TableTrack ApplicationIntegration Module
Compatible with TableTrack v1.2.1 and above
This is an add-on module that works exclusively with the TableTrack application. To purchase TableTrack, please visit TableTrack on CodeCanyon
Latest Version
Released: January 2026
Support
Get HelpDescription
ApplicationIntegration is a unified API layer that exposes POS and customer-facing functionality for external or companion applications (Flutter, mobile, web).
It wraps existing Laravel domain logic into stable, token-based endpoints and provides essential supporting utilities, including:
- Branch scoping and enforcement
- Menus and items
- Orders and payments
- Reservations and table management
- Customers and staff
- Device tokens
- In-app and broadcast notifications
The module integrates seamlessly without requiring changes to the core application, providing a single API contract for all POS and customer-facing applications with secure multi-branch enforcement.
System Requirements
- PHP >= 8.2.0
- OpenSSL PHP Extension
- PDO PHP Extension
- Mbstring PHP Extension
- Tokenizer PHP Extension
- XML & GD PHP Extensions
Installation Guide
For detailed installation instructions, please visit our comprehensive guide:
View Installation GuideQuick Start Guide
1. Authentication
Login to get a Bearer Token:
POST /api/application-integration/auth/login
Request Body:
{
"email": "user@example.com", // required, must be valid email
"password": "password123" // required, string
}
Required Headers (for all requests):
2. Branch Context
Tokens are scoped to the user's restaurant and branch. To switch branches:
POST /platform/switch-branch
Request Body:
{
"branch_id": 1 // required, integer, must exist in branches table
}
3. Catalog (POS)
Menus & Categories:
GET /pos/menusGET /pos/categories
Items & Modifiers:
GET /pos/itemsGET /pos/items/category/{id}GET /pos/items/menu/{id}GET /pos/items/{id}/variationsGET /pos/items/{id}/modifier-groups
Order Configuration:
GET /pos/order-typesGET /pos/extra-charges/{orderType}GET /pos/delivery-platformsGET /pos/actionsGET /pos/get-order-number
4. Tables & Reservations
- List tables:
GET /pos/tables - Force unlock:
POST /pos/tables/{tableId}/unlock(No request body required) -
Reservations:
GET /pos/reservations/todayGET /pos/reservationsPOST /pos/reservationsPOST /pos/reservations/{id}/status
Create Reservation Request Body:
{
"table_id": 1, // required, integer
"reservation_date_time": "2026-01-15 19:00:00", // required, date
"party_size": 4, // required, integer, min:1
"name": "John Doe", // optional, string
"phone": "+1234567890" // optional, string
}
Update Reservation Status Request Body:
{
"status": "confirmed" // required, string (e.g., "pending", "confirmed", "cancelled")
}
5. Orders (POS)
- Create/Submit:
POST /pos/orders - Retrieve:
GET /pos/ordersorGET /pos/orders/{id} - Update Status:
POST /pos/orders/{id}/status - Payment:
POST /pos/orders/{id}/pay
Create/Submit Order Request Body:
{
"items": [ // required, array
{
"id": 1, // menu item id
"quantity": 2, // quantity
"price": 15.50, // item price
"variation_id": 5, // optional, menu item variation id
"modifiers": [ // optional, array of modifiers
{
"id": 10, // modifier id
"price": 2.00 // modifier price
}
],
"note": "Extra spicy", // optional, item note
"tax_amount": 1.50, // optional
"tax_percentage": 10, // optional
"tax_breakup": {} // optional
}
],
"customer": { // optional, customer object
"name": "John Doe",
"phone": "+1234567890",
"email": "john@example.com"
},
"order_type": "Dine In", // optional, string (default: "Dine In")
"table_id": 5, // optional, integer (required for dine-in)
"pax": 2, // optional, integer (default: 1)
"waiter_id": 3, // optional, integer
"delivery_address": "123 Main St", // optional, string
"delivery_time": "2026-01-15 20:00:00", // optional, datetime
"delivery_fee": 5.00, // optional, numeric (default: 0)
"delivery_executive_id": 7, // optional, integer
"delivery_app_id": 2, // optional, integer
"customer_address_id": 10, // optional, integer
"discount_type": "percentage", // optional, string
"discount_value": 10, // optional, numeric (default: 0)
"discount_amount": 5.00, // optional, numeric (default: 0)
"taxes": [ // optional, array
{
"id": 1, // tax id
"amount": 2.50 // tax amount
}
],
"extra_charges": [1, 2], // optional, array of charge IDs or objects
"actions": ["kot"], // optional, array (e.g., "draft", "kot", "bill", "cancel")
"note": "Customer special request", // optional, string
"placed_via": "pos" // optional, string (default: "pos")
}
Update Order Status Request Body:
{
"status": "confirmed" // required, string (e.g., "placed", "confirmed", "canceled")
}
Payment Request Body:
{
"amount": 20, // optional, numeric
"method": "cash|card|wallet|other" // optional, string
}
6. Customers
- List/Search:
GET /pos/customers - Create/Update:
POST /pos/customers - Phone codes:
GET /pos/phone-codes
Create/Update Customer Request Body:
{
"name": "John Doe", // required, string, max:255
"phone_code": "+1", // required
"phone": "1234567890", // required
"email": "john@example.com", // optional, must be valid email
"address": "123 Main Street" // optional, string, max:500
}
Global customer endpoints are also available under /customer.
7. Staff, Waiters & Roles
- List by role:
GET /pos/waiters?role=delivery - Optional:
include_permissions=true -
Platform endpoints:
GET /platform/rolesGET /platform/staffGET /platform/permissions
8. Taxes, Charges, Restaurants & Branches
- Taxes:
GET /pos/taxes - Extra charges:
GET /pos/extra-charges/{orderType} - Restaurants:
GET /pos/restaurants - Branches:
GET /pos/branches
API Reference
Customer Addresses
- List addresses:
GET /customer-addresses?customer_id={id} - Create address:
POST /customer-addresses - Update address:
PUT /customer-addresses/{id} - Delete address:
DELETE /customer-addresses/{id}
Create Customer Address Request Body:
{
"customer_id": 1, // required, integer
"address": "123 Main Street", // required, string
"lat": 40.7128, // optional, numeric
"lng": -74.0060 // optional, numeric
}
Update Customer Address Request Body:
{
"address": "456 Oak Avenue", // optional, string
"lat": 40.7580, // optional, numeric
"lng": -73.9855 // optional, numeric
}
Customer App Endpoints
- Get catalog:
GET /customer/catalog - Place order:
POST /customer/orders - Get my orders:
GET /customer/orders?customer_id={id}
The customer app endpoints use the same request body structure as POS order endpoints. The
placed_via field is automatically set to "app".
Typical POS Payment Flow
- Create order via
POST /pos/orders - Collect payment externally (cash, card, or gateway)
- Confirm payment using
POST /pos/orders/{id}/pay - Refresh orders and tables after success
Error Handling
Always include Accept: application/json header.
- 401 – Missing or invalid token
- 403 / 404 – Branch scoping violation or resource not found
- 500 – Unexpected server error
Payments must always be handled via the /pay endpoint.
Testing Examples
Login:
curl -X POST "https://yourdomain.com/api/application-integration/auth/login" \
-H "Content-Type: application/json" \
-d '{"email":"<user>","password":"<password>"}'
Pay Order:
curl -X POST "https://yourdomain.com/api/application-integration/pos/orders/62/pay" \
-H "Authorization: Bearer <token>" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-d '{"amount":20,"method":"cash"}'
Register Device Token:
curl -X POST "https://yourdomain.com/api/application-integration/pos/notifications/register-token" \
-H "Authorization: Bearer <token>" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-d '{"token":"<fcm>","platform":"android","device_id":"device-123"}'
Notifications & Push
Register Device Token
POST /pos/notifications/register-token
Request Body:
{
"token": "fcm_or_apns_token_string", // required, string
"platform": "ios|android|web", // optional, string, max:20
"device_id": "device-123" // optional, string, max:191
}
In-App Notifications
- List:
GET /pos/notifications - Mark as read:
POST /pos/notifications/{id}/read(No request body required) - Send test (debug):
POST /pos/notifications/test
Send Test Notification Request Body:
{
"title": "Test Notification", // required, string
"body": "This is a test message", // required, string
"data": { // optional, object
"order_id": 123,
"type": "order_update"
}
}
Broadcast (Pusher / Laravel Echo)
Channel:
private-App.Models.User.{userId}
Event:
BroadcastNotificationCreated
Payload includes title, body, and data.
Device Token Storage
- Table name:
ai_device_tokens -
Fields:
user_id,restaurant_id,branch_id,platform,device_id,token
Summary of ApplicationIntegration Module Features
The ApplicationIntegration module provides a comprehensive API layer with the following features:
- Unified API Contract: A single, stable API surface for all POS and customer-facing applications (Flutter, mobile, web).
- Secure Multi-Branch Enforcement: Tokens are scoped to restaurant and branch, ensuring users only access their assigned branch data.
- Complete Ordering Lifecycle: Full support for menus → items / variations / modifiers → carts → orders → payments.
- Operational Workflows: Table management, reservations, order status updates, delivery platforms, staff management, taxes, extra charges, and order types.
- Real-Time Notifications: Support for Pusher/Laravel Broadcast, stored notifications, and device token registration for push notifications.
- Customer Management: Complete customer CRUD operations with phone country code support.
- Staff & Role Management: Access to waiters, delivery staff, roles, and permissions with optional permission inclusion.
- Self-Contained Integration: No modifications required to the core application - fully modular and independent.
- Branch Context Switching: Ability to switch between branches while maintaining security boundaries.
- Device Token Management: Persistent storage of device tokens for push notifications across iOS, Android, and web platforms.
ApplicationIntegration module is ready to use. Run module migrations to create the
ai_device_tokens table, then start integrating your applications.