Knowledge > System Architecture > API Catalog
API Catalog
Canonical reference for every API route across all ChurchWiseAI codebases. All APIs are Next.js API routes (serverless functions on Vercel). No standalone backend servers.
API Taxonomy
Overview
184 total API routes across 3 active codebases:
| Codebase | Route Files | Base URL | Deploy Branch |
|---|---|---|---|
| ChurchWiseAI Web | 128 | churchwiseai.com/api | main |
| PewSearch | 36 | pewsearch.com/api | master |
| IllustrateTheWord | 20 | illustratetheword.com/api | master |
All routes are defined in src/app/api/.../route.ts files using the Next.js App Router convention. Each exported function name (GET, POST, PUT, PATCH, DELETE) maps to the corresponding HTTP method.
Authentication Patterns
| Auth Type | Mechanism | Used By |
|---|---|---|
| Token (admin_token) | x-admin-token header or ?token= query param; validated against premium_churches.admin_token | Church admin dashboard APIs |
| Token (access_token) | x-access-token header; validated against church_team_members.access_token | Team member dashboard APIs |
| FOUNDER_TOKEN | x-founder-token header; matches FOUNDER_TOKEN env var | Founder-only dashboard & tools |
| SUPABASE_AUTH | supabase.auth.getUser() via cookie/session | SermonWise, ITW, ShareWiseAI user-facing |
| STRIPE_SECRET | stripe.webhooks.constructEvent() with webhook signing secret | Stripe webhook endpoints |
| TWILIO_SECRET | Twilio request signature validation | SMS/voice webhooks |
| CRON_SECRET | Authorization: Bearer <CRON_SECRET> header | Vercel Cron jobs, ops pipelines |
| ADMIN_SECRET | ADMIN_SECRET env var check | Internal admin tools (voices) |
| SOCIAL_AUTH | resolveOwner() via Supabase Auth session | ShareWiseAI user-facing |
| SIGNED_TOKEN | HMAC-signed download token with expiry | Starter kit download |
| Rate-limited public | IP-based rate limiting, no auth | Public chatbot, contact forms |
| None (public) | No authentication required | Health checks, public data |
ChurchWiseAI Web (128 routes)
Code: churchwiseai-web/src/app/api/
Admin Dashboard & Knowledge Base (22 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| GET | /api/admin/adopt-templates | List available denomination FAQ templates | admin_token | Chatbot |
| POST | /api/admin/adopt-templates | Adopt FAQ templates into church knowledge base | admin_token | Chatbot |
| GET | /api/admin/agents | Get agent config (personality, handoff rules) | admin_token | Chatbot |
| POST | /api/admin/agents | Update agent config | admin_token | Chatbot |
| GET | /api/admin/analytics-proxy | Chatbot analytics (conversations, satisfaction) | admin_token | Chatbot |
| GET | /api/admin/audit | List recent audit events for church | admin_token | Dashboard |
| GET | /api/admin/backup-owner | List backup owners for church | admin_token | Dashboard |
| POST | /api/admin/backup-owner | Add a backup owner | admin_token | Dashboard |
| DELETE | /api/admin/backup-owner | Remove a backup owner | admin_token | Dashboard |
| GET | /api/admin/founder-stats | Aggregate stats across all churches | FOUNDER_TOKEN | Founder |
| GET | /api/admin/kb-proxy | List FAQs or documents in knowledge base | admin_token | Chatbot |
| POST | /api/admin/kb-proxy | Create FAQ or document entry | admin_token | Chatbot |
| PUT | /api/admin/kb-proxy | Update FAQ or document entry | admin_token | Chatbot |
| DELETE | /api/admin/kb-proxy | Delete FAQ or document entry | admin_token | Chatbot |
| POST | /api/admin/kb-proxy/upload | Upload document to Supabase Storage | admin_token | Chatbot |
| GET | /api/admin/moderation | Get violations, restrictions, and stats | admin_token | Chatbot |
| POST | /api/admin/moderation | Add content restriction rule | admin_token | Chatbot |
| DELETE | /api/admin/moderation | Remove content restriction rule | admin_token | Chatbot |
| POST | /api/admin/moderation/moderate-document | Run moderation scan on uploaded document | admin_token | Chatbot |
| POST | /api/admin/photo-extract | Extract info from bulletin/card image via AI | admin_token | Onboarding |
| GET | /api/admin/provision-number | List available Twilio numbers | FOUNDER_TOKEN | Voice |
| POST | /api/admin/provision-number | Provision Twilio number for church | FOUNDER_TOKEN | Voice |
| DELETE | /api/admin/provision-number | Release Twilio number | FOUNDER_TOKEN | Voice |
| GET | /api/admin/resources | List care resources (crisis hotlines, etc.) | admin_token | Dashboard |
| POST | /api/admin/resources | Add care resource | admin_token | Dashboard |
| PUT | /api/admin/resources | Update care resource | admin_token | Dashboard |
| DELETE | /api/admin/resources | Delete care resource | admin_token | Dashboard |
| POST | /api/admin/revoke-sessions | Revoke all active sessions for church | admin_token | Security |
| GET | /api/admin/safety-stats | Moderation violations summary (monthly) | admin_token | Chatbot |
| GET | /api/admin/search-churches | Search churches in directory (founder only) | FOUNDER_TOKEN | Founder |
| GET | /api/admin/theology | Get theological lens and doctrinal config | admin_token | Chatbot |
| POST | /api/admin/theology | Update theological lens and custom rules | admin_token | Chatbot |
| GET | /api/admin/tools | Get chatbot tool toggle config | admin_token | Chatbot |
| POST | /api/admin/tools | Update chatbot tool toggles | admin_token | Chatbot |
| GET | /api/admin/training | List training examples (user corrections) | admin_token | Chatbot |
| POST | /api/admin/training | Submit training correction | admin_token | Chatbot |
| POST | /api/admin/translate | Translate text to target language via AI | admin_token | Chatbot |
| POST | /api/admin/voices | Manage TTS voice options (add/toggle/delete) | ADMIN_SECRET | Voice |
| GET | /api/admin/voices/library | Browse available Cartesia TTS voices | None | Voice |
Authentication & Security (3 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/auth/verify-captcha | Verify hCaptcha/Turnstile token | None | All |
| GET | /api/premium/requests | List pending premium access requests | admin_token | Dashboard |
| PATCH | /api/premium/requests | Approve or reject access request | admin_token | Dashboard |
Premium & Team Management (4 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/premium/update | Update church profile/settings | admin_token | Dashboard |
| POST | /api/premium/team | Add/remove/update team members | admin_token | Dashboard |
| GET | /api/premium/team-link | Get team member dashboard link | access_token | Dashboard |
Care Messaging (3 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/care/broadcast | Send SMS broadcast to care group | TWILIO | Care |
| GET | /api/care/members | List care group members | admin_token | Care |
| DELETE | /api/care/members | Remove member from care group | admin_token | Care |
| POST | /api/care/subscribe | Subscribe visitor to care group | None (public) | Care |
Chatbot (4 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/chatbot/stream | RAG chatbot conversation (church-specific) | Rate-limited public | Chatbot |
| POST | /api/chatbot/unified | Unified chatbot endpoint (cross-site CORS) | Rate-limited public | Chatbot |
| OPTIONS | /api/chatbot/unified | CORS preflight for unified chatbot | None | Chatbot |
| POST | /api/chat/proxy | Server-side proxy to unified chatbot API | None | Chatbot |
| POST | /api/chat/support | Site support chatbot (CWA marketing site) | Rate-limited public | Support |
Contact & Outreach (2 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/contact | Contact form submission | Rate-limited public | Marketing |
| GET | /api/churches/search | Search church directory | None | Marketing |
Cron & Background (1 route)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| GET | /api/cron/daily-audit | Daily audit: Stripe sync, stale data cleanup | CRON_SECRET | Ops |
Founder Tools (16 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| GET | /api/founder/action-items | List pending founder action items | FOUNDER_TOKEN | Founder |
| POST | /api/founder/action-items | Create action item | FOUNDER_TOKEN | Founder |
| PATCH | /api/founder/action-items | Update action item status | FOUNDER_TOKEN | Founder |
| GET | /api/founder/agents | List all church agent configs | FOUNDER_TOKEN | Founder |
| POST | /api/founder/agents | Update church agent config (founder override) | FOUNDER_TOKEN | Founder |
| GET | /api/founder/calendar | Fetch Google Calendar events | FOUNDER_TOKEN | Founder |
| POST | /api/founder/chat | Founder AI assistant chat | FOUNDER_TOKEN | Founder |
| GET | /api/founder/customers | List all customers and subscriptions | FOUNDER_TOKEN | Founder |
| PATCH | /api/founder/customers | Update customer record | FOUNDER_TOKEN | Founder |
| GET | /api/founder/drive | List Google Drive files | FOUNDER_TOKEN | Founder |
| GET | /api/founder/google-auth | Initiate Google OAuth flow | FOUNDER_TOKEN | Founder |
| GET | /api/founder/google-auth/callback | Google OAuth callback handler | FOUNDER_TOKEN | Founder |
| GET | /api/founder/metrics | Business metrics (MRR, churn, growth) | FOUNDER_TOKEN | Founder |
| GET | /api/founder/response-review | Review flagged chatbot responses | FOUNDER_TOKEN | Founder |
| POST | /api/founder/response-review | Approve/reject flagged response | FOUNDER_TOKEN | Founder |
| GET | /api/founder/response-templates | List reusable response templates | FOUNDER_TOKEN | Founder |
| POST | /api/founder/response-templates | Create/update response template | FOUNDER_TOKEN | Founder |
| GET | /api/founder/sales-calls | List sales call logs and outcomes | FOUNDER_TOKEN | Founder |
| GET | /api/founder/sync-knowledge | Sync product_knowledge to all consumers | FOUNDER_TOKEN | Founder |
| GET | /api/founder/watchtower | System health overview dashboard | FOUNDER_TOKEN | Founder |
| GET | /api/founder/watchtower/health-checks | Per-service health check results | FOUNDER_TOKEN | Founder |
| POST | /api/founder/watchtower/refresh-views | Refresh materialized views manually | FOUNDER_TOKEN | Founder |
Health & Monitoring (1 route)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| GET | /api/health/stripe | Stripe connection health check | STRIPE_SECRET | Ops |
MailerLite (3 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/mailerlite/setup | Initialize MailerLite groups only (automations replaced by lifecycle email system) | CRON_SECRET | Marketing |
| POST | /api/mailerlite/subscribe | Add subscriber to MailerLite group | None (public) | Marketing |
| POST | /api/mailerlite/webhook | MailerLite event webhook receiver | None | Marketing |
Newsletter (1 route)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/newsletter | Newsletter signup (email capture) | Rate-limited public | Marketing |
Onboarding (3 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/onboard | Create new premium church record | admin_token | Onboarding |
| POST | /api/onboard/notify | Send onboarding welcome email | admin_token | Onboarding |
| POST | /api/onboard/resend-link | Resend admin dashboard link | admin_token | Onboarding |
Operations & Telemetry (4 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/ops/alert | Send alert email + SMS for P0 issues | CRON_SECRET | Ops |
| GET | /api/ops/collect | Collect quota snapshots (Twilio, Resend, Supabase) | CRON_SECRET | Ops |
| GET | /api/ops/heartbeat | Public uptime health check endpoint | None (public) | Ops |
| POST | /api/ops/ingest | Ingest error reports from external sources | CRON_SECRET | Ops |
Sermons / SermonWise (18 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/sermons/generate | Generate sermon draft via AI | SUPABASE_AUTH | SermonWise |
| GET | /api/sermons/list | List user's saved sermons | SUPABASE_AUTH | SermonWise |
| GET | /api/sermons/[id] | Get single sermon by ID | SUPABASE_AUTH | SermonWise |
| DELETE | /api/sermons/[id] | Delete a sermon | SUPABASE_AUTH | SermonWise |
| GET | /api/sermons/[id]/derivatives | List derivatives (outlines, slides, etc.) | SUPABASE_AUTH | SermonWise |
| POST | /api/sermons/derive | Generate derivative content from sermon | SUPABASE_AUTH | SermonWise |
| POST | /api/sermons/titles | Generate sermon title suggestions via AI | None (public) | SermonWise |
| GET | /api/sermons/titles/saved | List user's saved titles | SUPABASE_AUTH | SermonWise |
| POST | /api/sermons/titles/saved | Save a title to collection | SUPABASE_AUTH | SermonWise |
| DELETE | /api/sermons/titles/saved | Remove saved title | SUPABASE_AUTH | SermonWise |
| GET | /api/sermons/usage | Get user's monthly usage stats | SUPABASE_AUTH | SermonWise |
| GET | /api/sermons/lectionary | Get current lectionary readings | None (public) | SermonWise |
| GET | /api/sermons/methods | List available sermon methods/structures | None (public) | SermonWise |
| GET | /api/sermons/stats | User's sermon generation statistics | SUPABASE_AUTH | SermonWise |
| POST | /api/sermons/portal | Create Stripe billing portal session | SUPABASE_AUTH | SermonWise |
| POST | /api/sermons/checkout | Create Stripe checkout session | SUPABASE_AUTH | SermonWise |
| GET | /api/sermons/community | Browse community-shared sermons | SUPABASE_AUTH | SermonWise |
| POST | /api/sermons/community | Share sermon to community | SUPABASE_AUTH | SermonWise |
| GET | /api/sermons/community/[id] | Get community sermon detail | SUPABASE_AUTH | SermonWise |
| DELETE | /api/sermons/community/[id] | Remove shared sermon | SUPABASE_AUTH | SermonWise |
| GET | /api/sermons/community/[id]/reviews | List reviews for community sermon | SUPABASE_AUTH | SermonWise |
| POST | /api/sermons/community/[id]/reviews | Submit review for community sermon | SUPABASE_AUTH | SermonWise |
| GET | /api/sermons/community/moderate | List sermons pending moderation | FOUNDER_TOKEN | SermonWise |
| PATCH | /api/sermons/community/moderate | Approve/reject community sermon | FOUNDER_TOKEN | SermonWise |
SMS & Webhooks (1 route)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/sms/webhook | Twilio inbound SMS webhook handler | TWILIO | Voice/Care |
ShareWiseAI / Social (28 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/social/ai/generate | Generate AI social media content | SOCIAL_AUTH | ShareWiseAI |
| POST | /api/social/ai/repurpose | Repurpose content across platforms | SOCIAL_AUTH | ShareWiseAI |
| POST | /api/social/ai/suggest | AI content suggestions for topics | SOCIAL_AUTH | ShareWiseAI |
| GET | /api/social/analytics | Social media analytics dashboard | SOCIAL_AUTH | ShareWiseAI |
| GET | /api/social/billing | Get billing/subscription status | SUPABASE_AUTH | ShareWiseAI |
| GET | /api/social/campaigns | List campaigns | SOCIAL_AUTH | ShareWiseAI |
| POST | /api/social/campaigns | Create campaign | SOCIAL_AUTH | ShareWiseAI |
| GET | /api/social/campaigns/[id] | Get campaign detail | SOCIAL_AUTH | ShareWiseAI |
| PUT | /api/social/campaigns/[id] | Update campaign | SOCIAL_AUTH | ShareWiseAI |
| DELETE | /api/social/campaigns/[id] | Delete campaign | SOCIAL_AUTH | ShareWiseAI |
| GET | /api/social/checkout | Create Stripe checkout session | SUPABASE_AUTH | ShareWiseAI |
| GET | /api/social/content-sources | List connected content sources | SOCIAL_AUTH | ShareWiseAI |
| GET | /api/social/cron/analytics-sync | Sync analytics from connected platforms | CRON_SECRET | ShareWiseAI |
| GET | /api/social/cron/auto-draft | Auto-generate draft posts | CRON_SECRET | ShareWiseAI |
| GET | /api/social/cron/publish | Publish scheduled posts | CRON_SECRET | ShareWiseAI |
| GET | /api/social/cron/token-refresh | Refresh expiring OAuth tokens | CRON_SECRET | ShareWiseAI |
| GET | /api/social/cron/trial-expiry | Process expired trial subscriptions | CRON_SECRET | ShareWiseAI |
| GET | /api/social/cron/usage-reset | Reset monthly usage counters | CRON_SECRET | ShareWiseAI |
| POST | /api/social/media/upload | Upload media file for post | SOCIAL_AUTH | ShareWiseAI |
| GET | /api/social/platforms | List connected social platforms | SOCIAL_AUTH | ShareWiseAI |
| GET | /api/social/platforms/[id] | Get platform connection detail | SOCIAL_AUTH | ShareWiseAI |
| DELETE | /api/social/platforms/[id] | Disconnect a platform | SOCIAL_AUTH | ShareWiseAI |
| GET | /api/social/platforms/callback | OAuth callback from social platform | access_token | ShareWiseAI |
| POST | /api/social/platforms/connect | Initiate OAuth connection to platform | SUPABASE_AUTH | ShareWiseAI |
| GET | /api/social/platforms/data-deletion | Facebook data deletion status check | None | ShareWiseAI |
| POST | /api/social/platforms/data-deletion | Facebook data deletion callback | None | ShareWiseAI |
| GET | /api/social/posts | List posts (with filters, pagination) | SOCIAL_AUTH | ShareWiseAI |
| POST | /api/social/posts | Create new post | SOCIAL_AUTH | ShareWiseAI |
| GET | /api/social/posts/[id] | Get post detail | SOCIAL_AUTH | ShareWiseAI |
| PUT | /api/social/posts/[id] | Update post content | SOCIAL_AUTH | ShareWiseAI |
| DELETE | /api/social/posts/[id] | Delete post | SOCIAL_AUTH | ShareWiseAI |
| POST | /api/social/posts/[id]/publish | Publish post immediately | SOCIAL_AUTH | ShareWiseAI |
| POST | /api/social/posts/[id]/retry | Retry failed post publication | SOCIAL_AUTH | ShareWiseAI |
| GET | /api/social/schedule | Get posting schedule | SOCIAL_AUTH | ShareWiseAI |
| POST | /api/social/schedule | Create schedule slot | SOCIAL_AUTH | ShareWiseAI |
| PUT | /api/social/schedule | Update schedule slot | SOCIAL_AUTH | ShareWiseAI |
| DELETE | /api/social/schedule | Delete schedule slot | SOCIAL_AUTH | ShareWiseAI |
| GET | /api/social/settings | Get subscription and brand voice config | SOCIAL_AUTH | ShareWiseAI |
| PUT | /api/social/settings | Update brand voice config | SOCIAL_AUTH | ShareWiseAI |
| GET | /api/social/webhook | Webhook verification (platform challenge) | None | ShareWiseAI |
| POST | /api/social/webhook | Inbound webhook from social platforms | None | ShareWiseAI |
Stripe Payments (5 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| GET | /api/stripe/checkout | Create Stripe Checkout session (redirect) | None | Billing |
| POST | /api/stripe/checkout-embedded | Create embedded Stripe Checkout session | None | Billing |
| GET | /api/stripe/church-checkout | Create Checkout for existing church (upsell) | admin_token | Billing |
| POST | /api/stripe/portal | Create Stripe billing portal session | admin_token | Billing |
| POST | /api/stripe/webhook | Stripe webhook handler (subscription lifecycle) | STRIPE_SECRET | Billing |
Test Reports (5 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| GET | /api/test-reports | List QA test reports | None | Internal |
| POST | /api/test-reports | Create test report | None | Internal |
| PATCH | /api/test-reports/[id] | Update test report status | None | Internal |
| GET | /api/test-reports/[id]/comments | List comments on test report | None | Internal |
| POST | /api/test-reports/[id]/comments | Add comment to test report | None | Internal |
| POST | /api/test-reports/agent-run | Record agent test run results | None | Internal |
| POST | /api/test-reports/upload | Upload test artifacts/screenshots | None | Internal |
Training (4 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/training/evaluate | Evaluate chatbot response quality | None | Internal |
| GET | /api/training/scenarios | List training scenarios | None | Internal |
| GET | /api/training/sessions | List training sessions | None | Internal |
| POST | /api/training/sessions | Create training session | None | Internal |
| POST | /api/training/simulate | Simulate chatbot conversation | None | Internal |
Utilities (2 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| GET | /api/starter-kit/download | Download AI Starter Kit PDF (signed URL) | SIGNED_TOKEN | Marketing |
| GET | /api/v1/conversations | Placeholder for future Suite API access | None (stub) | API |
Voice Agent (1 route)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/voice/twiml | Generate TwiML for Twilio voice call routing | TWILIO | Voice |
PewSearch (36 routes)
Code: pewsearch/web/src/app/api/
Admin & Management (8 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| GET | /api/admin/overview-stats | Dashboard overview statistics | admin_token | Premium Page |
| GET | /api/admin/team-link | Get team member dashboard link | admin_token | Premium Page |
| POST | /api/admin/voices | Manage TTS voice options | ADMIN_SECRET | Voice |
| POST | /api/church-updates | Submit church info update request | None (public) | Directory |
| POST | /api/church-updates/review | Review/approve church update | admin_token | Directory |
| POST | /api/upload/logo | Upload church logo image | admin_token | Premium Page |
| POST | /api/upload/staff-photo | Upload staff member photo | admin_token | Premium Page |
| GET | /api/test-email | Send test welcome email (dev only) | admin_token | Dev |
Chat & Chatbot (4 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/chatbot/stream | Church chatbot conversation (PewSearch-hosted) | Rate-limited public | Chatbot |
| POST | /api/chat/proxy | Server-side proxy to CWA unified chatbot | None | Chatbot |
| POST | /api/chat/support | Site support chatbot (PewSearch marketing) | Rate-limited public | Support |
| POST | /api/demo/chat | Demo chatbot conversation (no church context) | Rate-limited public | Demo |
Care Messaging (3 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/care/broadcast | Send SMS broadcast to care group | TWILIO | Care |
| GET | /api/care/members | List care group members | admin_token | Care |
| DELETE | /api/care/members | Remove member from care group | admin_token | Care |
| POST | /api/care/subscribe | Subscribe visitor to care group | None (public) | Care |
Contact & Requests (4 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/contact | General contact form submission | Rate-limited public | Directory |
| POST | /api/contact/church | Contact specific church via directory | Rate-limited public | Directory |
| POST | /api/premium/request-access | Request access to existing premium page | None (public) | Premium Page |
| POST | /api/report | Report incorrect church listing | Rate-limited public | Directory |
Lead Capture (2 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/leads/capture | Capture lead from claim flow | admin_token | Premium Page |
| POST | /api/subscribe | Newsletter email subscription | Rate-limited public | Marketing |
Premium Pages (7 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| GET | /api/premium/requests | List pending premium access requests | admin_token | Premium Page |
| PATCH | /api/premium/requests | Approve/reject access request | admin_token | Premium Page |
| POST | /api/premium/resend-link | Resend dashboard access link to admin | admin_token | Premium Page |
| POST | /api/premium/rotate-token | Rotate admin token (security) | admin_token | Premium Page |
| POST | /api/premium/team | Add/remove team members | admin_token | Premium Page |
| POST | /api/premium/update | Update church premium profile | admin_token | Premium Page |
| POST | /api/premium/update-admin | Update admin name and email | admin_token | Premium Page |
Search (1 route)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/search/ai | AI-powered natural language church search | Rate-limited public | Directory |
SMS (1 route)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/sms/webhook | Twilio inbound SMS webhook handler | TWILIO | Care |
Stripe (4 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| GET | /api/stripe/checkout | Create Stripe Checkout session | admin_token | Billing |
| GET | /api/stripe/portal | Create Stripe billing portal session | admin_token | Billing |
| POST | /api/stripe/pre-checkout | Pre-checkout: validate claim, create record | Rate-limited public | Billing |
| POST | /api/stripe/webhook | Stripe webhook handler (subscription lifecycle) | STRIPE_SECRET | Billing |
Utilities (4 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/add-church | Submit new church listing to directory | Rate-limited public | Directory |
| GET | /api/health/stripe | Stripe connection health check | STRIPE_SECRET | Ops |
| POST | /api/voice/twiml | Generate TwiML for voice call routing | TWILIO | Voice |
IllustrateTheWord (20 routes)
Code: sermon-illustrations/src/app/api/
Account & Auth (2 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/account/delete | Delete user account and data | SUPABASE_AUTH | Account |
| POST | /api/auth/verify-captcha | Verify captcha token | None | Auth |
Chat & Support (2 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/chat/proxy | Server-side proxy to CWA unified chatbot | None | Support |
| POST | /api/chat/support | Site support chatbot (ITW marketing) | SUPABASE_AUTH | Support |
Collections (3 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| GET | /api/collections | List user's illustration collections | SUPABASE_AUTH | Premium |
| POST | /api/collections | Create new collection | SUPABASE_AUTH | Premium |
| GET | /api/collections/[id] | Get collection detail | SUPABASE_AUTH | Premium |
| PATCH | /api/collections/[id] | Update collection (name, description) | SUPABASE_AUTH | Premium |
| DELETE | /api/collections/[id] | Delete collection | SUPABASE_AUTH | Premium |
| POST | /api/collections/[id]/items | Add illustration to collection | SUPABASE_AUTH | Premium |
| DELETE | /api/collections/[id]/items | Remove illustration from collection | SUPABASE_AUTH | Premium |
Contact (1 route)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/contact | Contact form submission | Rate-limited public | Marketing |
Favorites (1 route)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| GET | /api/favorites | List user's favorited illustrations | SUPABASE_AUTH | Premium |
| POST | /api/favorites | Add illustration to favorites | SUPABASE_AUTH | Premium |
| DELETE | /api/favorites | Remove illustration from favorites | SUPABASE_AUTH | Premium |
Health (1 route)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| GET | /api/health/stripe | Stripe connection health check | STRIPE_SECRET | Ops |
Newsletter (1 route)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/newsletter | Newsletter email subscription | Rate-limited public | Marketing |
Personalization (1 route)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/personalize | Personalize illustration for audience/context | SUPABASE_AUTH | Premium |
Slides & Media (2 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| GET | /api/slides/download | Check download allowance for current week | SUPABASE_AUTH | Premium |
| POST | /api/slides/download | Generate and download presentation slide | SUPABASE_AUTH | Premium |
Stripe (3 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| POST | /api/stripe/checkout | Create Stripe Checkout session | SUPABASE_AUTH | Billing |
| POST | /api/stripe/portal | Create Stripe billing portal session | SUPABASE_AUTH | Billing |
| POST | /api/stripe/webhook | Stripe webhook handler (subscription lifecycle) | STRIPE_SECRET | Billing |
Third-Party Integrations (3 routes)
| Method | Path | Purpose | Auth | Product |
|---|---|---|---|---|
| GET | /api/surprise | Random high-quality illustration for discovery | None (public) | Free |
| GET | /api/tmdb | Fetch movie data from TMDB for media illustrations | Rate-limited public | Free |
| GET | /api/unsplash | Search Unsplash photos for illustration imagery | Rate-limited public | Free |
| GET | /api/unsplash/download | Track Unsplash download (API compliance) | Rate-limited public | Free |
See Also
- System Overview -- Architecture diagrams and deployment topology
- Database Schema -- Table ownership, key tables, and relationships
- Infrastructure -- Vercel, Supabase, Stripe, Twilio, Cartesia config
C:\dev\PRICING.md-- Stripe product/price IDs for all checkout routesC:\dev\CLAUDE.md-- Cross-project rules, agent tooling, and product ownership