Pre-configured collection with all API endpoints, authentication, and examples.
Download CollectionOpen Postman and click Import button
Drag and drop the downloaded JSON file, or click Upload Files
Click Import to add the collection to your workspace
Set your base URL and credentials:
Click on the collection name → Variables tab
base_url: http://localhost:8000 (change to your domain)
auth_token: Leave empty (auto-filled after login)
Open Authentication → Login request
Update the request body with your credentials:
{
"email": "your-email@example.com",
"password": "your-password"
}
Click Send. The auth token will be automatically saved!
All other requests in the collection will automatically use your auth token. Just click Send on any endpoint to test.
Test the API directly from your terminal using cURL commands.
curl -X POST http://localhost:8000/api/login \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-d '{
"email": "user@example.com",
"password": "password"
}'
Save the token from the response to use in subsequent requests.
curl -X GET http://localhost:8000/api/v1/accounting/invoices \ -H "Accept: application/json" \ -H "Authorization: Bearer YOUR_TOKEN_HERE"
curl -X GET "http://localhost:8000/api/v1/accounting/invoices?page=1&per_page=20&filter[status]=unpaid&sort_by=due_date" \ -H "Accept: application/json" \ -H "Authorization: Bearer YOUR_TOKEN_HERE"
curl -X POST http://localhost:8000/api/v1/accounting/invoices \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_TOKEN_HERE" \
-d '{
"customer_name": "Acme Corp",
"customer_email": "billing@acme.com",
"total": 1500.00
}'
curl -X PUT http://localhost:8000/api/v1/accounting/invoices/1 \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_TOKEN_HERE" \
-d '{
"customer_name": "Acme Corporation"
}'
curl -X DELETE http://localhost:8000/api/v1/accounting/invoices/1 \ -H "Accept: application/json" \ -H "Authorization: Bearer YOUR_TOKEN_HERE"
curl -X GET http://localhost:8000/api/guest/resource/YOUR_GUEST_TOKEN_HERE \ -H "Accept: application/json"
Standard login for web and mobile apps:
# Login
POST /api/login
{
"email": "user@example.com",
"password": "password"
}
# Response
{
"success": true,
"data": {
"token": "1|abc123def456...",
"user": {...}
}
}
# Use token in subsequent requests
Authorization: Bearer 1|abc123def456...
For service-to-service communication:
# Create token first (via authenticated request)
POST /api/tokens
{
"name": "My Integration",
"scopes": ["accounting.*"]
}
# Response includes token (save it!)
{
"data": {
"token": "bdm_xyz789..."
}
}
# Use in requests
Authorization: Bearer bdm_xyz789...
Token in URL, no Authorization header needed:
GET /api/guest/resource/128_character_guest_token_here
POST /api/permissions
{
"email": "colleague@example.com",
"module_slug": "accounting",
"role": "manager",
"expires_at": "2026-12-31"
}
POST /api/v1/accounting/invoices/1/guest-access
{
"guest_email": "customer@example.com",
"guest_name": "John Doe",
"permissions": ["view", "download", "pay"],
"expires_at": "2025-12-31",
"requires_password": true,
"password": "secret123"
}
POST /api/webhooks
{
"url": "https://your-app.com/webhooks/bdm",
"events": ["invoice.created", "invoice.paid"],
"active": true
}
GET /api/v1/accounting/invoices? page=1& per_page=20& search=acme& filter[status]=unpaid& filter[customer_id]=5& sort_by=due_date& sort_order=asc& include=customer,items
Problem: Missing or invalid authentication token
Solution:
Problem: User doesn't have permission
Solution:
Problem: Rate limit exceeded
Solution:
Problem: Invalid request data
Solution: