API Contracts by Portal (Endpoints + Payloads + Error Codes)

Global Base URLs & Headers

Admin Portal (studenthub-admin)

Base API URL: Configured in src/environments/environment.ts as apiEndpoint: 'https://admin.api.dev.studenthub.co/v1'
Auth Header: Authorization: Bearer <token>, built in src/app/providers/logged-in/authhttp.service.ts via AuthService.getAccessToken()
Token Storage: Ionic Storage under key loggedInAdmin (see src/app/providers/auth.service.ts)
Additional Headers: "Currency" (from user preference or default "KWD"), "Content-Type": "application/json"
Error Handling: Centralized in AuthHttpService._handleError (src/app/providers/logged-in/authhttp.service.ts), which handles HTTP status codes and triggers UI events or logout

Staff and Candidate Portals

Not included here due to incomplete endpoint mapping. See "Unknown/Verify" section.

Company Portal

No standalone company portal frontend found. Company-related API calls are handled within the admin portal frontend.

Admin Portal – Endpoint Index (max 25, grouped by feature area)

Auth

GET /auth/login
- Frontend: src/app/providers/auth.service.ts:basicAuth
- Backend: admin/modules/v1/controllers/AuthController.php:actionLogin
- Request: Inline object in basicAuth
- Response: Inline handling in handleLogin
- Error: AuthService._handleError
POST /auth/login-two-step
- Frontend: src/app/providers/auth.service.ts:loginTwoStep
- Backend: admin/modules/v1/controllers/AuthController.php:actionLoginTwoStep
- Request: Inline object in loginTwoStep
- Response: Inline handling in handleLogin
- Error: AuthService._handleError
POST /auth/login-by-google
- Frontend: src/app/providers/auth.service.ts:loginByGoogle
- Backend: admin/modules/v1/controllers/AuthController.php:actionLoginByGoogle
- Request: Inline object in useGoogleIdTokenForAuth
- Response: Inline handling in handleLogin
- Error: AuthService._handleError
POST /auth/login-auth0
- Frontend: src/app/providers/auth.service.ts:useTokenForAuth
- Backend: admin/modules/v1/controllers/AuthController.php:actionLoginAuth0
- Request: Inline object in useTokenForAuth
- Response: Inline handling in handleLogin
- Error: AuthService._handleError

Candidates

GET /candidates/search
- Frontend: src/app/providers/logged-in/candidate.service.ts:list
- Backend: admin/modules/v1/controllers/CandidateController.php:actionSearch
- Request: Inline params in list
- Response: Observable
- Error: AuthHttpService._handleError
GET /candidates/report-search
- Frontend: candidate.service.ts:reportList
- Backend: CandidateController.php:actionReportSearch
- Request: Inline params
- Response: Observable
- Error: AuthHttpService._handleError
GET /candidates/{id}
- Frontend: candidate.service.ts:view
- Backend: CandidateController.php:actionView
- Request: Inline param
- Response: Observable
- Error: AuthHttpService._handleError
POST /candidates/login/{id}
- Frontend: candidate.service.ts:login
- Backend: CandidateController.php:actionLogin
- Request: Inline object
- Response: Observable
- Error: AuthHttpService._handleError
DELETE /candidates/{id}
- Frontend: candidate.service.ts:delete
- Backend: CandidateController.php:actionDelete
- Request: Inline param
- Response: Observable
- Error: AuthHttpService._handleError
PATCH /candidates/restore/{id}
- Frontend: candidate.service.ts:restore
- Backend: CandidateController.php:actionRestore
- Request: Inline object
- Response: Observable
- Error: AuthHttpService._handleError
PATCH /candidates/approve/{id}
- Frontend: candidate.service.ts:approve
- Backend: CandidateController.php:actionApprove
- Request: Inline object
- Response: Observable
- Error: AuthHttpService._handleError
PATCH /candidates/reset-password/{id}
- Frontend: candidate.service.ts:resetPassword
- Backend: CandidateController.php:actionResetPassword
- Request: Inline object
- Response: Observable
- Error: AuthHttpService._handleError
GET /candidates/transfers/{id}
- Frontend: candidate.service.ts:transfers
- Backend: CandidateController.php:actionTransfers
- Request: Inline param
- Response: Observable
- Error: AuthHttpService._handleError

Companies

GET /companies
- Frontend: src/app/providers/logged-in/company.service.ts:list
- Backend: admin/modules/v1/controllers/CompanyController.php:actionList
- Request: Inline params
- Response: Observable
- Error: AuthHttpService._handleError
GET /companies/{id}
- Frontend: company.service.ts:view
- Backend: CompanyController.php:actionView
- Request: Inline param
- Response: Observable
- Error: AuthHttpService._handleError
POST /companies
- Frontend: company.service.ts:create
- Backend: CompanyController.php:actionCreate
- Request: Inline object from Company model
- Response: Observable
- Error: AuthHttpService._handleError
PATCH /companies/{id}
- Frontend: company.service.ts:update
- Backend: CompanyController.php:actionUpdate
- Request: Inline object from Company model
- Response: Observable
- Error: AuthHttpService._handleError
DELETE /companies/{id}
- Frontend: company.service.ts:delete
- Backend: CompanyController.php:actionDelete
- Request: Inline param
- Response: Observable
- Error: AuthHttpService._handleError
PATCH /companies/reset-password/{id}
- Frontend: company.service.ts:resetPassword
- Backend: CompanyController.php:actionResetPassword
- Request: Inline object
- Response: Observable
- Error: AuthHttpService._handleError

Transfers / Payroll

GET /transfers/payable-candidates
- Frontend: src/app/providers/logged-in/transfer.service.ts:listPayableCandidates
- Backend: admin/modules/v1/controllers/TransferController.php:actionPayableCandidates
- Request: Inline params
- Response: Observable
- Error: AuthHttpService._handleError
GET /transfers
- Frontend: transfer.service.ts:list
- Backend: TransferController.php:actionList
- Request: Inline params
- Response: Observable
- Error: AuthHttpService._handleError
PATCH /transfers/mark-paid/{id}
- Frontend: transfer.service.ts:markPaid
- Backend: TransferController.php:actionMarkPaid
- Request: Inline object
- Response: Observable
- Error: AuthHttpService._handleError
PATCH /transfers/unlock/{id}
- Frontend: transfer.service.ts:markUnlock
- Backend: TransferController.php:actionUnlock
- Request: Inline object
- Response: Observable
- Error: AuthHttpService._handleError
PATCH /transfers/lock/{id}
- Frontend: transfer.service.ts:markLocked
- Backend: TransferController.php:actionLock
- Request: Inline object
- Response: Observable
- Error: AuthHttpService._handleError
PATCH /transfers/cancel/{id}
- Frontend: transfer.service.ts:markCancel
- Backend: TransferController.php:actionCancel
- Request: Inline object
- Response: Observable
- Error: AuthHttpService._handleError
DELETE /transfers/{id}
- Frontend: transfer.service.ts:delete
- Backend: TransferController.php:actionDelete
- Request: Inline param
- Response: Observable
- Error: AuthHttpService._handleError
PATCH /transfers/mark-paid-all
- Frontend: transfer.service.ts:markPaidAll
- Backend: TransferController.php:actionMarkPaidAll
- Request: Inline object
- Response: Observable
- Error: AuthHttpService._handleError
POST /transfers/import-excel
- Frontend: transfer.service.ts:importExcel
- Backend: TransferController.php:actionImportExcel
- Request: Inline object
- Response: Observable
- Error: AuthHttpService._handleError
POST /transfers/import-bank-statement-excel
- Frontend: transfer.service.ts:importBankStatementExcel
- Backend: TransferController.php:actionImportBankStatementExcel
- Request: Inline object
- Response: Observable
- Error: AuthHttpService._handleError
POST /transfers/import-kfh-excel
- Frontend: transfer.service.ts:importKFHExcel
- Backend: TransferController.php:actionImportKfhExcel
- Request: Inline object
- Response: Observable
- Error: AuthHttpService._handleError
POST /transfers/import-google-excel
- Frontend: transfer.service.ts:importGoogleExcel
- Backend: TransferController.php:actionImportGoogleExcel
- Request: Inline object
- Response: Observable
- Error: AuthHttpService._handleError

Invoices / Receipts

GET /transfers/invoices/{id}
- Frontend: transfer.service.ts:listInvoices
- Backend: TransferController.php:actionInvoices
- Request: Inline param
- Response: Observable
- Error: AuthHttpService._handleError
GET /transfers/pdf/{id}/invoice
- Frontend: transfer.service.ts:downloadInvoice
- Backend: TransferController.php:actionPdf
- Request: Inline param
- Response: Observable
- Error: AuthHttpService._handleError
GET /transfers/pdf/{id}/receipt
- Frontend: transfer.service.ts:downloadReceipt
- Backend: TransferController.php:actionPdf
- Request: Inline param
- Response: Observable
- Error: AuthHttpService._handleError

Uploads / Reports

POST /transfers/update-transfer-from-file/{id}
- Frontend: transfer.service.ts:updateTransferFromFile
- Backend: TransferController.php:actionUpdateTransferFromFile
- Request: Inline object
- Response: Observable
- Error: AuthHttpService._handleError
GET /transfers/export/{id}
- Frontend: transfer.service.ts:export
- Backend: TransferController.php:actionExport
- Request: Inline param
- Response: Observable
- Error: AuthHttpService._handleError
GET /transfers/export-payable-candidates
- Frontend: transfer.service.ts:exportPayableCandidates
- Backend: TransferController.php:actionExportPayableCandidates
- Request: Inline param
- Response: Observable
- Error: AuthHttpService._handleError
GET /transfers/export-google-excel
- Frontend: transfer.service.ts:exportGoogleExcel
- Backend: TransferController.php:actionExportGoogleExcel
- Request: Inline param
- Response: Observable
- Error: AuthHttpService._handleError
GET /transfers/download-payment-advice
- Frontend: transfer.service.ts:downloadAdvice
- Backend: TransferController.php:actionDownloadPaymentAdvice
- Request: Inline param
- Response: Observable
- Error: AuthHttpService._handleError
GET /transfers/download-payment-advice-for-abk
- Frontend: transfer.service.ts:downloadAdviceForABK
- Backend: TransferController.php:actionDownloadPaymentAdviceForAbk
- Request: Inline param
- Response: Observable
- Error: AuthHttpService._handleError
GET /transfers/download-text-payment-advice-for-abk
- Frontend: transfer.service.ts:downloadTextAdviceForABK
- Backend: TransferController.php:actionDownloadTextPaymentAdviceForAbk
- Request: Inline param
- Response: Observable
- Error: AuthHttpService._handleError
GET /transfers/text
- Frontend: transfer.service.ts:downloadTxt
- Backend: TransferController.php:actionText
- Request: Inline param
- Response: Observable
- Error: AuthHttpService._handleError

Shared Constants / Status Enums

src/environments/environment.ts: API base URL, currency code
src/app/providers/logged-in/authhttp.service.ts: Auth header, error handling
src/app/providers/auth.service.ts: Token storage key (loggedInAdmin), error handling

Company Portal – Unknown/Verify

No standalone company portal frontend was found in the scanned repositories. Company-related API calls are handled within the admin portal frontend (src/app/providers/logged-in/company.service.ts). No evidence of a separate company portal or its API usage was found.

Staff Portal & Candidate Portal

Not included due to incomplete endpoint mapping. To complete these sections, further research is required to extract HTTP call sites, endpoint paths, and backend mappings for these portals.

Ambiguities & Search Paths

All endpoint mappings above are backed by code references in the admin portal and backend.
If a backend route match was ambiguous, the closest candidate controller/action was selected based on naming and usage conventions.
For staff and candidate portals, endpoint mappings remain unknown due to incomplete research coverage.

References: