API Documentation

Complete reference for all API endpoints, request/response formats, and integration examples.

Base URL: https://your-backend.com

Authentication

Currently, the API uses CORS origin validation. Requests must come from allowed origins configured in the ALLOWED_ORIGINS environment variable.

For n8n integration, OAuth2 authentication is supported and configured via environment variables.

Form Submission Endpoints

POST /api/forms/contact

Submit general contact form inquiries.

Request Body

Field Type Required Description
name string Yes Contact name (2-100 chars)
email string Yes Valid email address
phone string No Phone number (optional)
subject string Yes Subject line (3-200 chars)
message string Yes Message content (10-5000 chars)
company string No Company name (optional)
consent boolean Yes Privacy policy consent (must be true)

Example Request

POST /api/forms/contact
Content-Type: application/json

{
  "name": "John Doe",
  "email": "john@example.com",
  "subject": "Project Inquiry",
  "message": "I'm interested in learning more about your services.",
  "consent": true
}

Success Response (200)

{
  "success": true,
  "message": "Contact form submitted successfully",
  "data": {
    "referenceId": "CONTACT-1698765432000",
    "debugId": "1698765432000-a1b2c3d4",
    "submittedAt": "2025-10-26T10:30:32.000Z",
    "processingTime": 245
  }
}

Error Response (400)

{
  "error": {
    "message": "Validation failed",
    "code": "VALIDATION_ERROR",
    "status": 400,
    "details": [
      {
        "field": "email",
        "message": "Please provide a valid email address",
        "type": "string.email"
      }
    ]
  }
}

Rate Limiting

3 requests per 15 minutes per email address

POST /api/forms/business-contact

Submit business inquiry with comprehensive information.

Request Body

Field Type Required Description
name string Yes Contact name
email string Yes Business email
phone string Yes Contact phone
businessName string Yes Company/business name
businessType enum Yes sole-proprietorship, partnership, llc, corporation, non-profit, startup, enterprise, other
websiteUrl string No Business website URL
message string Yes Inquiry message (20-5000 chars)
urgency enum No low, medium, high, urgent (default: medium)
consent boolean Yes Must be true

Example Request

POST /api/forms/business-contact
Content-Type: application/json

{
  "name": "Sarah Johnson",
  "email": "sarah@techcorp.com",
  "phone": "+1-555-0123",
  "businessName": "Tech Corp",
  "businessType": "corporation",
  "websiteUrl": "https://techcorp.com",
  "message": "Interested in partnership opportunities",
  "urgency": "medium",
  "consent": true
}

Success Response (200)

{
  "success": true,
  "message": "Business contact form submitted successfully",
  "data": {
    "referenceId": "BIZ-1698765432000",
    "debugId": "1698765432000-a1b2c3d4",
    "submittedAt": "2025-10-26T10:30:32.000Z",
    "processingTime": 312,
    "estimatedResponseTime": "24-48 hours"
  }
}

Rate Limiting

2 requests per hour per email address

Utility Endpoints

GET /health

Check server health and status.

Response (200)

{
  "status": "healthy",
  "timestamp": "2025-10-26T10:30:32.000Z",
  "environment": "production"
}

GET /api

List all available API routes.

Response (200)

{
  "message": "API Routes",
  "version": "1.0.0",
  "availableRoutes": [
    "GET /api",
    "GET /api/example",
    "POST /api/forms/contact",
    "POST /api/forms/business-contact",
    "POST /api/forms/business-inquiry"
  ]
}

Error Responses

Standard Error Format

All errors follow this format:

{
  "error": {
    "message": "Error description",
    "code": "ERROR_CODE",
    "status": 400,
    "debugId": "1698765432000-a1b2c3d4"
  }
}

Common Error Codes

Code Status Description
VALIDATION_ERROR 400 Request validation failed
RATE_LIMIT_EXCEEDED 429 Too many requests
ROUTE_NOT_FOUND 404 Endpoint does not exist
INTERNAL_ERROR 500 Server error (contact support with debugId)

Integration Examples

JavaScript (Fetch API)

async function submitContactForm(formData) {
  try {
    const response = await fetch('https://your-backend.com/api/forms/contact', {
      method: 'POST',
      headers: {
        'Content-Type': 'application/json',
      },
      body: JSON.stringify(formData)
    });

    const result = await response.json();

    if (response.ok) {
      console.log('Success:', result.data.referenceId);
      return result;
    } else {
      console.error('Error:', result.error.message);
      throw new Error(result.error.message);
    }
  } catch (error) {
    console.error('Network error:', error);
    throw error;
  }
}

cURL

curl -X POST https://your-backend.com/api/forms/contact \
  -H "Content-Type: application/json" \
  -d '{
    "name": "John Doe",
    "email": "john@example.com",
    "subject": "Question",
    "message": "Hello",
    "consent": true
  }'

Axios (Node.js)

const axios = require('axios');

async function submitForm(data) {
  try {
    const response = await axios.post(
      'https://your-backend.com/api/forms/contact',
      data,
      {
        headers: {
          'Content-Type': 'application/json'
        }
      }
    );

    console.log('Submitted:', response.data.data.referenceId);
    return response.data;
  } catch (error) {
    if (error.response) {
      console.error('Error:', error.response.data.error.message);
    } else {
      console.error('Network error:', error.message);
    }
    throw error;
  }
}

Best Practices

📖 Back to User Guide 💚 Check Health

Secure Backend API © 2025 | Built with Express.js