API Reference - Mongo My Admin Documentation

Overview

The Mongo My Admin API is a RESTful API that provides programmatic access to all platform features.

Base URL

https://yourdomain.com/api/v1

Response Format

All responses follow a standard JSON format:

// Success Response
{
  "success": true,
  "message": "Operation successful",
  "data": { ... }
}

// Error Response
{
  "success": false,
  "message": "Error description",
  "error": "ERROR_CODE"
}

Pagination

List endpoints support pagination with these query parameters:

Parameter	Default	Description
`page`	1	Page number
`limit`	10	Items per page
`sort`	createdAt	Sort field
`order`	desc	Sort order (asc/desc)

Authentication

The API uses JWT (JSON Web Token) authentication. Include the token in the Authorization header:

Authorization: Bearer <your_jwt_token>

Token Lifecycle

Token Type	Purpose	Expiry
Access Token	API authentication	24 hours
Refresh Token	Get new access token	7 days

API Key Authentication

For automated integrations, use API key + secret key:

X-API-Key: your_api_key
X-API-Secret: your_api_secret

Auth Endpoints

SaaS Admin Auth

POST

/auth/admin/login

Authenticate as SaaS Super Admin

// Request Body
{
  "email": "super-admin@gmail.com",
  "password": "BetaZen@2023"
}

// Response
{
  "success": true,
  "data": {
    "token": "eyJhbGciOiJIUzI1NiIs...",
    "refreshToken": "eyJhbGciOiJIUzI1NiIs...",
    "admin": {
      "id": "...",
      "email": "super-admin@gmail.com",
      "name": "Super Admin"
    }
  }
}

Company Auth

POST

/auth/company/login

Authenticate as Company Admin/User

// Request Body
{
  "email": "admin@gmail.com",
  "password": "BetaZen@2023"
}

// Response
{
  "success": true,
  "data": {
    "token": "eyJhbGciOiJIUzI1NiIs...",
    "refreshToken": "eyJhbGciOiJIUzI1NiIs...",
    "user": {
      "id": "...",
      "email": "admin@gmail.com",
      "name": "Admin",
      "role": "super_admin"
    },
    "company": {
      "id": "...",
      "name": "My Company",
      "status": "active"
    }
  }
}

POST

/auth/company/refresh

Refresh access token

POST

/auth/company/forgot-password

Request password reset email

POST

/auth/company/reset-password

Reset password with token

POST

/auth/company/logout

Logout and invalidate session

Company Endpoints

Authentication Required

All company endpoints require a valid JWT token in the Authorization header.

GET

/company/profile

Get company profile and subscription info

PUT

/company/profile

Update company profile

GET

/company/analytics/dashboard

Get dashboard statistics (databases, users, storage, subscription)

Database Endpoints

GET

/company/databases

List all company databases

POST

/company/databases

Create a new database (creates actual MongoDB database)

// Request Body
{
  "name": "production_db"
}

// Response
{
  "success": true,
  "data": {
    "database": {
      "_id": "...",
      "name": "production_db",
      "internalName": "X7Y8Z9_production_db",
      "status": "active",
      "connectionString": "mongodb://..."
    }
  }
}

GET

/company/databases/:id

Get database details with real-time stats from MongoDB

PUT

/company/databases/:id

Update database settings

DELETE

/company/databases/:id

Delete database (drops actual MongoDB database)

Collection Endpoints

GET

/company/databases/:id/collections

List collections in a database

POST

/company/databases/:id/collections

Create a new collection

DELETE

/company/databases/:id/collections/:name

Delete a collection

Document Endpoints

GET

/company/databases/:id/collections/:name/documents

List documents in a collection (with pagination)

POST

/company/databases/:id/collections/:name/documents

Create a new document

PUT

/company/databases/:id/collections/:name/documents/:docId

Update a document

DELETE

/company/databases/:id/collections/:name/documents/:docId

Delete a document

Demo Data

POST

/company/databases/:id/collections/:name/demo-data

Insert demo/test data into a collection

// Request Body
{
  "count": 10,
  "template": "users"  // users | products | orders | posts | tasks | events | random
}

Database User Endpoints

GET

/company/databases/:id/users

List database users

POST

/company/databases/:id/users

Create a database user with MongoDB roles

// Request Body
{
  "username": "app_user",
  "password": "SecurePass123!",
  "roles": ["readWrite"]
}

DELETE

/company/databases/:id/users/:userId

Delete a database user

Company User Endpoints

GET

/company/users

List company admin panel users

POST

/company/users

Create a new company user

PUT

/company/users/:id

Update a company user

DELETE

/company/users/:id

Delete a company user

Subscription Endpoints

GET

/company/subscription

Get current subscription details

GET

/company/subscription/history

Get subscription history

POST

/company/subscribe

Subscribe to a package

// Request Body
{
  "packageId": "PKG_PRO",
  "billingCycle": "yearly"  // monthly | quarterly | halfYearly | yearly | twoYear | threeYear | fiveYear
}

POST

/company/payment/verify

Verify payment (Razorpay)

Trial Endpoints

GET

/subscription/trial/info

Get trial package info (public, no auth)

GET

/subscription/trial/eligibility

Check if company can use trial

POST

/subscription/trial/start

Start trial subscription

Package Endpoints

GET

/packages

List available packages (public)

GET

/packages/trial

Get active trial package (public)

Payment Endpoints

Razorpay

POST

/payment/razorpay/create

Create a Razorpay order

POST

/payment/razorpay/verify

Verify Razorpay payment

PhonePe

POST

/payment/phonepe/initiate

Initiate PhonePe payment

POST

/payment/phonepe/callback

PhonePe payment callback

Paytm

POST

/payment/paytm/initiate

Initiate Paytm payment

POST

/payment/paytm/callback

Paytm payment callback

Manual Payment

POST

/payment/manual/request

Request manual payment

GET

/payment/history

Get payment history

GET

/payment/invoice/:id

Get invoice details

Analytics Endpoints

Company User Analytics

GET

/user-analytics/me

Get my own analytics

GET

/user-analytics/company

Get company users analytics

GET

/user-analytics/company/summary

Get company analytics summary

GET

/user-analytics/users/:userId/timeline

Get user activity timeline

GET

/user-analytics/users/:userId/logins

Get user login history

IP & Session Tracking

GET

/user-analytics/me/ip-history

Get my IP access history

GET

/user-analytics/me/sessions

Get my active sessions

DELETE

/user-analytics/me/sessions/:sessionId

Terminate specific session

DELETE

/user-analytics/me/sessions

Terminate all other sessions

Storage Analytics

GET

/company/storage/status

Get storage status for current company

GET

/company/storage/breakdown

Get storage breakdown by database

Settings Endpoints

Public Settings

GET

/settings/public

Get public website settings and packages (no auth)

Admin Endpoints

Super Admin Only

All admin endpoints require SaaS Super Admin JWT authentication.

Company Management

GET

/company/admin/companies

List all companies

POST

/company/admin/companies

Create a new company

GET

/company/admin/companies/:id

Get company details

PUT

/company/admin/companies/:id/status

Update company status (auto-revokes/restores MongoDB access)

PUT

/company/admin/companies/:id/use-original-name

Toggle unique prefix for database/user names

Payment Management (Admin)

GET

/payments/admin/manual-payments

List all manual payments

PUT

/payments/admin/manual-payments/:id/approve

Approve manual payment

PUT

/payments/admin/manual-payments/:id/reject

Reject manual payment

Gateway Configuration (Admin)

GET

/payment/gateways

List all gateway configurations

PUT

/payment/gateways/:gateway/toggle

Enable/disable a payment gateway

PUT

/payment/gateways/:gateway/mode

Switch gateway test/live mode

PUT

/payment/gateways/:gateway/credentials

Update gateway credentials

Storage Management (Admin)

GET

/company/admin/storage/summary

Get storage summary for all companies

POST

/company/admin/storage/check-all

Run storage check for all companies

Platform Analytics (Admin)

GET

/user-analytics/admin/platform

Get platform-wide analytics

GET

/user-analytics/admin/companies

Get all companies analytics

GET

/user-analytics/admin/companies/:companyId

Get specific company analytics

Settings (Admin)

GET

/settings

Get all settings

PUT

/settings/general

Update general settings

PUT

/settings/payment

Update payment settings

PUT

/settings/security

Update security settings

Migration (Admin)

POST

/admin/migration/validate

Validate new MongoDB connection

POST

/admin/migration/start

Start server migration

GET

/admin/migration/status

Get migration status

POST

/admin/migration/cancel

Cancel ongoing migration

Error Codes

HTTP Code	Error Code	Description
400	`BAD_REQUEST`	Invalid request body or parameters
401	`UNAUTHORIZED`	Missing or invalid authentication token
403	`FORBIDDEN`	Insufficient permissions
403	`ACCOUNT_SUSPENDED`	Company account is suspended
403	`SUBSCRIPTION_EXPIRED`	Company subscription has expired
403	`STORAGE_LIMIT_EXCEEDED`	Storage limit exceeded
404	`NOT_FOUND`	Resource not found
409	`CONFLICT`	Resource already exists
429	`RATE_LIMITED`	Too many requests
500	`INTERNAL_ERROR`	Server error
503	`MAINTENANCE_MODE`	Platform is under maintenance

Rate Limiting

API endpoints are rate limited to prevent abuse:

General endpoints: 100 requests per minute
Auth endpoints: 10 requests per minute (brute-force protection)
Upload endpoints: 20 requests per minute

Rate limit headers are included in responses:

X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 1704067200