i365-admin-api v0.1
endpoints:
  POST /admin/login                                   { password }
  GET  /admin/orgs
  POST /admin/orgs                                    { display_name, slug?, admin_phone?, engine? }
  POST /admin/orgs/:id/branches                       { code, display_name, engine? }
  POST /admin/orgs/:id/branches/:bid/pair-token       { kind, label?, scope? }
  GET  /admin/orgs/:id/devices
  POST /admin/devices/:did/revoke                     { reason? }
  POST /api/devices/pair                              { token, fingerprint, kind, label? } [PUBLIC]
  GET  /api/me                                        [DEVICE JWT]
  GET  /api/branches                                  [DEVICE JWT]
  GET  /api/(products|sales|sale_items|returns)       [DEVICE JWT]  ?limit=&offset=&since=
  POST /api/sync/push                                 [SERVER JWT]  { table, rows[] }