Customer Portal API

Self-service portal for customers to view quotes, orders, invoices, deliveries, and payment history.

Authentication

The customer portal uses token-based authentication (no login required). Tokens are generated by admin users and shared with clients via email or link.

Generate a Token (Admin)

POST /api/v1/customer-portal/tokens
Authorization: Bearer ADMIN_JWT_TOKEN
 
{
  "client_id": "uuid",
  "permissions": {
    "view_quotes": true,
    "accept_quotes": true,
    "view_orders": true,
    "view_invoices": true,
    "view_payments": true,
    "view_deliveries": true,
    "submit_feedback": true
  },
  "expires_at": "2026-12-31T23:59:59Z"
}

Use the Token

All portal endpoints use the token in the URL path — no Authorization header needed:

GET /api/v1/customer-portal/view/{token}/dashboard

Endpoints

Dashboard

GET /customer-portal/view/{token}/dashboard

Returns a summary: recent quotes, orders, invoices, deliveries, outstanding balance.

Quotes

GET  /customer-portal/view/{token}/quotes
GET  /customer-portal/view/{token}/quotes?state=sent
POST /customer-portal/view/{token}/quotes/{id}/accept
POST /customer-portal/view/{token}/quotes/{id}/decline

Clients can accept or decline sent quotes. Declined quotes accept an optional reason field.

Orders

GET /customer-portal/view/{token}/orders
GET /customer-portal/view/{token}/orders/{id}

Order detail includes line items, delivery status, and delivery tracking info.

Invoices

GET /customer-portal/view/{token}/invoices
GET /customer-portal/view/{token}/invoices?payment_state=not_paid

Payments

GET /customer-portal/view/{token}/payments

Includes allocation details showing which invoices each payment covers.

Deliveries

GET /customer-portal/view/{token}/deliveries

Includes carrier name, tracking number, shipment dates, and line items.

Permissions

Each token has configurable permissions:

Rate Limiting

Portal endpoints are rate-limited to 30 reads/minute and 10 writes/minute per token.