Product

API Routes

A curated map of the backend — 56+ representative endpoints across 7 domains, plus 12 cron jobs.

Audit & Scraping

/api/audit/start

POST

Launch background audit job, return jobId for SSE polling

/api/audit/status/[jobId]

GET

Poll job status + result when complete

/api/audit/stream

GET

SSE stream of real-time audit progress (1s heartbeat)

/api/audit/email-me

POST

Capture handoff email or send result immediately

/api/audits

GETPOST

List saved audits / create audit with reviews

/api/audits/[id]

GETPATCHDELETE

Retrieve / update / delete an audit

/api/scrape-reviews

GET

Scrape reviews from a URL

/api/score-reviews

POST

Score reviews for policy violations

Payments, Billing & Webhooks

/api/payments/checkout

POST

Create checkout session (verified email required)

/api/payments/checkout-package

POST

Checkout for a specific package tier

/api/payments/subscribe

POST

Subscribe to a recurring plan

/api/payments/webhook

POST

LemonSqueezy webhook (order + subscription events), timing-safe sig

/api/webhooks/polar

POST

Polar.sh webhook (LS fallback), shared NormalizedEvent shape

/api/webhooks/resend

POST

Resend email events (bounce / complaint)

/api/portal/billing/cancel

POST

Cancel active subscription (LS or Polar)

/api/admin/invoices/[id]

GETDELETE

Admin invoice view / delete

Auth

/api/auth/[...nextauth]

GETPOST

NextAuth: Google OAuth + credentials + callbacks

/api/auth/forgot-password

POST

Initiate password reset

/api/auth/reset-password

POST

Submit new password + token

/api/auth/magic/[token]

GET

Magic-link email verification

/api/auth/resend-verify

POST

Resend the verification email

/api/auth/2fa-required

GETPOST

2FA check / setup

/api/register

POST

Campaigns / Cold-Email / Marketing

/api/admin/campaigns

GETPOST

List / create campaigns

/api/admin/campaigns/[id]/execute

POST

Queue cold-emails to targets (GDPR geo-block applied)

/api/admin/campaigns/[id]/import-csv

POST

Bulk import targets from CSV

/api/admin/campaigns/process-sequences

POST

Process follow-up sequences (stops on GDPR/replied)

/api/admin/campaigns/discover-emails

POST

Discover email addresses for businesses

/api/admin/campaigns/bulk-audit

POST

Audit many discovered businesses

/api/admin/marketing/launch

POST

One-shot discover → audit → queue outreach (GDPR geo-block)

/api/admin/sales-leads/manual-email

POST

Send manual outreach email

Admin Ops

/api/admin/analytics

GET

Dashboard analytics + metrics

/api/admin/funnel-metrics

GET

Sales funnel metrics

/api/admin/cron-health

GET

Health of all cron jobs

/api/admin/scraper-health

GET

Review scraper health

/api/admin/secrets-check

GET

Verify required secrets are loaded

/api/admin/ls-variants

GET

List LemonSqueezy variant IDs

/api/admin/email-queue

GET

View email queue (?status=failed = dead-letter)

/api/admin/email-queue/[id]

GETPOSTDELETE

View / retry / delete a queued email

/api/admin/removal-requests/bulk-submit

POST

Bulk submit Google removal requests

/api/admin/impersonate/[userId]

POST

Impersonate a user for testing

Portal (authenticated user)

/api/portal/dashboard

GET

Dashboard stats + monitoring summary

/api/portal/monitoring

GET

Monitored places + recent alerts

/api/portal/removals

GET

List removal requests

/api/portal/review-requests

GETPOST

Create / list review-request campaigns

/api/portal/settings

GETPUT

User profile settings

/api/portal/2fa/setup

POST

Enable TOTP 2FA

/api/portal/gdpr/export

POST

GDPR data export (right of access)

/api/portal/gdpr/delete

POST

GDPR account deletion

Tracking & Misc

/api/track/pixel/[targetId]

GET

1×1 open-tracking pixel (disabled by default)

/api/track/click/[targetId]

GET

Click tracking + redirect to original URL

/api/unsubscribe

GETPOST

RFC 8058 one-click unsubscribe

/api/webhooks/inbound

POST

Inbound email webhook — reply parsing + classification

/api/health

GET

Public health check — commit hash, DB latency

/api/contact

POST

Contact form submission

/api/report/[auditId]

GET

Generate audit report (PDF / JSON)

Cron jobs

Scheduled via Cloudflare Workers cron triggers (every 3 min · hourly · daily 04:00 UTC).

/api/cron/process-emailsevery 3 minProcess queued emails + run domain warmup

/api/cron/audit-retryevery 3 minRetry stuck audit jobs (pending 2m+ / running 5m+)

/api/cron/monitor-reviewshourlyScrape new reviews, score sentiment, dispatch alerts

/api/cron/process-sequenceshourlyAdvance cold-email follow-up sequences

/api/cron/process-waterfallperiodicTrigger secondary-email waterfall fallback

/api/cron/nurture-sendperiodicSend nurture campaign emails

/api/cron/scrape-jobsperiodicManage the scraping job queue

/api/cron/daily-digestdaily 04:00 UTCSend daily digest emails

/api/cron/weekly-digestweeklySend weekly digest emails

/api/cron/weekly-reportweeklyGenerate weekly reports

/api/cron/trial-expirydailyFlag expiring trials

/api/cron/trial-reminderdailySend trial-expiry reminder emails