Introduction

REST API untuk aplikasi Apotek POS - Sistem Point of Sale Apotek Modern

Base URL: http://localhost

Dokumentasi API lengkap untuk Apotek POS System.

API ini digunakan untuk mengelola:
- **Autentikasi** - Login, logout, dan manajemen token
- **Produk** - CRUD produk dan kategori
- **Transaksi** - Proses penjualan dan riwayat
- **Pelanggan** - Data pelanggan
- **Laporan** - Dashboard dan analisis penjualan

<aside>Gunakan token Bearer untuk mengakses endpoint yang memerlukan autentikasi.</aside>

Authenticating requests

This API is not authenticated.

Endpoints

Example request:

curl --request POST \
    "http://localhost/api/v1/login" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"email\": \"gbailey@example.net\",
    \"password\": \"architecto\",
    \"device_name\": \"architecto\"
}"

const url = new URL(
    "http://localhost/api/v1/login"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "email": "gbailey@example.net",
    "password": "architecto",
    "device_name": "architecto"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/v1/login

Headers

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

email string

Must be a valid email address. Example: gbailey@example.net

password string

Example: architecto

device_name string

Example: architecto

POST api/v1/logout

Example request:

curl --request POST \
    "http://localhost/api/v1/logout" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost/api/v1/logout"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

GET api/v1/me

Example request:

curl --request GET \
    --get "http://localhost/api/v1/me" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost/api/v1/me"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (401):

Show headers

cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *


{
    "message": "Unauthenticated."
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

PUT api/v1/profile

Example request:

curl --request PUT \
    "http://localhost/api/v1/profile" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"b\",
    \"phone\": \"ngzmiyvdljnikhwa\"
}"

const url = new URL(
    "http://localhost/api/v1/profile"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "b",
    "phone": "ngzmiyvdljnikhwa"
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/v1/profile

Headers

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

name string

Must not be greater than 255 characters. Example: b

phone string optional

Must not be greater than 20 characters. Example: ngzmiyvdljnikhwa

PUT api/v1/change-password

Example request:

curl --request PUT \
    "http://localhost/api/v1/change-password" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"current_password\": \"architecto\",
    \"password\": \"]|{+-0pBNvYg\"
}"

const url = new URL(
    "http://localhost/api/v1/change-password"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "current_password": "architecto",
    "password": "]|{+-0pBNvYg"
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/v1/change-password

Headers

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

current_password string

Example: architecto

password string

Must be at least 6 characters. Example: ]|{+-0pBNvYg

GET api/v1/dashboard/summary

Example request:

curl --request GET \
    --get "http://localhost/api/v1/dashboard/summary" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost/api/v1/dashboard/summary"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (401):

Show headers

cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *


{
    "message": "Unauthenticated."
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

GET api/v1/dashboard/low-stock

Example request:

curl --request GET \
    --get "http://localhost/api/v1/dashboard/low-stock" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost/api/v1/dashboard/low-stock"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (401):

Show headers

cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *


{
    "message": "Unauthenticated."
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

GET api/v1/dashboard/expiring

Example request:

curl --request GET \
    --get "http://localhost/api/v1/dashboard/expiring" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost/api/v1/dashboard/expiring"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (401):

Show headers

cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *


{
    "message": "Unauthenticated."
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

GET api/v1/shift/current

Example request:

curl --request GET \
    --get "http://localhost/api/v1/shift/current" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost/api/v1/shift/current"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (401):

Show headers

cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *


{
    "message": "Unauthenticated."
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

POST api/v1/shift/open

Example request:

curl --request POST \
    "http://localhost/api/v1/shift/open" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"opening_cash\": 27,
    \"notes\": \"architecto\"
}"

const url = new URL(
    "http://localhost/api/v1/shift/open"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "opening_cash": 27,
    "notes": "architecto"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/v1/shift/open

Headers

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

opening_cash number

Must be at least 0. Example: 27

notes string optional

Example: architecto

POST api/v1/shift/close

Example request:

curl --request POST \
    "http://localhost/api/v1/shift/close" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"actual_cash\": 27,
    \"notes\": \"architecto\"
}"

const url = new URL(
    "http://localhost/api/v1/shift/close"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "actual_cash": 27,
    "notes": "architecto"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/v1/shift/close

Headers

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

actual_cash number

Must be at least 0. Example: 27

notes string optional

Example: architecto

GET api/v1/products

Example request:

curl --request GET \
    --get "http://localhost/api/v1/products" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost/api/v1/products"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (401):

Show headers

cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *


{
    "message": "Unauthenticated."
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

GET api/v1/products/{product_id}

Example request:

curl --request GET \
    --get "http://localhost/api/v1/products/1" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost/api/v1/products/1"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (401):

Show headers

cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *


{
    "message": "Unauthenticated."
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

POST api/v1/products/barcode

Example request:

curl --request POST \
    "http://localhost/api/v1/products/barcode" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"barcode\": \"architecto\"
}"

const url = new URL(
    "http://localhost/api/v1/products/barcode"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "barcode": "architecto"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

GET api/v1/categories

Example request:

curl --request GET \
    --get "http://localhost/api/v1/categories" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost/api/v1/categories"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (401):

Show headers

cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *


{
    "message": "Unauthenticated."
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

GET api/v1/customers

Example request:

curl --request GET \
    --get "http://localhost/api/v1/customers" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost/api/v1/customers"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (401):

Show headers

cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *


{
    "message": "Unauthenticated."
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

GET api/v1/customers/{customer_id}

Example request:

curl --request GET \
    --get "http://localhost/api/v1/customers/1" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost/api/v1/customers/1"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (401):

Show headers

cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *


{
    "message": "Unauthenticated."
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

POST api/v1/customers

Example request:

curl --request POST \
    "http://localhost/api/v1/customers" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"b\",
    \"phone\": \"ngzmiyvdljnikhwa\",
    \"email\": \"breitenberg.gilbert@example.com\",
    \"address\": \"architecto\",
    \"birth_date\": \"2025-12-31T01:19:13\"
}"

const url = new URL(
    "http://localhost/api/v1/customers"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "b",
    "phone": "ngzmiyvdljnikhwa",
    "email": "breitenberg.gilbert@example.com",
    "address": "architecto",
    "birth_date": "2025-12-31T01:19:13"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/v1/customers

Headers

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

name string

Must not be greater than 255 characters. Example: b

phone string optional

Must not be greater than 20 characters. Example: ngzmiyvdljnikhwa

email string optional

Must be a valid email address. Must not be greater than 255 characters. Example: breitenberg.gilbert@example.com

address string optional

Example: architecto

birth_date string optional

Must be a valid date. Example: 2025-12-31T01:19:13

GET api/v1/sales

Example request:

curl --request GET \
    --get "http://localhost/api/v1/sales" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost/api/v1/sales"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (401):

Show headers

cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *


{
    "message": "Unauthenticated."
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

GET api/v1/sales/{sale_id}

Example request:

curl --request GET \
    --get "http://localhost/api/v1/sales/1" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost/api/v1/sales/1"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (401):

Show headers

cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *


{
    "message": "Unauthenticated."
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

POST api/v1/sales

Example request:

curl --request POST \
    "http://localhost/api/v1/sales" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"items\": [
        {
            \"product_id\": \"architecto\",
            \"batch_id\": \"architecto\",
            \"quantity\": 22,
            \"price\": 84,
            \"discount\": 12
        }
    ],
    \"discount\": 27,
    \"tax\": 39,
    \"payments\": [
        {
            \"payment_method_id\": \"architecto\",
            \"amount\": 39,
            \"reference_number\": \"architecto\"
        }
    ],
    \"notes\": \"architecto\"
}"

const url = new URL(
    "http://localhost/api/v1/sales"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "items": [
        {
            "product_id": "architecto",
            "batch_id": "architecto",
            "quantity": 22,
            "price": 84,
            "discount": 12
        }
    ],
    "discount": 27,
    "tax": 39,
    "payments": [
        {
            "payment_method_id": "architecto",
            "amount": 39,
            "reference_number": "architecto"
        }
    ],
    "notes": "architecto"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/v1/sales

Headers

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

customer_id string optional

The id of an existing record in the customers table.

items object[]

Must have at least 1 items.

product_id string

The id of an existing record in the products table. Example: architecto

batch_id string

The id of an existing record in the product_batches table. Example: architecto

unit_id string optional

The id of an existing record in the units table.

quantity integer

Must be at least 1. Example: 22

price number

Must be at least 0. Example: 84

discount number optional

Must be at least 0. Example: 12

discount number optional

Must be at least 0. Example: 27

tax number optional

Must be at least 0. Example: 39

payments object[]

Must have at least 1 items.

payment_method_id string

The id of an existing record in the payment_methods table. Example: architecto

amount number

Must be at least 0. Example: 39

reference_number string optional

Example: architecto

notes string optional

Example: architecto

GET api/v1/reports/sales

Example request:

curl --request GET \
    --get "http://localhost/api/v1/reports/sales" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"start_date\": \"2025-12-31T01:19:13\",
    \"end_date\": \"2052-01-24\"
}"

const url = new URL(
    "http://localhost/api/v1/reports/sales"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "start_date": "2025-12-31T01:19:13",
    "end_date": "2052-01-24"
};

fetch(url, {
    method: "GET",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (401):

Show headers

cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *


{
    "message": "Unauthenticated."
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/v1/reports/sales

Headers

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

start_date string

Must be a valid date. Example: 2025-12-31T01:19:13

end_date string

Must be a valid date. Must be a date after or equal to start_date. Example: 2052-01-24

Introduction

Authenticating requests

Endpoints

POST api/v1/login

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

Body Parameters

POST api/v1/logout

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

GET api/v1/me

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

PUT api/v1/profile

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

Body Parameters

PUT api/v1/change-password

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

Body Parameters

GET api/v1/dashboard/summary

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

GET api/v1/dashboard/low-stock

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

GET api/v1/dashboard/expiring

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

GET api/v1/shift/current

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

POST api/v1/shift/open

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

Body Parameters

POST api/v1/shift/close

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

Body Parameters

GET api/v1/products

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

GET api/v1/products/{product_id}

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

URL Parameters

POST api/v1/products/barcode

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

Body Parameters

GET api/v1/categories

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

GET api/v1/customers

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

GET api/v1/customers/{customer_id}

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

URL Parameters

POST api/v1/customers

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

Body Parameters

GET api/v1/sales

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

GET api/v1/sales/{sale_id}

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

URL Parameters

POST api/v1/sales

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

Body Parameters

GET api/v1/reports/sales

Request Try it out ⚡ Cancel 🛑 Send Request 💥

Headers

Request

Request

Request

Request

Request

Request

Request

Request

Request

Request

Request

Request

Request

Request

Request

Request

Request

Request

Request

Request

Request

Request