REST API¶

DiKAS offers a comprehensive REST API with over 340 public endpoints across 34 sections. This allows you to integrate DiKAS into your existing infrastructure. (Internal and legacy /rest/ endpoints are intentionally hidden from the public reference.)

Authentication¶

The API uses JWT bearer tokens for authentication.

Request a Token¶

POST /api/v1/auth/login
Content-Type: application/json

{
  "username": "admin",
  "password": "admin"
}

Response:

{
  "data": {
    "accessToken": "eyJhbGciOiJIUzI1NiIs...",
    "refreshToken": "dGhpcyBpcyBhIH...",
    "expiresIn": 3600
  },
  "isSuccess": true
}

Use the Token¶

Set the token in the Authorization header:

GET /api/v1/articles
Authorization: Bearer eyJhbGciOiJIUzI1NiIs...

Refresh the Token¶

POST /api/v1/auth/refresh
Content-Type: application/json

{
  "accessToken": "eyJhbGciOiJI...",
  "refreshToken": "dGhpcyBpcyBh..."
}

API Format¶

All responses follow this schema:

{
  "data": { ... },
  "isSuccess": true,
  "message": null,
  "errors": null
}

On errors:

{
  "data": null,
  "isSuccess": false,
  "message": "Artikel nicht gefunden",
  "errors": ["Artikel mit ID 'art_123' existiert nicht"]
}

Endpoint Overview¶

Articles¶

Method	Endpoint	Description
`GET`	`/api/v1/articles`	Retrieve all articles
`GET`	`/api/v1/articles/{id}`	Retrieve a single article
`POST`	`/api/v1/articles`	Create an article
`PUT`	`/api/v1/articles/{id}`	Update an article
`DELETE`	`/api/v1/articles/{id}`	Delete an article
`GET`	`/api/v1/article-groups`	Retrieve all article groups
`POST`	`/api/v1/article-groups`	Create an article group

Example: Create an article

POST /api/v1/articles
Authorization: Bearer eyJ...
Content-Type: application/json

{
  "name": "Cola 0,3l",
  "price": 3.50,
  "taxClass": 0,
  "groupId": "artgrp_abc123"
}

Response (201 Created):

{
  "data": {
    "id": "art_def456",
    "name": "Cola 0,3l",
    "price": 3.50,
    "taxClass": 0,
    "groupId": "artgrp_abc123",
    "isActive": true,
    "createdDate": "2026-03-05T18:30:00Z",
    "changedDate": "2026-03-05T18:30:00Z"
  },
  "isSuccess": true
}

Customers¶

Method	Endpoint	Description
`GET`	`/api/v1/customers`	All customers
`GET`	`/api/v1/customers/{id}`	Single customer
`POST`	`/api/v1/customers`	Create customer
`PUT`	`/api/v1/customers/{id}`	Update customer
`DELETE`	`/api/v1/customers/{id}`	Delete customer
`POST`	`/api/v1/customers/{id}/credit`	Top up customer credit
`POST`	`/api/v1/customers/{id}/payout`	Pay out customer credit
`GET`	`/api/v1/customers/{id}/transactions`	Credit history

Tables¶

Method	Endpoint	Description
`GET`	`/api/v1/tables`	All tables
`GET`	`/api/v1/tables/{id}`	Single table
`POST`	`/api/v1/tables`	Create table
`POST`	`/api/v1/tables/{id}/gang`	Change course
`POST`	`/api/v1/tables/{id}/cleaned`	Mark as cleaned

Orders & Payments¶

Method	Endpoint	Description
`POST`	`/api/v1/open-bons`	Place order
`POST`	`/api/v1/open-bons/batch`	Multiple orders
`POST`	`/api/v1/payments/direct-sale`	Direct sale
`POST`	`/api/v1/payments/table`	Table payment
`GET`	`/api/v1/receipts`	Retrieve receipts
`POST`	`/api/v1/receipts/{id}/void`	Void a receipt

Staff¶

Method	Endpoint	Description
`GET`	`/api/v1/staff`	All employees
`POST`	`/api/v1/staff`	Create employee
`POST`	`/api/v1/staff/switch`	Staff switch

End-of-Day Report¶

Method	Endpoint	Description
`POST`	`/api/v1/day-close`	Perform end-of-day report
`GET`	`/api/v1/day-close`	All end-of-day reports
`GET`	`/api/v1/day-close/{id}`	Single end-of-day report

Reports¶

Method	Endpoint	Description
`GET`	`/api/v1/reports/revenue`	Revenue report
`GET`	`/api/v1/reports/top-articles`	Best & worst sellers
`GET`	`/api/v1/reports/wgr`	Article groups
`GET`	`/api/v1/reports/weekly`	Weekly report

Additional Endpoints¶

Area	Prefix	Endpoints
Vouchers	`/api/v1/vouchers`	CRUD, Redeem
Banking	`/api/v1/bank-transfers`	CRUD, Import
FinTS	`/api/v1/fints`	Retrieval, TAN
DATEV	`/api/v1/datev`	Export, Send
Invoices	`/api/v1/invoices`	CRUD, PDF
Subscriptions	`/api/v1/subscriptions`	CRUD, Billing
Dunning	`/api/v1/dunning`	Create, Send
Expenses	`/api/v1/spendings`	CRUD, Attachments
Time tracking	`/api/v1/time-tracking`	Clock in/out, Reports
Workshop	`/api/v1/work-orders`	CRUD, Status
Backup	`/api/v1/restore`	Upload
Config	`/api/v1/config`	Read, Write

Legacy API¶

For compatibility with existing integrations, there are legacy endpoints under /rest/:

Endpoint	Description
`/rest/cp/add/{key}/{plu}`	Book article
`/rest/extern/customer/{key}/...`	Customer CRUD
`/rest/extern/voucher/{key}/...`	Voucher CRUD
`/rest/online/{key}/...`	Online orders

Legacy endpoints use API keys instead of JWT tokens.

SignalR (Real-time)¶

For real-time updates (kitchen display, workshop, table status):

const connection = new signalR.HubConnectionBuilder()
  .withUrl("/hubs/dikas", {
    accessTokenFactory: () => jwtToken
  })
  .build();

connection.on("OrderCreated", (data) => {
  console.log("Neue Bestellung:", data);
});

connection.on("TableStatusChanged", (data) => {
  console.log("Tisch-Status:", data);
});

await connection.start();

Swagger / OpenAPI¶

The complete API reference with all 341 public endpoints (34 sections) and schemas:

→ API Reference (Swagger) — Interactive documentation with search functionality

On a running DiKAS instance, Swagger is also directly accessible at https://<server>/swagger.

Next Step¶

→ Backup & Restore — Data backup