Companies
Company profiles, owner lookups, and company image uploads.
List companies
Lists all companies ordered by name.
/api/companiesAuth: No auth required.
Response body
[
{
"id": "11111111-1111-1111-1111-111111111111",
"name": "Prskalnik",
"description": "Student-first job platform",
"email": "hello@example.com",
"phone": "+386 40 000 000",
"address": "Ljubljana",
"image": "https://example.com/company.jpg",
"image_id": "00000000-0000-0000-0000-000000000000",
"region_id": "55555555-5555-5555-5555-555555555555",
"work_location": "hybrid"
}
]Status codes
- 200 OK
- 500 Internal Server Error
Error format
{
"error": "Unauthorized",
"code": "unauthorized"
}Routes use the shared JSON error envelope; exact `code` values depend on the endpoint.
Create company
Creates a company for the authenticated employer. Each owner can create at most one company.
/api/companiesAuth: Bearer token or Clerk session.
Request body
{
"name": "Prskalnik",
"description": "Student-first job platform",
"email": "hello@example.com",
"phone": "+386 40 000 000",
"address": "Ljubljana",
"region_id": "55555555-5555-5555-5555-555555555555",
"work_location": "hybrid"
}Response body
{
"id": "11111111-1111-1111-1111-111111111111",
"name": "Prskalnik",
"description": "Student-first job platform",
"email": "hello@example.com",
"phone": "+386 40 000 000",
"address": "Ljubljana",
"image": "https://example.com/company.jpg",
"image_id": "00000000-0000-0000-0000-000000000000",
"region_id": "55555555-5555-5555-5555-555555555555",
"work_location": "hybrid"
}Status codes
- 201 Created
- 400 Bad Request
- 401 Unauthorized
- 403 Forbidden
- 409 Conflict
- 500 Internal Server Error
Error format
{
"error": "Unauthorized",
"code": "unauthorized"
}Routes use the shared JSON error envelope; exact `code` values depend on the endpoint.
Get current company
Returns the company owned by the authenticated user.
/api/companies/meAuth: Bearer token or Clerk session.
Response body
{
"id": "11111111-1111-1111-1111-111111111111",
"name": "Prskalnik",
"description": "Student-first job platform",
"email": "hello@example.com",
"phone": "+386 40 000 000",
"address": "Ljubljana",
"image": "https://example.com/company.jpg",
"image_id": "00000000-0000-0000-0000-000000000000",
"region_id": "55555555-5555-5555-5555-555555555555",
"work_location": "hybrid"
}Status codes
- 200 OK
- 401 Unauthorized
- 404 Not Found
- 500 Internal Server Error
Error format
{
"error": "Unauthorized",
"code": "unauthorized"
}Routes use the shared JSON error envelope; exact `code` values depend on the endpoint.
Get company
Returns a single company by ID.
/api/companies/{companyId}Auth: No auth required.
Response body
{
"id": "11111111-1111-1111-1111-111111111111",
"name": "Prskalnik",
"description": "Student-first job platform",
"email": "hello@example.com",
"phone": "+386 40 000 000",
"address": "Ljubljana",
"image": "https://example.com/company.jpg",
"image_id": "00000000-0000-0000-0000-000000000000",
"region_id": "55555555-5555-5555-5555-555555555555",
"work_location": "hybrid"
}Status codes
- 200 OK
- 400 Bad Request
- 404 Not Found
- 500 Internal Server Error
Error format
{
"error": "Unauthorized",
"code": "unauthorized"
}Routes use the shared JSON error envelope; exact `code` values depend on the endpoint.
Update company
Updates a company owned by the authenticated user.
/api/companies/{companyId}Auth: Bearer token or Clerk session.
Request body
{
"name": "Prskalnik",
"description": "Student-first job platform",
"email": "hello@example.com",
"phone": "+386 40 000 000",
"address": "Ljubljana",
"region_id": "55555555-5555-5555-5555-555555555555",
"work_location": "hybrid"
}Response body
{
"id": "11111111-1111-1111-1111-111111111111",
"name": "Prskalnik",
"description": "Student-first job platform",
"email": "hello@example.com",
"phone": "+386 40 000 000",
"address": "Ljubljana",
"image": "https://example.com/company.jpg",
"image_id": "00000000-0000-0000-0000-000000000000",
"region_id": "55555555-5555-5555-5555-555555555555",
"work_location": "hybrid"
}Status codes
- 200 OK
- 400 Bad Request
- 401 Unauthorized
- 403 Forbidden
- 404 Not Found
- 500 Internal Server Error
Error format
{
"error": "Unauthorized",
"code": "unauthorized"
}Routes use the shared JSON error envelope; exact `code` values depend on the endpoint.
Delete company
Deletes a company owned by the authenticated user.
/api/companies/{companyId}Auth: Bearer token or Clerk session.
Response body
No response body.
Status codes
- 204 No Content
- 400 Bad Request
- 401 Unauthorized
- 403 Forbidden
- 404 Not Found
- 500 Internal Server Error
Error format
{
"error": "Unauthorized",
"code": "unauthorized"
}Routes use the shared JSON error envelope; exact `code` values depend on the endpoint.
Upload company image
Uploads or replaces the image for a company owned by the authenticated user.
/api/companies/{companyId}/imageAuth: Bearer token or Clerk session.
Request body
Content-Type: multipart/form-data
image: <binary image>
# or use the field name "file"The route accepts multipart form data and looks for `image` first, then `file`.
Response body
{
"id": "00000000-0000-0000-0000-000000000000",
"url": "https://example.com/image.jpg"
}Status codes
- 201 Created
- 400 Bad Request
- 401 Unauthorized
- 403 Forbidden
- 404 Not Found
- 500 Internal Server Error
Error format
{
"error": "Unauthorized",
"code": "unauthorized"
}Routes use the shared JSON error envelope; exact `code` values depend on the endpoint.