Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.dr.green/llms.txt

Use this file to discover all available pages before exploring further.

Endpoint Reference — Index

The complete API surface for store-builders. Every endpoint here is verified against production as of 10 May 2026 unless explicitly marked otherwise. If you’re new here, read Authentication first — every request needs a per-call signature.
ResourcePageEndpointsWhat it’s for
🏷️ Strainsstrains.md2Product catalogue, country-filtered
👤 Clientsclients.md12Customer records, KYC, addresses
🛒 Cartscarts.md3Per-client active carts
📦 Ordersorders.md7Order lifecycle from placement to delivery
🤝 Salessales.md4Pre-order pipeline (LEADS / ONGOING / CLOSED)
💰 Commissionscommissions.md4Holder earnings, USD + ETH
📊 Dashboarddashboard.md2Counters + analytics chart data
📈 Revenuerevenue.md3Per-strain sales totals
🔑 NFTsnfts.md2 (limited)NFT scope context — most JWT-only
🔐 Authauth.md5Holder wallet sign-in (informational)
🗝️ Keyskeys.md4API key lifecycle (informational)
Total store-builder-relevant endpoints: ~38 across 11 resources.

Cross-resource conventions

Read these once — they apply everywhere.

Response envelope

Every response (success or error) wraps in: 
{
  "success": true | false,
  "statusCode": 200,
  "message": "Success",
  "data": { /* endpoint-specific */ }
}
See 04-errors.md for the full envelope and error semantics.

Pagination wrapper

Paginated endpoints return { <resourceName>: [...], pageMetaDto: {...} }. The pageMetaDto shape is consistent: 
{
  "page": "1",            // string, not int
  "take": 10,             // requested limit
  "itemCount": 47,        // total matching records
  "pageCount": 5,         // total pages
  "hasPreviousPage": false,
  "hasNextPage": true
}

Authentication

Every authenticated request needs:
  • x-auth-apikey: <Base64 PEM SPKI public key>
  • x-auth-signature: <Base64 ECDSA-SHA256 sig over canonical payload>
Canonical payload by method:
MethodCanonical
POST, PATCH, PUTJSON.stringify(body) (compact, no whitespace)
GET, DELETE with queryurlencode(query)
GET, DELETE with no query"{}"not ""
See 02-authentication.md for the full spec, language helpers, and 401 diagnostics.

Status enums

Documented in each resource page; the platform-wide patterns:
FieldValues
adminApproval (clients, orders)PENDING, VERIFIED, REJECTED
orderStatusPENDING, PROCESSING, SHIPPED, DELIVERED, CANCELLED
paymentStatusPENDING, PROCESSING, COMPLETED, FAILED, REFUNDED
commissionStatusPENDING, PAID
salesStatusLEADS, ONGOING, CLOSED
strainTypeINDICA, SATIVA, HYBRID

Full endpoint table (alphabetical by path)

MethodPathAuthResource page
POST/auth/dapp/signInNoneauth
POST/auth/nonceNoneauth
GET/auth/resendEmailNoneauth
POST/auth/signInNone (admin only)auth
GET/auth/verifyEmailNoneauth
POST/dapp/cartsAPI-key + sigcarts
GET/dapp/cartsAPI-key + sigcarts
DELETE/dapp/carts/{cartId}API-key + sigcarts
GET/dapp/client/{clientId}/ordersAPI-key + sigclients
GET/dapp/client/{clientId}/transactionsAPI-key + sigclients
POST/dapp/clientsAPI-key + sigclients
GET/dapp/clientsAPI-key + sigclients
GET/dapp/clients/chart-dataAPI-key + sigclients
GET/dapp/clients/exportAPI-key + sigclients
GET/dapp/clients/listAPI-key + sigclients
GET/dapp/clients/status-breakdownAPI-key + sigclients
GET/dapp/clients/summaryAPI-key + sigclients
GET/dapp/clients/{clientId}API-key + sigclients
PATCH/dapp/clients/{clientId}API-key + sigclients
GET/dapp/clients/{clientId}/orders/{orderId}API-key + sigclients
GET/dapp/commissionsAPI-key + sigcommissions
GET/dapp/commissions/managersAPI-key + sigcommissions
GET/dapp/commissions/managers/summaryAPI-key + sigcommissions
GET/dapp/commissions/summaryAPI-key + sigcommissions
GET/dapp/dashboard/analyticsAPI-key + sigdashboard
GET/dapp/dashboard/summaryAPI-key + sigdashboard
POST/dapp/ordersAPI-key + sigorders
GET/dapp/ordersAPI-key + sigorders
GET/dapp/orders/chart-dataAPI-key + sigorders
GET/dapp/orders/recentAPI-key + sigorders
GET/dapp/orders/status-breakdownAPI-key + sigorders
GET/dapp/orders/summaryAPI-key + sigorders
GET/dapp/orders/{orderId}API-key + sigorders
GET/dapp/revenueAPI-key + sigrevenue
GET/dapp/revenue/chart-dataAPI-key + sigrevenue
GET/dapp/revenue/summaryAPI-key + sigrevenue
POST/dapp/salesAPI-key + sigsales
GET/dapp/salesAPI-key + sigsales
PATCH/dapp/salesAPI-key + sigsales
GET/dapp/sales/summaryAPI-key + sigsales
GET/dapp/strainsAPI-key + sigstrains
GET/dapp/strains/{strainId}API-key + sigstrains
PATCH/dapp/users/primary-nftJWT (presumed)nfts
GET/dapp/users/nftsJWT onlynfts
POST/keysJWTkeys
GET/keysJWTkeys
PATCH/keys/deleteJWTkeys
PATCH/keys/{id}JWTkeys
GET/public/healthStatusNone03-environment
GET/user/meJWT onlyauth / nfts

What’s not on this list

The Dr Green backend has 147 paths total; this index covers the ~50 that are relevant to a store-builder integration. The rest fall into:
  • Marketplace endpoints (/marketplace/*) — for the public NFT marketplace UI, not store integrations
  • Admin endpoints (/clients, /orders, /users, /strains without the /dapp/ prefix) — for Dr Green internal staff only; not accessible to holders
  • Inbound webhook endpoints (/kyc/webhook, /payments/webhook, etc.) — receive POSTs from third-party processors (FirstAML, CoinRemitter, Payinn, PGPay), not called by stores. See 06-webhooks.md
  • S3 upload endpoints — used by the DAPP UI for image uploads; not relevant to backend integrations

Verification status legend

Throughout the resource pages, you’ll see these markers:
MarkerMeaning
✅ VerifiedTested live against production on 10 May 2026 — request and response shapes confirmed
⚠️ PartialEndpoint reachable but full shape not yet captured (e.g. write endpoints not invoked, empty test data)
🔒 PendingDocumented from spec or backend code only — not yet hit live
🪲 WartA backend inconsistency that store builders need to know about

Where to next