Skip to main content

Endpoint

GET /api/admin/waitlist
Retrieves a paginated list of waitlist requests. Requires admin authentication.

Authentication

Requires a valid Supabase session with the admin role in user metadata.

Query Parameters

status
string
Filter by waitlist status. Must be one of:
  • requested - Initial submission
  • contacted - Admin has reached out
  • invited - Invitation sent
  • activated - User account activated
  • archived - Archived/closed
limit
number
default:"200"
Maximum number of results to return. Range: 1-500.

Response

requests
array
Array of waitlist request objects ordered by creation date (newest first)
statuses
array
Array of all valid status values

Error Responses

  • 400 Bad Request: Invalid status filter
  • 401 Unauthorized: Not authenticated
  • 403 Forbidden: Not an admin user or cross-origin request
  • 500 Internal Server Error: Database query failed

Example Request

curl -X GET "https://your-domain.com/api/admin/waitlist?status=requested&limit=50" \
  -H "Cookie: sb-access-token=..." \
  -H "Origin: https://your-domain.com"

Example Response

{
  "requests": [
    {
      "id": "550e8400-e29b-41d4-a716-446655440000",
      "email": "[email protected]",
      "name": "Jane Doe",
      "company": "Acme Corp",
      "use_case": "Processing medical records",
      "status": "requested",
      "notes": null,
      "priority": null,
      "last_contacted_at": null,
      "created_at": "2024-03-05T10:30:00Z",
      "updated_at": "2024-03-05T10:30:00Z"
    }
  ],
  "statuses": ["requested", "contacted", "invited", "activated", "archived"]
}

Security

  • Same-origin enforcement: Requests must come from the same origin
  • Admin role required: Uses requireAdminUser() helper
  • Service role client: Bypasses RLS for full database access

Source

Implementation: frontend/app/api/admin/waitlist/route.ts

Build docs developers (and LLMs) love

Get started for freeTalk to us