Admin2 Integration

Endpoints that power Admin2's extensibility: menubar toolbar items, floating widgets, slide-in context panels, settings-page panels, and the registry of plugin-provided custom field components. All endpoints require api.access and are meant to be called by Admin2 during UI composition, not by en...

Endpoints that power Admin2's extensibility: menubar toolbar items, floating widgets, slide-in context panels, settings-page panels, and the registry of plugin-provided custom field components.

All endpoints require api.access and are meant to be called by Admin2 during UI composition, not by end-user applications. Each endpoint is backed by an event (onApiMenubarItems, onApiFloatingWidgets, onApiContextPanels, onApiAdminSettingsPanels) — plugins hook those events to register items. See the Developer Guide for the full integration recipe.

Menubar Items

GET


            /menubar/items

Collect toolbar menu items registered by plugins via the `onApiMenubarItems` event. Each item declares an id, owning plugin slug, label, icon, action key, and an optional confirmation prompt. Admin2 renders them as buttons in the top toolbar and POSTs to `/menubar/actions/{plugin}/{action}` when clicked.

JSON

{"data": [{"id": "warm-cache", "plugin": "warm-cache", "label": "Warm Cache", "icon": "fa-tachometer", "action": "warm", "confirm": "Warm the cache?"}]}

Response Codes

200 Items returned.

401 Unauthorized.

403 Missing `api.access` permission.

Execute Menubar Action

POST


            /menubar/actions/{plugin}/{action}

Execute a plugin-registered menubar action. Fires `onApiMenubarAction` with the plugin/action routing keys, the posted body, and the current user. Plugins that own the `{plugin}` slug set `$event['result']` to `{"status": "success", ...}` (200) or `{"status": "error", "message": "..."}` (400).

Parameters

Name	Type	Description
plugin required	string	Owning plugin slug (from the menubar item registration).
action required	string	Action key (from the menubar item registration).

JSON

{}

JSON

{"data": {"status": "success", "message": "Cache warmed successfully."}}

Response Codes

200 Action succeeded.

400 No handler registered for this plugin/action pair, or the handler returned an error.

401 Unauthorized.

403 Missing `api.access` permission.

Floating Widgets

GET


            /floating-widgets

Collect persistent UI widgets (chat assistants, notification panels) registered by plugins via `onApiFloatingWidgets`. Each widget ships a web component at `admin-next/widgets/{slug}.js` that Admin2 loads on-demand via `/gpm/plugins/{slug}/widget-script`.

JSON

{"data": [{"id": "ai-pro-chat", "plugin": "ai-pro", "label": "AI Assistant", "icon": "bot", "priority": 10}]}

Response Codes

200 Widgets returned.

401 Unauthorized.

403 Missing `api.access` permission.

Context Panels

GET


            /context-panels

Collect slide-in panel registrations. Context panels are triggered by toolbar buttons inside Admin2 editors — plugins hook `onApiContextPanels` to register them, specify which editor contexts they appear in (e.g. `pages`), and ship a web component at `admin-next/panels/{slug}.js` served via `/gpm/plugins/{slug}/panel-script`. Optional `badgeEndpoint` returns `{count: N}` to drive a badge on the toolbar button.

JSON

{"data": [{"id": "revisions-pro", "plugin": "revisions-pro", "label": "Revision History", "icon": "history", "contexts": ["pages"], "priority": 10, "width": 900, "badgeEndpoint": "/revisions-pro/badge"}]}

Response Codes

200 Panels returned.

401 Unauthorized.

403 Missing `api.access` permission.

Settings Panels

GET


            /settings/panels

Collect admin-settings panel registrations from plugins via `onApiAdminSettingsPanels`. Unlike full plugin pages (registered with `onApiSidebarItems`), settings panels render as cards inside Admin2's Settings page. Each panel follows the blueprint-mode plugin-page shape: a blueprint file plus data/save endpoints. Sorted by `priority` descending (higher priority first), preserving insertion order for ties.

JSON

{"data": [{"id": "login-settings", "plugin": "api", "label": "Login & Security", "description": "Authentication settings", "icon": "fa-shield-alt", "blueprint": "login-settings", "data_endpoint": "/login-settings/data", "save_endpoint": "/login-settings/save", "priority": 0}]}

Response Codes

200 Panels returned (sorted).

401 Unauthorized.

403 Missing `api.access` permission.

List Custom Fields

GET


            /custom-fields

Map every custom blueprint field type to the plugin or theme that ships it, by scanning `admin-next/fields/*.js` in every enabled plugin and installed theme. Admin2 calls this once on load to pre-populate its custom-field registry so unknown field types in blueprints render correctly on first sight.

JSON

{"data": {"codeshtheme": "codesh", "codeshgrammarlist": "codesh", "products-status": "license-manager"}}

Response Codes

200 Registry returned.

401 Unauthorized.

403 Missing `api.gpm.read` permission.