diff --git a/index.php b/index.php
index 9342ee3c65dfa03a8690b877d904aec8c8b84dd9..4bf138e3aee67dadf8ab6b31017e60cefa380bf4 100644
--- a/index.php
+++ b/index.php
@@ -12,6 +12,8 @@ require_once PROJECT_ROOT_PATH . "/src/controllers/auth/RegisterController.php";
 require_once PROJECT_ROOT_PATH . "/src/controllers/cat/CatController.php";
 require_once PROJECT_ROOT_PATH . "/src/controllers/sightings/SightingController.php";
 require_once PROJECT_ROOT_PATH . "/src/controllers/user/UserController.php";
+require_once PROJECT_ROOT_PATH . "/src/controllers/api/CatApiController.php";
+require_once PROJECT_ROOT_PATH . "/src/controllers/api/UserApiController.php";
 session_start();
 
 $router = new Router();
@@ -29,4 +31,10 @@ $router->route("/sighting/*", SightingController::getInstance(), ["POST" => "aut
 $router->route("/user", UserController::getInstance(), ["GET" => "admin"]);
 $router->route("/user/*", UserController::getInstance(), ["POST" => "admin", "PUT" => "admin", "DELETE" => "admin"]);
 
+$router->route("/api/cat", CatApiController::getInstance(),[]);
+$router->route("/api/cat/*", CatApiController::getInstance(),[]);
+
+$router->route("/api/user", UserApiController::getInstance(),[]);
+$router->route("/api/user/*", UserApiController::getInstance(),[]);
+
 $router->run($_SERVER['REQUEST_URI'], $_SERVER['REQUEST_METHOD']);
\ No newline at end of file
diff --git a/src/controllers/api/CatApiController.php b/src/controllers/api/CatApiController.php
new file mode 100644
index 0000000000000000000000000000000000000000..f0a1eafd68635bb8b5b1424443b31e501e3c1de7
--- /dev/null
+++ b/src/controllers/api/CatApiController.php
@@ -0,0 +1,59 @@
+<?php
+
+require_once PROJECT_ROOT_PATH . "/src/bases/BaseController.php";
+require_once PROJECT_ROOT_PATH . "/src/services/CatSrv.php";
+require_once PROJECT_ROOT_PATH . "/src/utils/FileUploader.php";
+require_once PROJECT_ROOT_PATH . "/src/services/SightingSrv.php";
+
+class CatApiController extends BaseController
+{
+    protected static $instance;
+
+    private function __construct($srv)
+    {
+        parent::__construct($srv);
+    }
+
+    public static function getInstance()
+    {
+        if (!isset(self::$instance)) {
+            self::$instance = new static(
+                CatSrv::getInstance()
+            );
+        }
+        return self::$instance;
+    }
+
+    public function get($urlParams)
+    {
+        if (!$urlParams) {
+            // Return all cats in JSON format
+            $cats = $this->srv->getAll([        "search" => $_GET['search'] ?? null,
+            "gender" => $_GET['gender'] ?? null,
+            "spayed" => $_GET['spayed'] ?? null,
+            "order" => $_GET['order'] ?? null,
+            "pageNo" => $_GET['pageNo'] ?? null,
+            "pageSize" => $_GET['pageSize'] ?? null,
+            "isDesc" => $_GET['isDesc'] ?? null]);
+            $responseCats = array_map(function ($cat) {
+                return $cat->toResponse();
+            }, $cats["result"]);
+
+            $response = new BaseResponse(true, $responseCats, "Cats retrieved successfully", 200);
+        } else {
+            // Return a single cat by ID in JSON format
+            $cat_id = $urlParams[0];
+            $cat = $this->srv->getCatById($cat_id)->toResponse();
+
+            if ($cat) {
+                $response = new BaseResponse(true, $cat, "Cat retrieved successfully", 200);
+            } else {
+                $response = new BaseResponse(false, null, "Cat not found", 404);
+            }
+        }
+
+        header('Content-Type: application/json');
+        echo $response->toJSON();
+    }
+
+}
diff --git a/src/controllers/api/UserApiController.php b/src/controllers/api/UserApiController.php
new file mode 100644
index 0000000000000000000000000000000000000000..3e0d8ebc2fca475a4c89d22afd227932b8bfd856
--- /dev/null
+++ b/src/controllers/api/UserApiController.php
@@ -0,0 +1,107 @@
+<?php
+
+require_once PROJECT_ROOT_PATH . "/src/bases/BaseController.php";
+require_once PROJECT_ROOT_PATH . "/src/services/UserSrv.php";
+
+class UserApiController extends BaseController
+{
+    protected static $instance;
+
+    private function __construct($srv)
+    {
+        parent::__construct($srv);
+    }
+
+    public static function getInstance()
+    {
+        if (!isset(self::$instance)) {
+            self::$instance = new static(
+                UserSrv::getInstance()
+            );
+        }
+        return self::$instance;
+    }
+
+    public function get($urlParams)
+    {
+        if (!$urlParams) {
+            $users = $this->srv->getAll([
+                "order" => "registration_date",
+                "pageNo" => $_GET['pageNo'] ?? 1,
+                "pageSize" => $_GET['pageSize'] ?? 10
+            ]);
+
+            $responseUsers = array_map(function ($user) {
+                return $user->toResponse();
+            }, $users["result"]);
+
+            $_count = $users["count"];
+
+            $response = new BaseResponse(true, $responseUsers, "Cats retrieved successfully", 200);
+        } else {
+           
+            $user_id = $urlParams[0];
+            $user = $this->srv->getById($user_id)->toResponse();
+            
+            if ($user) {
+                $response = new BaseResponse(true, $user, "Cat retrieved successfully", 200);
+            } else {
+                $response = new BaseResponse(false, null, "Cat not found", 404);
+            }
+        }
+        header('Content-Type: application/json');
+        return $response->toJSON();
+    }
+
+    public function post($urlParams)
+    {
+        if ($urlParams) {
+            $userIdFromUrl = $urlParams[0];
+            // $authenticatedUserId = isset($_SESSION['user_id']) ? $_SESSION['user_id'] : null;
+
+            // // Check if the authenticated user is authorized to edit the user's data
+            // if (($authenticatedUserId !== $userIdFromUrl)) {
+            //     return (new BaseResponse(false, null, "You are not authorized to edit this user's data", 403))->toJSON();
+            // }
+            $name = $_POST["nama"];
+
+            $updatedUserData = [
+                "nama" => $name,
+            ];
+
+            $user = $this->srv->updateUser($userIdFromUrl, $updatedUserData);
+
+            if ($user) {
+                $response = new BaseResponse(true, $user->toResponse(), "User data updated successfully", 200);
+            } else {
+                $response = new BaseResponse(false, null, "Failed to update user data", 400);
+            }
+
+            return $response->toJSON();
+        }
+        return (new BaseResponse(false, null, "NOT AVAILABLE", 404))->toJSON();
+    }
+
+    public function delete($urlParams)
+    {
+        if ($urlParams) {
+            $userIdToDelete = $urlParams[0];
+            $authenticatedUserId = isset($_SESSION['user_id']) ? $_SESSION['user_id'] : null;
+
+            if (!$_SESSION['isAdmin'] && $authenticatedUserId !== $userIdToDelete) {
+                return (new BaseResponse(false, null, "You are not authorized to delete this user", 403))->toJSON();
+            }
+
+            $user = $this->srv->deleteUser($userIdToDelete);
+
+            if ($user) {
+                $response = new BaseResponse(true, $user->toResponse(), "User deleted successfully", 200);
+            } else {
+                $response = new BaseResponse(false, null, "Failed to delete user", 400);
+            }
+
+            return $response->toJSON();
+        }
+        return (new BaseResponse(false, null, "NOT IMPLEMENTED", 404))->toJSON();
+    }
+}
\ No newline at end of file
diff --git a/src/services/UserSrv.php b/src/services/UserSrv.php
index 01270b2ea2b87de1f671489e0b67b5c2b24d334b..0934822e5c2f7e5b4f3a7c5ae34e8768e48c1d87 100644
--- a/src/services/UserSrv.php
+++ b/src/services/UserSrv.php
@@ -69,6 +69,13 @@ class UserSrv extends BaseSrv
     return $user->constructFromArray($sqlRes);
   }
 
+  public function getById($id) {
+    $sqlRes = $this->repository->getById($id);
+    $user = new UserModel();
+
+    return $user->constructFromArray($sqlRes);
+  }
+
   public function getAll($config)
   {
     $order = ["registration_date"];