API Reference
API Reference
Section titled “API Reference”Complete documentation for all 92 ThriveSend B2B2G API endpoints
Overview
Section titled “Overview”The ThriveSend B2B2G API provides comprehensive programmatic access to all platform features:
- 92 RESTful endpoints covering all platform functionality
- JSON-based request and response formats
- Authentication via Clerk (JWT tokens)
- Rate limiting for API stability
- POPIA compliant with automatic audit logging
Base URL: https://thrivesend.isutech.co.za/api
Quick Start
Section titled “Quick Start”Authentication
Section titled “Authentication”All API requests require authentication:
// Include Clerk session token in headersconst response = await fetch('https://thrivesend.isutech.co.za/api/clients', { headers: { 'Authorization': `Bearer ${sessionToken}`, 'Content-Type': 'application/json' }});Making Your First Request
Section titled “Making Your First Request”// Example: Fetch all clientsconst clients = await fetch('/api/clients', { method: 'GET', headers: { 'Authorization': `Bearer ${token}` }});
const data = await clients.json();console.log(data);API Endpoints by Category
Section titled “API Endpoints by Category”Client Management (12 endpoints)
Section titled “Client Management (12 endpoints)”Manage business and government clients
GET /api/clients- List all clientsPOST /api/clients- Create new clientGET /api/clients/[id]- Get client detailsPUT /api/clients/[id]- Update clientDELETE /api/clients/[id]- Delete clientGET /api/clients/business- List business clientsGET /api/clients/government- List government clients
Campaign Management (15 endpoints)
Section titled “Campaign Management (15 endpoints)”Create and manage marketing campaigns
GET /api/campaigns- List all campaignsPOST /api/campaigns- Create new campaignGET /api/campaigns/[id]- Get campaign detailsPUT /api/campaigns/[id]- Update campaignDELETE /api/campaigns/[id]- Delete campaignPOST /api/campaigns/bulk- Bulk campaign operations
Analytics (14 endpoints)
Section titled “Analytics (14 endpoints)”Real-time analytics and reporting
GET /api/analytics/dashboard- Dashboard metricsGET /api/analytics/performance- Performance metricsGET /api/analytics/sector- Sector breakdownGET /api/analytics/trends- Trend analysisGET /api/analytics/predictions- Predictive analyticsGET /api/analytics/reports- Generate reports
Compliance (10 endpoints)
Section titled “Compliance (10 endpoints)”POPIA compliance and audit features
GET /api/compliance/status- Compliance statusGET /api/compliance/alerts- Compliance alertsGET /api/compliance/reports- Compliance reportsGET /api/audit/log- Audit trailGET /api/audit/recent- Recent audit eventsGET /api/data-subject-requests- Data subject requests
Team Management (10 endpoints)
Section titled “Team Management (10 endpoints)”Manage team members and permissions
GET /api/team- List team membersPOST /api/team- Add team memberGET /api/team/[id]- Get member detailsPUT /api/team/[id]- Update memberDELETE /api/team/[id]- Remove memberGET /api/team/analytics- Team analytics
Content Management (8 endpoints)
Section titled “Content Management (8 endpoints)”Manage campaign content and assets
GET /api/content- List all contentPOST /api/content- Create contentGET /api/content/[id]- Get content detailsPUT /api/content/[id]- Update contentDELETE /api/content/[id]- Delete contentGET /api/content/templates- Content templates
Invitations (7 endpoints)
Section titled “Invitations (7 endpoints)”Team invitation system
GET /api/invitations- List invitationsPOST /api/invitations- Send invitationPOST /api/invitations/accept- Accept invitationGET /api/invitations/manage- Manage invitationsPOST /api/invitations/demo- Demo invitation
Real-Time Updates (4 endpoints)
Section titled “Real-Time Updates (4 endpoints)”Server-Sent Events (SSE) for real-time data
GET /api/realtime/dashboard- Dashboard SSE streamGET /api/realtime/breaches- Breach alerts SSE
Service Provider (12 endpoints)
Section titled “Service Provider (12 endpoints)”Organization and service provider management
GET /api/service-provider- Provider detailsPUT /api/service-provider/organization- Update orgGET /api/service-provider/billing- Billing infoGET /api/service-provider/compliance- Compliance statusGET /api/service-provider/integrations- IntegrationsGET /api/service-provider/notifications- NotificationsGET /api/service-provider/security- Security settings
Authentication
Section titled “Authentication”Clerk Integration
Section titled “Clerk Integration”ThriveSend uses Clerk for authentication and organization multi-tenancy.
Getting a Session Token:
import { auth } from '@clerk/nextjs';
export async function GET() { const { userId, orgId, getToken } = auth();
if (!userId || !orgId) { return new Response('Unauthorized', { status: 401 }); }
const token = await getToken();
// Use token for API requests...}Client-Side Token:
import { useAuth } from '@clerk/nextjs';
function MyComponent() { const { getToken } = useAuth();
const fetchData = async () => { const token = await getToken(); const response = await fetch('/api/clients', { headers: { 'Authorization': `Bearer ${token}` } }); };}Request/Response Format
Section titled “Request/Response Format”Request Structure
Section titled “Request Structure”POST /api/clients HTTP/1.1Host: thrivesend.isutech.co.zaAuthorization: Bearer eyJhbGci...Content-Type: application/json
{ "name": "Department of Health", "sector": "GOVERNMENT", "governmentLevel": "NATIONAL", "securityClearance": "ENHANCED"}Response Structure
Section titled “Response Structure”Success Response (200/201):
{ "id": "client_abc123", "name": "Department of Health", "sector": "GOVERNMENT", "governmentLevel": "NATIONAL", "securityClearance": "ENHANCED", "createdAt": "2026-01-26T10:00:00Z", "updatedAt": "2026-01-26T10:00:00Z"}Error Response (400/401/404/500):
{ "error": "Validation error", "message": "Client name is required", "code": "VALIDATION_ERROR", "statusCode": 400}Rate Limiting
Section titled “Rate Limiting”API requests are rate-limited to ensure platform stability:
- Authenticated requests: 1000 requests/hour
- Unauthenticated requests: 100 requests/hour
Rate Limit Headers:
X-RateLimit-Limit: 1000X-RateLimit-Remaining: 999X-RateLimit-Reset: 1643212800Error Handling
Section titled “Error Handling”HTTP Status Codes
Section titled “HTTP Status Codes”- 200 OK - Request successful
- 201 Created - Resource created successfully
- 400 Bad Request - Invalid request data
- 401 Unauthorized - Missing or invalid authentication
- 403 Forbidden - Insufficient permissions
- 404 Not Found - Resource not found
- 429 Too Many Requests - Rate limit exceeded
- 500 Internal Server Error - Server error
Error Response Format
Section titled “Error Response Format”{ "error": "Error type", "message": "Human-readable error message", "code": "ERROR_CODE", "statusCode": 400, "details": { "field": "Additional error details" }}POPIA Compliance
Section titled “POPIA Compliance”All API operations are POPIA compliant:
- Automatic Audit Logging - Every data operation logged
- Consent Tracking - User consent recorded
- SA Data Residency - Data stored in South Africa
- Data Subject Rights - Access, deletion, portability supported
Audit Log Example:
{ "id": "audit_xyz789", "action": "CLIENT_CREATED", "userId": "user_123", "resourceType": "CLIENT", "resourceId": "client_abc123", "timestamp": "2026-01-26T10:00:00Z", "metadata": { "ipAddress": "197.xxx.xxx.xxx", "userAgent": "Mozilla/5.0..." }}Code Examples
Section titled “Code Examples”JavaScript/TypeScript
Section titled “JavaScript/TypeScript”// Using fetchconst response = await fetch('/api/clients', { method: 'POST', headers: { 'Authorization': `Bearer ${token}`, 'Content-Type': 'application/json' }, body: JSON.stringify({ name: 'ABC Corporation', sector: 'BUSINESS' })});
const client = await response.json();curl -X POST https://thrivesend.isutech.co.za/api/clients \ -H "Authorization: Bearer YOUR_TOKEN" \ -H "Content-Type: application/json" \ -d '{ "name": "ABC Corporation", "sector": "BUSINESS" }'Python
Section titled “Python”import requests
response = requests.post( 'https://thrivesend.isutech.co.za/api/clients', headers={ 'Authorization': f'Bearer {token}', 'Content-Type': 'application/json' }, json={ 'name': 'ABC Corporation', 'sector': 'BUSINESS' })
client = response.json()SDKs and Libraries
Section titled “SDKs and Libraries”Official SDKs
Section titled “Official SDKs”Currently, there are no official SDKs. Use standard HTTP clients.
Recommended Libraries
Section titled “Recommended Libraries”- JavaScript/TypeScript:
fetch,axios - Python:
requests,httpx - PHP:
Guzzle - Ruby:
Faraday - Go:
net/http
API Changelog
Section titled “API Changelog”Version 0.1.4 (Current)
Section titled “Version 0.1.4 (Current)”- ✅ All 92 endpoints operational
- ✅ Real-time SSE endpoints added
- ✅ Predictive analytics endpoints added
- ✅ Enhanced error handling
- ✅ Rate limiting improvements
Support
Section titled “Support”Getting Help
Section titled “Getting Help”- Documentation: Browse endpoint-specific docs
- GitHub Issues: Report API bugs
- Email: api-support@isutech.co.za
Report API Issues
Section titled “Report API Issues”When reporting issues, include:
- Endpoint URL
- Request method and body
- Response status and body
- Expected vs actual behavior
What’s Next?
Section titled “What’s Next?”Browse the endpoint listings above to find the API you need, then use the authentication patterns and code examples on this page to integrate.
API Reference Version: 0.1.4 | Last Updated: January 26, 2026