AI-ready NOPOS context: OpenAPI, AGENTS.md, and llms.txt

NOPOS now publishes a developer context surface designed for both people and AI coding tools. The goal is simple: when you ask an agent to build a POS, booking, membership, or clinical front end, it should start from the real REST API instead of inventing an SDK or route shape.

What to use first

• Developer portal: https://developers.nopos.dev
• Agent context: https://developers.nopos.dev/AGENTS.md
• Discovery file: https://developers.nopos.dev/llms.txt
• OpenAPI JSON: https://nopos.vercel.app/docs/openapi.json
• Swagger UI: https://nopos.vercel.app/docs/ui

The contract

The public REST base URL is https://nopos.vercel.app/v1. API-key requests use the X-API-Key header. The first smoke test is:

curl -s https://nopos.vercel.app/v1/auth/verify \
  -H "X-API-Key: $NOPOS_API_KEY"

That call returns the store_id scoped to the key. Build that verification into your project before adding checkout, booking, customer, or inventory flows.

What agents should not do

• Do not import a NoPOS npm SDK unless one is published and linked from the portal.
• Do not use Authorization: Bearer for API-key calls.
• Do not invent a transactions resource when the real checkout flow uses orders and payments.
• Do not ship a live API key in browser JavaScript.

A better first prompt

Use https://developers.nopos.dev/AGENTS.md as the source of truth.
Build a product grid that lists GET /v1/products, lets me add items to a cart,
and creates an order with POST /v1/orders. Proxy every NOPOS call through a
server route so X-API-Key never reaches the browser.