⚠️ This documentation is not complete and will change. Documentation and API References are actively being updated.
Authentication
Jobs
- GETList or retrieve jobs
- POSTCreate, update, or delete a job
- GETList job statuses
- GETList job types
- GETList job priorities
- GETList job payment statuses
- GETList job time ranges
- GETSearch property addresses
- GETList case notes for a job
- POSTCreate a case note
- GETList or download case note attachments
- POSTUpload case note attachment
- GETList or download job documents
- POSTUpload or delete a job document
- GETGet a document thumbnail
- GETList or download job photos
- POSTUpload or delete a job photo
- GETList amendment requests
- POSTCreate or action an amendment request
- GETGet amendable fields for a job
- GETList remedial links for a job
- POSTCreate or remove a remedial link
- GETList recall records
- POSTCreate a recall record
- POSTMark a recall as completed
- POSTToggle pin status of a job
- GETGet video variants for a job media file
- GETDownload an attachment by UUID
Calendar
Users
- GETList or retrieve users
- POSTCreate, update, or delete a user
- GETRetrieve user avatar
- POSTUpload or delete user avatar
- GETGet user permissions
- POSTUpdate user permissions
- GETGet notification settings
- POSTUpdate notification settings
- POSTSend email verification
- GETGet user appearance settings
- POSTUpdate appearance settings or upload banner
- GETGet dashboard widget preferences
- POSTUpdate dashboard widget preferences
- GETGet user profile popover data
- GETGet online users
- POSTActivate or deactivate a user
- POSTForce-logout a user
- POSTRequest or complete a password reset
Contractors
Tenants
Agents & Branches
SLA
Dashboard
- GETRetrieve dashboard statistics
- GETBatch dashboard data
- GETNew jobs chiplet data
- GETCompleted jobs chiplet data
- GETJobs booked today
- GETJobs with missing certificates
- GETJobs without an assigned contractor
- GETUsers with incomplete onboarding
- GETJob counts grouped by type
- GETActive recall jobs
- GETPinned jobs
- GETOverdue quotes
- GETDashboard chiplet counts
- GETDashboard chart data
- GETSecurity operations chiplet data
- POSTQuick-update a job from the dashboard
Analytics
- GETRetrieve AI analysis results
- POSTTrigger a new AI analysis
- GETBranch performance metrics
- GETJob health check
- GETList AI chat sessions
- GETList messages in a chat session
- POSTSend a message to the AI assistant
- GETRecent platform activity
- GETFiltered activity feed
- POSTTrack a page view
- POSTTrack a page view (simple)
- GETGemini AI usage statistics
Financial
Notifications & Notices
- GETList system notifications
- POSTCreate or dismiss a system notification
- GETList registered device tokens
- POSTRegister or remove a device token
- GETGet web push configuration
- POSTRegister a web push subscription
- DELRemove a web push subscription
- POSTSend a test web push notification
- GETList or retrieve notices
- POSTCreate a notice
- PUTUpdate a notice
- DELDelete or dismiss a notice
Security
- GETGet a CSRF token
- GETList active sessions
- POSTTerminate a session or manage blacklist
- GETList file integrity alerts
- POSTMark a file integrity alert as resolved
- GETList file integrity monitoring alerts
- POSTTrigger a file integrity scan
- POSTResolve a file integrity alert
- GETView file diff against source
- POSTCheck password against breach database
- POSTMobile app authentication
GDPR & Privacy
System
Administration
- GETList branches
- POSTImport, disable, enable, or delete branches
- POSTDisable a branch
- POSTEnable a branch
- GETList roles
- GETList permissions for dropdown
- POSTUpdate staff role permissions
- GETGet user management policy levels
- PUTUpdate management policy level
- GETAPI endpoint discovery
- POSTRegister API actions
- GETAPI permission matrix
- GETAPI usage statistics
- GETList document types
- POSTCreate, update, or delete a document type
- GETList legal documents
- POSTCreate or update a legal document
- DELDelete a legal document
- GETRetrieve all job documents (admin view)
- GETList job tags
- POSTCreate, update, or delete a job tag
- GETRetrieve activity log
- GETRetrieve email delivery logs
- POSTResend a transactional email
- GETGenerate security report
- GETView rate-limiting configuration and stats
- GETSettings overview statistics
- GETScan for orphaned files
- GETGet password breach status for all users
Weather
Feedback
Check password against breach database
curl --request POST \
--url https://api.propops.app/api/security/password-breach-check \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"password": "P@ssw0rd123",
"csrf_token": "abc123def456",
"return_count": false
}
'{
"success": true,
"message": "This password has appeared in 3,200 data breaches.",
"breached": true,
"count": 3200
}Security
Check password against breach database
Checks a password against the Have I Been Pwned breach database using the k-Anonymity model. Results are cached.
Required permission: api.security.password_breach_check.read
POST
/
api
/
security
/
password-breach-check
Check password against breach database
curl --request POST \
--url https://api.propops.app/api/security/password-breach-check \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"password": "P@ssw0rd123",
"csrf_token": "abc123def456",
"return_count": false
}
'{
"success": true,
"message": "This password has appeared in 3,200 data breaches.",
"breached": true,
"count": 3200
}Authorizations
All API requests must include a valid Bearer token in the Authorization header.
Tokens are 64-character SHA-256 session hashes issued by the PropOps authentication system.
Example:
Authorization: Bearer a1b2c3d4e5f6...
Body
application/json
⌘I
Assistant
Responses are generated using AI and may contain mistakes.