Skip to main content
The PhotoFlow API is a SvelteKit-based API that allows you to programmatically manage tasks, comments, and data in your self-hosted photography order management system.

Base URL

All API endpoints are relative to your PhotoFlow installation’s base URL: 
https://your-domain.com/api
For local development, this is typically: 
http://localhost:5173/api

Request Format

PhotoFlow uses JSON for request and response bodies. All POST and DELETE requests should include: 
Content-Type: application/json

Example Request

fetch('http://localhost:5173/api/createNewTask', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({
    task: 'Wedding photoshoot',
    dueAt: '2026-03-15T10:00:00Z',
    additional_information: 'Client prefers outdoor shots',
    status: 'pending'
  })
});

Response Format

API responses are returned as JSON. Successful operations typically return either:
  • A success message string (e.g., "Successful!")
  • An object or array containing the requested data
  • An error message string (e.g., "Invalid!")

Success Response

"Successful!"

Data Response

[
  {
    "id": 1,
    "task": "Wedding photoshoot",
    "dueAt": "2026-03-15T10:00:00.000Z",
    "status": "pending",
    "is_finished": false,
    "created_at": "2026-03-01T09:00:00.000Z"
  }
]

Error Handling

The PhotoFlow API uses simple string-based error responses. When an error occurs, the API returns a JSON string indicating the failure: 
"Invalid!"
Common error responses:
  • "Invalid!" - Request validation failed or operation could not be completed
  • "Something happened..." - Unexpected error during deletion
The API does not use HTTP status codes for error differentiation. Always check the response content to determine success or failure.

SvelteKit API Architecture

PhotoFlow uses SvelteKit’s API routes, which differ from traditional REST APIs:
  • Routes are defined using file-based routing in src/routes/api/
  • Each endpoint is a +server.ts file with exported HTTP method handlers
  • The API integrates directly with Prisma for database operations
  • Real-time updates are handled via Socket.io (see Real-time Updates)

Authentication

The current version of PhotoFlow does not implement authentication. This API is intended for self-hosted use within a trusted environment. If you expose PhotoFlow to the internet, implement proper authentication and authorization.

Rate Limiting

There are no built-in rate limits. Consider implementing rate limiting at the reverse proxy level if exposing the API publicly.

Next Steps

Build docs developers (and LLMs) love

Get started for freeTalk to us