# API Documentation
This documentation covers all API endpoints with their required permissions.
## Authentication Methods
### 1. Session Authentication
Most endpoints require an authenticated user session via NextAuth.
### 2. API Key Authentication
Many endpoints support API key authentication via the `x-api-key` header.
### 3. Bearer Token Authentication
Some endpoints support Bearer token authentication via the `Authorization` header.
---
## Documentation Structure
- [Public APIs](./public/README.md) - Public-facing endpoints
- [Admin APIs](./admin/README.md) - Administrative endpoints
- [Auth APIs](./auth/README.md) - Authentication-related endpoints
- [User APIs](./user/README.md) - User management endpoints
---
## Permission Types
### Role-Based Permissions
These permissions are assigned to user roles and checked via `hasPermission()`:
| Resource | Action | Description |
|----------|--------|-------------|
| `admin` | `read` | Access to admin panel |
| `leaderboard` | `manage` | Manage leaderboard settings and data |
| `settings` | `manage` | Manage general site settings |
| `settings_roles` | `manage` | Manage roles and permissions |
| `servers` | `manage` | Manage servers and categories |
| `user` | `manage` | Manage users |
| `user_linked` | `read` | View linked users |
| `user_full` | `read` | View full user data |
| `tickets` | `manage` | Manage support tickets |
| `seo` | `manage` | Manage SEO/metadata settings |
| `mapvoting` | `manage` | Manage map voting |
| `cdn` | `read` | View CDN images |
| `cdn` | `upload` | Upload to CDN |
| `cdn` | `update` | Update CDN images |
| `cdn` | `delete` | Delete CDN images |
### API Key Permissions
API keys can be configured with granular permissions. See the [API Key Permissions](./api-key-permissions.md) document for details.
---
## Quick Reference
| Category | Endpoint Count |
|----------|----------------|
| Public APIs | 15+ |
| Admin APIs | 50+ |
| Auth APIs | 3 |
| User APIs | 8 |