GFAVIP Account API Documentation

RESTful API for integrating with the GFAVIP Account management system.

Base URL

https://account.gfavip.com

Authentication

The API uses GFAVIP SSO token-based authentication. Include the bearer token in the Authorization header:

Authorization: Bearer YOUR_GFAVIP_TOKEN

Note: Tokens are obtained through the GFAVIP Wallet SSO flow at wallet.gfavip.com

API Endpoints

GET /health

Health check endpoint for monitoring and deployment validation.

Response

{
  "status": "healthy",
  "service": "gfavip-account"
}

GET /api/user/profile

Get current user's profile and membership information.

Headers

Authorization: Bearer {token}

Response

{
  "user_id": "7ee04dbe-17f1-45ca-b8b5-a6e34098b074",
  "email": "user@example.com",
  "username": "michelini",
  "tier": "paid",
  "credits": 100,
  "membership": {
    "premium_expires_at": "2026-09-09",
    "status": "active",
    "is_expired": false,
    "is_expiring_soon": false
  }
}

GET /api/membership/status

Check membership status and expiration for the authenticated user.

Headers

Authorization: Bearer {token}

Response

{
  "premium_expires_at": "2026-09-09",
  "status": "active",
  "is_expired": false,
  "is_expiring_soon": false,
  "days_until_expiry": 365
}

POST /api/service/request

Submit a service access request (for onboarding forms integration).

Headers

Authorization: Bearer {token}
Content-Type: application/json

Request Body

{
  "service_name": "Academy",
  "request_type": "upgrade_access",
  "notes": "Completed onboarding form"
}

Response

{
  "request_id": 123,
  "status": "pending",
  "message": "Service request submitted successfully"
}

Integration Guide

Onboarding Form Integration

To integrate with onboarding forms, follow this flow:

Authenticate User: Redirect to GFAVIP SSO for authentication
Check Membership: Use GET /api/membership/status to verify access
Submit Requests: Use POST /api/service/request for service access
Monitor Status: Check request status via admin interface

Example Integration

// JavaScript example for onboarding form
async function checkMembershipAndSubmitRequest() {
    try {
        // Check membership status
        const membershipResponse = await fetch('/api/membership/status', {
            headers: {
                'Authorization': `Bearer ${userToken}`
            }
        });
        
        const membership = await membershipResponse.json();
        
        if (membership.is_expired) {
            alert('Please renew your membership to access this service');
            return;
        }
        
        // Submit service request
        const requestResponse = await fetch('/api/service/request', {
            method: 'POST',
            headers: {
                'Authorization': `Bearer ${userToken}`,
                'Content-Type': 'application/json'
            },
            body: JSON.stringify({
                service_name: 'Academy',
                request_type: 'upgrade_access',
                notes: 'Completed onboarding form'
            })
        });
        
        const result = await requestResponse.json();
        console.log('Request submitted:', result);
        
    } catch (error) {
        console.error('Integration error:', error);
    }
}

Best Practices

Always validate tokens before making API calls
Handle membership expiration gracefully
Use appropriate error handling for network requests
Cache membership status appropriately to reduce API calls