Overview The DEVision Platform consists of two backend systems with distinct APIs:
JM Backend Company-focused: Registration, profiles, job posts, applicant search
JA Backend Applicant-focused: Registration, profiles, work experience, portfolio
Base URLs JM Backend (Job Manager) Environment Base URL Production https://sgjm-api.vohoangphuc.comDevelopment http://localhost:8072
JA Backend (Job Applicant) Environment Base URL Production https://sgja-api.vohoangphuc.comDevelopment http://localhost:8888
JM Backend (Job Manager) The JM Backend provides APIs for companies to manage their presence on the platform.
Authentication (/v1/auth) Method Endpoint Description POST /v1/auth/registerRegister new company POST /v1/auth/loginLogin with email/password POST /v1/auth/verify-accountVerify OTP and activate account POST /v1/auth/resend-otpResend OTP to email GET /v1/auth/google/redirect-urlGet Google OAuth URL GET /v1/auth/google/authHandle Google OAuth callback POST /v1/auth/google/registerComplete registration with Google
Company Profile (/v1/profile) Method Endpoint Description POST /v1/profileCreate company profile GET /v1/profile/{id}Get company profile by ID PATCH /v1/profile/{id}Update company profile DELETE /v1/profile/{id}Delete company profile GET /v1/profile/profilesList all company profiles
Search Profile (/v1/search-profile) - Premium Method Endpoint Description POST /v1/search-profileCreate search profile GET /v1/search-profile/{id}Get search profile by ID GET /v1/search-profile/company/{companyId}Get profiles by company PUT /v1/search-profile/{id}Update search profile DELETE /v1/search-profile/{id}Delete search profile
JA Backend (Job Applicant) The JA Backend provides APIs for job applicants to manage their profiles and applications.
Authentication (/auth) Method Endpoint Description POST /auth/registerRegister new applicant POST /auth/loginLogin with email/password POST /auth/oauth/googleGoogle OAuth login (PKCE) POST /auth/token/refreshRefresh access token POST /auth/logoutLogout and revoke tokens POST /auth/resend-verificationResend verification email GET /auth/verify-emailVerify email with token GET /auth/public-keyGet JWKS public key
User Profile (/user-profile) Method Endpoint Description POST /user-profile/applicants/{id}/work-experiencesAdd work experience POST /user-profile/applicants/{id}/educationsAdd education POST /user-profile/applicants/{id}/portfolioUpload portfolio file GET /user-profile/applicants/{id}/portfolio/allGet all portfolio items GET /user-profile/healthHealth check
Authentication Methods JM Backend - Cookie-based Auth The JM Backend uses JWE tokens stored in HttpOnly cookies:
Cookie: auth_token=<jwe_access_token> Cookie: refresh_token=<jwe_refresh_token>
JA Backend - Bearer Token Auth The JA Backend uses JWT Bearer tokens :
Authorization : Bearer <jwt_access_token>
Both backends use a consistent error format:
{ "error" : { "code" : "VALIDATION_ERROR" , "message" : "Email format is invalid" }, "timestamp" : "2025-12-22T10:30:00Z" , "path" : "/auth/register" }
Error Codes Code HTTP Status Description VALIDATION_ERROR400 Request validation failed UNAUTHORIZED401 Invalid or expired token FORBIDDEN403 Insufficient permissions NOT_FOUND404 Resource not found CONFLICT409 Resource already exists
API Playground Use the navigation menu to explore individual endpoints with interactive API playground.
Each endpoint includes request/response schemas and the ability to test directly.
