine-readable OpenAPI artifact for the dual-auth subset is planned as a follow-up.

Route catalog

Services

https://panel.expanse.host/api/services/{id}/agent-token

Source: src/app/api/services/[id]/agent-token/route.ts

HTTP: GET, POST, DELETE

Description:

  • Agent token management for VPS metrics
  • GET: status, POST: create, DELETE: revoke

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

DELETE

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/services/{id}/alert-rules/{ruleId}

Source: src/app/api/services/[id]/alert-rules/[ruleId]/route.ts

HTTP: PATCH, DELETE

Description:

  • PATCH/DELETE /api/services/[id]/alert-rules/[ruleId]

Request body (Zod):

  • PatchSchema

    • enabled
    • threshold
    • durationMinutes
    • severity

PATCH

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

DELETE

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/services/{id}/alert-rules

Source: src/app/api/services/[id]/alert-rules/route.ts

HTTP: GET, POST

Description:

  • GET/POST /api/services/[id]/alert-rules - CRUD alert rules for game server

Request body (Zod):

  • CreateRuleSchema

    • metricType
    • operator
    • threshold
    • durationMinutes
    • severity

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/services/{id}/bare-metal/console

Source: src/app/api/services/[id]/bare-metal/console/route.ts

HTTP: POST

Description:

  • POST /api/services/[id]/bare-metal/console — Tenantos NoVNC session (authorizedIp = client)

Request body (Zod):

  • BodySchema

    • consoleMode

POST

Typical error shape:

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/services/{id}/bare-metal/notes

Source: src/app/api/services/[id]/bare-metal/notes/route.ts

HTTP: GET, PATCH

Description:

  • GET /api/services/[id]/bare-metal/notes — fetch notes
  • PATCH /api/services/[id]/bare-metal/notes — save notes

Request body (Zod):

  • PatchSchema

    • notes

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

PATCH

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/services/{id}/bare-metal/power

Source: src/app/api/services/[id]/bare-metal/power/route.ts

HTTP: POST

Description:

  • POST /api/services/[id]/bare-metal/power

Request body (Zod):

  • BodySchema

    • action

POST

Typical error shape:

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/services/{id}/bare-metal/reinstall

Source: src/app/api/services/[id]/bare-metal/reinstall/route.ts

HTTP: POST

Description:

  • POST /api/services/[id]/bare-metal/reinstall — Tenantos startReinstallation (owner/admin only)

Request body (Zod):

  • BodySchema

    • profileId
    • disklayoutId
    • rootpassword
    • runScripts
    • userprovidedDiskLayout
    • hostname
    • sshkeys
    • configure_all_ipvfour
    • configure_all_ipvsix
    • installPowerAction

POST

Typical error shape:

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/services/{id}/bare-metal/rescue

Source: src/app/api/services/[id]/bare-metal/rescue/route.ts

HTTP: POST

Description:

  • POST /api/services/[id]/bare-metal/rescue
  • Boots a rescue system via Tenantos startReinstallation with a rescue profile.
  • No user-supplied password — a random throwaway string is generated server-side.

Request body (Zod):

  • BodySchema

    • profileId
    • message

POST

Typical error shape:

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/services/{id}/bare-metal

Source: src/app/api/services/[id]/bare-metal/route.ts

HTTP: GET

Description:

  • GET /api/services/[id]/bare-metal — panel service + Tenantos server (when linked)

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/services/{id}/bare-metal/stats

Source: src/app/api/services/[id]/bare-metal/stats/route.ts

HTTP: POST

Description:

  • POST /api/services/[id]/bare-metal/stats — proxy to Tenantos stats endpoints

Request body (Zod):

  • BodySchema

    • category
    • mode
    • payload

POST

Typical error shape:

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/services/{id}/billing-period

Source: src/app/api/services/[id]/billing-period/route.ts

HTTP: PATCH

Description:

  • PATCH /api/services/[id]/billing-period
  • Change the billing period for a game server subscription.
  • New period takes effect at next renewal — no immediate charge.

Request body (Zod):

  • RequestSchema

    • billingPeriod

PATCH

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/services/{id}/cancel

Source: src/app/api/services/[id]/cancel/route.ts

HTTP: POST

Description:

  • POST /api/services/[id]/cancel - User-initiated service cancellation
  • Options: immediately (soft delete now, terminate 48h later) or end_of_billing_period

Request body (Zod):

  • BodySchema

    • when
    • cancellationReason

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/services/{id}/change-plan

Source: src/app/api/services/[id]/change-plan/route.ts

HTTP: POST

Description:

  • POST /api/services/[id]/change-plan
  • Upgrade or downgrade a game server plan in-place via Pterodactyl /build endpoint.
  • No data loss — only resource limits are updated.

Request body (Zod):

  • RequestSchema

    • newPlanId
    • optionChoices
    • downgradeMode

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/services/{id}/fired-alerts

Source: src/app/api/services/[id]/fired-alerts/route.ts

HTTP: GET

Description:

  • GET /api/services/[id]/fired-alerts - List fired alerts for a service

Query parameters:

  • limit (string) — required or optional per handler validation

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/services/{id}/hide-from-list

Source: src/app/api/services/[id]/hide-from-list/route.ts

HTTP: POST

Description:

  • POST /api/services/[id]/hide-from-list — hide a finished team service from customer lists (config flag only).

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/services/{id}/metrics

Source: src/app/api/services/[id]/metrics/route.ts

HTTP: GET, DELETE

Description:

  • GET /api/services/[id]/metrics - Fetch VPS or game server metrics for charts

Query parameters:

  • range (string) — required or optional per handler validation
  • metric (string) — required or optional per handler validation

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

DELETE

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/services/{id}/retry-provisioning

Source: src/app/api/services/[id]/retry-provisioning/route.ts

HTTP: POST

Description:

  • POST /api/services/[id]/retry-provisioning - Retry failed domain provisioning (user)

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/services/{id}/withdraw-cancellation

Source: src/app/api/services/[id]/withdraw-cancellation/route.ts

HTTP: POST

Description:

  • POST /api/services/[id]/withdraw-cancellation - User withdraws end-of-period cancellation

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/services

Source: src/app/api/services/route.ts

HTTP: GET

Description:

  • GET /api/services - List team services

Query parameters:

  • team_id (string) — required or optional per handler validation
  • service_type (string) — required or optional per handler validation

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

JSON: an object with key "services" whose value is built by the handler (Prisma / service layer). Keys on each element match your schema version.

Backups

https://panel.expanse.host/api/teams/{teamId}/backup/agent-token

Source: src/app/api/teams/[teamId]/backup/agent-token/route.ts

HTTP: POST, DELETE

Description:

  • POST: rotate expbak_ token | DELETE: revoke (team backup must be configured)

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

DELETE

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/teams/{teamId}/backup/clusters

Source: src/app/api/teams/[teamId]/backup/clusters/route.ts

HTTP: GET

Description:

  • GET /api/teams/[teamId]/backup/clusters — active regions for provision form (platform admin)

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

JSON: an object with key "clusters" whose value is built by the handler (Prisma / service layer). Keys on each element match your schema version.

https://panel.expanse.host/api/teams/{teamId}/backup/provision

Source: src/app/api/teams/[teamId]/backup/provision/route.ts

HTTP: POST

Description:

  • POST /api/teams/[teamId]/backup/provision — Kopia user + team-scoped repo (platform admin)

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/teams/{teamId}/backup

Source: src/app/api/teams/[teamId]/backup/route.ts

HTTP: GET, DELETE

Description:

  • GET /api/teams/[teamId]/backup — team managed backup summary (platform admin only)
  • DELETE — remove team backup row + snapshots/jobs; best-effort Kopia server user delete (SSH)

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

DELETE

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/teams/{teamId}/backup/snapshots

Source: src/app/api/teams/[teamId]/backup/snapshots/route.ts

HTTP: GET

Description:

  • GET /api/teams/[teamId]/backup/snapshots — Kopia list + DB rows (platform admin)

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/teams/{teamId}/backup/sync

Source: src/app/api/teams/[teamId]/backup/sync/route.ts

HTTP: POST

Description:

  • POST /api/teams/[teamId]/backup/sync — upsert backup_snapshots from Kopia (platform admin)

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/teams/{teamId}/backup/trigger

Source: src/app/api/teams/[teamId]/backup/trigger/route.ts

HTTP: POST

Description:

  • POST /api/teams/[teamId]/backup/trigger — Kopia snapshot for panel-stored paths (platform admin; legacy)

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

Teams

https://panel.expanse.host/api/teams/{teamId}/database/catalog

Source: src/app/api/teams/[teamId]/database/catalog/route.ts

HTTP: GET

Description:

  • GET /api/teams/[teamId]/database/catalog — enabled plans, PG versions, regions (for create-database UI)

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/teams/{teamId}/database/instances/{instanceId}/metrics

Source: src/app/api/teams/[teamId]/database/instances/[instanceId]/metrics/route.ts

HTTP: GET

GET

See handler for response shape.

https://panel.expanse.host/api/teams/{teamId}/database/instances/{instanceId}/restart

Source: src/app/api/teams/[teamId]/database/instances/[instanceId]/restart/route.ts

HTTP: POST

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/teams/{teamId}/database/instances/{instanceId}/reveal-connection

Source: src/app/api/teams/[teamId]/database/instances/[instanceId]/reveal-connection/route.ts

HTTP: POST

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

JSON: an object with key "connectionString" whose value is built by the handler (Prisma / service layer). Keys on each element match your schema version.

https://panel.expanse.host/api/teams/{teamId}/database/instances/{instanceId}

Source: src/app/api/teams/[teamId]/database/instances/[instanceId]/route.ts

HTTP: GET, DELETE

Description:

  • GET — instance detail (masked connection string)
  • DELETE — deprovision (owner/admin)

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

DELETE

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/teams/{teamId}/database/instances/{instanceId}/stats

Source: src/app/api/teams/[teamId]/database/instances/[instanceId]/stats/route.ts

HTTP: GET

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/teams/{teamId}/database/instances/{instanceId}/version

Source: src/app/api/teams/[teamId]/database/instances/[instanceId]/version/route.ts

HTTP: GET

GET

See handler for response shape.

https://panel.expanse.host/api/teams/{teamId}/database/instances

Source: src/app/api/teams/[teamId]/database/instances/route.ts

HTTP: GET, POST

Description:

  • GET /api/teams/[teamId]/database/instances — list team instances (masked connection strings)
  • POST /api/teams/[teamId]/database/instances — provision (owner/admin)

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/teams/{teamId}/members/{memberId}

Source: src/app/api/teams/[teamId]/members/[memberId]/route.ts

HTTP: PATCH, DELETE

Request body (Zod):

  • PatchMemberSchema

    • role

PATCH

See handler for response shape.

DELETE

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/teams/{teamId}/members

Source: src/app/api/teams/[teamId]/members/route.ts

HTTP: POST

Request body (Zod):

  • AddMemberSchema

    • email
    • role

POST

See handler for response shape.

https://panel.expanse.host/api/teams/{teamId}/monitoring-settings

Source: src/app/api/teams/[teamId]/monitoring-settings/route.ts

HTTP: GET, PATCH

Description:

  • GET/PATCH /api/teams/[teamId]/monitoring-settings - Notification profile and channel config

Request body (Zod):

  • PatchSchema

    • profileName
    • discordWebhookUrl
    • genericWebhookUrl

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

PATCH

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/teams/{teamId}

Source: src/app/api/teams/[teamId]/route.ts

HTTP: GET, POST, PATCH, DELETE

Query parameters:

  • section (string) — required or optional per handler validation

Request body (Zod):

  • PatchTeamSchema

    • name
    • billingEmail
    • companyName
    • billingStreet
    • billingCity
    • billingState
    • billingPostal
    • billingCountry
    • vatNumber

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

PATCH

See handler for response shape.

DELETE

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/teams/{teamId}/ssh-keys/{keyId}

Source: src/app/api/teams/[teamId]/ssh-keys/[keyId]/route.ts

HTTP: PATCH, DELETE

Description:

  • PATCH/DELETE /api/teams/[teamId]/ssh-keys/[keyId]

PATCH

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

DELETE

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/teams/{teamId}/ssh-keys

Source: src/app/api/teams/[teamId]/ssh-keys/route.ts

HTTP: GET, POST

Description:

  • GET/POST /api/teams/[teamId]/ssh-keys — team SSH public keys (provider-agnostic)
  • Keys are stored in the panel DB first. VirtFusion registration is deferred to
  • provisioning time (lazy) so this section works independently of any provider.

Request body (Zod):

  • PostSchema

    • name
    • publicKey
    • isDefault

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/teams/{teamId}/transfer

Source: src/app/api/teams/[teamId]/transfer/route.ts

HTTP: POST

Request body (Zod):

  • TransferSchema

    • newOwnerId

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/teams

Source: src/app/api/teams/route.ts

HTTP: GET, POST

GET

See handler for response shape.

POST

See handler for response shape.

DNS Zones

https://panel.expanse.host/api/zones/{zoneId}/delegation

Source: src/app/api/zones/[zoneId]/delegation/route.ts

HTTP: POST

Description:

  • POST /api/zones/[zoneId]/delegation - Check delegation and update zone status

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/zones/{zoneId}/dnssec

Source: src/app/api/zones/[zoneId]/dnssec/route.ts

HTTP: GET, POST

Description:

  • GET /api/zones/[zoneId]/dnssec - Get DNSSEC status
  • POST /api/zones/[zoneId]/dnssec - Enable/disable DNSSEC

Request body (Zod):

  • PatchDNSSECSchema

    • enabled

GET

See handler for response shape.

POST

See handler for response shape.

https://panel.expanse.host/api/zones/{zoneId}/export

Source: src/app/api/zones/[zoneId]/export/route.ts

HTTP: GET

Description:

  • GET /api/zones/[zoneId]/export?format=json|csv|bind - Export zone

Query parameters:

  • format (string) — required or optional per handler validation

GET

See handler for response shape.

https://panel.expanse.host/api/zones/{zoneId}/health-checks/{healthCheckId}

Source: src/app/api/zones/[zoneId]/health-checks/[healthCheckId]/route.ts

HTTP: GET, PATCH, DELETE

Description:

  • GET/PATCH/DELETE /api/zones/[zoneId]/health-checks/[healthCheckId]

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

PATCH

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

DELETE

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/zones/{zoneId}/health-checks

Source: src/app/api/zones/[zoneId]/health-checks/route.ts

HTTP: GET, POST

Description:

  • GET/POST /api/zones/[zoneId]/health-checks

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/zones/{zoneId}/history/{historyId}/rollback

Source: src/app/api/zones/[zoneId]/history/[historyId]/rollback/route.ts

HTTP: POST

Description:

  • POST /api/zones/[zoneId]/history/[historyId]/rollback - Rollback a change

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/zones/{zoneId}/history

Source: src/app/api/zones/[zoneId]/history/route.ts

HTTP: GET

Description:

  • GET /api/zones/[zoneId]/history - List change history

Query parameters:

  • limit (string) — required or optional per handler validation

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

JSON: an object with key "history" whose value is built by the handler (Prisma / service layer). Keys on each element match your schema version.

https://panel.expanse.host/api/zones/{zoneId}/import

Source: src/app/api/zones/[zoneId]/import/route.ts

HTTP: POST

Description:

  • POST /api/zones/[zoneId]/import - Import records (format, content, dryRun?)

Request body (Zod):

  • ImportSchema

    • format
    • content
    • dryRun

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/zones/{zoneId}/records/bulk-delete

Source: src/app/api/zones/[zoneId]/records/bulk-delete/route.ts

HTTP: POST

Description:

  • POST /api/zones/[zoneId]/records/bulk-delete - Delete multiple records

Request body (Zod):

  • BulkDeleteSchema

    • records
    • name
    • type

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/zones/{zoneId}/records/lock

Source: src/app/api/zones/[zoneId]/records/lock/route.ts

HTTP: GET, POST, DELETE

Description:

  • GET /api/zones/[zoneId]/records/lock - List locked records
  • POST /api/zones/[zoneId]/records/lock - Lock a record
  • DELETE /api/zones/[zoneId]/records/lock - Unlock (?name=...&type=...)

Query parameters:

  • name (string) — required or optional per handler validation
  • type (string) — required or optional per handler validation

Request body (Zod):

  • LockSchema

    • recordName
    • recordType
    • reason

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

DELETE

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/zones/{zoneId}/records/propagation

Source: src/app/api/zones/[zoneId]/records/propagation/route.ts

HTTP: GET

Description:

  • GET /api/zones/[zoneId]/records/propagation?name=&type=&expectedContent=

Query parameters:

  • name (string) — required or optional per handler validation
  • type (string) — required or optional per handler validation
  • expectedContent (string) — required or optional per handler validation

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/zones/{zoneId}/records/proxy

Source: src/app/api/zones/[zoneId]/records/proxy/route.ts

HTTP: POST, DELETE

Description:

  • POST /api/zones/[zoneId]/records/proxy - Enable proxy
  • DELETE /api/zones/[zoneId]/records/proxy - Disable proxy (?name=&type=)

Query parameters:

  • name (string) — required or optional per handler validation
  • type (string) — required or optional per handler validation

Request body (Zod):

  • EnableProxySchema

    • recordName
    • recordType
    • originContent
    • originPort
    • originScheme

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

DELETE

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/zones/{zoneId}/records

Source: src/app/api/zones/[zoneId]/records/route.ts

HTTP: GET, POST, PATCH, DELETE

Description:

  • GET /api/zones/[zoneId]/records - List records
  • POST /api/zones/[zoneId]/records - Add record
  • PATCH /api/zones/[zoneId]/records - Update record
  • DELETE /api/zones/[zoneId]/records - Delete record (?name=...&type=...)

Query parameters:

  • name (string) — required or optional per handler validation
  • type (string) — required or optional per handler validation

Request body (Zod):

  • AddRecordSchema

    • name
    • type
    • content
    • ttl
  • UpdateRecordSchema

    • name
    • type
    • ttl
    • content

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

JSON: an object with key "record" whose value is built by the handler (Prisma / service layer). Keys on each element match your schema version.

PATCH

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

JSON: an object with key "record" whose value is built by the handler (Prisma / service layer). Keys on each element match your schema version.

DELETE

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/zones/{zoneId}

Source: src/app/api/zones/[zoneId]/route.ts

HTTP: GET, PATCH, DELETE

Description:

  • GET /api/zones/[zoneId] - Get zone detail
  • PATCH /api/zones/[zoneId] - Update zone (expiresAt)
  • DELETE /api/zones/[zoneId] - Delete zone (owner only for external; team member for all)

Request body (Zod):

  • PatchZoneSchema

    • expires_at

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

PATCH

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

DELETE

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/zones

Source: src/app/api/zones/route.ts

HTTP: GET, POST

Description:

  • GET /api/zones?team_id=xxx - List team's zones
  • POST /api/zones - Create zone (add external zone)

Query parameters:

  • team_id (string) — required or optional per handler validation

Request body (Zod):

  • CreateZoneSchema

    • team_id
    • zone_name
    • records
    • name
    • type
    • ttl
    • content

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/zones/scan

Source: src/app/api/zones/scan/route.ts

HTTP: POST

Description:

  • POST /api/zones/scan - Scan domain for existing records (before create)

Request body (Zod):

  • ScanSchema

    • domain

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

Domains

https://panel.expanse.host/api/domains/{id}/authcode/reset

Source: src/app/api/domains/[id]/authcode/reset/route.ts

HTTP: POST

Description:

  • POST /api/domains/[id]/authcode/reset - Reset auth code

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

JSON: an object with key "authCode" whose value is built by the handler (Prisma / service layer). Keys on each element match your schema version.

https://panel.expanse.host/api/domains/{id}/authcode

Source: src/app/api/domains/[id]/authcode/route.ts

HTTP: GET

Description:

  • GET /api/domains/[id]/authcode - Get auth code (EPP code)

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

JSON: an object with key "authCode" whose value is built by the handler (Prisma / service layer). Keys on each element match your schema version.

https://panel.expanse.host/api/domains/{id}

Source: src/app/api/domains/[id]/route.ts

HTTP: GET, PATCH

Description:

  • GET /api/domains/[id] - Get domain detail (service + OpenProvider data)
  • PATCH /api/domains/[id] - Update domain (nameservers, lock, autorenew)

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

PATCH

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/domains/check-availability

Source: src/app/api/domains/check-availability/route.ts

HTTP: GET

Description:

  • GET /api/domains/check-availability?domain=example.com

Query parameters:

  • domain (string) — required or optional per handler validation

GET

See handler for response shape.

https://panel.expanse.host/api/domains/contacts/{id}

Source: src/app/api/domains/contacts/[id]/route.ts

HTTP: GET, PATCH, DELETE

Description:

  • GET /api/domains/contacts/[id] - Get contact
  • PATCH /api/domains/contacts/[id] - Update contact
  • DELETE /api/domains/contacts/[id] - Delete contact

Request body (Zod):

  • UpdateContactSchema

    • firstName
    • lastName
    • email
    • phone
    • address
    • city
    • stateProvince
    • postalCode
    • country
    • companyName

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

JSON: an object with key "contact" whose value is built by the handler (Prisma / service layer). Keys on each element match your schema version.

PATCH

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

DELETE

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/domains/contacts/{id}/validate

Source: src/app/api/domains/contacts/[id]/validate/route.ts

HTTP: POST

Description:

  • POST /api/domains/contacts/[id]/validate - Validate contact, optionally create in OpenProvider

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/domains/contacts

Source: src/app/api/domains/contacts/route.ts

HTTP: GET, POST

Description:

  • GET /api/domains/contacts?team_id=xxx - List team contacts
  • POST /api/domains/contacts - Create contact

Query parameters:

  • team_id (string) — required or optional per handler validation

Request body (Zod):

  • CreateContactSchema

    • team_id
    • firstName
    • lastName
    • email
    • phone
    • address
    • city
    • stateProvince
    • postalCode
    • country
    • companyName

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

JSON: an object with key "contacts" whose value is built by the handler (Prisma / service layer). Keys on each element match your schema version.

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

JSON: an object with key "contact" whose value is built by the handler (Prisma / service layer). Keys on each element match your schema version.

https://panel.expanse.host/api/domains/price

Source: src/app/api/domains/price/route.ts

HTTP: GET

Description:

  • GET /api/domains/price?domain=example.com - Fetch domain pricing with markup

Query parameters:

  • domain (string) — required or optional per handler validation

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/domains

Source: src/app/api/domains/route.ts

HTTP: GET

Description:

  • GET /api/domains?team_id=xxx - List team's domains (zones + domain services)
  • Unified list: zones (registered + external) + domain services without zones (e.g. failed provision)

Query parameters:

  • team_id (string) — required or optional per handler validation

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

JSON: an object with key "domains" whose value is built by the handler (Prisma / service layer). Keys on each element match your schema version.

Billing

https://panel.expanse.host/api/billing/auto-topup

Source: src/app/api/billing/auto-topup/route.ts

HTTP: PATCH

Description:

  • PATCH /api/billing/auto-topup - Update team auto-topup settings

Request body (Zod):

  • AutoTopupSchema

    • team_id
    • enabled
    • threshold
    • amount
    • autoPayInvoices

PATCH

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/billing/checkout-settings

Source: src/app/api/billing/checkout-settings/route.ts

HTTP: GET

Description:

  • GET /api/billing/checkout-settings - Tax and gateway fee settings for order breakdown display
  • Requires auth. Returns settings needed to compute tax and payment gateway fees.

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/billing/config

Source: src/app/api/billing/config/route.ts

HTTP: GET

Description:

  • GET /api/billing/config - Billing config (topup amounts, limits)
  • Configurable via env: TOPUP_AMOUNTS="10,25,50,100,250"

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/billing/invoices/{id}/checkout-stripe

Source: src/app/api/billing/invoices/[id]/checkout-stripe/route.ts

HTTP: POST

Description:

  • POST /api/billing/invoices/[id]/checkout-stripe — Stripe Checkout for invoice balance

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/billing/invoices/{id}/checkout-tebex

Source: src/app/api/billing/invoices/[id]/checkout-tebex/route.ts

HTTP: POST

Description:

  • POST /api/billing/invoices/[id]/checkout-tebex — Tebex Checkout for invoice balance

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/billing/invoices/{id}/download

Source: src/app/api/billing/invoices/[id]/download/route.ts

HTTP: GET

Description:

  • GET /api/billing/invoices/[id]/download - Download invoice as PDF (print-optimized HTML)

GET

See handler for response shape.

https://panel.expanse.host/api/billing/invoices/{id}/pay

Source: src/app/api/billing/invoices/[id]/pay/route.ts

HTTP: POST

Description:

  • POST /api/billing/invoices/[id]/pay - Pay invoice with team balance

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/billing/invoices/{id}

Source: src/app/api/billing/invoices/[id]/route.ts

HTTP: GET

Description:

  • GET /api/billing/invoices/[id] - Get single invoice (for viewing)

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

JSON: an object with key "invoice" whose value is built by the handler (Prisma / service layer). Keys on each element match your schema version.

https://panel.expanse.host/api/billing/invoices/{id}/sync-tebex

Source: src/app/api/billing/invoices/[id]/sync-tebex/route.ts

HTTP: POST

Description:

  • POST /api/billing/invoices/[id]/sync-tebex — Complete invoice from Tebex basket after return (webhook fallback)

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/billing/invoices

Source: src/app/api/billing/invoices/route.ts

HTTP: GET

Description:

  • GET /api/billing/invoices - List team invoices (filterable by status)

Query parameters:

  • team_id (string) — required or optional per handler validation
  • status (string) — required or optional per handler validation

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

JSON: an object with key "invoices" whose value is built by the handler (Prisma / service layer). Keys on each element match your schema version.

https://panel.expanse.host/api/billing/invoices/sync-stripe

Source: src/app/api/billing/invoices/sync-stripe/route.ts

HTTP: POST

Description:

  • POST /api/billing/invoices/sync-stripe — Apply invoice payment from Stripe session (webhook fallback)

Request body (Zod):

  • BodySchema

    • session_id

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/billing/portal

Source: src/app/api/billing/portal/route.ts

HTTP: GET

Description:

  • GET /api/billing/portal - Redirect to Stripe Customer Portal

Query parameters:

  • team_id (string) — required or optional per handler validation

GET

See handler for response shape.

https://panel.expanse.host/api/billing/summary

Source: src/app/api/billing/summary/route.ts

HTTP: GET

Description:

  • GET /api/billing/summary - Team billing summary (balance, unpaid, dues)

Query parameters:

  • team_id (string) — required or optional per handler validation

GET

See handler for response shape.

https://panel.expanse.host/api/billing/topup

Source: src/app/api/billing/topup/route.ts

HTTP: POST

Description:

  • POST /api/billing/topup - Create Stripe checkout for balance topup

Request body (Zod):

  • TopupSchema

    • team_id
    • amount

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/billing/topup/sync

Source: src/app/api/billing/topup/sync/route.ts

HTTP: POST

Description:

  • POST /api/billing/topup/sync - Sync topup from Stripe (fallback when webhook delayed/missed)

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/billing/topup/tebex

Source: src/app/api/billing/topup/tebex/route.ts

HTTP: POST

Description:

  • POST /api/billing/topup/tebex — Create Tebex basket for balance top-up (one-time payment)

Request body (Zod):

  • TopupSchema

    • team_id
    • amount

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/billing/transactions

Source: src/app/api/billing/transactions/route.ts

HTTP: GET

Description:

  • GET /api/billing/transactions - List team transaction history (topups + invoice payments)

Query parameters:

  • team_id (string) — required or optional per handler validation
  • limit (string) — required or optional per handler validation

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

JSON: an object with key "transactions" whose value is built by the handler (Prisma / service layer). Keys on each element match your schema version.

Tickets

https://panel.expanse.host/api/tickets/{id}/credentials/{credId}/reveal

Source: src/app/api/tickets/[id]/credentials/[credId]/reveal/route.ts

HTTP: POST

Description:

  • POST /api/tickets/[id]/credentials/[credId]/reveal
  • Return the plaintext value of a stored ticket credential.
  • Authorization:
    • Caller must be authenticated (Clerk).
    • For sensitive credentials: caller must be EITHER the ticket creator
  • OR a platform admin. Team-mates who did not create the ticket cannot
    
  • reveal, to keep the reveal audit chain tight around people with a
    
  • legitimate Tier-3 need.
    
    • For non-sensitive credentials: any team member (existing POST allowed
  • only the creator to write, but reads are less restricted).
    
  • Every successful reveal of a sensitive credential writes a
  • ticket_credential_revealed SecurityLog entry with the ticket id,
  • credential id, and the revealer's identity.

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/tickets/{id}/credentials

Source: src/app/api/tickets/[id]/credentials/route.ts

HTTP: GET, POST

Description:

  • GET /api/tickets/[id]/credentials - List credentials on a ticket (masked)
  • POST /api/tickets/[id]/credentials - Add temp access credentials (user)

Request body (Zod):

  • CreateSchema

    • type
    • username
    • password
    • notes
    • isSensitive

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/tickets/{id}/messages/{messageId}

Source: src/app/api/tickets/[id]/messages/[messageId]/route.ts

HTTP: PATCH, DELETE

Description:

  • PATCH /api/tickets/[id]/messages/[messageId] - Edit own message (user, within 15 min)
  • DELETE /api/tickets/[id]/messages/[messageId] - Soft-delete own message (user, within 15 min)

Request body (Zod):

  • EditSchema

    • content

PATCH

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

DELETE

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/tickets/{id}/messages

Source: src/app/api/tickets/[id]/messages/route.ts

HTTP: POST

Description:

  • POST /api/tickets/[id]/messages - Add reply to ticket (team member only)
  • Accepts JSON { content } or FormData { content, files[] }

Request body (Zod):

  • ReplySchema

    • content

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/tickets/{id}/rate

Source: src/app/api/tickets/[id]/rate/route.ts

HTTP: POST

Description:

  • POST /api/tickets/[id]/rate - Submit satisfaction rating (1-5)

Request body (Zod):

  • RateSchema

    • rating

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/tickets/{id}/read

Source: src/app/api/tickets/[id]/read/route.ts

HTTP: POST

Description:

  • POST /api/tickets/[id]/read - Mark ticket as read (user)

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/tickets/{id}/reopen

Source: src/app/api/tickets/[id]/reopen/route.ts

HTTP: POST

Description:

  • POST /api/tickets/[id]/reopen - Reopen resolved/closed ticket (within window)

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/tickets/{id}

Source: src/app/api/tickets/[id]/route.ts

HTTP: GET

Description:

  • GET /api/tickets/[id] - Get single ticket with messages (team member only)

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

https://panel.expanse.host/api/tickets/attachments/{id}

Source: src/app/api/tickets/attachments/[id]/route.ts

HTTP: GET

Description:

  • GET /api/tickets/attachments/[id] - Download ticket attachment (team member or admin)

GET

See handler for response shape.

https://panel.expanse.host/api/tickets

Source: src/app/api/tickets/route.ts

HTTP: GET, POST

Description:

  • GET /api/tickets - List team tickets
  • POST /api/tickets - Create ticket

Query parameters:

  • team_id (string) — required or optional per handler validation

Request body (Zod):

  • CreateTicketSchema

    • team_id
    • subject
    • content
    • priority
    • category
    • service_id
    • template_id
    • is_private

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

JSON: an object with key "tickets" whose value is built by the handler (Prisma / service layer). Keys on each element match your schema version.

POST

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

JSON: an object with key "ticket" whose value is built by the handler (Prisma / service layer). Keys on each element match your schema version.

https://panel.expanse.host/api/tickets/templates

Source: src/app/api/tickets/templates/route.ts

HTTP: GET

Description:

  • GET /api/tickets/templates?category=technical - List ticket templates by category

Query parameters:

  • category (string) — required or optional per handler validation

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

JSON: an object with key "templates" whose value is built by the handler (Prisma / service layer). Keys on each element match your schema version.

https://panel.expanse.host/api/tickets/unread-count

Source: src/app/api/tickets/unread-count/route.ts

HTTP: GET

Description:

  • GET /api/tickets/unread-count?team_id=... - Unread ticket count for user

Query parameters:

  • team_id (string) — required or optional per handler validation

GET

Example success response body (shape from handler; illustrative values):

Response example: see the sticky Request / Response panel on the right while this endpoint is in view.

JSON: an object with key "count" whose value is built by the handler (Prisma / service layer). Keys on each element match your schema version.

Source: newcorepanel/docs/developer-api.md + generated routes. Getting started · Authentication