Core application routes used by the dashboard, billing, provider connections, and monitoring workflows.
This is an implementation reference for the current product surface, not a public stable SDK contract.
Protected routes rely on the active Supabase session. Provider-specific auth is handled when creating or validating provider connections.
Routes typically return JSON payloads for dashboard data, plan state, provider summaries, or error details suitable for the current UI.
Returned fields depend on what each provider officially exposes. Cost, usage, credits, and validation details are not forced into fake parity.
Monitoring routes reflect scheduled ingestion and daily threshold evaluation rather than a guaranteed real-time stream.
Use the active authenticated session for protected routes.
| Method | Path | Description |
|---|---|---|
| GET | /api/auth/[...supabase] | Supabase auth handler for session and OAuth flow. |
| GET | /api/auth/callback | OAuth callback and redirect handling. |
| POST | /api/auth/signout | End the current authenticated session. |
Provider routes back the integrations workflow, account list, summaries, and usage views.
| Method | Path | Description |
|---|---|---|
| GET | /api/providers/accounts | List connected provider accounts for the current workspace. |
| POST | /api/providers/{id}/connect | Create or validate a provider connection using server-side checks. |
| POST | /api/providers/{id}/disconnect | Disconnect a provider connection. |
| GET | /api/providers/{id}/summary | Return provider summary data based on officially exposed signals. |
| GET | /api/providers/{id}/usage | Return provider usage or cost timeseries when supported. |
Billing routes manage subscriptions, checkout, invoices, and portal access.
| Method | Path | Description |
|---|---|---|
| GET | /api/billing/subscription | Return current subscription and plan entitlements. |
| GET | /api/billing/invoices | Return invoice history for the current customer when available. |
| GET | /api/billing/checkout?plan=pro|team | Create a Stripe checkout session for plan upgrade. |
| POST | /api/billing/portal | Open the Stripe customer portal. |
| POST | /api/webhooks | Receive Stripe webhook events. |
Monitoring routes power dashboard state, threshold rules, alerts, and notification settings.
| Method | Path | Description |
|---|---|---|
| GET | /api/dashboard | Unified dashboard payload including spend, alerts, and provider state. |
| GET | /api/alerts | Return alert timeline data for the current account. |
| POST | /api/alerts/check | Run alert checks against fetched provider data. |
| POST | /api/thresholds | Create or update threshold rules. |
| GET | /api/notification-settings | Return notification delivery settings. |
These routes support scheduled jobs, entitlements, and team-level controls.
| Method | Path | Description |
|---|---|---|
| GET | /api/entitlements | Return plan capabilities and feature gating state. |
| GET/POST | /api/team/governance | Read or update team governance state for Team plan workflows. |
| POST | /api/cron/sync | Scheduled provider sync worker. |
| POST | /api/cron/digest-daily | Daily digest job. |
| POST | /api/cron/digest-weekly | Weekly digest job. |
| POST | /api/cron/digest-monthly | Monthly digest job. |
Use the support pages below when you need product-level behavior, not just route names.