Need help in designing the API

A user can create a Loan.
A Loan can have many Installments.

So I have to design APIs for

  1. Creating a Loan and its installments in a single request.
  2. Approving a Loan
  3. Paying an installment

For the first one I could use a Loan post request.
For the second one, I have to allow this action to admin users. In this case, should I define a new route for this? Am I missing something?
For the 3rd case, I also have to run some business logic before updating the installment.

Any help would be appreciated.

Thanks in advance.

Do you think approval should be a resource that relates to a Loan? If so, manage it as a resource with RBAC applied to those API calls. If on the other hand it is simply a status, then you can use a PATCH, but since you may be supporting PATCH for other less controlled operations, you would need to apply RBAC within your endpoint method rather than at the API operation level.

Again, maybe each payment record is a resource with managed relationships - of course if it relates to an installment, then the installment should be a resource too - but i think that’s a good thing. there’s no problem creating N resources with 1 POST.

I now generally lean towards a flatter structure with more resources with managed relationships - it might seem painful at first, but will probably pay dividends.

JSON:API base specification does not support it. It only supports creating one resource per request.

You could use an extension, which is introduced im v1.1. The atomics operations official extension supports your requirement to create multiple resources in a single request very well