v6 public SDK · Cloudflare-hosted

Build customer-facing apps on FavCRM APIs.

Use the public customer-portal API for booking, member login, CMS, events, shop, offers, and surveys. Every section is organized by the workflow developers actually build.

View API reference Download OpenAPI Use with LLMs

Documentation Index

Fetch /llms.txt first. It points agents to the canonical Markdown guides and the OpenAPI file without requiring page scraping.

Quick start

Resolve tenant context with X-Company-Id or storefront domain resolution.
Use public tenant endpoints for storefront content, service discovery, and checkout options.
Use customer tokens only after OTP login, registration, or token refresh.
Load the OpenAPI file for exact request bodies and response schemas.

curl https://favcrm-connect-docs.stacksuite.workers.dev/llms.txt
curl https://favcrm-connect-docs.stacksuite.workers.dev/openapi/connect-v6.openapi.yaml

Authentication

Public SDK endpoints use tenant context plus optional customer auth. Public tenant routes use X-Company-Id or resolved storefront context. Customer routes use Authorization: Bearer <customer-token>. Magic-token routes are only for invitation or signed-link flows.

Not public SDK routes

Provider callbacks, MCP/OAuth discovery, system health, generated platform docs, and internal developer routes are intentionally excluded from this SDK document.

API reference

Public v6 routes are grouped by the workflow a storefront or partner app needs to build. Every operation includes auth context, request fields, request payload, response example, and cURL.

6API groups

51Public operations

4Auth

Service booking

Discover services, show availability, create bookings, and let customers manage booking records.

Resolve tenant context
List services
Check slots
Create a guest booking
Read or update customer bookings

GET /v6/customer-portal/services Public tenant

List services

Service catalog for a tenant.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
search string query: Filter services by name.
page integer query: Page number, starting at 1.
limit integer query: Page size, up to 100.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/services" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "items": [
      {
        "id": "svc_123",
        "name": "Consultation",
        "durationMinutes": 60,
        "price": 500,
        "currency": "HKD"
      }
    ],
    "pagination": {
      "page": 1,
      "limit": 20,
      "total": 1
    }
  }
}

Try it

Query parameters search string optional page integer optional limit integer optional

GET /v6/customer-portal/services/{id} Public tenant

Get service detail

Service detail, price, duration, and booking metadata.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
id string Required path: id path value.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/services/{id}" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "id": "resource_123"
  }
}

Try it

Path parameters id string required

GET /v6/customer-portal/services/{id}/staff Public tenant

List staff

Eligible staff for a service.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
id string Required path: id path value.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/services/{id}/staff" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "id": "resource_123"
  }
}

Try it

Path parameters id string required

GET /v6/customer-portal/services/{id}/resources Public tenant

List resources

Rooms, equipment, or other reservable resources.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
id string Required path: id path value.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/services/{id}/resources" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "id": "resource_123"
  }
}

Try it

Path parameters id string required

GET /v6/customer-portal/services/{id}/slots Public tenant

List slots

Available times for the selected date and service.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
id string Required path: id path value.
date date Required query: Date to check, formatted as YYYY-MM-DD.
staffId string query: Limit availability to a specific staff member.
resourceId string query: Limit availability to a specific resource.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/services/{id}/slots" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "slots": [
      {
        "start": "2026-06-01T10:00:00Z",
        "end": "2026-06-01T11:00:00Z",
        "staffId": "staff_123",
        "available": true
      }
    ]
  }
}

Try it

Path parameters id string required

Query parameters date date required staffId string optional resourceId string optional

POST /v6/customer-portal/bookings/guest Public tenant

Create guest booking

Create a booking without a logged-in customer.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
serviceId string Required body: Service to book.
occurrenceStart date-time Required body: Booking start time.
occurrenceEnd date-time Required body: Booking end time.
customerName string Required body: Guest customer name.
customerPhone string Required body: Guest customer phone.
customerEmail email body: Guest customer email.
staffId string body: Selected staff member.
resourceId string body: Selected resource.

cURL

curl -X POST "https://api.favcrm.io/v6/customer-portal/bookings/guest" \
  -H "X-Company-Id: cmp_123" \
  -H "Content-Type: application/json" \
  -d '{  "serviceId": "svc_123",  "occurrenceStart": "2026-06-01T10:00:00Z",  "occurrenceEnd": "2026-06-01T11:00:00Z",  "customerName": "Jane Lee",  "customerPhone": "+85261234567",  "customerEmail": "jane@example.com",  "staffId": "staff_123"}'

Request payload

{
  "serviceId": "svc_123",
  "occurrenceStart": "2026-06-01T10:00:00Z",
  "occurrenceEnd": "2026-06-01T11:00:00Z",
  "customerName": "Jane Lee",
  "customerPhone": "+85261234567",
  "customerEmail": "jane@example.com",
  "staffId": "staff_123"
}

Response 200

{
  "success": true,
  "data": {
    "id": "book_123",
    "status": "confirmed",
    "serviceId": "svc_123",
    "occurrenceStart": "2026-06-01T10:00:00Z"
  }
}

Try it

Request body (JSON)

GET /v6/customer-portal/bookings Customer token

List customer bookings

Booking history for the authenticated customer.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT Required header: Customer token from OTP, registration, or refresh.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/bookings" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>"

Response 200

{
  "success": true,
  "data": {
    "items": [
      {
        "id": "book_123",
        "status": "confirmed",
        "serviceName": "Consultation",
        "occurrenceStart": "2026-06-01T10:00:00Z"
      }
    ]
  }
}

Try it

GET /v6/customer-portal/bookings/{id} Customer token

Get booking detail

Single booking detail for the authenticated customer.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT Required header: Customer token from OTP, registration, or refresh.
id string Required path: id path value.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/bookings/{id}" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>"

Response 200

{
  "success": true,
  "data": {
    "id": "book_123",
    "status": "confirmed",
    "serviceId": "svc_123",
    "occurrenceStart": "2026-06-01T10:00:00Z"
  }
}

Try it

Path parameters id string required

POST /v6/customer-portal/bookings/{id}/cancel Customer token

Cancel booking

Cancel a customer-scoped booking.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT Required header: Customer token from OTP, registration, or refresh.
id string Required path: id path value.
reason string body: Customer-facing cancellation reason.

cURL

curl -X POST "https://api.favcrm.io/v6/customer-portal/bookings/{id}/cancel" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>" \
  -H "Content-Type: application/json" \
  -d '{  "reason": "Customer requested cancellation"}'

Request payload

{
  "reason": "Customer requested cancellation"
}

Response 200

{
  "success": true,
  "data": {
    "id": "book_123",
    "status": "cancelled",
    "serviceId": "svc_123",
    "occurrenceStart": "2026-06-01T10:00:00Z"
  }
}

Try it

Path parameters id string required

Request body (JSON)

POST /v6/customer-portal/bookings/{id}/reschedule Customer token

Reschedule booking

Move a customer-scoped booking to another slot.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT Required header: Customer token from OTP, registration, or refresh.
id string Required path: id path value.
occurrenceStart date-time Required body: New booking start time.
occurrenceEnd date-time Required body: New booking end time.
staffId string body: Updated staff member.
resourceId string body: Updated resource.

cURL

curl -X POST "https://api.favcrm.io/v6/customer-portal/bookings/{id}/reschedule" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>" \
  -H "Content-Type: application/json" \
  -d '{  "occurrenceStart": "2026-06-03T14:00:00Z",  "occurrenceEnd": "2026-06-03T15:00:00Z",  "staffId": "staff_123"}'

Request payload

{
  "occurrenceStart": "2026-06-03T14:00:00Z",
  "occurrenceEnd": "2026-06-03T15:00:00Z",
  "staffId": "staff_123"
}

Response 200

{
  "success": true,
  "data": {
    "id": "book_123",
    "status": "confirmed",
    "serviceId": "svc_123",
    "occurrenceStart": "2026-06-01T10:00:00Z"
  }
}

Try it

Path parameters id string required

Request body (JSON)

Member session

Check login channel
Request OTP
Verify OTP
Use bearer token
Refresh or logout

GET /v6/customer-portal/auth/login-channel Public tenant

Get login channel

Returns the configured login method for the tenant.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/auth/login-channel" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "ok": true,
    "channel": "sms",
    "member": {
      "id": "mem_123"
    }
  }
}

Try it

POST /v6/customer-portal/auth/otp Public tenant

Request OTP

Send an OTP to a customer.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
phone string body: Customer phone for SMS or WhatsApp OTP.
email email body: Customer email for email OTP.

cURL

curl -X POST "https://api.favcrm.io/v6/customer-portal/auth/otp" \
  -H "X-Company-Id: cmp_123" \
  -H "Content-Type: application/json" \
  -d '{  "phone": "+85261234567"}'

Request payload

{
  "phone": "+85261234567"
}

Response 200

{
  "success": true,
  "data": {
    "ok": true,
    "channel": "sms",
    "member": {
      "id": "mem_123"
    }
  }
}

Try it

Try-it disabled for this endpoint.

Disabled in try-it because this call sends real SMS / email or creates real member rows. Use the cURL above against your own environment.

POST /v6/customer-portal/auth/otp/verify Public tenant

Verify OTP

Exchange OTP proof for a customer token.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
phone string body: Customer phone used for OTP.
email email body: Customer email used for OTP.
code string Required body: One-time password code.

cURL

curl -X POST "https://api.favcrm.io/v6/customer-portal/auth/otp/verify" \
  -H "X-Company-Id: cmp_123" \
  -H "Content-Type: application/json" \
  -d '{  "phone": "+85261234567",  "code": "123456"}'

Request payload

{
  "phone": "+85261234567",
  "code": "123456"
}

Response 200

{
  "success": true,
  "data": {
    "token": "customer_jwt",
    "member": {
      "id": "mem_123",
      "name": "Jane Lee",
      "email": "jane@example.com"
    }
  }
}

Try it

Try-it disabled for this endpoint.

Disabled in try-it because this call sends real SMS / email or creates real member rows. Use the cURL above against your own environment.

POST /v6/customer-portal/auth/register Public tenant

Register member

Create a member/customer account.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
name string Required body: Customer first name or display name.
lastName string body: Customer last name.
phone string body: Customer phone.
email email body: Customer email.
source string body: Registration source, such as storefront or partner name.

cURL

curl -X POST "https://api.favcrm.io/v6/customer-portal/auth/register" \
  -H "X-Company-Id: cmp_123" \
  -H "Content-Type: application/json" \
  -d '{  "name": "Jane",  "lastName": "Lee",  "phone": "+85261234567",  "email": "jane@example.com",  "source": "partner-storefront"}'

Request payload

{
  "name": "Jane",
  "lastName": "Lee",
  "phone": "+85261234567",
  "email": "jane@example.com",
  "source": "partner-storefront"
}

Response 200

{
  "success": true,
  "data": {
    "token": "customer_jwt",
    "member": {
      "id": "mem_123",
      "name": "Jane Lee",
      "email": "jane@example.com"
    }
  }
}

Try it

Try-it disabled for this endpoint.

Disabled in try-it because this call sends real SMS / email or creates real member rows. Use the cURL above against your own environment.

POST /v6/customer-portal/auth/validate-token Customer token

Validate token

Check whether a customer token is valid.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT Required header: Customer token from OTP, registration, or refresh.

cURL

curl -X POST "https://api.favcrm.io/v6/customer-portal/auth/validate-token" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>" \
  -H "Content-Type: application/json" \
  -d '{}'

Request payload

{}

Response 200

{
  "success": true,
  "data": {
    "ok": true,
    "channel": "sms",
    "member": {
      "id": "mem_123"
    }
  }
}

Try it

POST /v6/customer-portal/auth/refresh Customer token

Refresh token

Refresh an existing customer session.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT Required header: Customer token from OTP, registration, or refresh.

cURL

curl -X POST "https://api.favcrm.io/v6/customer-portal/auth/refresh" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>" \
  -H "Content-Type: application/json" \
  -d '{}'

Request payload

{}

Response 200

{
  "success": true,
  "data": {
    "token": "customer_jwt",
    "member": {
      "id": "mem_123",
      "name": "Jane Lee",
      "email": "jane@example.com"
    }
  }
}

Try it

POST /v6/customer-portal/auth/logout Customer token

Logout

End the customer session.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT Required header: Customer token from OTP, registration, or refresh.

cURL

curl -X POST "https://api.favcrm.io/v6/customer-portal/auth/logout" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>" \
  -H "Content-Type: application/json" \
  -d '{}'

Request payload

{}

Response 200

{
  "success": true,
  "data": {
    "ok": true,
    "channel": "sms",
    "member": {
      "id": "mem_123"
    }
  }
}

Try it

GET /v6/customer-portal/auth/registration-form Public tenant

Registration form

Fetch tenant-specific registration fields.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/auth/registration-form" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "ok": true,
    "channel": "sms",
    "member": {
      "id": "mem_123"
    }
  }
}

Try it

Content and events

Render public site content, event listings, event registration, payment, and access checks.

Load CMS navigation/content
List events
Register attendee
Create payment intent
Verify event access

GET /v6/customer-portal/cms/pages Public tenant

List pages

Published pages.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/cms/pages" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "items": [
      {
        "id": "page_123",
        "slug": "about",
        "title": "List pages"
      }
    ]
  }
}

Try it

GET /v6/customer-portal/cms/pages/{slug} Public tenant

Get page

Published page by slug.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
slug string Required path: slug path value.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/cms/pages/{slug}" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "id": "page_123",
    "slug": "about",
    "title": "Get page",
    "content": "<p>Published content</p>"
  }
}

Try it

Path parameters slug string required

GET /v6/customer-portal/cms/posts Public tenant

List posts

Published blog/CMS posts.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
search string query: Text search.
page integer query: Page number, starting at 1.
limit integer query: Page size, up to 100.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/cms/posts" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "items": [
      {
        "id": "page_123",
        "slug": "about",
        "title": "List posts"
      }
    ]
  }
}

Try it

Query parameters search string optional page integer optional limit integer optional

GET /v6/customer-portal/cms/posts/{slug} Public tenant

Get post

Published post by slug.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
slug string Required path: slug path value.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/cms/posts/{slug}" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "id": "page_123",
    "slug": "about",
    "title": "Get post",
    "content": "<p>Published content</p>"
  }
}

Try it

Path parameters slug string required

GET /v6/customer-portal/cms/categories Public tenant

List categories

Public CMS categories.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/cms/categories" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "items": [
      {
        "id": "page_123",
        "slug": "about",
        "title": "List categories"
      }
    ]
  }
}

Try it

GET /v6/customer-portal/cms/menus/{location} Public tenant

Get menu

Navigation menu by location.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
location string Required path: location path value.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/cms/menus/{location}" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "id": "page_123",
    "slug": "about",
    "title": "Get menu",
    "content": "<p>Published content</p>"
  }
}

Try it

Path parameters location string required

GET /v6/customer-portal/events Optional customer token

List events

Public event list.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT header: Optional customer token for personalized availability, pricing, or ownership checks.
search string query: Text search.
page integer query: Page number, starting at 1.
limit integer query: Page size, up to 100.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/events" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>"

Response 200

{
  "success": true,
  "data": {
    "items": [
      {
        "id": "evt_123",
        "slug": "summer-workshop",
        "title": "Summer Workshop",
        "startsAt": "2026-06-10T10:00:00Z"
      }
    ]
  }
}

Try it

Query parameters search string optional page integer optional limit integer optional

GET /v6/customer-portal/events/{slug} Optional customer token

Get event

Public event detail.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT header: Optional customer token for personalized availability, pricing, or ownership checks.
slug string Required path: slug path value.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/events/{slug}" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>"

Response 200

{
  "success": true,
  "data": {
    "id": "evt_123",
    "slug": "summer-workshop",
    "title": "Summer Workshop",
    "startsAt": "2026-06-10T10:00:00Z",
    "capacity": 30
  }
}

Try it

Path parameters slug string required

POST /v6/customer-portal/event-registrations Optional customer token

Register for event

Create an attendee registration.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT header: Optional customer token for personalized availability, pricing, or ownership checks.
eventId string Required body: Event id or slug being registered.
name string Required body: Attendee name.
email email body: Attendee email.
phone string body: Attendee phone.
quantity integer body: Number of seats or tickets.

cURL

curl -X POST "https://api.favcrm.io/v6/customer-portal/event-registrations" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>" \
  -H "Content-Type: application/json" \
  -d '{  "eventId": "evt_123",  "name": "Jane Lee",  "email": "jane@example.com",  "phone": "+85261234567",  "quantity": 1}'

Request payload

{
  "eventId": "evt_123",
  "name": "Jane Lee",
  "email": "jane@example.com",
  "phone": "+85261234567",
  "quantity": 1
}

Response 200

{
  "success": true,
  "data": {
    "id": "ereg_123",
    "status": "pending_payment"
  }
}

Try it

Request body (JSON)

POST /v6/customer-portal/event-registrations/{id}/payment-intent Optional customer token

Create event payment intent

Start event registration payment.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT header: Optional customer token for personalized availability, pricing, or ownership checks.
id string Required path: id path value.
paymentMethodId string body: Selected payment method.
returnUrl url body: URL to return to after hosted payment.

cURL

curl -X POST "https://api.favcrm.io/v6/customer-portal/event-registrations/{id}/payment-intent" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>" \
  -H "Content-Type: application/json" \
  -d '{  "paymentMethodId": "pm_stripe_card",  "returnUrl": "https://store.example.com/events/thank-you"}'

Request payload

{
  "paymentMethodId": "pm_stripe_card",
  "returnUrl": "https://store.example.com/events/thank-you"
}

Response 200

{
  "success": true,
  "data": {
    "id": "ereg_123",
    "status": "pending_payment",
    "paymentIntent": {
      "id": "pi_123",
      "clientSecret": "secret_123"
    }
  }
}

Try it

Path parameters id string required

Request body (JSON)

GET /v6/customer-portal/event-registrations/{id}/access Optional customer token

Check event access

Validate event registration access.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT header: Optional customer token for personalized availability, pricing, or ownership checks.
id string Required path: id path value.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/event-registrations/{id}/access" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>"

Response 200

{
  "success": true,
  "data": {
    "id": "ereg_123",
    "status": "valid"
  }
}

Try it

Path parameters id string required

Shop and commerce

Build a public storefront with products, categories, checkout, payment status, and customer order history.

List products
Show product detail
Load checkout options
Create order
Check payment status

GET /v6/customer-portal/shop/products Public tenant

List products

Public product catalog.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
search string query: Text search.
page integer query: Page number, starting at 1.
limit integer query: Page size, up to 100.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/shop/products" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "items": [
      {
        "id": "prod_123",
        "slug": "starter-kit",
        "name": "List products"
      }
    ]
  }
}

Try it

Query parameters search string optional page integer optional limit integer optional

GET /v6/customer-portal/shop/products/{slug} Public tenant

Get product

Product detail by slug.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
slug string Required path: slug path value.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/shop/products/{slug}" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "id": "prod_123",
    "slug": "starter-kit",
    "name": "Starter Kit",
    "price": 500,
    "currency": "HKD"
  }
}

Try it

Path parameters slug string required

GET /v6/customer-portal/shop/categories Public tenant

List shop categories

Product categories.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/shop/categories" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "items": [
      {
        "id": "prod_123",
        "slug": "starter-kit",
        "name": "List shop categories"
      }
    ]
  }
}

Try it

GET /v6/customer-portal/shop/brands Public tenant

List brands

Product brands.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/shop/brands" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "items": [
      {
        "id": "prod_123",
        "slug": "starter-kit",
        "name": "List brands"
      }
    ]
  }
}

Try it

GET /v6/customer-portal/shop/collections Public tenant

List collections

Product collections.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/shop/collections" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "items": [
      {
        "id": "prod_123",
        "slug": "starter-kit",
        "name": "List collections"
      }
    ]
  }
}

Try it

GET /v6/customer-portal/shop/shipping-methods Public tenant

List shipping methods

Available shipping options.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/shop/shipping-methods" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "items": [
      {
        "id": "prod_123",
        "slug": "starter-kit",
        "name": "List shipping methods"
      }
    ]
  }
}

Try it

GET /v6/customer-portal/shop/payment-methods Public tenant

List payment methods

Available checkout payment methods.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/shop/payment-methods" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "items": [
      {
        "id": "prod_123",
        "slug": "starter-kit",
        "name": "List payment methods"
      }
    ]
  }
}

Try it

POST /v6/customer-portal/shop/orders Optional customer token

Create order

Create a storefront order.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT header: Optional customer token for personalized availability, pricing, or ownership checks.
items array Required body: Order lines with productId or variantId and quantity.
customer object body: Guest customer details when no customer token is used.
shippingMethodId string body: Selected shipping method.
paymentMethodId string body: Selected payment method.

cURL

curl -X POST "https://api.favcrm.io/v6/customer-portal/shop/orders" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>" \
  -H "Content-Type: application/json" \
  -d '{  "items": [    {      "productId": "prod_123",      "quantity": 2    }  ],  "customer": {    "name": "Jane Lee",    "email": "jane@example.com"  },  "shippingMethodId": "ship_pickup",  "paymentMethodId": "pm_card"}'

Request payload

{
  "items": [
    {
      "productId": "prod_123",
      "quantity": 2
    }
  ],
  "customer": {
    "name": "Jane Lee",
    "email": "jane@example.com"
  },
  "shippingMethodId": "ship_pickup",
  "paymentMethodId": "pm_card"
}

Response 200

{
  "success": true,
  "data": {
    "id": "ord_123",
    "status": "created",
    "paymentStatus": "pending"
  }
}

Try it

Request body (JSON)

GET /v6/customer-portal/shop/orders Customer token

List customer orders

Authenticated customer order history.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT Required header: Customer token from OTP, registration, or refresh.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/shop/orders" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>"

Response 200

{
  "success": true,
  "data": {
    "items": [
      {
        "id": "ord_123",
        "status": "paid",
        "total": 1000,
        "currency": "HKD"
      }
    ]
  }
}

Try it

GET /v6/customer-portal/shop/orders/{orderId}/payment-status Optional customer token

Order payment status

Payment status for an order.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT header: Optional customer token for personalized availability, pricing, or ownership checks.
orderId string Required path: orderId path value.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/shop/orders/{orderId}/payment-status" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>"

Response 200

{
  "success": true,
  "data": {
    "id": "ord_123",
    "status": "created",
    "paymentStatus": "paid"
  }
}

Try it

Path parameters orderId string required

Loyalty and offers

Show membership tiers, public offers, and customer gift redemption flows.

Show membership tiers
List offers
Redeem or claim gifts
Fulfill redemption when applicable

GET /v6/customer-portal/membership-tiers Public tenant

List membership tiers

Public tier list for a tenant.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/membership-tiers" \
  -H "X-Company-Id: cmp_123"

Response 200

{
  "success": true,
  "data": {
    "items": [
      {
        "id": "tier_123",
        "name": "Gold",
        "pointsMultiplier": 1.5
      }
    ]
  }
}

Try it

GET /v6/customer-portal/gifts/offers Optional customer token

List gift offers

Customer-visible gift offers.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT header: Optional customer token for personalized availability, pricing, or ownership checks.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/gifts/offers" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>"

Response 200

{
  "success": true,
  "data": {
    "id": "gift_123",
    "title": "Welcome Gift",
    "status": "available"
  }
}

Try it

GET /v6/customer-portal/gifts/offers/{id} Optional customer token

Get gift offer

Gift offer detail.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT header: Optional customer token for personalized availability, pricing, or ownership checks.
id string Required path: id path value.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/gifts/offers/{id}" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>"

Response 200

{
  "success": true,
  "data": {
    "id": "gift_123",
    "title": "Welcome Gift",
    "status": "available"
  }
}

Try it

Path parameters id string required

POST /v6/customer-portal/gifts/offers/{id}/redeem Customer token

Redeem gift offer

Redeem an offer for the customer.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT Required header: Customer token from OTP, registration, or refresh.
id string Required path: id path value.
quantity integer body: Quantity to redeem. Defaults to 1.

cURL

curl -X POST "https://api.favcrm.io/v6/customer-portal/gifts/offers/{id}/redeem" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>" \
  -H "Content-Type: application/json" \
  -d '{  "quantity": 1}'

Request payload

{
  "quantity": 1
}

Response 200

{
  "success": true,
  "data": {
    "id": "gift_123",
    "title": "Welcome Gift",
    "status": "available"
  }
}

Try it

Path parameters id string required

Request body (JSON)

POST /v6/customer-portal/gifts/claim Optional customer token

Claim gift

Claim a gift by claim payload or token.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT header: Optional customer token for personalized availability, pricing, or ownership checks.
claimToken string body: Gift claim token from a link or campaign.
offerId string body: Offer to claim when using an authenticated customer flow.

cURL

curl -X POST "https://api.favcrm.io/v6/customer-portal/gifts/claim" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>" \
  -H "Content-Type: application/json" \
  -d '{  "claimToken": "gift_claim_token"}'

Request payload

{
  "claimToken": "gift_claim_token"
}

Response 200

{
  "success": true,
  "data": {
    "id": "gift_123",
    "title": "Welcome Gift",
    "status": "available"
  }
}

Try it

Request body (JSON)

GET /v6/customer-portal/gifts/redemptions Customer token

List redemptions

Customer gift redemptions.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT Required header: Customer token from OTP, registration, or refresh.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/gifts/redemptions" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>"

Response 200

{
  "success": true,
  "data": {
    "items": [
      {
        "id": "red_123",
        "status": "redeemed",
        "offerId": "gift_123"
      }
    ]
  }
}

Try it

Forms and surveys

Embed public surveys and token-based invitation response flows.

Load survey
Submit response
Handle invitation token links

GET /v6/customer-portal/surveys/{slug} Optional customer token

Get survey by slug

Public survey detail.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT header: Optional customer token for personalized availability, pricing, or ownership checks.
slug string Required path: slug path value.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/surveys/{slug}" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>"

Response 200

{
  "success": true,
  "data": {
    "id": "surv_123",
    "slug": "feedback",
    "title": "Customer Feedback",
    "questions": [
      {
        "id": "q_1",
        "type": "text",
        "label": "How was your visit?"
      }
    ]
  }
}

Try it

Path parameters slug string required

GET /v6/customer-portal/surveys/token/{token} Magic token

Get survey by token

Invitation-scoped survey detail.

Request fields

token string Required path: token path value.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/surveys/token/{token}"

Response 200

{
  "success": true,
  "data": {
    "id": "surv_123",
    "slug": "feedback",
    "title": "Customer Feedback",
    "questions": [
      {
        "id": "q_1",
        "type": "text",
        "label": "How was your visit?"
      }
    ]
  }
}

Try it

Try-it disabled for this endpoint.

Magic-token endpoints are tied to a specific invitation. Use the link delivered to the recipient to test.

POST /v6/customer-portal/surveys/{id}/responses Optional customer token

Submit survey response

Submit a public survey response.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
Authorization Bearer customer JWT header: Optional customer token for personalized availability, pricing, or ownership checks.
id string Required path: id path value.
answers object Required body: Map of survey question ids to answer values.
customerId string body: Known customer id when available.
metadata object body: Optional client metadata.

cURL

curl -X POST "https://api.favcrm.io/v6/customer-portal/surveys/{id}/responses" \
  -H "X-Company-Id: cmp_123" \
  -H "Authorization: Bearer <customer-token>" \
  -H "Content-Type: application/json" \
  -d '{  "answers": {    "q_1": "Very satisfied",    "q_2": 5  },  "metadata": {    "source": "storefront"  }}'

Request payload

{
  "answers": {
    "q_1": "Very satisfied",
    "q_2": 5
  },
  "metadata": {
    "source": "storefront"
  }
}

Response 200

{
  "success": true,
  "data": {
    "id": "resp_123",
    "status": "submitted"
  }
}

Try it

Path parameters id string required

Request body (JSON)

POST /v6/customer-portal/surveys/token/{token}/responses Magic token

Submit token response

Submit an invitation-scoped survey response.

Request fields

token string Required path: token path value.
answers object Required body: Map of survey question ids to answer values.
customerId string body: Known customer id when available.
metadata object body: Optional client metadata.

cURL

curl -X POST "https://api.favcrm.io/v6/customer-portal/surveys/token/{token}/responses" \
  -H "Content-Type: application/json" \
  -d '{  "answers": {    "q_1": "Very satisfied",    "q_2": 5  },  "metadata": {    "source": "storefront"  }}'

Request payload

{
  "answers": {
    "q_1": "Very satisfied",
    "q_2": 5
  },
  "metadata": {
    "source": "storefront"
  }
}

Response 200

{
  "success": true,
  "data": {
    "id": "resp_123",
    "status": "submitted"
  }
}

Try it

Try-it disabled for this endpoint.

Magic-token endpoints are tied to a specific invitation. Use the link delivered to the recipient to test.

GET /v6/customer-portal/storefront/resolve-domain Public tenant

Resolve storefront domain

Resolve a storefront domain to tenant context.

Request fields

domain string Required query: Storefront host name to resolve.

cURL

curl -X GET "https://api.favcrm.io/v6/customer-portal/storefront/resolve-domain"

Response 200

{
  "success": true,
  "data": {
    "companyId": "cmp_123",
    "domain": "store.example.com",
    "locale": "en"
  }
}

Try it

Query parameters domain string required

POST /v6/customer-portal/contact Public tenant

Submit contact form

Create a public contact inquiry.

Request fields

X-Company-Id string header: Tenant id. Can be omitted when tenant context is resolved from the storefront domain.
name string Required body: Contact name.
email email body: Contact email.
phone string body: Contact phone.
message string Required body: Inquiry message.

cURL

curl -X POST "https://api.favcrm.io/v6/customer-portal/contact" \
  -H "X-Company-Id: cmp_123" \
  -H "Content-Type: application/json" \
  -d '{  "name": "Jane Lee",  "email": "jane@example.com",  "message": "I would like to ask about membership."}'

Request payload

{
  "name": "Jane Lee",
  "email": "jane@example.com",
  "message": "I would like to ask about membership."
}

Response 200

{
  "success": true,
  "data": {
    "id": "contact_123",
    "status": "received"
  }
}

Try it

Request body (JSON)

Legacy mapping

Legacy route	v6 replacement	Response change
`GET /connect/v1/pages/` `GET /connect/v1/pages/{slug}/`	`GET /v6/customer-portal/cms/pages` `GET /v6/customer-portal/cms/pages/{slug}`	v6 uses a { success, data } envelope. Lists return data.items and optional pagination instead of a legacy top-level list shape.
`GET /connect/v1/blog/posts/` `GET /connect/v1/blog/posts/{slug}/`	`GET /v6/customer-portal/cms/posts` `GET /v6/customer-portal/cms/posts/{slug}`	Blog reads move under CMS posts. v6 normalizes item fields and returns the standard success envelope.
`GET /connect/v1/blog/categories/`	`GET /v6/customer-portal/cms/categories`	Category lists return v6 CMS category objects inside the standard envelope.
`POST /connect/v1/members/register/`	`POST /v6/customer-portal/auth/register`	v6 returns the registered member/account in data.member and may return a customer token in data.token.
`POST /connect/v1/members/{member_uuid}/token/`	`POST /v6/customer-portal/auth/validate-token` `POST /v6/customer-portal/auth/refresh`	v6 validates or refreshes customer tokens. Minting a token from only member_uuid is legacy behavior and needs an adapter.
`GET /connect/v1/members/search/`	`No public SDK equivalent` `Compatibility adapter recommended`	The public SDK does not expose broad member search. Use customer token flows, or build a narrow adapter if a partner needs legacy phone/member_uuid lookup.
`POST /connect/v1/members/reward-transactions/`	`No public SDK equivalent` `Compatibility adapter recommended`	Reward balance mutations are not public SDK endpoints. Use a server-side adapter if a partner needs the legacy reward transaction contract.
`GET /connect/v1/events/` `GET /connect/v1/events/{slug}/`	`GET /v6/customer-portal/events` `GET /v6/customer-portal/events/{slug}`	Events stay public read routes, but fields are normalized under data.items or data; dates and quota use v6 event structures.
`GET /connect/v1/booking-records/?member_uuid=...` `GET /connect/v1/booking-records/{booking_uuid}/`	`GET /v6/customer-portal/bookings` `GET /v6/customer-portal/bookings/{id}`	v6 public reads are customer-token scoped. Exact legacy member_uuid query semantics need an adapter.

LLM usage

Agents should begin with /llms.txt, then load /openapi/connect-v6.openapi.yaml for exact path coverage and schemas.