Fast reference for the 10 Workflow Vault API routes.
| Endpoint | Method | Auth | Description |
|---|---|---|---|
/api/vault/workflows |
GET | No | List all workflows |
/api/vault/workflows |
POST | Admin | Create workflow |
/api/vault/workflows/[slug] |
GET | No | Get single workflow |
/api/vault/workflows/[slug] |
PATCH | Admin | Update workflow |
/api/vault/workflows/[slug] |
DELETE | Admin | Delete workflow |
/api/vault/categories |
GET | No | List categories |
/api/vault/checkout |
POST | Yes | Create checkout |
/api/vault/verify |
POST | Yes | Verify access |
/api/vault/download |
POST | Yes | Generate download token |
/api/vault/download/<token> |
GET | No | Download file |
/api/vault/my-purchases |
GET | Yes | User's purchases |
/api/vault/favorites |
GET | Yes | User's favorites |
/api/vault/favorites |
POST | Yes | Add favorite |
/api/vault/favorites |
DELETE | Yes | Remove favorite |
/api/membership/subscribe |
POST | Yes | Subscribe |
/api/membership/status |
GET | Yes | Membership status |
/api/membership/status |
DELETE | Yes | Cancel membership |
// Fetch featured workflows
const response = await fetch('/api/vault/workflows?featured=true&limit=6');
const { data } = await response.json();
const workflows = data.data;// Search by keyword
const response = await fetch('/api/vault/workflows?search=crm&sortBy=popular');
const { data } = await response.json();// Get workflows by category
const response = await fetch('/api/vault/workflows?category=workflows&pricingType=free');
const { data } = await response.json();// Verify if user can access a workflow
const response = await fetch('/api/vault/verify', {
method: 'POST',
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({ workflow_id: workflowId })
});
const { data } = await response.json();
if (data.has_access) {
// Show download button
}// Step 1: Generate secure download token
const tokenResponse = await fetch('/api/vault/download', {
method: 'POST',
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({ workflow_id: workflowId })
});
const { data } = await tokenResponse.json();
// Step 2: Use the download URL
window.location.href = data.download_url;// Create checkout session
const response = await fetch('/api/vault/checkout', {
method: 'POST',
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({ workflow_id: workflowId })
});
const { data } = await response.json();
// Redirect to Stripe checkout
window.location.href = data.checkout_url;// Add to favorites
await fetch('/api/vault/favorites', {
method: 'POST',
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({ workflow_id: workflowId })
});
// Remove from favorites
await fetch(`/api/vault/favorites?workflow_id=${workflowId}`, {
method: 'DELETE',
headers: { 'Authorization': `Bearer ${token}` }
});
// Get all favorites
const response = await fetch('/api/vault/favorites', {
headers: { 'Authorization': `Bearer ${token}` }
});
const { data } = await response.json();// Get all purchases
const response = await fetch('/api/vault/my-purchases', {
headers: { 'Authorization': `Bearer ${token}` }
});
const { data } = await response.json();
const purchases = data.purchases;// Subscribe to monthly plan
const response = await fetch('/api/membership/subscribe', {
method: 'POST',
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({ plan: 'monthly' })
});
const { data } = await response.json();
window.location.href = data.checkout_url;// Get membership details
const response = await fetch('/api/membership/status', {
headers: { 'Authorization': `Bearer ${token}` }
});
const { data } = await response.json();
if (data.has_membership && data.status === 'active') {
// Show members-only content
}Get the auth token from Supabase:
import { supabase } from '@/lib/supabase';
// Get current session
const { data: { session } } = await supabase.auth.getSession();
const token = session?.access_token;
// Use in API calls
const headers = {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json'
};All endpoints return:
// Success
{
success: true,
data: any,
message?: string
}
// Error
{
success: false,
error: string
}200- Success201- Created400- Bad request / validation error401- Not authenticated403- Not authorized404- Not found500- Server error
/Volumes/JarvisSSD/toolforge-ai/
├── src/
│ ├── app/api/
│ │ ├── vault/
│ │ │ ├── workflows/route.ts
│ │ │ ├── workflows/[slug]/route.ts
│ │ │ ├── categories/route.ts
│ │ │ ├── checkout/route.ts
│ │ │ ├── verify/route.ts
│ │ │ ├── download/route.ts
│ │ │ ├── my-purchases/route.ts
│ │ │ └── favorites/route.ts
│ │ └── membership/
│ │ ├── subscribe/route.ts
│ │ └── status/route.ts
│ └── types/
│ ├── index.ts
│ └── vault.ts
├── prisma/migrations/
│ └── 003_workflow_vault_system.sql
└── WORKFLOW_VAULT_API.md (full docs)
- ✅ API routes created (all 10 routes)
- ✅ TypeScript types defined
- ✅ Database schema created
- ⬜ Run database migration
- ⬜ Configure environment variables
- ⬜ Implement Stripe integration (optional)
- ⬜ Test API endpoints
- ⬜ Build frontend UI
-
Apply database migration:
psql -h your-db -U postgres -d your-db -f prisma/migrations/003_workflow_vault_system.sql
-
Set environment variables:
NEXT_PUBLIC_SUPABASE_URLNEXT_PUBLIC_SUPABASE_ANON_KEYSUPABASE_SERVICE_ROLE_KEYSTRIPE_SECRET_KEY(optional)
-
Test the API:
- Start dev server:
npm run dev - Test in browser or Postman
- Check responses match expected format
- Start dev server:
-
Build frontend:
- Create workflow listing page
- Create workflow detail page
- Add checkout flow
- Implement download functionality
- Build user dashboard
See WORKFLOW_VAULT_API.md for complete API documentation.