01 Authentication
DevPremier CRM exposes a REST API v1 under /api/v1/.
- Laravel Sanctum — token-based auth for SPA/mobile integrations.
- JWT — alternative bearer-token auth via
tymon/jwt-auth. - Obtain tokens from
/api/v1/auth/*endpoints (see your deployment base URL).
Always use HTTPS in production; rotate API tokens when staff leave.
02 Available endpoints
Core resources include:
- Customers, Leads, Products
- Invoices, Estimates, Proposals
- Users and Office settings (where permitted)
Rate limiting applies to API routes — see config/rate_limiting.php in the CRM for tier limits (read/write/delete).
Use the API to sync DevPremier with external apps, mobile clients, or custom dashboards on your Linux server infrastructure.
03 Lead API & session routes
Lead features use a mixed model: session-auth web routes plus Sanctum API routes.
- Session-auth web routes (for logged-in CRM users):
GET /lead,GET /lead/create,POST /lead,PUT /lead/{lead},DELETE /lead/destroy/{lead}. - Session-auth actions:
POST /lead/send_sms/{lead},POST /lead/make_call_note/{lead},POST /lead/sort. - Session-auth location lookups:
GET /api/getCountries,GET /api/getStates/{id},GET /api/getCities/{id}. - Sanctum routes:
GET /api/lead/get_titles,GET /api/lead/getSources,POST /api/lead/storeSource,GET /api/lead/getStatuses,POST /api/lead/storeStatus,POST /api/lead/check_email_availability. - Deals Kanban, pipeline management, and lead source report APIs are not yet implemented in this codebase.
Expected result: browser users rely on session routes, while programmatic integrations use Sanctum endpoints where available.
Thanks for reading DevPremier CRM docs
Browse all guides