Coming Soon1-Click Deployment on Vultr MarketplaceGet notified →

Admin Endpoints (`/admin/*`)

All endpoints require Bearer JWT (see Authentication).

Products

`GET /admin/products`

Query parameters:

q — text search across title, handle, description.
limit, offset — pagination.
category_id, collection_id, status — filters.

Response:

{
  "products": [{ "id": "prod_01...", "title": "...", "variants": [...] }],
  "count": 42, "limit": 20, "offset": 0
}

`POST /admin/products`

Body: full product object. See product spec in the Medusa docs.

`PATCH /admin/products/{id}` / `DELETE /admin/products/{id}`

Standard update / soft-delete.

Orders

`GET /admin/orders`

Filters: status, payment_status, fulfillment_status, customer_id, email, created_at[gte], created_at[lte].

`POST /admin/orders/{id}/fulfillments`

Body:

{
  "items": [{"item_id":"item_01...","quantity":1}],
  "no_notification": false,
  "metadata": {}
}

`POST /admin/orders/{id}/refunds`

Body:

{ "amount": 9900, "reason": "requested_by_customer", "note": "..." }

Customers

`GET /admin/customers`, `POST /admin/customers`, `PATCH /admin/customers/{id}`

Standard CRUD. GET supports q, email, has_account.

Plugins (CarphaCom-specific)

`GET /admin/plugins`

{ "plugins": [{ "id": "ccplg_01...", "manifest_id": "seo-essentials", "status": "installed", "version": "1.0.0", ... }] }

`POST /admin/plugins/install`

Body:

{ "marketplace_id": "@carphacom/seo-essentials", "version": "1.0.0", "license_key": null }

Response: 202 Accepted with the new plugin row. The backend reloads asynchronously; poll /admin/plugins/{id} until status: installed.

`DELETE /admin/plugins/{id}`

Uninstalls. Migrations are not rolled back automatically.

`GET /admin/plugins/{id}/configure`

Returns current config (secrets masked).

`POST /admin/plugins/{id}/configure`

Body:

{ "config": { "publishable_key": "pk_...", "secret_key": "sk_..." } }

`GET /admin/plugins/check-updates`

{ "updates": [{ "id":"ccplg_01...", "current":"1.0.0", "latest":"1.1.0", "changelog_url":"..." }] }

Notifications

`GET /admin/notifications` / `POST /admin/notifications/{id}/read`

Internal admin notifications (e.g. plugin update available, license expired).

Settings (key-value)

`GET /admin/settings`

Returns all rows from carphacom_setting.

`POST /admin/settings`

{ "key": "auto_update_enabled", "value": "true" }

Webhooks

`GET /admin/webhooks`, `POST /admin/webhooks`, `DELETE /admin/webhooks/{id}`

Manage external webhook subscriptions. See Webhooks & License Verify.

Admin Endpoints (/admin/*)

Products

GET /admin/products

POST /admin/products

PATCH /admin/products/{id} / DELETE /admin/products/{id}

Orders

GET /admin/orders

POST /admin/orders/{id}/fulfillments

POST /admin/orders/{id}/refunds

Customers

GET /admin/customers, POST /admin/customers, PATCH /admin/customers/{id}

Plugins (CarphaCom-specific)

GET /admin/plugins

POST /admin/plugins/install

DELETE /admin/plugins/{id}

GET /admin/plugins/{id}/configure

POST /admin/plugins/{id}/configure

GET /admin/plugins/check-updates

Notifications

GET /admin/notifications / POST /admin/notifications/{id}/read

Settings (key-value)

GET /admin/settings

POST /admin/settings

Webhooks

GET /admin/webhooks, POST /admin/webhooks, DELETE /admin/webhooks/{id}

Admin Endpoints (`/admin/*`)

`GET /admin/products`

`POST /admin/products`

`PATCH /admin/products/{id}` / `DELETE /admin/products/{id}`

`GET /admin/orders`

`POST /admin/orders/{id}/fulfillments`

`POST /admin/orders/{id}/refunds`

`GET /admin/customers`, `POST /admin/customers`, `PATCH /admin/customers/{id}`

`GET /admin/plugins`

`POST /admin/plugins/install`

`DELETE /admin/plugins/{id}`

`GET /admin/plugins/{id}/configure`

`POST /admin/plugins/{id}/configure`

`GET /admin/plugins/check-updates`

`GET /admin/notifications` / `POST /admin/notifications/{id}/read`

`GET /admin/settings`

`POST /admin/settings`

`GET /admin/webhooks`, `POST /admin/webhooks`, `DELETE /admin/webhooks/{id}`