REST API v1
WhatsMine exposes a token-authenticated REST API for integrating with external systems.
- Base URL:
{APP_URL}/api/v1 - Auth: Bearer token (Laravel Sanctum)
- Rate limit: 60 requests/minute per token
Authentication
Create a token from the app UI (API Tokens) or via the API, then send it as a Bearer token:
GET /api/v1/me
Authorization: Bearer 1|your-token-here
Create a token
POST /api/v1/tokens
Content-Type: application/json
{ "name": "My Integration" }
Response (the plaintext token is shown once):
{ "id": 1, "name": "My Integration", "token": "1|plaintext-token-here" }
Endpoints
| Method & path | Description |
|---|---|
GET /api/v1/me | The authenticated user's profile. |
PATCH /api/v1/me | Update name or email. |
GET /api/v1/workspaces | Workspaces the user belongs to. |
GET /api/v1/subscription | Current subscription (plan, status, cycle, period end). |
GET /api/v1/usage | Plan limits and current usage. |
GET /api/v1/audit-log | Paginated audit entries (?page=&per_page=). |
GET /api/v1/notifications | Unread notifications (?all=1 for all). |
POST /api/v1/notifications/{id}/read | Mark a notification read. |
GET /api/v1/tokens | List your tokens. |
POST /api/v1/tokens | Create a token. |
DELETE /api/v1/tokens/{id} | Revoke a token. |
Error format
{ "message": "Unauthenticated." }
| Status | Meaning |
|---|---|
| 401 | Missing/invalid token |
| 403 | Forbidden |
| 422 | Validation error (errors key included) |
| 404 | Not found |
| 429 | Rate limit exceeded |
Interactive docs
An in-app reference is available at /api-docs. The API schema is generated automatically (OpenAPI), so it stays in sync with the code.
Versioning
The current version is v1. Breaking changes will land under v2 with a deprecation window. Build against v1 with confidence.
Demo mode
When the platform runs in demo mode, write operations on /api/v1 are blocked, just like the rest of the app.
➡️ Next: Outbound Webhooks.