Appearance
API Reference
Base URLs
API endpoints are accessed via subdomain routing:
- Local (direct):
http://localhost:3333 - Local (via Caddy):
https://api.jubiloop.localhost - Development:
https://dev-api.jubiloop.ca - QA:
https://qa-api.jubiloop.ca - Production:
https://api.jubiloop.ca
Note: Routes are mounted directly without an /api prefix.
Available APIs
Authentication
Session-based authentication with Better Auth integration.
- Authentication API - Sign up, sign in, session management
System
Core system endpoints for health monitoring.
- System API - Health checks, status endpoints
Newsletter
Marketing email subscription management.
- Newsletter API - Subscription endpoints
Authentication Method
Jubiloop uses session-based authentication with HTTP-only cookies. After successful login, session cookies are automatically included in subsequent requests.
For protected endpoints, include the session cookie received from the login response.
Response Format
All APIs return responses in a consistent format:
Success Response
json
{
"data": {
/* Response data */
},
"messages": [
{
"title": "Operation successful",
"description": "Optional detailed description"
}
]
}Error Response
json
{
"errors": [
{
"message": "Error description"
}
]
}Note: Better Auth endpoints may use a different response format as they follow the Better Auth specification.
Common HTTP Status Codes
200 OK- Request successful201 Created- Resource created successfully204 No Content- Request successful, no response body400 Bad Request- Invalid request data401 Unauthorized- Authentication required403 Forbidden- Insufficient permissions404 Not Found- Resource not found422 Unprocessable Entity- Validation errors500 Internal Server Error- Server error
Content Types
- Request:
application/json - Response:
application/json
Rate Limiting
Rate limiting is applied to prevent abuse:
- Authentication endpoints: Limited per IP address
- API endpoints: Limited per authenticated user
- Specific limits vary by endpoint and are documented individually