EBAYCCLONE FRONTEND GUIDE FOR AI CODING AGENTS
This document is a rest api guide for the ebaycclone project. The document is designed for AI agents who will generate frontend code that will consume the project backend.
The project has got 1 auth service, 1 notification service, 1 bff service and business services. Each service is a separate microservice application and listens the HTTP request from different service urls.
The services may be in preview server, staging server or real production server. So each service have got 3 acess urls. Frontend application should support all deployemnt servers in the development phase, and user should be able to select the target api server in the login page.
Project Introduction
ebaycClone is a comprehensive backend for an online marketplace supporting auctions and fixed-price sales of physical goods, with role-based access, public user registration, Stripe payments, notifications, and robust ownership enforcement.
API Structure
Object Structure of a Successfull Response
When the service processes requests successfully, it wraps the requested resource(s) within a JSON envelope. This envelope not only contains the data but also includes essential metadata, such as configuration details and pagination information, to enrich the response and provide context to the client.
HTTP Status Codes:
- 200 OK: This status code is returned for successful GET, LIST, UPDATE, or DELETE operations, indicating that the request has been processed successfully.
- 201 Created: This status code is specific to CREATE operations, signifying that the requested resource has been successfully created.
Success Response Format:
For successful operations, the response includes a
"status": "OK"
property, signaling the successful execution of the request. The
structure of a successful response is outlined below:
{
"status":"OK",
"statusCode": 200,
"elapsedMs":126,
"ssoTime":120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName":"products",
"method":"GET",
"action":"list",
"appVersion":"Version",
"rowCount":3,
"products":[{},{},{}],
"paging": {
"pageNumber":1,
"pageRowCount":25,
"totalRowCount":3,
"pageCount":1
},
"filters": [],
"uiPermissions": []
}
-
products: In this example, this key contains the actual response content, which may be a single object or an array of objects depending on the operation performed.
Additional Data
Each api may have include addtional data other than the main data object according to the business logic of the API. They will be given in each API's response signature.
Error Response
If a request encounters an issue, whether due to a logical fault or a technical problem, the service responds with a standardized JSON error structure. The HTTP status code within this response indicates the nature of the error, utilizing commonly recognized codes for clarity:
- 400 Bad Request: The request was improperly formatted or contained invalid parameters, preventing the server from processing it.
- 401 Unauthorized: The request lacked valid authentication token , login required
- 403 Forbidden Error Curent token provided do not grant access to the requested resource.
- 404 Not Found: The requested resource was not found on the server.
- 500 Internal Server Error: The server encountered an unexpected condition that prevented it from fulfilling the request.
Each error response is structured to provide meaningful insight into the problem, assisting in diagnosing and resolving issues efficiently.
{
"result": "ERR",
"status": 400,
"message": "errMsg_organizationIdisNotAValidID",
"errCode": 400,
"date": "2024-03-19T12:13:54.124Z",
"detail": "String"
}
Accessing the backend
Each service of the backend has got its own url according to the deployment environement. User may want to test the frontend in one of the 3 deployments of the application, preview, staging and production. Please ensure that register and login pages do have a deployemnt server selection option, so as the frontned coding agent you can arrange the base url path of all services.
The base url of the application in each environment is as follows:
-
Preview:
https://ebaycclone.prw.mindbricks.com -
Staging:
https://ebaycclone-stage.mindbricks.co -
Production:
https://ebaycclone.mindbricks.co
For the auth service the base url is as follows:
-
Preview:
https://ebaycclone.prw.mindbricks.com/auth-api -
Staging:
https://ebaycclone-stage.mindbricks.co/auth-api -
Production:
https://ebaycclone.mindbricks.co/auth-api
For each other service, the service base url will be given in service sections.
Any login requied request to the backend should have a valid
token, when a user makes a successfull login, the ressponse JSON
includes a JWT access token in the
accessTokenfields. In normal conditions, this token is also set to the
cookie and then consumed automatically, but since AI coding agents
preview options may fail to use cookies, please ensure that in
each request include the access token in the bearer auth header.
Registration Management
First of all please ensure that register and login pages do have a deployemnt server selection option, so as the frontned coding agent you can arrange the base url path of all services.
Start with a landing page and arranging register, verification and login flow. So at the first step, you need a general knowledge of the application to make a good landing page and the authetication flow.
How To Register
Using
registeruser
route of auth api, send the required fields to the backend in your
registration page.
The registerUser api in in
auth
service, is described with request and response structure below.
Note that since
registerUser
api is a business api, it has a version control, so please call it
with the given version like
/v1/registeruser
Register User
API
This api is used by public users to register themselves
Rest Route
The
registerUser
API REST controller can be triggered via the following route:
/v1/registeruser
Rest Request Parameters
The
registerUser
api has got 6 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| avatar | String | false | request.body?.avatar |
| password | String | true | request.body?.password |
| fullname | String | true | request.body?.fullname |
| String | true | request.body?.email | |
| phone | String | false | request.body?.phone |
| address | Object | false | request.body?.address |
| avatar : The avatar url of the user. If not sent, a default random one will be generated. | |||
| password : The password defined by the the user that is being registered. | |||
| fullname : The fullname defined by the the user that is being registered. | |||
| email : The email defined by the the user that is being registered. | |||
| phone : user's phone number | |||
| address : user's adress |
REST Request To access the api you can use the REST controller with the path POST /v1/registeruser
axios({
method: 'POST',
url: '/v1/registeruser',
data: {
avatar:"String",
password:"String",
fullname:"String",
email:"String",
phone:"String",
address:"Object",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "201",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "user",
"method": "POST",
"action": "create",
"appVersion": "Version",
"rowCount": 1,
"user": {
"id": "ID",
"email": "String",
"password": "String",
"fullname": "String",
"avatar": "String",
"roleId": "String",
"emailVerified": "Boolean",
"phone": "String",
"address": "Object",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
After a successful registration, frontend code should handle the
verification needs. The registration response will have a
user
object in the root envelope, this object will have user
information with an
id
parameter.
Email Verification
In the registration response, you should check the property
emailVerificationNeeded
in the reponse root, and if this property is true you should start
the email verification flow.
After login process, if you get an HTTP error status, and if there
is an
errCode
property in the response with
EmailVerificationNeeded
value, you should start the email verification flow.
-
Call the email verification
startroute of the backend (described below) with the user email, backend will send a secret code to the given email adresss. Backend can send the email message if the architect defined a real mail service or smtp server, so during the development time backend will send the secret code also to the frontend. You can get this secret code from the response within thesecretCodeproperty. - The secret code in the sent email message will be a 6 digits code , and you should arrange an input page so that the user can paste this code to the frontend application. Please navigate to this input page after you start the verification process. If the secretCode is sent to the frontend for test purposes, then you should show it as info in the input page, so that user can copy and paste it.
-
There is a
codeIndexproperty in the start response, please show it's value on the input page, so that user can match the index in the message with the one on the screen. -
When the user submits the code, please complete the email
verification using the
completeroute of the backend (described below) with the user email and the secret code. - After you get a successful response from email verification, you can navigate to the login page.
Here is the
startand
complete
routes of email verification. These are system routes , so they
dont have a version control.
POST /verification-services/email-verification/start
Purpose: Starts the email verification by generating and sending a secret code.
| Parameter | Type | Required | Description |
|---|---|---|---|
email
|
String | Yes | User’s email address to verify |
Example Request
{ "email": "user@example.com" }
Success Response
{
"status": "OK",
"codeIndex": 1,
// timeStamp : Milliseconds since Jan 1, 1970, 00:00:00.000 GMT
"timeStamp": 1784578660000,
"date": "Mon Jul 20 2026 23:17:40 GMT+0300 (GMT+03:00)",
// expireTime: in seconds
"expireTime": 86400,
"verificationType": "byLink",
// in testMode
"secretCode": "123456",
"userId": "user-uuid",
}
⚠️ In production,
secretCodeis not returned — only sent via email.
Error Responses
-
400 Bad Request: Already verified -
403 Forbidden: Too many attempts (rate limit)
POST /verification-services/email-verification/complete
Purpose: Completes the verification using the received code.
| Parameter | Type | Required | Description |
|---|---|---|---|
email
|
String | Yes | User’s email |
secretCode
|
String | Yes | Verification code |
Success Response
{
"status": "OK",
"isVerified": true,
"email": "user@email.com",
// in testMode
"userId": "user-uuid",
}
Error Responses
-
403 Forbidden: Code expired or mismatched -
404 Not Found: No verification in progress
Login Management
After a successfull login and completing required verifications, user can now login. Please make a fancy minimal login page where user can enter his email and password.
Bucket Management
This application has a bucket service and is used to store user or other objects related files. Bucket service is login agnostic, so when accessing for write or private read, you should insert a bucket token (given by services) to your request authorization header as bearer token.
User Bucket This bucket is used to store public user files for each user.
When a user logs in, or in /currentuser response there is
userBucketToken
to be used when sending user related public files to the bucket
service.
To upload
POST {baseUrl}/bucket/upload
Request body is form data which includes the bucketId and the file
as binary in
files
property.
{
bucketId: "{userId}-public-user-bucket",
files: {binary}
}
Response status is 200 on succesfull result, eg body:
{
"success": true,
"data": [
{
"fileId": "9da03f6d-0409-41ad-bb06-225a244ae408",
"originalName": "test (10).png",
"mimeType": "image/png",
"size": 604063,
"status": "uploaded",
"bucketName": "f7103b85-fcda-4dec-92c6-c336f71fd3a2-public-user-bucket",
"isPublic": true,
"downloadUrl": "https://babilcom.mindbricks.co/bucket/download/9da03f6d-0409-41ad-bb06-225a244ae408"
}
]
}
To download a file from the bucket, you should know its fileId, so if youupload an avatar or something else, be sure that the download url or the fileId is stored in backend.
Bucket is mostly used, in object creations where alos demands an addtional file like a product image or user avatar. So after you upload your image to the bucket, insert the returned download url to the related property in the related object creation.
Application Bucket
This Ebaycclone application alos has common public bucket which
everybody has a read access, but only users who have
superAdmin,
admin
or
saasAdmin
roles can write (upload) to the bucket.
The common public project bucket id is
"ebaycclone-public-common-bucket"
and in certain areas like product image uploads, since the user will already have the admin bucket token, he will be able to upload realted object images.
Please make your UI arrangements as able to upload files to the bucket using these bucket tokens.
Object Buckets Some objects may return also a bucket token, to upload or access related files with object. For example, when you get a project's data in a project management application, if there is a public or private bucket token, this is provided mostly for uploading project related files or downloading them with the token.
These buckets will be used according to the descriptions given along with the object definitions.
Role Management
This Ebaycclone may have different role names defined fro
different business logic. But unless another case is asked by the
user, respect to the admin roles which may be
superAdmin,
admin
or
saasAdmin
in the currentuser or login response given with the
roleIdproperty.
{
// ...
"roleId":"superAdmin",
// ...
}
If the application needs an admin panel, or any admin related page, please use these roleId's to decide if the user can access those pages or not.
1. Authentication Routes
1.1
POST /login
— User Login
Purpose: Verifies user credentials and creates an authenticated session with a JWT access token.
Access Routes:
-
GET /login: Returns a minimal HTML login page (for browser-based testing). -
POST /login: Authenticates user credentials and returns an access token and session.
Request Parameters
| Parameter | Type | Required | Source |
|---|---|---|---|
username
|
String | Yes |
request.body.username
|
password
|
String | Yes |
request.body.password
|
Behavior
- Authenticates credentials and returns a session object.
-
Sets cookie:
projectname-access-token[-tenantCodename] - Adds the same token in response headers.
-
Accepts either
usernameoremailfields (if both exist,usernameis prioritized).
Example
axios.post("/login", {
username: "user@example.com",
password: "securePassword"
});
Success Response
{
"userId": "d92b9d4c-9b1e-4e95-842e-3fb9c8c1df38",
"email": "user@example.com",
"fullname": "John Doe",
//...
}
Error Responses
-
401 Unauthorized: Invalid credentials -
403 Forbidden: Email/mobile verification or 2FA pending -
400 Bad Request: Missing parameters
1.2
POST /logout
— User Logout
Purpose: Terminates the current session and clears associated authentication tokens.
Behavior
- Invalidates session (if exists).
-
Clears cookie
projectname-access-token[-tenantCodename]. -
Returns a confirmation response (always
200 OK).
Example
axios.post("/logout", {}, {
headers: { "Authorization": "Bearer your-jwt-token" }
});
Notes
- Can be called without a session (idempotent behavior).
- Works for both cookie-based and token-based sessions.
Success Response
{ "status": "OK", "message": "User logged out successfully" }
2. Verification Services Overview
All verification routes are grouped under the
/verification-services
base path. They follow a
two-step verification pattern:
start
→
complete.
3. Email Verification
3.1 Trigger Scenarios
-
After registration (
emailVerificationRequiredForLogin= true) - When updating email address
- When login fails due to unverified email
3.2 Flow Summary
-
/start→ Generate & send code via email. -
/complete→ Verify code and mark email as verified.
** PLEASE NOTE **
Email verification is a frontend triiggered process. After user registers, the frontend should start the email verification process and navigate to its code input page.
3.3
POST /verification-services/email-verification/start
Purpose: Starts the email verification by generating and sending a secret code.
| Parameter | Type | Required | Description |
|---|---|---|---|
email
|
String | Yes | User’s email address to verify |
Example Request
{ "email": "user@example.com" }
Success Response
{
"status": "OK",
"codeIndex": 1,
// timeStamp : Milliseconds since Jan 1, 1970, 00:00:00.000 GMT
"timeStamp": 1784578660000,
"date": "Mon Jul 20 2026 23:17:40 GMT+0300 (GMT+03:00)",
// expireTime: in seconds
"expireTime": 86400,
"verificationType": "byLink",
// in testMode
"secretCode": "123456",
"userId": "user-uuid",
}
⚠️ In production,
secretCodeis not returned — only sent via email.
Error Responses
-
400 Bad Request: Already verified -
403 Forbidden: Too many attempts (rate limit)
3.4
POST /verification-services/email-verification/complete
Purpose: Completes the verification using the received code.
| Parameter | Type | Required | Description |
|---|---|---|---|
email
|
String | Yes | User’s email |
secretCode
|
String | Yes | Verification code |
Success Response
{
"status": "OK",
"isVerified": true,
"email": "user@email.com",
// in testMode
"userId": "user-uuid",
}
Error Responses
-
403 Forbidden: Code expired or mismatched -
404 Not Found: No verification in progress
3.5 Behavioral Notes
-
Resend Cooldown:
resendTimeWindow(e.g. 60s) -
Expiration: Codes expire after
expireTimeWindow(e.g. 1 day) - Single Active Session: One verification per user
4. Mobile Verification
4.1 Trigger Scenarios
-
After registration (
mobileVerificationRequiredForLogin= true) - When updating phone number
- On login requiring mobile verification
4.2 Flow
-
/start→ Sends verification code via SMS -
/complete→ Validates code and confirms number
4.3
POST /verification-services/mobile-verification/start
| Parameter | Type | Required | Description |
|---|---|---|---|
email
|
String | Yes | User’s email to locate mobile record |
Success Response
{
"status": "OK",
"codeIndex": 1,
// timeStamp : Milliseconds since Jan 1, 1970, 00:00:00.000 GMT
"timeStamp": 1784578660000,
"date": "Mon Jul 20 2026 23:17:40 GMT+0300 (GMT+03:00)",
// expireTime: in seconds
"expireTime": 180,
"verificationType": "byCode",
// in testMode
"secretCode": "123456",
"userId": "user-uuid",
}
⚠️
secretCodereturned only in development.
Errors
-
400 Bad Request: Already verified -
403 Forbidden: Rate-limited
4.4
POST /verification-services/mobile-verification/complete
| Parameter | Type | Required | Description |
|---|---|---|---|
email
|
String | Yes | Associated email |
secretCode
|
String | Yes | Code received via SMS |
Success Response
{
"status": "OK",
"isVerified": true,
"mobile": "+1 333 ...",
// in testMode
"userId": "user-uuid",
}
4.5 Behavioral Notes
- Cooldown: One code per minute
- Expiration: Codes valid for 1 day
- One Session Per User
5. Two-Factor Authentication (2FA)
5.1 Email 2FA
Flow
-
/start→ Generates and sends email code -
/complete→ Verifies code and updates session
POST
/verification-services/email-2factor-verification/start
| Parameter | Type | Required | Description |
|---|---|---|---|
userId
|
String | Yes | User ID |
sessionId
|
String | Yes | Current session |
client
|
String | No | Optional context |
reason
|
String | No | Reason for 2FA |
Response
{
"status": "OK",
"sessionId": "user session id UUID",
"userId": "user-uuid",
"codeIndex": 1,
// timeStamp : Milliseconds since Jan 1, 1970, 00:00:00.000 GMT
"timeStamp": 1784578660000,
"date": "Mon Jul 20 2026 23:17:40 GMT+0300 (GMT+03:00)",
// expireTime: in seconds
"expireTime": 86400,
"verificationType": "byLink",
// in testMode
"secretCode": "123456",
}
POST
/verification-services/email-2factor-verification/complete
| Parameter | Type | Required | Description |
|---|---|---|---|
userId
|
String | Yes | User ID |
sessionId
|
String | Yes | Session ID |
secretCode
|
String | Yes | Code from email |
Response
{
// user session data
"sessionId": "session-uuid",
// ...
}
5.2 Mobile 2FA
Flow
-
/start→ Sends SMS code -
/complete→ Validates and finalizes session
POST
/verification-services/mobile-2factor-verification/start
| Parameter | Type | Required | Description |
|---|---|---|---|
userId
|
String | Yes | User ID |
sessionId
|
String | Yes | Session ID |
client
|
String | No | Context |
reason
|
String | No | Reason |
Response
{
"status": "OK",
"sessionId": "user session id UUID",
"userId": "user-uuid",
"codeIndex": 1,
// timeStamp : Milliseconds since Jan 1, 1970, 00:00:00.000 GMT
"timeStamp": 1784578660000,
"date": "Mon Jul 20 2026 23:17:40 GMT+0300 (GMT+03:00)",
// expireTime: in seconds
"expireTime": 86400,
"verificationType": "byLink",
// in testMode
"secretCode": "123456",
}
POST
/verification-services/mobile-2factor-verification/complete
| Parameter | Type | Required | Description |
|---|---|---|---|
userId
|
String | Yes | User ID |
sessionId
|
String | Yes | Session ID |
secretCode
|
String | Yes | Code via SMS |
Response
{
// user session data
"sessionId": "session-uuid",
// ...
}
5.3 2FA Behavioral Notes
- One active code per session
-
Cooldown:
resendTimeWindow(e.g., 60s) -
Expiration:
expireTimeWindow(e.g., 5m)
6. Password Reset
6.1 By Email
Flow
-
/start→ Sends verification code via email -
/complete→ Validates and resets password
POST /verification-services/password-reset-by-email/start
| Parameter | Type | Required | Description |
|---|---|---|---|
email
|
String | Yes | User email |
Response
{
"status": "OK",
"codeIndex": 1,
// timeStamp : Milliseconds since Jan 1, 1970, 00:00:00.000 GMT
"timeStamp": 1784578660000,
"date": "Mon Jul 20 2026 23:17:40 GMT+0300 (GMT+03:00)",
// expireTime: in seconds
"expireTime": 86400,
"verificationType": "byLink",
// in testMode
"secretCode": "123456",
"userId": "user-uuid",
}
POST
/verification-services/password-reset-by-email/complete
| Parameter | Type | Required | Description |
|---|---|---|---|
email
|
String | Yes | User email |
secretCode
|
String | Yes | Code received |
password
|
String | Yes | New password |
Response
{
"status": "OK",
"isVerified": true,
"email": "user@email.com",
// in testMode
"userId": "user-uuid",
}
6.2 By Mobile
Flow
-
/start→ Sends SMS code -
/complete→ Validates and resets password
POST
/verification-services/password-reset-by-mobile/start
| Parameter | Type | Required | Description |
|---|---|---|---|
mobile
|
String | Yes | Mobile number |
Response
{
"status": "OK",
"codeIndex": 1,
// timeStamp : Milliseconds since Jan 1, 1970, 00:00:00.000 GMT
"timeStamp": 1784578660000,
"date": "Mon Jul 20 2026 23:17:40 GMT+0300 (GMT+03:00)",
// expireTime: in seconds
"expireTime": 86400,
"verificationType": "byLink",
// in testMode
"secretCode": "123456",
"userId": "user-uuid",
}
POST
/verification-services/password-reset-by-mobile/complete
| Parameter | Type | Required | Description |
|---|---|---|---|
email
|
String | Yes | Associated email |
secretCode
|
String | Yes | Code via SMS |
password
|
String | Yes | New password |
Response
{
"status": "OK",
"isVerified": true,
"mobile": "+1 444 ....",
// in testMode
"userId": "user-uuid",
}
6.3 Behavioral Notes
- Cooldown: 60s resend
- Expiration: 24h
- One session per user
- Works without an active login session
7. Verification Method Types
7.1
byCode
User manually enters the 6-digit code in frontend.
7.2
byLink
Frontend handles a one-click verification via email/SMS link containing code parameters.
8)
GET /currentuser
— Current Session
Purpose Return the currently authenticated user’s session.
Route Type
sessionInfo
Authentication Requires a valid access token (header or cookie).
Request
No parameters.
Example
axios.get("/currentuser", {
headers: { Authorization: "Bearer <jwt>" }
});
Success (200)
Returns the session object (identity, tenancy, token metadata):
{
"sessionId": "9cf23fa8-07d4-4e7c-80a6-ec6d6ac96bb9",
"userId": "d92b9d4c-9b1e-4e95-842e-3fb9c8c1df38",
"email": "user@example.com",
"fullname": "John Doe",
"roleId": "user",
"tenantId": "abc123",
"accessToken": "jwt-token-string",
"...": "..."
}
Errors
-
401 Unauthorized — No active session/token
{ "status": "ERR", "message": "No login found" }
Notes
- Commonly called by web/mobile clients after login to hydrate session state.
- Includes key identity/tenant fields and a token reference (if applicable).
- Ensure a valid token is supplied to receive a 200 response.
9)
GET /permissions
— List Effective Permissions
Purpose Return all effective permission grants for the current user.
Route Type
permissionFetch
Authentication Requires a valid access token.
Request
No parameters.
Example
axios.get("/permissions", {
headers: { Authorization: "Bearer <jwt>" }
});
Success (200)
Array of permission grants (aligned with
givenPermissions):
[
{
"id": "perm1",
"permissionName": "adminPanel.access",
"roleId": "admin",
"subjectUserId": "d92b9d4c-9b1e-4e95-842e-3fb9c8c1df38",
"subjectUserGroupId": null,
"objectId": null,
"canDo": true,
"tenantCodename": "store123"
},
{
"id": "perm2",
"permissionName": "orders.manage",
"roleId": null,
"subjectUserId": "d92b9d4c-9b1e-4e95-842e-3fb9c8c1df38",
"subjectUserGroupId": null,
"objectId": null,
"canDo": true,
"tenantCodename": "store123"
}
]
Field meanings (per item):
-
permissionName: Granted permission key. -
roleId: Present if granted via role. -
subjectUserId: Present if granted directly to the user. -
subjectUserGroupId: Present if granted via group. -
objectId: Present if scoped to a specific object (OBAC). -
canDo:trueif enabled,falseif restricted.
Errors
-
401 Unauthorized — No active session
{ "status": "ERR", "message": "No login found" } -
500 Internal Server Error — Unexpected failure
Notes
- Available on all Mindbricks-generated services (not only Auth).
-
Auth service: Reads live
givenPermissionsfrom DB. - Other services: Typically respond from a cached/projected view (e.g., ElasticSearch) for faster checks.
Tip: Cache permission results client-side/server-side and refresh after login or permission updates.
10)
GET /permissions/:permissionName
— Check Permission Scope
Purpose Check whether the current user has a specific permission and return any scoped object exceptions/inclusions.
Route Type
permissionScopeCheck
Authentication Requires a valid access token.
Path Parameters
| Name | Type | Required | Source |
|---|---|---|---|
permissionName
|
String | Yes |
request.params.permissionName
|
Example
axios.get("/permissions/orders.manage", {
headers: { Authorization: "Bearer <jwt>" }
});
Success (200)
{
"canDo": true,
"exceptions": [
"a1f2e3d4-xxxx-yyyy-zzzz-object1",
"b2c3d4e5-xxxx-yyyy-zzzz-object2"
]
}
Interpretation
-
If
canDo: true: permission is generally granted except the listedexceptions(restrictions). -
If
canDo: false: permission is generally not granted, only allowed for the listedexceptions(selective overrides). -
exceptionscontains object IDs (UUID strings) from the relevant domain model.
Errors
- 401 Unauthorized — No active session/token.
Services And Data Object
Auth Service
Authentication service for the project
Auth Service Data Objects
User A data object that stores the user information and handles login settings.
Auth Service Access urls
This service is accessible via the following environment-specific URLs:
-
Preview:
https://ebaycclone.prw.mindbricks.com/auth-api -
Staging:
https://ebaycclone-stage.mindbricks.co/auth-api -
Production:
https://ebaycclone.mindbricks.co/auth-api
Get User
API
This api is used by admin roles or the users themselves to get the user profile information.
Rest Route
The
getUser
API REST controller can be triggered via the following route:
/v1/users/:userId
Rest Request Parameters
The
getUser
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| userId | ID | true | request.params?.userId |
| userId : This id paremeter is used to query the required data object. |
REST Request To access the api you can use the REST controller with the path GET /v1/users/:userId
axios({
method: 'GET',
url: `/v1/users/${userId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "user",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"user": {
"id": "ID",
"email": "String",
"password": "String",
"fullname": "String",
"avatar": "String",
"roleId": "String",
"emailVerified": "Boolean",
"phone": "String",
"address": "Object",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Update User
API
This route is used by admins to update user profiles.
Rest Route
The
updateUser
API REST controller can be triggered via the following route:
/v1/users/:userId
Rest Request Parameters
The
updateUser
api has got 5 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| userId | ID | true | request.params?.userId |
| fullname | String | false | request.body?.fullname |
| avatar | String | false | request.body?.avatar |
| phone | String | false | request.body?.phone |
| address | Object | false | request.body?.address |
| userId : This id paremeter is used to select the required data object that will be updated | |||
| fullname : A string value to represent the fullname of the user | |||
| avatar : The avatar url of the user. A random avatar will be generated if not provided | |||
| phone : user's phone number | |||
| address : user's adress |
REST Request To access the api you can use the REST controller with the path PATCH /v1/users/:userId
axios({
method: 'PATCH',
url: `/v1/users/${userId}`,
data: {
fullname:"String",
avatar:"String",
phone:"String",
address:"Object",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "user",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"user": {
"id": "ID",
"email": "String",
"password": "String",
"fullname": "String",
"avatar": "String",
"roleId": "String",
"emailVerified": "Boolean",
"phone": "String",
"address": "Object",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Update Profile
API
This route is used by users to update their profiles.
Rest Route
The
updateProfile
API REST controller can be triggered via the following route:
/v1/profile/:userId
Rest Request Parameters
The
updateProfile
api has got 5 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| userId | ID | true | request.params?.userId |
| fullname | String | false | request.body?.fullname |
| avatar | String | false | request.body?.avatar |
| phone | String | false | request.body?.phone |
| address | Object | false | request.body?.address |
| userId : This id paremeter is used to select the required data object that will be updated | |||
| fullname : A string value to represent the fullname of the user | |||
| avatar : The avatar url of the user. A random avatar will be generated if not provided | |||
| phone : user's phone number | |||
| address : user's adress |
REST Request To access the api you can use the REST controller with the path PATCH /v1/profile/:userId
axios({
method: 'PATCH',
url: `/v1/profile/${userId}`,
data: {
fullname:"String",
avatar:"String",
phone:"String",
address:"Object",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "user",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"user": {
"id": "ID",
"email": "String",
"password": "String",
"fullname": "String",
"avatar": "String",
"roleId": "String",
"emailVerified": "Boolean",
"phone": "String",
"address": "Object",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Create User
API
This api is used by admin roles to create a new user manually from admin panels
Rest Route
The
createUser
API REST controller can be triggered via the following route:
/v1/users
Rest Request Parameters
The
createUser
api has got 6 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| avatar | String | false | request.body?.avatar |
| String | true | request.body?.email | |
| password | String | true | request.body?.password |
| fullname | String | true | request.body?.fullname |
| phone | String | false | request.body?.phone |
| address | Object | false | request.body?.address |
| avatar : The avatar url of the user. If not sent, a default random one will be generated. | |||
| email : A string value to represent the user's email. | |||
| password : A string value to represent the user's password. It will be stored as hashed. | |||
| fullname : A string value to represent the fullname of the user | |||
| phone : user's phone number | |||
| address : user's adress |
REST Request To access the api you can use the REST controller with the path POST /v1/users
axios({
method: 'POST',
url: '/v1/users',
data: {
avatar:"String",
email:"String",
password:"String",
fullname:"String",
phone:"String",
address:"Object",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "201",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "user",
"method": "POST",
"action": "create",
"appVersion": "Version",
"rowCount": 1,
"user": {
"id": "ID",
"email": "String",
"password": "String",
"fullname": "String",
"avatar": "String",
"roleId": "String",
"emailVerified": "Boolean",
"phone": "String",
"address": "Object",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Delete User
API
This api is used by admins to delete user profiles.
Rest Route
The
deleteUser
API REST controller can be triggered via the following route:
/v1/users/:userId
Rest Request Parameters
The
deleteUser
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| userId | ID | true | request.params?.userId |
| userId : This id paremeter is used to select the required data object that will be deleted |
REST Request To access the api you can use the REST controller with the path DELETE /v1/users/:userId
axios({
method: 'DELETE',
url: `/v1/users/${userId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "user",
"method": "DELETE",
"action": "delete",
"appVersion": "Version",
"rowCount": 1,
"user": {
"id": "ID",
"email": "String",
"password": "String",
"fullname": "String",
"avatar": "String",
"roleId": "String",
"emailVerified": "Boolean",
"phone": "String",
"address": "Object",
"isActive": false,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Archive Profile
API
This api is used by users to archive their profiles.
Rest Route
The
archiveProfile
API REST controller can be triggered via the following route:
/v1/archiveprofile/:userId
Rest Request Parameters
The
archiveProfile
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| userId | ID | true | request.params?.userId |
| userId : This id paremeter is used to select the required data object that will be deleted |
REST Request To access the api you can use the REST controller with the path DELETE /v1/archiveprofile/:userId
axios({
method: 'DELETE',
url: `/v1/archiveprofile/${userId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "user",
"method": "DELETE",
"action": "delete",
"appVersion": "Version",
"rowCount": 1,
"user": {
"id": "ID",
"email": "String",
"password": "String",
"fullname": "String",
"avatar": "String",
"roleId": "String",
"emailVerified": "Boolean",
"phone": "String",
"address": "Object",
"isActive": false,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
List Users
API
The list of users is filtered by the tenantId.
Rest Route
The
listUsers
API REST controller can be triggered via the following route:
/v1/users
Rest Request Parameters The
listUsers
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/users
axios({
method: 'GET',
url: '/v1/users',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "users",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"users": [
{
"id": "ID",
"email": "String",
"password": "String",
"fullname": "String",
"avatar": "String",
"roleId": "String",
"emailVerified": "Boolean",
"phone": "String",
"address": "Object",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Search Users
API
The list of users is filtered by the tenantId.
Rest Route
The
searchUsers
API REST controller can be triggered via the following route:
/v1/searchusers
Rest Request Parameters
The
searchUsers
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| keyword | String | true | request.query?.keyword |
| keyword : |
REST Request To access the api you can use the REST controller with the path GET /v1/searchusers
axios({
method: 'GET',
url: '/v1/searchusers',
data: {
},
params: {
keyword:'"String"',
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "users",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"users": [
{
"id": "ID",
"email": "String",
"password": "String",
"fullname": "String",
"avatar": "String",
"roleId": "String",
"emailVerified": "Boolean",
"phone": "String",
"address": "Object",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Update Userrole
API
This route is used by admin roles to update the user role.The default role is user when a user is registered. A user's role can be updated by superAdmin or admin
Rest Route
The
updateUserRole
API REST controller can be triggered via the following route:
/v1/userrole/:userId
Rest Request Parameters
The
updateUserRole
api has got 2 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| userId | ID | true | request.params?.userId |
| roleId | String | true | request.body?.roleId |
| userId : This id paremeter is used to select the required data object that will be updated | |||
| roleId : The new roleId of the user to be updated |
REST Request To access the api you can use the REST controller with the path PATCH /v1/userrole/:userId
axios({
method: 'PATCH',
url: `/v1/userrole/${userId}`,
data: {
roleId:"String",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "user",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"user": {
"id": "ID",
"email": "String",
"password": "String",
"fullname": "String",
"avatar": "String",
"roleId": "String",
"emailVerified": "Boolean",
"phone": "String",
"address": "Object",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Update Userpassword
API
This route is used to update the password of users in the profile page by users themselves
Rest Route
The
updateUserPassword
API REST controller can be triggered via the following route:
/v1/userpassword/:userId
Rest Request Parameters
The
updateUserPassword
api has got 3 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| userId | ID | true | request.params?.userId |
| oldPassword | String | true | request.body?.oldPassword |
| newPassword | String | true | request.body?.newPassword |
| userId : This id paremeter is used to select the required data object that will be updated | |||
| oldPassword : The old password of the user that will be overridden bu the new one. Send for double check. | |||
| newPassword : The new password of the user to be updated |
REST Request To access the api you can use the REST controller with the path PATCH /v1/userpassword/:userId
axios({
method: 'PATCH',
url: `/v1/userpassword/${userId}`,
data: {
oldPassword:"String",
newPassword:"String",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "user",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"user": {
"id": "ID",
"email": "String",
"password": "String",
"fullname": "String",
"avatar": "String",
"roleId": "String",
"emailVerified": "Boolean",
"phone": "String",
"address": "Object",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Update Userpasswordbyadmin
API
This route is used to change any user password by admins only. Superadmin can chnage all passwords, admins can change only nonadmin passwords
Rest Route
The
updateUserPasswordByAdmin
API REST controller can be triggered via the following route:
/v1/userpasswordbyadmin/:userId
Rest Request Parameters
The
updateUserPasswordByAdmin
api has got 2 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| userId | ID | true | request.params?.userId |
| password | String | true | request.body?.password |
| userId : This id paremeter is used to select the required data object that will be updated | |||
| password : The new password of the user to be updated |
REST Request To access the api you can use the REST controller with the path PATCH /v1/userpasswordbyadmin/:userId
axios({
method: 'PATCH',
url: `/v1/userpasswordbyadmin/${userId}`,
data: {
password:"String",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "user",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"user": {
"id": "ID",
"email": "String",
"password": "String",
"fullname": "String",
"avatar": "String",
"roleId": "String",
"emailVerified": "Boolean",
"phone": "String",
"address": "Object",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Get Briefuser
API
This route is used by public to get simple user profile information.
Rest Route
The
getBriefUser
API REST controller can be triggered via the following route:
/v1/briefuser/:userId
Rest Request Parameters
The
getBriefUser
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| userId | ID | true | request.params?.userId |
| userId : This id paremeter is used to query the required data object. |
REST Request To access the api you can use the REST controller with the path GET /v1/briefuser/:userId
axios({
method: 'GET',
url: `/v1/briefuser/${userId}`,
data: {
},
params: {
}
});
REST Response
This route's response is constrained to a select list of properties, and therefore does not encompass all attributes of the resource.
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "user",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"user": {
"fullname": "String",
"avatar": "String",
"isActive": true
}
}
Register User
API
This api is used by public users to register themselves
Rest Route
The
registerUser
API REST controller can be triggered via the following route:
/v1/registeruser
Rest Request Parameters
The
registerUser
api has got 6 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| avatar | String | false | request.body?.avatar |
| password | String | true | request.body?.password |
| fullname | String | true | request.body?.fullname |
| String | true | request.body?.email | |
| phone | String | false | request.body?.phone |
| address | Object | false | request.body?.address |
| avatar : The avatar url of the user. If not sent, a default random one will be generated. | |||
| password : The password defined by the the user that is being registered. | |||
| fullname : The fullname defined by the the user that is being registered. | |||
| email : The email defined by the the user that is being registered. | |||
| phone : user's phone number | |||
| address : user's adress |
REST Request To access the api you can use the REST controller with the path POST /v1/registeruser
axios({
method: 'POST',
url: '/v1/registeruser',
data: {
avatar:"String",
password:"String",
fullname:"String",
email:"String",
phone:"String",
address:"Object",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "201",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "user",
"method": "POST",
"action": "create",
"appVersion": "Version",
"rowCount": 1,
"user": {
"id": "ID",
"email": "String",
"password": "String",
"fullname": "String",
"avatar": "String",
"roleId": "String",
"emailVerified": "Boolean",
"phone": "String",
"address": "Object",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
AuctionOffer Service
Handles auction bids and fixed-price offers for product listings, enforces real-time auction state, handles strict offer workflows including counter-offers, and triggers domain events for bid/offer notifications. No payment or frontend aggregation logic included.
AuctionOffer Service Data Objects
AuctionOfferOffer Represents an offer (best offer/counter-offer) made on a fixed-price product. Tracks buyer, seller, amounts, currency, state transitions, counter-offers, and expiry.
AuctionOfferBid Represents an individual bid placed on an auction-type product. Linked to product and user, tracks bid amount, currency, status (ACTIVE, WON, LOST, CANCELLED), and time placed.
AuctionOffer Service Access urls
This service is accessible via the following environment-specific URLs:
-
Preview:
https://ebaycclone.prw.mindbricks.com/auctionoffer-api -
Staging:
https://ebaycclone-stage.mindbricks.co/auctionoffer-api -
Production:
https://ebaycclone.mindbricks.co/auctionoffer-api
Update Auctionofferoffer
API
Updates offer: accepts/declines/counters by seller, withdraws by buyer before response. Enforces status transition rules, sets respondedAt. Triggers event.
Rest Route
The
updateAuctionOfferOffer
API REST controller can be triggered via the following route:
/v1/auctionofferoffers/:auctionOfferOfferId
Rest Request Parameters
The
updateAuctionOfferOffer
api has got 8 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| auctionOfferOfferId | ID | true | request.params?.auctionOfferOfferId |
| counterOfferId | ID | false | request.body?.counterOfferId |
| counterMessage | String | false | request.body?.counterMessage |
| counterAmount | Double | false | request.body?.counterAmount |
| message | String | false | request.body?.message |
| status | Enum | false | request.body?.status |
| expiresAt | Date | false | request.body?.expiresAt |
| respondedAt | Date | false | request.body?.respondedAt |
| auctionOfferOfferId : This id paremeter is used to select the required data object that will be updated | |||
| counterOfferId : References another offer (counter-offer chain). | |||
| counterMessage : Message accompanying seller's counter-offer (optional). | |||
| counterAmount : Counter-offer amount (when offer is COUNTERED). | |||
| message : Message/special notes from buyer (optional). | |||
| status : Current offer status (e.g., PENDING, ACCEPTED, DECLINED, COUNTERED, EXPIRED, CANCELLED). | |||
| expiresAt : When this offer expires (optional). | |||
| respondedAt : When the seller (or buyer, for counter-offer) responded/updated the offer status. |
REST Request To access the api you can use the REST controller with the path PATCH /v1/auctionofferoffers/:auctionOfferOfferId
axios({
method: 'PATCH',
url: `/v1/auctionofferoffers/${auctionOfferOfferId}`,
data: {
counterOfferId:"ID",
counterMessage:"String",
counterAmount:"Double",
message:"String",
status:"Enum",
expiresAt:"Date",
respondedAt:"Date",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "auctionOfferOffer",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"auctionOfferOffer": {
"id": "ID",
"buyerId": "ID",
"currency": "String",
"productId": "ID",
"counterOfferId": "ID",
"counterMessage": "String",
"counterAmount": "Double",
"offerAmount": "Double",
"message": "String",
"sellerId": "ID",
"status": "Enum",
"status_idx": "Integer",
"expiresAt": "Date",
"respondedAt": "Date",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Create Auctionofferbid
API
Creates a new bid for an auction product. Validates auction status, not seller, product type, bid window, and ensures min. increment. Updates product.currentBid and product.highestBidderId atomically. Triggers notification event.
Rest Route
The
createAuctionOfferBid
API REST controller can be triggered via the following route:
/v1/auctionofferbids
Rest Request Parameters
The
createAuctionOfferBid
api has got 4 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| bidAmount | Double | true | request.body?.bidAmount |
| currency | String | true | request.body?.currency |
| status | Enum | true | request.body?.status |
| productId | ID | true | request.body?.productId |
| bidAmount : Bid amount placed by the user. | |||
| currency : ISO currency for the bid (e.g., USD, EUR). | |||
| status : Bid status: ACTIVE, WON, LOST, CANCELLED. | |||
| productId : Product being bid on (must be AUCTION type). |
REST Request To access the api you can use the REST controller with the path POST /v1/auctionofferbids
axios({
method: 'POST',
url: '/v1/auctionofferbids',
data: {
bidAmount:"Double",
currency:"String",
status:"Enum",
productId:"ID",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "201",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "auctionOfferBid",
"method": "POST",
"action": "create",
"appVersion": "Version",
"rowCount": 1,
"auctionOfferBid": {
"id": "ID",
"userId": "ID",
"bidAmount": "Double",
"placedAt": "Date",
"currency": "String",
"status": "Enum",
"status_idx": "Integer",
"productId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Get Auctionofferbid
API
Gets a single bid (only visible to owner/admin or for auction history).
Rest Route
The
getAuctionOfferBid
API REST controller can be triggered via the following route:
/v1/auctionofferbids/:auctionOfferBidId
Rest Request Parameters
The
getAuctionOfferBid
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| auctionOfferBidId | ID | true | request.params?.auctionOfferBidId |
| auctionOfferBidId : This id paremeter is used to query the required data object. |
REST Request To access the api you can use the REST controller with the path GET /v1/auctionofferbids/:auctionOfferBidId
axios({
method: 'GET',
url: `/v1/auctionofferbids/${auctionOfferBidId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "auctionOfferBid",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"auctionOfferBid": {
"id": "ID",
"userId": "ID",
"bidAmount": "Double",
"placedAt": "Date",
"currency": "String",
"status": "Enum",
"status_idx": "Integer",
"productId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Get Auctionofferoffer
API
Gets a single offer (shown to buyer/seller or admin).
Rest Route
The
getAuctionOfferOffer
API REST controller can be triggered via the following route:
/v1/auctionofferoffers/:auctionOfferOfferId
Rest Request Parameters
The
getAuctionOfferOffer
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| auctionOfferOfferId | ID | true | request.params?.auctionOfferOfferId |
| auctionOfferOfferId : This id paremeter is used to query the required data object. |
REST Request To access the api you can use the REST controller with the path GET /v1/auctionofferoffers/:auctionOfferOfferId
axios({
method: 'GET',
url: `/v1/auctionofferoffers/${auctionOfferOfferId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "auctionOfferOffer",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"auctionOfferOffer": {
"id": "ID",
"buyerId": "ID",
"currency": "String",
"productId": "ID",
"counterOfferId": "ID",
"counterMessage": "String",
"counterAmount": "Double",
"offerAmount": "Double",
"message": "String",
"sellerId": "ID",
"status": "Enum",
"status_idx": "Integer",
"expiresAt": "Date",
"respondedAt": "Date",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
List Auctionofferoffers
API
Lists offers by product, user, status, or counterOffer chain.
Rest Route
The
listAuctionOfferOffers
API REST controller can be triggered via the following route:
/v1/auctionofferoffers
Rest Request Parameters The
listAuctionOfferOffers
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/auctionofferoffers
axios({
method: 'GET',
url: '/v1/auctionofferoffers',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "auctionOfferOffers",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"auctionOfferOffers": [
{
"id": "ID",
"buyerId": "ID",
"currency": "String",
"productId": "ID",
"counterOfferId": "ID",
"counterMessage": "String",
"counterAmount": "Double",
"offerAmount": "Double",
"message": "String",
"sellerId": "ID",
"status": "Enum",
"status_idx": "Integer",
"expiresAt": "Date",
"respondedAt": "Date",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Update Auctionofferbid
API
Updates a bid’s status (allow only status update, e.g. CANCELLED, WIN/LOSE on admin settlement). Only owner/admin, and only if auction not ended or not settled. Triggers notification event.
Rest Route
The
updateAuctionOfferBid
API REST controller can be triggered via the following route:
/v1/auctionofferbids/:auctionOfferBidId
Rest Request Parameters
The
updateAuctionOfferBid
api has got 2 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| auctionOfferBidId | ID | true | request.params?.auctionOfferBidId |
| status | Enum | false | request.body?.status |
| auctionOfferBidId : This id paremeter is used to select the required data object that will be updated | |||
| status : Bid status: ACTIVE, WON, LOST, CANCELLED. |
REST Request To access the api you can use the REST controller with the path PATCH /v1/auctionofferbids/:auctionOfferBidId
axios({
method: 'PATCH',
url: `/v1/auctionofferbids/${auctionOfferBidId}`,
data: {
status:"Enum",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "auctionOfferBid",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"auctionOfferBid": {
"id": "ID",
"userId": "ID",
"bidAmount": "Double",
"placedAt": "Date",
"currency": "String",
"status": "Enum",
"status_idx": "Integer",
"productId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Create Auctionofferoffer
API
Creates a new offer for a fixed-price product, validating acceptOffers, type, eligibility, and product/seller/buyer active. Defaults to PENDING state. Triggers notification event.
Rest Route
The
createAuctionOfferOffer
API REST controller can be triggered via the following route:
/v1/auctionofferoffers
Rest Request Parameters
The
createAuctionOfferOffer
api has got 10 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| currency | String | true | request.body?.currency |
| productId | ID | true | request.body?.productId |
| counterOfferId | ID | false | request.body?.counterOfferId |
| counterMessage | String | false | request.body?.counterMessage |
| counterAmount | Double | false | request.body?.counterAmount |
| offerAmount | Double | true | request.body?.offerAmount |
| message | String | false | request.body?.message |
| status | Enum | true | request.body?.status |
| expiresAt | Date | false | request.body?.expiresAt |
| respondedAt | Date | false | request.body?.respondedAt |
| currency : ISO currency (e.g., USD, EUR) for the offer. | |||
| productId : Product the offer applies to (must be fixed-price, acceptOffers true). | |||
| counterOfferId : References another offer (counter-offer chain). | |||
| counterMessage : Message accompanying seller's counter-offer (optional). | |||
| counterAmount : Counter-offer amount (when offer is COUNTERED). | |||
| offerAmount : Primary offer amount from buyer. | |||
| message : Message/special notes from buyer (optional). | |||
| status : Current offer status (e.g., PENDING, ACCEPTED, DECLINED, COUNTERED, EXPIRED, CANCELLED). | |||
| expiresAt : When this offer expires (optional). | |||
| respondedAt : When the seller (or buyer, for counter-offer) responded/updated the offer status. |
REST Request To access the api you can use the REST controller with the path POST /v1/auctionofferoffers
axios({
method: 'POST',
url: '/v1/auctionofferoffers',
data: {
currency:"String",
productId:"ID",
counterOfferId:"ID",
counterMessage:"String",
counterAmount:"Double",
offerAmount:"Double",
message:"String",
status:"Enum",
expiresAt:"Date",
respondedAt:"Date",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "201",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "auctionOfferOffer",
"method": "POST",
"action": "create",
"appVersion": "Version",
"rowCount": 1,
"auctionOfferOffer": {
"id": "ID",
"buyerId": "ID",
"currency": "String",
"productId": "ID",
"counterOfferId": "ID",
"counterMessage": "String",
"counterAmount": "Double",
"offerAmount": "Double",
"message": "String",
"sellerId": "ID",
"status": "Enum",
"status_idx": "Integer",
"expiresAt": "Date",
"respondedAt": "Date",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
List Auctionofferbids
API
Lists bids by product, user, or auction, supports history/analytics.
Rest Route
The
listAuctionOfferBids
API REST controller can be triggered via the following route:
/v1/auctionofferbids
Rest Request Parameters The
listAuctionOfferBids
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/auctionofferbids
axios({
method: 'GET',
url: '/v1/auctionofferbids',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "auctionOfferBids",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"auctionOfferBids": [
{
"id": "ID",
"userId": "ID",
"bidAmount": "Double",
"placedAt": "Date",
"currency": "String",
"status": "Enum",
"status_idx": "Integer",
"productId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Delete Auctionofferbid
API
Soft-deletes a bid (for admin or self before auction ends).
Rest Route
The
deleteAuctionOfferBid
API REST controller can be triggered via the following route:
/v1/auctionofferbids/:auctionOfferBidId
Rest Request Parameters
The
deleteAuctionOfferBid
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| auctionOfferBidId | ID | true | request.params?.auctionOfferBidId |
| auctionOfferBidId : This id paremeter is used to select the required data object that will be deleted |
REST Request To access the api you can use the REST controller with the path DELETE /v1/auctionofferbids/:auctionOfferBidId
axios({
method: 'DELETE',
url: `/v1/auctionofferbids/${auctionOfferBidId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "auctionOfferBid",
"method": "DELETE",
"action": "delete",
"appVersion": "Version",
"rowCount": 1,
"auctionOfferBid": {
"id": "ID",
"userId": "ID",
"bidAmount": "Double",
"placedAt": "Date",
"currency": "String",
"status": "Enum",
"status_idx": "Integer",
"productId": "ID",
"isActive": false,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Delete Auctionofferoffer
API
Soft-deletes an offer (allowed only in non-accepted/expired state).
Rest Route
The
deleteAuctionOfferOffer
API REST controller can be triggered via the following route:
/v1/auctionofferoffers/:auctionOfferOfferId
Rest Request Parameters
The
deleteAuctionOfferOffer
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| auctionOfferOfferId | ID | true | request.params?.auctionOfferOfferId |
| auctionOfferOfferId : This id paremeter is used to select the required data object that will be deleted |
REST Request To access the api you can use the REST controller with the path DELETE /v1/auctionofferoffers/:auctionOfferOfferId
axios({
method: 'DELETE',
url: `/v1/auctionofferoffers/${auctionOfferOfferId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "auctionOfferOffer",
"method": "DELETE",
"action": "delete",
"appVersion": "Version",
"rowCount": 1,
"auctionOfferOffer": {
"id": "ID",
"buyerId": "ID",
"currency": "String",
"productId": "ID",
"counterOfferId": "ID",
"counterMessage": "String",
"counterAmount": "Double",
"offerAmount": "Double",
"message": "String",
"sellerId": "ID",
"status": "Enum",
"status_idx": "Integer",
"expiresAt": "Date",
"respondedAt": "Date",
"isActive": false,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
CategoryManagement Service
Handles product categories and subcategories for marketplace browsing and classification, supporting public discovery plus admin-only management.
CategoryManagement Service Data Objects
Category Represents a product category in the marketplace (e.g., Electronics, Clothing, Toys), used for browsing, filtering, and discovery. Admins manage categories.
Subcategory Represents a subcategory within a parent category (e.g., 'Smartphones' under 'Electronics'). Used for more granular product discovery and navigation. 'group' categorizes special display logic.
CategoryManagement Service Access urls
This service is accessible via the following environment-specific URLs:
-
Preview:
https://ebaycclone.prw.mindbricks.com/categorymanagement-api -
Staging:
https://ebaycclone-stage.mindbricks.co/categorymanagement-api -
Production:
https://ebaycclone.mindbricks.co/categorymanagement-api
Delete Category
API
Soft-delete a category (admin-only).
Rest Route
The
deleteCategory
API REST controller can be triggered via the following route:
/v1/categories/:categoryId
Rest Request Parameters
The
deleteCategory
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| categoryId | ID | true | request.params?.categoryId |
| categoryId : This id paremeter is used to select the required data object that will be deleted |
REST Request To access the api you can use the REST controller with the path DELETE /v1/categories/:categoryId
axios({
method: 'DELETE',
url: `/v1/categories/${categoryId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "category",
"method": "DELETE",
"action": "delete",
"appVersion": "Version",
"rowCount": 1,
"category": {
"id": "ID",
"imageUrl": "String",
"subtitle": "String",
"title": "String",
"isActive": false,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Get Subcategory
API
Get a subcategory by ID. Public - only active subcategories returned except for admin.
Rest Route
The
getSubcategory
API REST controller can be triggered via the following route:
/v1/subcategories/:subcategoryId
Rest Request Parameters
The
getSubcategory
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| subcategoryId | ID | true | request.params?.subcategoryId |
| subcategoryId : This id paremeter is used to query the required data object. |
REST Request To access the api you can use the REST controller with the path GET /v1/subcategories/:subcategoryId
axios({
method: 'GET',
url: `/v1/subcategories/${subcategoryId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "subcategory",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"subcategory": {
"id": "ID",
"categoryId": "ID",
"name": "String",
"group": "Enum",
"group_idx": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Get Category
API
Get a single category by ID. Public - only active categories returned (for non-admins).
Rest Route
The
getCategory
API REST controller can be triggered via the following route:
/v1/categories/:categoryId
Rest Request Parameters
The
getCategory
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| categoryId | ID | true | request.params?.categoryId |
| categoryId : This id paremeter is used to query the required data object. |
REST Request To access the api you can use the REST controller with the path GET /v1/categories/:categoryId
axios({
method: 'GET',
url: `/v1/categories/${categoryId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "category",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"category": {
"id": "ID",
"imageUrl": "String",
"subtitle": "String",
"title": "String",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Update Subcategory
API
Update subcategory (admin-only), including group enum change.
Rest Route
The
updateSubcategory
API REST controller can be triggered via the following route:
/v1/subcategories/:subcategoryId
Rest Request Parameters
The
updateSubcategory
api has got 4 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| subcategoryId | ID | true | request.params?.subcategoryId |
| categoryId | ID | false | request.body?.categoryId |
| name | String | false | request.body?.name |
| group | Enum | false | request.body?.group |
| subcategoryId : This id paremeter is used to select the required data object that will be updated | |||
| categoryId : Reference to the parent category (category.id). | |||
| name : Display name of the subcategory. | |||
| group : Classification for subcategory display; restrict to enum of MOST_POPULAR or MORE. |
REST Request To access the api you can use the REST controller with the path PATCH /v1/subcategories/:subcategoryId
axios({
method: 'PATCH',
url: `/v1/subcategories/${subcategoryId}`,
data: {
categoryId:"ID",
name:"String",
group:"Enum",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "subcategory",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"subcategory": {
"id": "ID",
"categoryId": "ID",
"name": "String",
"group": "Enum",
"group_idx": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
List Subcategories
API
List all subcategories for browsing/filtering, with support for group enum and parent category queries. Only active subcategories shown to public/non-admin users.
Rest Route
The
listSubcategories
API REST controller can be triggered via the following route:
/v1/subcategories
Rest Request Parameters The
listSubcategories
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/subcategories
axios({
method: 'GET',
url: '/v1/subcategories',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "subcategories",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"subcategories": [
{
"id": "ID",
"categoryId": "ID",
"name": "String",
"group": "Enum",
"group_idx": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Delete Subcategory
API
Soft-delete a subcategory (admin-only).
Rest Route
The
deleteSubcategory
API REST controller can be triggered via the following route:
/v1/subcategories/:subcategoryId
Rest Request Parameters
The
deleteSubcategory
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| subcategoryId | ID | true | request.params?.subcategoryId |
| subcategoryId : This id paremeter is used to select the required data object that will be deleted |
REST Request To access the api you can use the REST controller with the path DELETE /v1/subcategories/:subcategoryId
axios({
method: 'DELETE',
url: `/v1/subcategories/${subcategoryId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "subcategory",
"method": "DELETE",
"action": "delete",
"appVersion": "Version",
"rowCount": 1,
"subcategory": {
"id": "ID",
"categoryId": "ID",
"name": "String",
"group": "Enum",
"group_idx": "Integer",
"isActive": false,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
List Categories
API
List all categories for browsing and filtering. Only active categories shown to public/non-admin users.
Rest Route
The
listCategories
API REST controller can be triggered via the following route:
/v1/categories
Rest Request Parameters The
listCategories
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/categories
axios({
method: 'GET',
url: '/v1/categories',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "categories",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"categories": [
{
"id": "ID",
"imageUrl": "String",
"subtitle": "String",
"title": "String",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Update Category
API
Update category details (admin-only).
Rest Route
The
updateCategory
API REST controller can be triggered via the following route:
/v1/categories/:categoryId
Rest Request Parameters
The
updateCategory
api has got 4 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| categoryId | ID | true | request.params?.categoryId |
| imageUrl | String | false | request.body?.imageUrl |
| subtitle | String | false | request.body?.subtitle |
| title | String | false | request.body?.title |
| categoryId : This id paremeter is used to select the required data object that will be updated | |||
| imageUrl : URL for category image/avatar (optional, used for homepage visuals). | |||
| subtitle : Optional short description for UI/tooltips. | |||
| title : Display name of the category. |
REST Request To access the api you can use the REST controller with the path PATCH /v1/categories/:categoryId
axios({
method: 'PATCH',
url: `/v1/categories/${categoryId}`,
data: {
imageUrl:"String",
subtitle:"String",
title:"String",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "category",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"category": {
"id": "ID",
"imageUrl": "String",
"subtitle": "String",
"title": "String",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Create Subcategory
API
Create a new subcategory under a given category (admin-only), with enum group constraint.
Rest Route
The
createSubcategory
API REST controller can be triggered via the following route:
/v1/subcategories
Rest Request Parameters
The
createSubcategory
api has got 3 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| categoryId | ID | true | request.body?.categoryId |
| name | String | true | request.body?.name |
| group | Enum | true | request.body?.group |
| categoryId : Reference to the parent category (category.id). | |||
| name : Display name of the subcategory. | |||
| group : Classification for subcategory display; restrict to enum of MOST_POPULAR or MORE. |
REST Request To access the api you can use the REST controller with the path POST /v1/subcategories
axios({
method: 'POST',
url: '/v1/subcategories',
data: {
categoryId:"ID",
name:"String",
group:"Enum",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "201",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "subcategory",
"method": "POST",
"action": "create",
"appVersion": "Version",
"rowCount": 1,
"subcategory": {
"id": "ID",
"categoryId": "ID",
"name": "String",
"group": "Enum",
"group_idx": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Create Category
API
Create a new category (admin-only) for product classification.
Rest Route
The
createCategory
API REST controller can be triggered via the following route:
/v1/categories
Rest Request Parameters
The
createCategory
api has got 3 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| imageUrl | String | false | request.body?.imageUrl |
| subtitle | String | false | request.body?.subtitle |
| title | String | true | request.body?.title |
| imageUrl : URL for category image/avatar (optional, used for homepage visuals). | |||
| subtitle : Optional short description for UI/tooltips. | |||
| title : Display name of the category. |
REST Request To access the api you can use the REST controller with the path POST /v1/categories
axios({
method: 'POST',
url: '/v1/categories',
data: {
imageUrl:"String",
subtitle:"String",
title:"String",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "201",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "category",
"method": "POST",
"action": "create",
"appVersion": "Version",
"rowCount": 1,
"category": {
"id": "ID",
"imageUrl": "String",
"subtitle": "String",
"title": "String",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Messaging Service
In-app messaging service for direct user-to-user text messages (buyers/sellers). Stores, retrieves, and manages user conversations. Launch version: text-only.
Messaging Service Data Objects
MessagingMessage A direct, text-only in-app message between two users (buyer/seller); stores sender, recipient, content, read status, and timestamp.
Messaging Service Access urls
This service is accessible via the following environment-specific URLs:
-
Preview:
https://ebaycclone.prw.mindbricks.com/messaging-api -
Staging:
https://ebaycclone-stage.mindbricks.co/messaging-api -
Production:
https://ebaycclone.mindbricks.co/messaging-api
List Messagingmessages
API
List all messages in the conversation between the logged-in user and another party, ordered by sentAt descending. Can filter unread with isRead. Returns only messages visible to user (isActive).
Rest Route
The
listMessagingMessages
API REST controller can be triggered via the following route:
/v1/messagingmessages
Rest Request Parameters The
listMessagingMessages
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/messagingmessages
axios({
method: 'GET',
url: '/v1/messagingmessages',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "messagingMessages",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"messagingMessages": [
{
"id": "ID",
"fromUserId": "ID",
"toUserId": "ID",
"content": "String",
"isRead": "Boolean",
"sentAt": "Date",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Create Messagingmessage
API
Send a new text message from the logged-in user to a recipient. Sender is set from session. Launch version supports only text content.
Rest Route
The
createMessagingMessage
API REST controller can be triggered via the following route:
/v1/messagingmessages
Rest Request Parameters
The
createMessagingMessage
api has got 3 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| toUserId | ID | true | request.body?.toUserId |
| content | String | true | request.body?.content |
| isRead | Boolean | true | request.body?.isRead |
| toUserId : Recipient (user) of this message. | |||
| content : Text content of the message. No files or attachments for launch. | |||
| isRead : If true, recipient has marked this message as read. |
REST Request To access the api you can use the REST controller with the path POST /v1/messagingmessages
axios({
method: 'POST',
url: '/v1/messagingmessages',
data: {
toUserId:"ID",
content:"String",
isRead:"Boolean",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "201",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "messagingMessage",
"method": "POST",
"action": "create",
"appVersion": "Version",
"rowCount": 1,
"messagingMessage": {
"id": "ID",
"fromUserId": "ID",
"toUserId": "ID",
"content": "String",
"isRead": "Boolean",
"sentAt": "Date",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Update Messagingmessage
API
Update a message (mark as read/unread). Only the recipient or admin can change isRead. No content edits. Sender, content, sentAt are immutable.
Rest Route
The
updateMessagingMessage
API REST controller can be triggered via the following route:
/v1/messagingmessages/:messagingMessageId
Rest Request Parameters
The
updateMessagingMessage
api has got 2 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| messagingMessageId | ID | true | request.params?.messagingMessageId |
| isRead | Boolean | false | request.body?.isRead |
| messagingMessageId : This id paremeter is used to select the required data object that will be updated | |||
| isRead : If true, recipient has marked this message as read. |
REST Request To access the api you can use the REST controller with the path PATCH /v1/messagingmessages/:messagingMessageId
axios({
method: 'PATCH',
url: `/v1/messagingmessages/${messagingMessageId}`,
data: {
isRead:"Boolean",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "messagingMessage",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"messagingMessage": {
"id": "ID",
"fromUserId": "ID",
"toUserId": "ID",
"content": "String",
"isRead": "Boolean",
"sentAt": "Date",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Get Messagingmessage
API
Get a message by ID. Only accessible to the sender, the recipient, or an admin. Used for message detail view or reading a single message in a thread.
Rest Route
The
getMessagingMessage
API REST controller can be triggered via the following route:
/v1/messagingmessages/:messagingMessageId
Rest Request Parameters
The
getMessagingMessage
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| messagingMessageId | ID | true | request.params?.messagingMessageId |
| messagingMessageId : This id paremeter is used to query the required data object. |
REST Request To access the api you can use the REST controller with the path GET /v1/messagingmessages/:messagingMessageId
axios({
method: 'GET',
url: `/v1/messagingmessages/${messagingMessageId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "messagingMessage",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"messagingMessage": {
"id": "ID",
"fromUserId": "ID",
"toUserId": "ID",
"content": "String",
"isRead": "Boolean",
"sentAt": "Date",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Delete Messagingmessage
API
Delete a message (soft-delete). Only sender, recipient, or admin may delete a message. Deletion only hides it for the user; not a full erase unless both delete.
Rest Route
The
deleteMessagingMessage
API REST controller can be triggered via the following route:
/v1/messagingmessages/:messagingMessageId
Rest Request Parameters
The
deleteMessagingMessage
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| messagingMessageId | ID | true | request.params?.messagingMessageId |
| messagingMessageId : This id paremeter is used to select the required data object that will be deleted |
REST Request To access the api you can use the REST controller with the path DELETE /v1/messagingmessages/:messagingMessageId
axios({
method: 'DELETE',
url: `/v1/messagingmessages/${messagingMessageId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "messagingMessage",
"method": "DELETE",
"action": "delete",
"appVersion": "Version",
"rowCount": 1,
"messagingMessage": {
"id": "ID",
"fromUserId": "ID",
"toUserId": "ID",
"content": "String",
"isRead": "Boolean",
"sentAt": "Date",
"isActive": false,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
NotificationManagement Service
Handles storage, management, and event-driven delivery of in-app and email notifications for user-impacting system events (bids, offers, orders, feedback, messaging, etc.). Supports marking notifications as read/unread, structured filtering by event type/channel, and always returns in-app notifications ordered by recency.
NotificationManagement Service Data Objects
Notification Stores and manages in-app and email notifications tied to user-facing events like bids, offers, orders, messaging, shipment, and feedback. Includes event type (notificationType) for filter/search, arbitrary event payload, and delivery channel. Soft-delete enforced. In-app notifications always sorted by createdAt DESC on retrieval.
NotificationManagement Service Access urls
This service is accessible via the following environment-specific URLs:
-
Preview:
https://ebaycclone.prw.mindbricks.com/notificationmanagement-api -
Staging:
https://ebaycclone-stage.mindbricks.co/notificationmanagement-api -
Production:
https://ebaycclone.mindbricks.co/notificationmanagement-api
Create Notification
API
Creates a notification entry in response to a system/business event. Only allowed for system/event processes and admins (not standard user/action). Typically event-driven, receives userId, notificationType, payload, and channel.
Rest Route
The
createNotification
API REST controller can be triggered via the following route:
/v1/notifications
Rest Request Parameters
The
createNotification
api has got 5 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| notificationType | Enum | true | request.body?.notificationType |
| userId | ID | true | request.body?.userId |
| channel | Enum | true | request.body?.channel |
| payload | Object | true | request.body?.payload |
| isRead | Boolean | true | request.body?.isRead |
| notificationType : Type of event triggering notification (e.g., BID_UPDATED, ORDER_SHIPPED, MESSAGE_RECEIVED, etc.). Used for display/icon and query filter. | |||
| userId : User receiving the notification (recipient). | |||
| channel : Channel by which notification is delivered: IN_APP or EMAIL. | |||
| payload : Event payload; stores event-specific/structured details for frontend rendering. Structure varies by notificationType. | |||
| isRead : Marks if user has read/seen notification (IN_APP only; always true for EMAIL channel) |
REST Request To access the api you can use the REST controller with the path POST /v1/notifications
axios({
method: 'POST',
url: '/v1/notifications',
data: {
notificationType:"Enum",
userId:"ID",
channel:"Enum",
payload:"Object",
isRead:"Boolean",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "201",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "notification",
"method": "POST",
"action": "create",
"appVersion": "Version",
"rowCount": 1,
"notification": {
"id": "ID",
"notificationType": "Enum",
"notificationType_idx": "Integer",
"userId": "ID",
"channel": "Enum",
"channel_idx": "Integer",
"payload": "Object",
"isRead": "Boolean",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Update Notification
API
Updates a notification (mark as read/unread, payload patch for e.g. admin fix). Only receiver (userId) or admins may update. isRead is primary update scenario; others very limited.
Rest Route
The
updateNotification
API REST controller can be triggered via the following route:
/v1/notifications/:notificationId
Rest Request Parameters
The
updateNotification
api has got 3 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| notificationId | ID | true | request.params?.notificationId |
| payload | Object | false | request.body?.payload |
| isRead | Boolean | false | request.body?.isRead |
| notificationId : This id paremeter is used to select the required data object that will be updated | |||
| payload : Event payload; stores event-specific/structured details for frontend rendering. Structure varies by notificationType. | |||
| isRead : Marks if user has read/seen notification (IN_APP only; always true for EMAIL channel) |
REST Request To access the api you can use the REST controller with the path PATCH /v1/notifications/:notificationId
axios({
method: 'PATCH',
url: `/v1/notifications/${notificationId}`,
data: {
payload:"Object",
isRead:"Boolean",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "notification",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"notification": {
"id": "ID",
"notificationType": "Enum",
"notificationType_idx": "Integer",
"userId": "ID",
"channel": "Enum",
"channel_idx": "Integer",
"payload": "Object",
"isRead": "Boolean",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
List Notifications
API
Returns filtered list of notifications for a user, with optional filters: notificationType, isRead, channel. Always sorted by createdAt (descending) for in-app notifications. Only retrieval allowed for owner/admin.
Rest Route
The
listNotifications
API REST controller can be triggered via the following route:
/v1/notifications
Rest Request Parameters The
listNotifications
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/notifications
axios({
method: 'GET',
url: '/v1/notifications',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "notifications",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"notifications": [
{
"id": "ID",
"notificationType": "Enum",
"notificationType_idx": "Integer",
"userId": "ID",
"channel": "Enum",
"channel_idx": "Integer",
"payload": "Object",
"isRead": "Boolean",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Delete Notification
API
Soft-delete a notification record. Only receiver or admin may delete.
Rest Route
The
deleteNotification
API REST controller can be triggered via the following route:
/v1/notifications/:notificationId
Rest Request Parameters
The
deleteNotification
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| notificationId | ID | true | request.params?.notificationId |
| notificationId : This id paremeter is used to select the required data object that will be deleted |
REST Request To access the api you can use the REST controller with the path DELETE /v1/notifications/:notificationId
axios({
method: 'DELETE',
url: `/v1/notifications/${notificationId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "notification",
"method": "DELETE",
"action": "delete",
"appVersion": "Version",
"rowCount": 1,
"notification": {
"id": "ID",
"notificationType": "Enum",
"notificationType_idx": "Integer",
"userId": "ID",
"channel": "Enum",
"channel_idx": "Integer",
"payload": "Object",
"isRead": "Boolean",
"isActive": false,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Get Notification
API
Retrieves a notification for the receiver or admin. Used to populate content on detail/expanded view.
Rest Route
The
getNotification
API REST controller can be triggered via the following route:
/v1/notifications/:notificationId
Rest Request Parameters
The
getNotification
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| notificationId | ID | true | request.params?.notificationId |
| notificationId : This id paremeter is used to query the required data object. |
REST Request To access the api you can use the REST controller with the path GET /v1/notifications/:notificationId
axios({
method: 'GET',
url: `/v1/notifications/${notificationId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "notification",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"notification": {
"id": "ID",
"notificationType": "Enum",
"notificationType_idx": "Integer",
"userId": "ID",
"channel": "Enum",
"channel_idx": "Integer",
"payload": "Object",
"isRead": "Boolean",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
SearchIndexing Service
Maintains the denormalized search index (materialized view) for global, public search across products, sellers, categories, and subcategories. Handles indexing in response to entity events and exposes optimized query endpoints for BFF/aggregator.
SearchIndexing Service Data Objects
SearchIndex Materialized/denormalized search index record for a marketplace entity (product, seller, category, subcategory). Used exclusively for high-speed querying in BFF global/public search.
SearchIndexing Service Access urls
This service is accessible via the following environment-specific URLs:
-
Preview:
https://ebaycclone.prw.mindbricks.com/searchindexing-api -
Staging:
https://ebaycclone-stage.mindbricks.co/searchindexing-api -
Production:
https://ebaycclone.mindbricks.co/searchindexing-api
List Searchindexes
API
List/search search index entries by type or referenceId (used by BFF/global search). Always excludes inactive (soft-deleted) records. Supports filtering and full-text search filters by documentType/referenceId for admin/maintenance use.
Rest Route
The
listSearchIndexes
API REST controller can be triggered via the following route:
/v1/searchindexes
Rest Request Parameters The
listSearchIndexes
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/searchindexes
axios({
method: 'GET',
url: '/v1/searchindexes',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "searchIndices",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"searchIndices": [
{
"id": "ID",
"documentType": "Enum",
"documentType_idx": "Integer",
"document": "Object",
"referenceId": "ID",
"indexedAt": "Date",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Update Searchindex
API
Update an existing searchIndex record (by (documentType, referenceId) or id). Used in response to events (entity edit, data change); internal/automation/admin only.
Rest Route
The
updateSearchIndex
API REST controller can be triggered via the following route:
/v1/searchindexs/:searchIndexId
Rest Request Parameters
The
updateSearchIndex
api has got 5 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| searchIndexId | ID | true | request.params?.searchIndexId |
| documentType | Enum | false | request.body?.documentType |
| document | Object | true | request.body?.document |
| referenceId | ID | true | request.body?.referenceId |
| indexedAt | Date | false | request.body?.indexedAt |
| searchIndexId : This id paremeter is used to select the required data object that will be updated | |||
| documentType : Type of the indexed document: PRODUCT, SELLER, CATEGORY, SUBCATEGORY | |||
| document : Denormalized snapshot of the entity data, optimized for full-text search. May contain different keys depending on documentType. | |||
| referenceId : ID of the underlying source entity (product, seller, category, subcategory) for reverse-mapping/database triggers. | |||
| indexedAt : Timestamp when the record was (last) indexed. Used for maintenance, debugging, rebuild tracing. |
REST Request To access the api you can use the REST controller with the path PATCH /v1/searchindexs/:searchIndexId
axios({
method: 'PATCH',
url: `/v1/searchindexs/${searchIndexId}`,
data: {
documentType:"Enum",
document:"Object",
referenceId:"ID",
indexedAt:"Date",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "searchIndex",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"searchIndex": {
"id": "ID",
"documentType": "Enum",
"documentType_idx": "Integer",
"document": "Object",
"referenceId": "ID",
"indexedAt": "Date",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Delete Searchindex
API
Soft-delete a searchIndex record (by id or by (documentType, referenceId)). Typical use: in response to entity soft-delete; internal/automation/admin only.
Rest Route
The
deleteSearchIndex
API REST controller can be triggered via the following route:
/v1/searchindexs/:searchIndexId
Rest Request Parameters
The
deleteSearchIndex
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| searchIndexId | ID | true | request.params?.searchIndexId |
| searchIndexId : This id paremeter is used to select the required data object that will be deleted |
REST Request To access the api you can use the REST controller with the path DELETE /v1/searchindexs/:searchIndexId
axios({
method: 'DELETE',
url: `/v1/searchindexs/${searchIndexId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "searchIndex",
"method": "DELETE",
"action": "delete",
"appVersion": "Version",
"rowCount": 1,
"searchIndex": {
"id": "ID",
"documentType": "Enum",
"documentType_idx": "Integer",
"document": "Object",
"referenceId": "ID",
"indexedAt": "Date",
"isActive": false,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Create Searchindex
API
Create a new searchIndex record (internal, used by event triggers and admin tools only). Typically called when a new product/seller/category/subcategory is created.
Rest Route
The
createSearchIndex
API REST controller can be triggered via the following route:
/v1/searchindexs
Rest Request Parameters
The
createSearchIndex
api has got 4 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| documentType | Enum | true | request.body?.documentType |
| document | Object | true | request.body?.document |
| referenceId | ID | true | request.body?.referenceId |
| indexedAt | Date | true | request.body?.indexedAt |
| documentType : Type of the indexed document: PRODUCT, SELLER, CATEGORY, SUBCATEGORY | |||
| document : Denormalized snapshot of the entity data, optimized for full-text search. May contain different keys depending on documentType. | |||
| referenceId : ID of the underlying source entity (product, seller, category, subcategory) for reverse-mapping/database triggers. | |||
| indexedAt : Timestamp when the record was (last) indexed. Used for maintenance, debugging, rebuild tracing. |
REST Request To access the api you can use the REST controller with the path POST /v1/searchindexs
axios({
method: 'POST',
url: '/v1/searchindexs',
data: {
documentType:"Enum",
document:"Object",
referenceId:"ID",
indexedAt:"Date",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "201",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "searchIndex",
"method": "POST",
"action": "create",
"appVersion": "Version",
"rowCount": 1,
"searchIndex": {
"id": "ID",
"documentType": "Enum",
"documentType_idx": "Integer",
"document": "Object",
"referenceId": "ID",
"indexedAt": "Date",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Get Searchindex
API
Get a single denormalized index record (by id, or documentType+referenceId). Used by BFF for full entity search. Always excludes inactive records unless forced (admin only path).
Rest Route
The
getSearchIndex
API REST controller can be triggered via the following route:
/v1/searchindexs/:searchIndexId
Rest Request Parameters
The
getSearchIndex
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| searchIndexId | ID | true | request.params?.searchIndexId |
| searchIndexId : This id paremeter is used to query the required data object. |
REST Request To access the api you can use the REST controller with the path GET /v1/searchindexs/:searchIndexId
axios({
method: 'GET',
url: `/v1/searchindexs/${searchIndexId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "searchIndex",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"searchIndex": {
"id": "ID",
"documentType": "Enum",
"documentType_idx": "Integer",
"document": "Object",
"referenceId": "ID",
"indexedAt": "Date",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
AdminModeration Service
Administrative backend service for moderation and manual override actions. Responsible for logging all admin interventions (user/product/feedback/media/category/order/notification/searchindex moderation), triggering corrections via interservice calls, and providing comprehensive audit trails for compliance.
AdminModeration Service Data Objects
ModerationAction Audit record for all admin moderation/override actions affecting core business entities. Links to admin, timestamp, entity type/ID, action performed, and reason.
AdminModeration Service Access urls
This service is accessible via the following environment-specific URLs:
-
Preview:
https://ebaycclone.prw.mindbricks.com/adminmoderation-api -
Staging:
https://ebaycclone-stage.mindbricks.co/adminmoderation-api -
Production:
https://ebaycclone.mindbricks.co/adminmoderation-api
Get Moderationaction
API
Get a single moderation action log by ID. Used to review admin audit trails; accessible only to platform admins.
Rest Route
The
getModerationAction
API REST controller can be triggered via the following route:
/v1/moderationactions/:moderationActionId
Rest Request Parameters
The
getModerationAction
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| moderationActionId | ID | true | request.params?.moderationActionId |
| moderationActionId : This id paremeter is used to query the required data object. |
REST Request To access the api you can use the REST controller with the path GET /v1/moderationactions/:moderationActionId
axios({
method: 'GET',
url: `/v1/moderationactions/${moderationActionId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "moderationAction",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"moderationAction": {
"id": "ID",
"adminId": "ID",
"entityId": "ID",
"actionTimestamp": "Date",
"entityType": "Enum",
"entityType_idx": "Integer",
"reason": "String",
"actionType": "Enum",
"actionType_idx": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Delete Moderationaction
API
Soft-deletes a moderation action log record (dangerous; allowed only to superadmins or strict manual correction), primarily for audit correction or internal error cleanup. Usually, moderation logs are immutable.
Rest Route
The
deleteModerationAction
API REST controller can be triggered via the following route:
/v1/moderationactions/:moderationActionId
Rest Request Parameters
The
deleteModerationAction
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| moderationActionId | ID | true | request.params?.moderationActionId |
| moderationActionId : This id paremeter is used to select the required data object that will be deleted |
REST Request To access the api you can use the REST controller with the path DELETE /v1/moderationactions/:moderationActionId
axios({
method: 'DELETE',
url: `/v1/moderationactions/${moderationActionId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "moderationAction",
"method": "DELETE",
"action": "delete",
"appVersion": "Version",
"rowCount": 1,
"moderationAction": {
"id": "ID",
"adminId": "ID",
"entityId": "ID",
"actionTimestamp": "Date",
"entityType": "Enum",
"entityType_idx": "Integer",
"reason": "String",
"actionType": "Enum",
"actionType_idx": "Integer",
"isActive": false,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Create Moderationaction
API
Logs an admin moderation or override action in the system for audit and traceability. Requires admin login, takes context from session, and creates an audit entry for any admin operation over any entity type.
Rest Route
The
createModerationAction
API REST controller can be triggered via the following route:
/v1/moderationactions
Rest Request Parameters
The
createModerationAction
api has got 4 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| entityId | ID | true | request.body?.entityId |
| entityType | Enum | true | request.body?.entityType |
| reason | String | true | request.body?.reason |
| actionType | Enum | true | request.body?.actionType |
| entityId : ID of target entity affected by moderation (user/product/etc). | |||
| entityType : Type of entity affected (USER, PRODUCT, FEEDBACK, MEDIA, CATEGORY, NOTIFICATION, ORDER, SEARCHINDEX). | |||
| reason : Explanation or justification for the moderation action performed. | |||
| actionType : Type of moderation action (e.g., SOFT_DELETE, RESTORE, UPDATE_ROLE, MANUAL_CORRECTION, MEDIA_FLAG, INDEX_REBUILD, PAYMENT_FIX, FEEDBACK_OVERRIDE, ADMIN_NOTE). |
REST Request To access the api you can use the REST controller with the path POST /v1/moderationactions
axios({
method: 'POST',
url: '/v1/moderationactions',
data: {
entityId:"ID",
entityType:"Enum",
reason:"String",
actionType:"Enum",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "201",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "moderationAction",
"method": "POST",
"action": "create",
"appVersion": "Version",
"rowCount": 1,
"moderationAction": {
"id": "ID",
"adminId": "ID",
"entityId": "ID",
"actionTimestamp": "Date",
"entityType": "Enum",
"entityType_idx": "Integer",
"reason": "String",
"actionType": "Enum",
"actionType_idx": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
List Moderationactions
API
List moderation actions for admin dashboard/audit search. Supports filtering by admin, entityType, entityId, actionType, and date. Always sorted by most recent action.
Rest Route
The
listModerationActions
API REST controller can be triggered via the following route:
/v1/moderationactions
Rest Request Parameters The
listModerationActions
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/moderationactions
axios({
method: 'GET',
url: '/v1/moderationactions',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "moderationActions",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"moderationActions": [
{
"id": "ID",
"adminId": "ID",
"entityId": "ID",
"actionTimestamp": "Date",
"entityType": "Enum",
"entityType_idx": "Integer",
"reason": "String",
"actionType": "Enum",
"actionType_idx": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Update Moderationaction
API
Allows update of explanation/note on a moderation action for correction (typically by admin or superadmin only). No entity/type/admin may be changed after creation; only 'reason' is editable for audit consistency.
Rest Route
The
updateModerationAction
API REST controller can be triggered via the following route:
/v1/moderationactions/:moderationActionId
Rest Request Parameters
The
updateModerationAction
api has got 2 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| moderationActionId | ID | true | request.params?.moderationActionId |
| reason | String | false | request.body?.reason |
| moderationActionId : This id paremeter is used to select the required data object that will be updated | |||
| reason : Explanation or justification for the moderation action performed. |
REST Request To access the api you can use the REST controller with the path PATCH /v1/moderationactions/:moderationActionId
axios({
method: 'PATCH',
url: `/v1/moderationactions/${moderationActionId}`,
data: {
reason:"String",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "moderationAction",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"moderationAction": {
"id": "ID",
"adminId": "ID",
"entityId": "ID",
"actionTimestamp": "Date",
"entityType": "Enum",
"entityType_idx": "Integer",
"reason": "String",
"actionType": "Enum",
"actionType_idx": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
WatchlistCart Service
Handles user watchlists (with custom folders) and shopping cart preparation for checkout, strictly enforcing only fixed-price products in carts, supporting item moves/bulk operations, and robust default/folder logic..
WatchlistCart Service Data Objects
WatchlistItem Item in a user’s watchlist, optionally in a named folder; references product and user.
CartItem Single product pending checkout in a user’s cart. Only fixed-price products permitted; quantity supported for multi-unit purchases (if allowed).
WatchlistList A named folder/list in a user’s watchlist. Default list exists for all users. Custom lists may be created and deleted.
WatchlistCart Service Access urls
This service is accessible via the following environment-specific URLs:
-
Preview:
https://ebaycclone.prw.mindbricks.com/watchlistcart-api -
Staging:
https://ebaycclone-stage.mindbricks.co/watchlistcart-api -
Production:
https://ebaycclone.mindbricks.co/watchlistcart-api
List Watchlistlist
API
List all lists in user’s watchlists. Supports listing by listId for folders.
Rest Route
The
listWatchlistList
API REST controller can be triggered via the following route:
/v1/watchlistlists
Rest Request Parameters The
listWatchlistList
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/watchlistlists
axios({
method: 'GET',
url: '/v1/watchlistlists',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "watchlistLists",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"watchlistLists": [
{
"id": "ID",
"name": "String",
"itemCount": "Integer",
"userId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
List Cartitems
API
List all cart items for a user (pending checkout).
Rest Route
The
listCartItems
API REST controller can be triggered via the following route:
/v1/cartitems
Rest Request Parameters The
listCartItems
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/cartitems
axios({
method: 'GET',
url: '/v1/cartitems',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "cartItems",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"cartItems": [
{
"id": "ID",
"addedAt": "Date",
"userId": "ID",
"quantity": "Integer",
"productId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID",
"product": [
{
"currency": "String",
"description": "Text",
"condition": "Enum",
"condition_idx": "Integer",
"price": "Double",
"title": "String",
"type": "Enum",
"type_idx": "Integer",
"mediaAssetIds": "ID"
},
{},
{}
]
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Delete Cartitem
API
Remove an item from the user’s cart.
Rest Route
The
deleteCartItem
API REST controller can be triggered via the following route:
/v1/cartitems/:cartItemId
Rest Request Parameters
The
deleteCartItem
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| cartItemId | ID | true | request.params?.cartItemId |
| cartItemId : This id paremeter is used to select the required data object that will be deleted |
REST Request To access the api you can use the REST controller with the path DELETE /v1/cartitems/:cartItemId
axios({
method: 'DELETE',
url: `/v1/cartitems/${cartItemId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "cartItem",
"method": "DELETE",
"action": "delete",
"appVersion": "Version",
"rowCount": 1,
"cartItem": {
"id": "ID",
"addedAt": "Date",
"userId": "ID",
"quantity": "Integer",
"productId": "ID",
"isActive": false,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Create Watchlistitem
API
Add product to user’s watchlist (default or target list/folder). One (user, product, list) per item enforced. Block duplicates.
Rest Route
The
createWatchlistItem
API REST controller can be triggered via the following route:
/v1/watchlistitems
Rest Request Parameters
The
createWatchlistItem
api has got 3 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| addedAt | Date | true | request.body?.addedAt |
| productId | ID | true | request.body?.productId |
| listId | ID | false | request.body?.listId |
| addedAt : Timestamp watchlist item created. | |||
| productId : Referenced product in the watchlist. | |||
| listId : Owning watchlistList; null if in default watchlist. |
REST Request To access the api you can use the REST controller with the path POST /v1/watchlistitems
axios({
method: 'POST',
url: '/v1/watchlistitems',
data: {
addedAt:"Date",
productId:"ID",
listId:"ID",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "201",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "watchlistItem",
"method": "POST",
"action": "create",
"appVersion": "Version",
"rowCount": 1,
"watchlistItem": {
"id": "ID",
"userId": "ID",
"addedAt": "Date",
"productId": "ID",
"listId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
List Watchlistitems
API
List all products in user’s watchlists. Supports listing by listId for folders.
Rest Route
The
listWatchlistItems
API REST controller can be triggered via the following route:
/v1/watchlistitems
Rest Request Parameters The
listWatchlistItems
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/watchlistitems
axios({
method: 'GET',
url: '/v1/watchlistitems',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "watchlistItems",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"watchlistItems": [
{
"id": "ID",
"userId": "ID",
"addedAt": "Date",
"productId": "ID",
"listId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Update Cartitemquantity
API
Change the quantity for a cart item. User must own the item.
Rest Route
The
updateCartItemQuantity
API REST controller can be triggered via the following route:
/v1/cartitemquantity/:cartItemId
Rest Request Parameters
The
updateCartItemQuantity
api has got 2 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| cartItemId | ID | true | request.params?.cartItemId |
| quantity | Integer | false | request.body?.quantity |
| cartItemId : This id paremeter is used to select the required data object that will be updated | |||
| quantity : How many units (if product allows). |
REST Request To access the api you can use the REST controller with the path PATCH /v1/cartitemquantity/:cartItemId
axios({
method: 'PATCH',
url: `/v1/cartitemquantity/${cartItemId}`,
data: {
quantity:"Integer",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "cartItem",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"cartItem": {
"id": "ID",
"addedAt": "Date",
"userId": "ID",
"quantity": "Integer",
"productId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Create Watchlistlist
API
Create a new custom watchlist folder. Name must be unique per user; ‘Default’ is reserved for system.
Rest Route
The
createWatchlistList
API REST controller can be triggered via the following route:
/v1/watchlistlists
Rest Request Parameters
The
createWatchlistList
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| name | String | true | request.body?.name |
| name : Custom folder or list name. 'Default' is reserved (non-deletable for each user). |
REST Request To access the api you can use the REST controller with the path POST /v1/watchlistlists
axios({
method: 'POST',
url: '/v1/watchlistlists',
data: {
name:"String",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "201",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "watchlistList",
"method": "POST",
"action": "create",
"appVersion": "Version",
"rowCount": 1,
"watchlistList": {
"id": "ID",
"name": "String",
"itemCount": "Integer",
"userId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Delete Watchlistlist
API
Delete a custom watchlist (folder). Items are reassigned to user’s default list. Cannot delete default list.
Rest Route
The
deleteWatchlistList
API REST controller can be triggered via the following route:
/v1/watchlistlists/:watchlistListId
Rest Request Parameters
The
deleteWatchlistList
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| watchlistListId | ID | true | request.params?.watchlistListId |
| watchlistListId : This id paremeter is used to select the required data object that will be deleted |
REST Request To access the api you can use the REST controller with the path DELETE /v1/watchlistlists/:watchlistListId
axios({
method: 'DELETE',
url: `/v1/watchlistlists/${watchlistListId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "watchlistList",
"method": "DELETE",
"action": "delete",
"appVersion": "Version",
"rowCount": 1,
"watchlistList": {
"id": "ID",
"name": "String",
"itemCount": "Integer",
"userId": "ID",
"isActive": false,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Delete Watchlistitem
API
Remove a product from a user’s watchlist.
Rest Route
The
deleteWatchlistItem
API REST controller can be triggered via the following route:
/v1/watchlistitems/:watchlistItemId
Rest Request Parameters
The
deleteWatchlistItem
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| watchlistItemId | ID | true | request.params?.watchlistItemId |
| watchlistItemId : This id paremeter is used to select the required data object that will be deleted |
REST Request To access the api you can use the REST controller with the path DELETE /v1/watchlistitems/:watchlistItemId
axios({
method: 'DELETE',
url: `/v1/watchlistitems/${watchlistItemId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "watchlistItem",
"method": "DELETE",
"action": "delete",
"appVersion": "Version",
"rowCount": 1,
"watchlistItem": {
"id": "ID",
"userId": "ID",
"addedAt": "Date",
"productId": "ID",
"listId": "ID",
"isActive": false,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Create Cartitem
API
Add an item to the user’s cart. Only fixed-price products allowed. Duplicates not permitted.
Rest Route
The
createCartItem
API REST controller can be triggered via the following route:
/v1/cartitems
Rest Request Parameters
The
createCartItem
api has got 3 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| addedAt | Date | true | request.body?.addedAt |
| quantity | Integer | true | request.body?.quantity |
| productId | ID | true | request.body?.productId |
| addedAt : Timestamp added to cart. | |||
| quantity : How many units (if product allows). | |||
| productId : Product being checked out. |
REST Request To access the api you can use the REST controller with the path POST /v1/cartitems
axios({
method: 'POST',
url: '/v1/cartitems',
data: {
addedAt:"Date",
quantity:"Integer",
productId:"ID",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "201",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "cartItem",
"method": "POST",
"action": "create",
"appVersion": "Version",
"rowCount": 1,
"cartItem": {
"id": "ID",
"addedAt": "Date",
"userId": "ID",
"quantity": "Integer",
"productId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Do Userwatchlist
API
userwatchlist
Rest Route
The
userwatchlist
API REST controller can be triggered via the following route:
/v1/userwatchlist
Rest Request Parameters The
userwatchlist
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/userwatchlist
axios({
method: 'GET',
url: '/v1/userwatchlist',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "watchlistItems",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"watchlistItems": [
{
"id": "ID",
"userId": "ID",
"addedAt": "Date",
"productId": "ID",
"listId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
List Usercartitems
API
list all cart items adde by user
Rest Route
The
listUserCartItems
API REST controller can be triggered via the following route:
/v1/usercartitems
Rest Request Parameters The
listUserCartItems
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/usercartitems
axios({
method: 'GET',
url: '/v1/usercartitems',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "cartItems",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"cartItems": [
{
"id": "ID",
"addedAt": "Date",
"userId": "ID",
"quantity": "Integer",
"productId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID",
"product": [
{
"currency": "String",
"description": "Text",
"condition": "Enum",
"condition_idx": "Integer",
"endPrice": "Double",
"price": "Double",
"title": "String",
"startPrice": "Double",
"type": "Enum",
"type_idx": "Integer",
"shipping": "Double"
},
{},
{}
]
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Do Userwatchlistlists
API
list all watch lists created by user
Rest Route
The
userwatchlistlists
API REST controller can be triggered via the following route:
/v1/userwatchlistlists
Rest Request Parameters The
userwatchlistlists
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/userwatchlistlists
axios({
method: 'GET',
url: '/v1/userwatchlistlists',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "watchlistLists",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"watchlistLists": [
{
"id": "ID",
"name": "String",
"itemCount": "Integer",
"userId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
ProductListing Service
Handles product listings (both auction and fixed-price), image/media storage with validations, enforces immutable type, soft-delete, and public product discovery.
ProductListing Service Data Objects
ProductListingMedia Stores and manages images/media associated with products, including secure URL, MIME type, and size validation. Each asset can be used by multiple products.
ProductListingProduct Represents a single product listing (fixed-price or auction) in the marketplace, with seller, category, type, price information, shipping details, media references, and dynamic auction fields.
ProductListing Service Access urls
This service is accessible via the following environment-specific URLs:
-
Preview:
https://ebaycclone.prw.mindbricks.com/productlisting-api -
Staging:
https://ebaycclone-stage.mindbricks.co/productlisting-api -
Production:
https://ebaycclone.mindbricks.co/productlisting-api
List Productlistingmedia
API
List all media assets (admin or for media management/bulk preview).
Rest Route
The
listProductListingMedia
API REST controller can be triggered via the following route:
/v1/productlistingmedias
Rest Request Parameters The
listProductListingMedia
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/productlistingmedias
axios({
method: 'GET',
url: '/v1/productlistingmedias',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "productListingMedias",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"productListingMedias": [
{
"id": "ID",
"mimeType": "String",
"productId": "ID",
"url": "String",
"size": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Get Productlistingproduct
API
Get a single product listing. Checks isActive and public status. Includes media, category, subcategory, and seller info via joins.
Rest Route
The
getProductListingProduct
API REST controller can be triggered via the following route:
/v1/productlistingproducts/:productListingProductId
Rest Request Parameters
The
getProductListingProduct
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| productListingProductId | ID | true | request.params?.productListingProductId |
| productListingProductId : This id paremeter is used to query the required data object. |
REST Request To access the api you can use the REST controller with the path GET /v1/productlistingproducts/:productListingProductId
axios({
method: 'GET',
url: `/v1/productlistingproducts/${productListingProductId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "productListingProduct",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"productListingProduct": {
"id": "ID",
"currency": "String",
"description": "Text",
"condition": "Enum",
"condition_idx": "Integer",
"startBid": "Double",
"endPrice": "Double",
"price": "Double",
"title": "String",
"startPrice": "Double",
"type": "Enum",
"type_idx": "Integer",
"endBid": "Double",
"estimatedDelivery": "Date",
"shippingCurrency": "String",
"sellerId": "ID",
"mediaAssetIds": "ID",
"shippingMethod": "Enum",
"shippingMethod_idx": "Integer",
"shipping": "Double",
"startBidDate": "Date",
"subcategoryId": "ID",
"categoryId": "ID",
"endBidDate": "Date",
"currentBid": "Double",
"highestBidderId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
List Productlistingownproducts
API
listing the loggedin user's products
Rest Route
The
listProductListingOwnProducts
API REST controller can be triggered via the following route:
/v1/productlistingownproducts
Rest Request Parameters The
listProductListingOwnProducts
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/productlistingownproducts
axios({
method: 'GET',
url: '/v1/productlistingownproducts',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "productListingProducts",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"productListingProducts": [
{
"id": "ID",
"currency": "String",
"description": "Text",
"condition": "Enum",
"condition_idx": "Integer",
"startBid": "Double",
"endPrice": "Double",
"price": "Double",
"title": "String",
"startPrice": "Double",
"type": "Enum",
"type_idx": "Integer",
"endBid": "Double",
"estimatedDelivery": "Date",
"shippingCurrency": "String",
"sellerId": "ID",
"mediaAssetIds": "ID",
"shippingMethod": "Enum",
"shippingMethod_idx": "Integer",
"shipping": "Double",
"startBidDate": "Date",
"subcategoryId": "ID",
"categoryId": "ID",
"endBidDate": "Date",
"currentBid": "Double",
"highestBidderId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Get Productlistingmedia
API
Get a single media asset by ID (for admin or to display in product UI).
Rest Route
The
getProductListingMedia
API REST controller can be triggered via the following route:
/v1/productlistingmedias/:productListingMediaId
Rest Request Parameters
The
getProductListingMedia
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| productListingMediaId | ID | true | request.params?.productListingMediaId |
| productListingMediaId : This id paremeter is used to query the required data object. |
REST Request To access the api you can use the REST controller with the path GET /v1/productlistingmedias/:productListingMediaId
axios({
method: 'GET',
url: `/v1/productlistingmedias/${productListingMediaId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "productListingMedia",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"productListingMedia": {
"id": "ID",
"mimeType": "String",
"productId": "ID",
"url": "String",
"size": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
List Productlistingproducts
API
List public product listings. Only isActive=true records are returned. Includes category, subcategory, seller, media joins. Supports filtering.
Rest Route
The
listProductListingProducts
API REST controller can be triggered via the following route:
/v1/productlistingproducts
Rest Request Parameters The
listProductListingProducts
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/productlistingproducts
axios({
method: 'GET',
url: '/v1/productlistingproducts',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "productListingProducts",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"productListingProducts": [
{
"id": "ID",
"currency": "String",
"description": "Text",
"condition": "Enum",
"condition_idx": "Integer",
"startBid": "Double",
"endPrice": "Double",
"price": "Double",
"title": "String",
"startPrice": "Double",
"type": "Enum",
"type_idx": "Integer",
"endBid": "Double",
"estimatedDelivery": "Date",
"shippingCurrency": "String",
"sellerId": "ID",
"mediaAssetIds": "ID",
"shippingMethod": "Enum",
"shippingMethod_idx": "Integer",
"shipping": "Double",
"startBidDate": "Date",
"subcategoryId": "ID",
"categoryId": "ID",
"endBidDate": "Date",
"currentBid": "Double",
"highestBidderId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Delete Productlistingproduct
API
Soft-delete a product listing. Only owner or admin can delete.
Rest Route
The
deleteProductListingProduct
API REST controller can be triggered via the following route:
/v1/productlistingproducts/:productListingProductId
Rest Request Parameters
The
deleteProductListingProduct
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| productListingProductId | ID | true | request.params?.productListingProductId |
| productListingProductId : This id paremeter is used to select the required data object that will be deleted |
REST Request To access the api you can use the REST controller with the path DELETE /v1/productlistingproducts/:productListingProductId
axios({
method: 'DELETE',
url: `/v1/productlistingproducts/${productListingProductId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "productListingProduct",
"method": "DELETE",
"action": "delete",
"appVersion": "Version",
"rowCount": 1,
"productListingProduct": {
"id": "ID",
"currency": "String",
"description": "Text",
"condition": "Enum",
"condition_idx": "Integer",
"startBid": "Double",
"endPrice": "Double",
"price": "Double",
"title": "String",
"startPrice": "Double",
"type": "Enum",
"type_idx": "Integer",
"endBid": "Double",
"estimatedDelivery": "Date",
"shippingCurrency": "String",
"sellerId": "ID",
"mediaAssetIds": "ID",
"shippingMethod": "Enum",
"shippingMethod_idx": "Integer",
"shipping": "Double",
"startBidDate": "Date",
"subcategoryId": "ID",
"categoryId": "ID",
"endBidDate": "Date",
"currentBid": "Double",
"highestBidderId": "ID",
"isActive": false,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Update Productlistingproduct
API
Update a product listing. Product type cannot be changed (immutable).
Rest Route
The
updateProductListingProduct
API REST controller can be triggered via the following route:
/v1/productlistingproducts/:productListingProductId
Rest Request Parameters
The
updateProductListingProduct
api has got 21 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| productListingProductId | ID | true | request.params?.productListingProductId |
| currency | String | false | request.body?.currency |
| description | Text | false | request.body?.description |
| condition | Enum | false | request.body?.condition |
| startBid | Double | false | request.body?.startBid |
| endPrice | Double | false | request.body?.endPrice |
| price | Double | false | request.body?.price |
| title | String | false | request.body?.title |
| startPrice | Double | false | request.body?.startPrice |
| endBid | Double | false | request.body?.endBid |
| estimatedDelivery | Date | false | request.body?.estimatedDelivery |
| shippingCurrency | String | false | request.body?.shippingCurrency |
| mediaAssetIds | ID | false | request.body?.mediaAssetIds |
| shippingMethod | Enum | false | request.body?.shippingMethod |
| shipping | Double | false | request.body?.shipping |
| startBidDate | Date | false | request.body?.startBidDate |
| subcategoryId | ID | false | request.body?.subcategoryId |
| categoryId | ID | false | request.body?.categoryId |
| endBidDate | Date | false | request.body?.endBidDate |
| currentBid | Double | false | request.body?.currentBid |
| highestBidderId | ID | false | request.body?.highestBidderId |
| productListingProductId : This id paremeter is used to select the required data object that will be updated | |||
| currency : ISO currency code (e.g. USD, EUR) | |||
| description : Product detailed description | |||
| condition : Condition of product: BRAND_NEW, NEW, or USED | |||
| startBid : The opening bid value (for auction type products) | |||
| endPrice : Optional immediate sale/upper end price for auction (if AUCTION type) | |||
| price : Product price (required if fixed price type) | |||
| title : Product title | |||
| startPrice : Minimum starting price for auction (required if AUCTION type) | |||
| endBid : The upper (max) bid value for auction products (if any) | |||
| estimatedDelivery : Estimated delivery date for this product | |||
| shippingCurrency : Currency code for shipping cost | |||
| mediaAssetIds : References to associated product/media assets | |||
| shippingMethod : Shipping option for product: STANDARD, EXPRESS, or FREE | |||
| shipping : Shipping cost for this product | |||
| startBidDate : Date/time when auction bidding begins | |||
| subcategoryId : Reference to subcategory | |||
| categoryId : Reference to parent category | |||
| endBidDate : Date/time when auction bidding ends | |||
| currentBid : Current highest bid for auction-type product (updated atomically on bid placement) | |||
| highestBidderId : User ID of current highest bidder (auction-only, updated by auction microservice) |
REST Request To access the api you can use the REST controller with the path PATCH /v1/productlistingproducts/:productListingProductId
axios({
method: 'PATCH',
url: `/v1/productlistingproducts/${productListingProductId}`,
data: {
currency:"String",
description:"Text",
condition:"Enum",
startBid:"Double",
endPrice:"Double",
price:"Double",
title:"String",
startPrice:"Double",
endBid:"Double",
estimatedDelivery:"Date",
shippingCurrency:"String",
mediaAssetIds:"ID",
shippingMethod:"Enum",
shipping:"Double",
startBidDate:"Date",
subcategoryId:"ID",
categoryId:"ID",
endBidDate:"Date",
currentBid:"Double",
highestBidderId:"ID",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "productListingProduct",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"productListingProduct": {
"id": "ID",
"currency": "String",
"description": "Text",
"condition": "Enum",
"condition_idx": "Integer",
"startBid": "Double",
"endPrice": "Double",
"price": "Double",
"title": "String",
"startPrice": "Double",
"type": "Enum",
"type_idx": "Integer",
"endBid": "Double",
"estimatedDelivery": "Date",
"shippingCurrency": "String",
"sellerId": "ID",
"mediaAssetIds": "ID",
"shippingMethod": "Enum",
"shippingMethod_idx": "Integer",
"shipping": "Double",
"startBidDate": "Date",
"subcategoryId": "ID",
"categoryId": "ID",
"endBidDate": "Date",
"currentBid": "Double",
"highestBidderId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Create Productlistingproduct
API
Create a new product listing (fixed or auction), conditioned on product type. Type is immutable after creation.
Rest Route
The
createProductListingProduct
API REST controller can be triggered via the following route:
/v1/productlistingproducts
Rest Request Parameters
The
createProductListingProduct
api has got 21 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| currency | String | true | request.body?.currency |
| description | Text | true | request.body?.description |
| condition | Enum | true | request.body?.condition |
| startBid | Double | false | request.body?.startBid |
| endPrice | Double | false | request.body?.endPrice |
| price | Double | false | request.body?.price |
| title | String | true | request.body?.title |
| startPrice | Double | false | request.body?.startPrice |
| type | Enum | true | request.body?.type |
| endBid | Double | false | request.body?.endBid |
| estimatedDelivery | Date | false | request.body?.estimatedDelivery |
| shippingCurrency | String | true | request.body?.shippingCurrency |
| mediaAssetIds | ID | false | request.body?.mediaAssetIds |
| shippingMethod | Enum | true | request.body?.shippingMethod |
| shipping | Double | true | request.body?.shipping |
| startBidDate | Date | false | request.body?.startBidDate |
| subcategoryId | ID | true | request.body?.subcategoryId |
| categoryId | ID | true | request.body?.categoryId |
| endBidDate | Date | false | request.body?.endBidDate |
| currentBid | Double | false | request.body?.currentBid |
| highestBidderId | ID | false | request.body?.highestBidderId |
| currency : ISO currency code (e.g. USD, EUR) | |||
| description : Product detailed description | |||
| condition : Condition of product: BRAND_NEW, NEW, or USED | |||
| startBid : The opening bid value (for auction type products) | |||
| endPrice : Optional immediate sale/upper end price for auction (if AUCTION type) | |||
| price : Product price (required if fixed price type) | |||
| title : Product title | |||
| startPrice : Minimum starting price for auction (required if AUCTION type) | |||
| type : Product listing type, either FIXED or AUCTION (immutable after creation) | |||
| endBid : The upper (max) bid value for auction products (if any) | |||
| estimatedDelivery : Estimated delivery date for this product | |||
| shippingCurrency : Currency code for shipping cost | |||
| mediaAssetIds : References to associated product/media assets | |||
| shippingMethod : Shipping option for product: STANDARD, EXPRESS, or FREE | |||
| shipping : Shipping cost for this product | |||
| startBidDate : Date/time when auction bidding begins | |||
| subcategoryId : Reference to subcategory | |||
| categoryId : Reference to parent category | |||
| endBidDate : Date/time when auction bidding ends | |||
| currentBid : Current highest bid for auction-type product (updated atomically on bid placement) | |||
| highestBidderId : User ID of current highest bidder (auction-only, updated by auction microservice) |
REST Request To access the api you can use the REST controller with the path POST /v1/productlistingproducts
axios({
method: 'POST',
url: '/v1/productlistingproducts',
data: {
currency:"String",
description:"Text",
condition:"Enum",
startBid:"Double",
endPrice:"Double",
price:"Double",
title:"String",
startPrice:"Double",
type:"Enum",
endBid:"Double",
estimatedDelivery:"Date",
shippingCurrency:"String",
mediaAssetIds:"ID",
shippingMethod:"Enum",
shipping:"Double",
startBidDate:"Date",
subcategoryId:"ID",
categoryId:"ID",
endBidDate:"Date",
currentBid:"Double",
highestBidderId:"ID",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "201",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "productListingProduct",
"method": "POST",
"action": "create",
"appVersion": "Version",
"rowCount": 1,
"productListingProduct": {
"id": "ID",
"currency": "String",
"description": "Text",
"condition": "Enum",
"condition_idx": "Integer",
"startBid": "Double",
"endPrice": "Double",
"price": "Double",
"title": "String",
"startPrice": "Double",
"type": "Enum",
"type_idx": "Integer",
"endBid": "Double",
"estimatedDelivery": "Date",
"shippingCurrency": "String",
"sellerId": "ID",
"mediaAssetIds": "ID",
"shippingMethod": "Enum",
"shippingMethod_idx": "Integer",
"shipping": "Double",
"startBidDate": "Date",
"subcategoryId": "ID",
"categoryId": "ID",
"endBidDate": "Date",
"currentBid": "Double",
"highestBidderId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Delete Productlistingmedia
API
Soft-delete a media asset (typically by admin or media owner for flagged/invalid content).
Rest Route
The
deleteProductListingMedia
API REST controller can be triggered via the following route:
/v1/productlistingmedias/:productListingMediaId
Rest Request Parameters
The
deleteProductListingMedia
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| productListingMediaId | ID | true | request.params?.productListingMediaId |
| productListingMediaId : This id paremeter is used to select the required data object that will be deleted |
REST Request To access the api you can use the REST controller with the path DELETE /v1/productlistingmedias/:productListingMediaId
axios({
method: 'DELETE',
url: `/v1/productlistingmedias/${productListingMediaId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "productListingMedia",
"method": "DELETE",
"action": "delete",
"appVersion": "Version",
"rowCount": 1,
"productListingMedia": {
"id": "ID",
"mimeType": "String",
"productId": "ID",
"url": "String",
"size": "Integer",
"isActive": false,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Create Productlistingmedia
API
Create a new media asset record after validation. Used mainly by edge controller after upload.
Rest Route
The
createProductListingMedia
API REST controller can be triggered via the following route:
/v1/productlistingmedias
Rest Request Parameters
The
createProductListingMedia
api has got 4 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| mimeType | String | true | request.body?.mimeType |
| productId | ID | false | request.body?.productId |
| url | String | true | request.body?.url |
| size | Integer | true | request.body?.size |
| mimeType : MIME type of the uploaded media (e.g., image/jpeg) | |||
| productId : ID of product associated with this media asset | |||
| url : Secure, validated URL for the media asset (S3 or equivalent) | |||
| size : Media size in bytes (for validation and quota) |
REST Request To access the api you can use the REST controller with the path POST /v1/productlistingmedias
axios({
method: 'POST',
url: '/v1/productlistingmedias',
data: {
mimeType:"String",
productId:"ID",
url:"String",
size:"Integer",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "201",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "productListingMedia",
"method": "POST",
"action": "create",
"appVersion": "Version",
"rowCount": 1,
"productListingMedia": {
"id": "ID",
"mimeType": "String",
"productId": "ID",
"url": "String",
"size": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
OrderManagement Service
Handles all marketplace orders, manual checkout flows for fixed-price/offer/auction settlements, Stripe payment processing and webhook reconciliation, explicit status updates (shipping, delivery, cancellation), and feedback eligibility via orderItems.
OrderManagement Service Data Objects
OrderManagementOrder Marketplace order record. Stores buyer, shipping, status, items, Stripe payment data, and manual shipment/delivery events. Only accessible to admins or the buyer/seller of order items.
OrderManagementOrderItem Order line item representing purchase of a single product from a specific seller as part of an order. Enables feedback, delivery, and per-seller analytics. Immutable after order creation.
Sys_orderManagementOrderPayment A payment storage object to store the payment life cyle of orders based on orderManagementOrder object. It is autocreated based on the source object's checkout config
Sys_paymentCustomer A payment storage object to store the customer values of the payment platform
Sys_paymentMethod A payment storage object to store the payment methods of the platform customers
OrderManagement Service Access urls
This service is accessible via the following environment-specific URLs:
-
Preview:
https://ebaycclone.prw.mindbricks.com/ordermanagement-api -
Staging:
https://ebaycclone-stage.mindbricks.co/ordermanagement-api -
Production:
https://ebaycclone.mindbricks.co/ordermanagement-api
List Ordermanagementorders
API
List orders, filtered for buyer and/or seller, or by admin. Includes select orderItems.
Rest Route
The
listOrderManagementOrders
API REST controller can be triggered via the following route:
/v1/ordermanagementorders
Rest Request Parameters The
listOrderManagementOrders
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/ordermanagementorders
axios({
method: 'GET',
url: '/v1/ordermanagementorders',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "orderManagementOrders",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"orderManagementOrders": [
{
"id": "ID",
"orderNumber": "String",
"items": "ID",
"buyerId": "ID",
"status": "Enum",
"status_idx": "Integer",
"paymentMethodId": "String",
"stripeCustomerId": "String",
"paymentIntentId": "String",
"shippingAddress": "Object",
"summary": "Object",
"trackingNumber": "String",
"estimatedDelivery": "Date",
"cancelledAt": "Date",
"paidAt": "Date",
"deliveredAt": "Date",
"shippedAt": "Date",
"carrier": "String",
"_paymentConfirmation": "Enum",
"_paymentConfirmation_idx": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Get Ordermanagementorderitem
API
Get a specific order item (for feedback/business logic).
Rest Route
The
getOrderManagementOrderItem
API REST controller can be triggered via the following route:
/v1/ordermanagementorderitems/:orderManagementOrderItemId
Rest Request Parameters
The
getOrderManagementOrderItem
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| orderManagementOrderItemId | ID | true | request.params?.orderManagementOrderItemId |
| orderManagementOrderItemId : This id paremeter is used to query the required data object. |
REST Request To access the api you can use the REST controller with the path GET /v1/ordermanagementorderitems/:orderManagementOrderItemId
axios({
method: 'GET',
url: `/v1/ordermanagementorderitems/${orderManagementOrderItemId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "orderManagementOrderItem",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"orderManagementOrderItem": {
"id": "ID",
"shipping": "Double",
"orderId": "ID",
"quantity": "Integer",
"productId": "ID",
"price": "Double",
"sellerId": "ID",
"title": "String",
"currency": "String",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Delete Ordermanagementorder
API
Soft-delete/cancel order by admin or eligible actor prior to shipment. Sets status to CANCELLED and cancels active payment intent if pending. Irreversible and blocks feedback.
Rest Route
The
deleteOrderManagementOrder
API REST controller can be triggered via the following route:
/v1/ordermanagementorders/:orderManagementOrderId
Rest Request Parameters
The
deleteOrderManagementOrder
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| orderManagementOrderId | ID | true | request.params?.orderManagementOrderId |
| orderManagementOrderId : This id paremeter is used to select the required data object that will be deleted |
REST Request To access the api you can use the REST controller with the path DELETE /v1/ordermanagementorders/:orderManagementOrderId
axios({
method: 'DELETE',
url: `/v1/ordermanagementorders/${orderManagementOrderId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "orderManagementOrder",
"method": "DELETE",
"action": "delete",
"appVersion": "Version",
"rowCount": 1,
"orderManagementOrder": {
"id": "ID",
"orderNumber": "String",
"items": "ID",
"buyerId": "ID",
"status": "Enum",
"status_idx": "Integer",
"paymentMethodId": "String",
"stripeCustomerId": "String",
"paymentIntentId": "String",
"shippingAddress": "Object",
"summary": "Object",
"trackingNumber": "String",
"estimatedDelivery": "Date",
"cancelledAt": "Date",
"paidAt": "Date",
"deliveredAt": "Date",
"shippedAt": "Date",
"carrier": "String",
"_paymentConfirmation": "Enum",
"_paymentConfirmation_idx": "Integer",
"isActive": false,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Get Ordermanagementorder
API
Get single order by ID. Only accessible to admin, buyer, or relevant sellers of items within this order. Includes all orderItems.
Rest Route
The
getOrderManagementOrder
API REST controller can be triggered via the following route:
/v1/ordermanagementorders/:orderManagementOrderId
Rest Request Parameters
The
getOrderManagementOrder
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| orderManagementOrderId | ID | true | request.params?.orderManagementOrderId |
| orderManagementOrderId : This id paremeter is used to query the required data object. |
REST Request To access the api you can use the REST controller with the path GET /v1/ordermanagementorders/:orderManagementOrderId
axios({
method: 'GET',
url: `/v1/ordermanagementorders/${orderManagementOrderId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "orderManagementOrder",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"orderManagementOrder": {
"id": "ID",
"orderNumber": "String",
"items": "ID",
"buyerId": "ID",
"status": "Enum",
"status_idx": "Integer",
"paymentMethodId": "String",
"stripeCustomerId": "String",
"paymentIntentId": "String",
"shippingAddress": "Object",
"summary": "Object",
"trackingNumber": "String",
"estimatedDelivery": "Date",
"cancelledAt": "Date",
"paidAt": "Date",
"deliveredAt": "Date",
"shippedAt": "Date",
"carrier": "String",
"_paymentConfirmation": "Enum",
"_paymentConfirmation_idx": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Update Ordermanagementorderstatus
API
Update order status (manual shipment, delivery, cancellation/refund). Restricted: only seller of all items can mark as shipped, only buyer can confirm delivery, only admin can set refund/cancelled. Timestamps updated as per business rule.
Rest Route
The
updateOrderManagementOrderStatus
API REST controller can be triggered via the following route:
/v1/ordermanagementorderstatus/:orderManagementOrderId
Rest Request Parameters
The
updateOrderManagementOrderStatus
api has got 10 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| orderManagementOrderId | ID | true | request.params?.orderManagementOrderId |
| status | Enum | false | request.body?.status |
| paymentIntentId | String | false | request.body?.paymentIntentId |
| trackingNumber | String | false | request.body?.trackingNumber |
| estimatedDelivery | Date | false | request.body?.estimatedDelivery |
| cancelledAt | Date | false | request.body?.cancelledAt |
| paidAt | Date | false | request.body?.paidAt |
| deliveredAt | Date | false | request.body?.deliveredAt |
| shippedAt | Date | false | request.body?.shippedAt |
| carrier | String | false | request.body?.carrier |
| orderManagementOrderId : This id paremeter is used to select the required data object that will be updated | |||
| status : Order lifecycle: PENDING_PAYMENT, PAID, PROCESSING, SHIPPED, DELIVERED, CANCELLED, REFUNDED | |||
| paymentIntentId : Stripe paymentIntentId; enables webhook correlation and status sync. | |||
| trackingNumber : Optional tracking number entered by seller when marking as shipped. | |||
| estimatedDelivery : Estimated delivery date for order; copied from fastest estimated item or seller input. | |||
| cancelledAt : Timestamp when cancelled by buyer, seller, or admin before shipment. | |||
| paidAt : Timestamp when payment confirmed via Stripe or manual admin update. | |||
| deliveredAt : Timestamp when buyer confirms delivery. | |||
| shippedAt : Timestamp when seller marks as shipped. | |||
| carrier : Optional carrier name entered by seller when marking as shipped. |
REST Request To access the api you can use the REST controller with the path PATCH /v1/ordermanagementorderstatus/:orderManagementOrderId
axios({
method: 'PATCH',
url: `/v1/ordermanagementorderstatus/${orderManagementOrderId}`,
data: {
status:"Enum",
paymentIntentId:"String",
trackingNumber:"String",
estimatedDelivery:"Date",
cancelledAt:"Date",
paidAt:"Date",
deliveredAt:"Date",
shippedAt:"Date",
carrier:"String",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "orderManagementOrder",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"orderManagementOrder": {
"id": "ID",
"orderNumber": "String",
"items": "ID",
"buyerId": "ID",
"status": "Enum",
"status_idx": "Integer",
"paymentMethodId": "String",
"stripeCustomerId": "String",
"paymentIntentId": "String",
"shippingAddress": "Object",
"summary": "Object",
"trackingNumber": "String",
"estimatedDelivery": "Date",
"cancelledAt": "Date",
"paidAt": "Date",
"deliveredAt": "Date",
"shippedAt": "Date",
"carrier": "String",
"_paymentConfirmation": "Enum",
"_paymentConfirmation_idx": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Complete Orderstripewebhook
API
Webhook endpoint called by Stripe to reconcile payment state and update order status based on paymentIntentId and event data. No authentication required (Stripe IPs only).
Rest Route
The
completeOrderStripeWebhook
API REST controller can be triggered via the following route:
/v1/completeorderstripewebhook/:orderManagementOrderId
Rest Request Parameters
The
completeOrderStripeWebhook
api has got 10 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| orderManagementOrderId | ID | true | request.params?.orderManagementOrderId |
| status | Enum | false | request.body?.status |
| paymentIntentId | String | false | request.body?.paymentIntentId |
| trackingNumber | String | false | request.body?.trackingNumber |
| estimatedDelivery | Date | false | request.body?.estimatedDelivery |
| cancelledAt | Date | false | request.body?.cancelledAt |
| paidAt | Date | false | request.body?.paidAt |
| deliveredAt | Date | false | request.body?.deliveredAt |
| shippedAt | Date | false | request.body?.shippedAt |
| carrier | String | false | request.body?.carrier |
| orderManagementOrderId : This id paremeter is used to select the required data object that will be updated | |||
| status : Order lifecycle: PENDING_PAYMENT, PAID, PROCESSING, SHIPPED, DELIVERED, CANCELLED, REFUNDED | |||
| paymentIntentId : Stripe paymentIntentId; enables webhook correlation and status sync. | |||
| trackingNumber : Optional tracking number entered by seller when marking as shipped. | |||
| estimatedDelivery : Estimated delivery date for order; copied from fastest estimated item or seller input. | |||
| cancelledAt : Timestamp when cancelled by buyer, seller, or admin before shipment. | |||
| paidAt : Timestamp when payment confirmed via Stripe or manual admin update. | |||
| deliveredAt : Timestamp when buyer confirms delivery. | |||
| shippedAt : Timestamp when seller marks as shipped. | |||
| carrier : Optional carrier name entered by seller when marking as shipped. |
REST Request To access the api you can use the REST controller with the path PATCH /v1/completeorderstripewebhook/:orderManagementOrderId
axios({
method: 'PATCH',
url: `/v1/completeorderstripewebhook/${orderManagementOrderId}`,
data: {
status:"Enum",
paymentIntentId:"String",
trackingNumber:"String",
estimatedDelivery:"Date",
cancelledAt:"Date",
paidAt:"Date",
deliveredAt:"Date",
shippedAt:"Date",
carrier:"String",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "orderManagementOrder",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"orderManagementOrder": {
"id": "ID",
"orderNumber": "String",
"items": "ID",
"buyerId": "ID",
"status": "Enum",
"status_idx": "Integer",
"paymentMethodId": "String",
"stripeCustomerId": "String",
"paymentIntentId": "String",
"shippingAddress": "Object",
"summary": "Object",
"trackingNumber": "String",
"estimatedDelivery": "Date",
"cancelledAt": "Date",
"paidAt": "Date",
"deliveredAt": "Date",
"shippedAt": "Date",
"carrier": "String",
"_paymentConfirmation": "Enum",
"_paymentConfirmation_idx": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Get Ordermanagementorderbyproductid
API
get orders by productId
Rest Route
The
getOrderManagementOrderByProductId
API REST controller can be triggered via the following route:
/v1/ordermanagementorderbyproductid/:items
Rest Request Parameters
The
getOrderManagementOrderByProductId
api has got 2 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| orderManagementOrderId | ID | true | request.params?.orderManagementOrderId |
| items | String | true | request.params?.items |
| orderManagementOrderId : This id paremeter is used to query the required data object. | |||
| items : This parameter will be used to select the data object that is queried |
REST Request To access the api you can use the REST controller with the path GET /v1/ordermanagementorderbyproductid/:items
axios({
method: 'GET',
url: `/v1/ordermanagementorderbyproductid/${items}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "orderManagementOrder",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"orderManagementOrder": {
"id": "ID",
"orderNumber": "String",
"items": "ID",
"buyerId": "ID",
"status": "Enum",
"status_idx": "Integer",
"paymentMethodId": "String",
"stripeCustomerId": "String",
"paymentIntentId": "String",
"shippingAddress": "Object",
"summary": "Object",
"trackingNumber": "String",
"estimatedDelivery": "Date",
"cancelledAt": "Date",
"paidAt": "Date",
"deliveredAt": "Date",
"shippedAt": "Date",
"carrier": "String",
"_paymentConfirmation": "Enum",
"_paymentConfirmation_idx": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Create Ordermanagementorder
API
Creates an order and initiates Stripe payment. Validates that all products in the order are fixed-price, populates orderItems, saves Stripe customer/paymentMethod/paymentIntentId for reconciliation. Only accessible to buyers for own checkouts and only allows fixed-price product checkout (no auction).
Rest Route
The
createOrderManagementOrder
API REST controller can be triggered via the following route:
/v1/ordermanagementorders
Rest Request Parameters
The
createOrderManagementOrder
api has got 14 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| orderNumber | String | true | request.body?.orderNumber |
| items | ID | false | request.body?.items |
| paymentMethodId | String | true | request.body?.paymentMethodId |
| stripeCustomerId | String | true | request.body?.stripeCustomerId |
| paymentIntentId | String | false | request.body?.paymentIntentId |
| shippingAddress | Object | true | request.body?.shippingAddress |
| summary | Object | true | request.body?.summary |
| trackingNumber | String | false | request.body?.trackingNumber |
| estimatedDelivery | Date | false | request.body?.estimatedDelivery |
| cancelledAt | Date | false | request.body?.cancelledAt |
| paidAt | Date | false | request.body?.paidAt |
| deliveredAt | Date | false | request.body?.deliveredAt |
| shippedAt | Date | false | request.body?.shippedAt |
| carrier | String | false | request.body?.carrier |
| orderNumber : Unique, human-friendly order number (displayed to users); enforced unique. | |||
| items : Array of orderManagementOrderItem ids representing items in this order. | |||
| paymentMethodId : Stripe paymentMethodId used for payment. Not stored if cash or other payment (future). | |||
| stripeCustomerId : Stripe customerId of buyer; enables saved/paymentMethodId flows. | |||
| paymentIntentId : Stripe paymentIntentId; enables webhook correlation and status sync. | |||
| shippingAddress : Shipping address for the order (copy of buyer address at purchase time). | |||
| summary : Object with total, subtotal, currency, shipping, discount breakdown as snapshot of order at time of purchase. | |||
| trackingNumber : Optional tracking number entered by seller when marking as shipped. | |||
| estimatedDelivery : Estimated delivery date for order; copied from fastest estimated item or seller input. | |||
| cancelledAt : Timestamp when cancelled by buyer, seller, or admin before shipment. | |||
| paidAt : Timestamp when payment confirmed via Stripe or manual admin update. | |||
| deliveredAt : Timestamp when buyer confirms delivery. | |||
| shippedAt : Timestamp when seller marks as shipped. | |||
| carrier : Optional carrier name entered by seller when marking as shipped. |
REST Request To access the api you can use the REST controller with the path POST /v1/ordermanagementorders
axios({
method: 'POST',
url: '/v1/ordermanagementorders',
data: {
orderNumber:"String",
items:"ID",
paymentMethodId:"String",
stripeCustomerId:"String",
paymentIntentId:"String",
shippingAddress:"Object",
summary:"Object",
trackingNumber:"String",
estimatedDelivery:"Date",
cancelledAt:"Date",
paidAt:"Date",
deliveredAt:"Date",
shippedAt:"Date",
carrier:"String",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "201",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "orderManagementOrder",
"method": "POST",
"action": "create",
"appVersion": "Version",
"rowCount": 1,
"orderManagementOrder": {
"id": "ID",
"orderNumber": "String",
"items": "ID",
"buyerId": "ID",
"status": "Enum",
"status_idx": "Integer",
"paymentMethodId": "String",
"stripeCustomerId": "String",
"paymentIntentId": "String",
"shippingAddress": "Object",
"summary": "Object",
"trackingNumber": "String",
"estimatedDelivery": "Date",
"cancelledAt": "Date",
"paidAt": "Date",
"deliveredAt": "Date",
"shippedAt": "Date",
"carrier": "String",
"_paymentConfirmation": "Enum",
"_paymentConfirmation_idx": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
List Ordermanagementorderitems
API
List order items for a given order or for buyer/seller analytics. Used for feedback management.
Rest Route
The
listOrderManagementOrderItems
API REST controller can be triggered via the following route:
/v1/ordermanagementorderitems
Rest Request Parameters The
listOrderManagementOrderItems
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/ordermanagementorderitems
axios({
method: 'GET',
url: '/v1/ordermanagementorderitems',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "orderManagementOrderItems",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"orderManagementOrderItems": [
{
"id": "ID",
"shipping": "Double",
"orderId": "ID",
"quantity": "Integer",
"productId": "ID",
"price": "Double",
"sellerId": "ID",
"title": "String",
"currency": "String",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
List Ownordermanagementorders
API
list the loggedin user orders
Rest Route
The
listOwnOrderManagementOrders
API REST controller can be triggered via the following route:
/v1/ownordermanagementorders
Rest Request Parameters The
listOwnOrderManagementOrders
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/ownordermanagementorders
axios({
method: 'GET',
url: '/v1/ownordermanagementorders',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "orderManagementOrders",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"orderManagementOrders": [
{
"id": "ID",
"orderNumber": "String",
"items": "ID",
"buyerId": "ID",
"status": "Enum",
"status_idx": "Integer",
"paymentMethodId": "String",
"stripeCustomerId": "String",
"paymentIntentId": "String",
"shippingAddress": "Object",
"summary": "Object",
"trackingNumber": "String",
"estimatedDelivery": "Date",
"cancelledAt": "Date",
"paidAt": "Date",
"deliveredAt": "Date",
"shippedAt": "Date",
"carrier": "String",
"_paymentConfirmation": "Enum",
"_paymentConfirmation_idx": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Lis Ordermanagementownorderitem
API
list the loggedin user's order items
Rest Route
The
lisOrderManagementOwnOrderItem
API REST controller can be triggered via the following route:
/v1/lisordermanagementownorderitem
Rest Request Parameters The
lisOrderManagementOwnOrderItem
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/lisordermanagementownorderitem
axios({
method: 'GET',
url: '/v1/lisordermanagementownorderitem',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "orderManagementOrderItems",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"orderManagementOrderItems": [
{
"id": "ID",
"shipping": "Double",
"orderId": "ID",
"quantity": "Integer",
"productId": "ID",
"price": "Double",
"sellerId": "ID",
"title": "String",
"currency": "String",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Create Ordermanagementorderitem
API
create order item
Rest Route
The
createOrderManagementOrderItem
API REST controller can be triggered via the following route:
/v1/ordermanagementorderitems
Rest Request Parameters
The
createOrderManagementOrderItem
api has got 8 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| shipping | Double | true | request.body?.shipping |
| orderId | ID | true | request.body?.orderId |
| quantity | Integer | true | request.body?.quantity |
| productId | ID | true | request.body?.productId |
| price | Double | true | request.body?.price |
| sellerId | ID | true | request.body?.sellerId |
| title | String | true | request.body?.title |
| currency | String | true | request.body?.currency |
| shipping : Shipping cost for this product (may be 0 for free shipping). | |||
| orderId : Parent order this item belongs to; enables join and lifecycle tracking. | |||
| quantity : Number of units purchased for this product. | |||
| productId : ID of product purchased in this line item. | |||
| price : Unit price for this product at purchase time. | |||
| sellerId : UserId of seller (owner of product at purchase time). | |||
| title : Product title at purchase time (copied for convenience/audit). | |||
| currency : Currency code for price/shipping (ISO 4217). |
REST Request To access the api you can use the REST controller with the path POST /v1/ordermanagementorderitems
axios({
method: 'POST',
url: '/v1/ordermanagementorderitems',
data: {
shipping:"Double",
orderId:"ID",
quantity:"Integer",
productId:"ID",
price:"Double",
sellerId:"ID",
title:"String",
currency:"String",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "201",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "orderManagementOrderItem",
"method": "POST",
"action": "create",
"appVersion": "Version",
"rowCount": 1,
"orderManagementOrderItem": {
"id": "ID",
"shipping": "Double",
"orderId": "ID",
"quantity": "Integer",
"productId": "ID",
"price": "Double",
"sellerId": "ID",
"title": "String",
"currency": "String",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Get Ordermanagementorderpayment2
API
This route is used to get the payment information by ID.
Rest Route
The
getOrderManagementOrderPayment2
API REST controller can be triggered via the following route:
/v1/ordermanagementorderpayment2/:sys_orderManagementOrderPaymentId
Rest Request Parameters
The
getOrderManagementOrderPayment2
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| sys_orderManagementOrderPaymentId | ID | true | request.params?.sys_orderManagementOrderPaymentId |
| sys_orderManagementOrderPaymentId : This id paremeter is used to query the required data object. |
REST Request To access the api you can use the REST controller with the path GET /v1/ordermanagementorderpayment2/:sys_orderManagementOrderPaymentId
axios({
method: 'GET',
url: `/v1/ordermanagementorderpayment2/${sys_orderManagementOrderPaymentId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "sys_orderManagementOrderPayment",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"sys_orderManagementOrderPayment": {
"id": "ID",
"ownerId": "ID",
"orderId": "ID",
"paymentId": "String",
"paymentStatus": "String",
"statusLiteral": "String",
"redirectUrl": "String",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
List Ordermanagementorderpayments2
API
This route is used to list all payments.
Rest Route
The
listOrderManagementOrderPayments2
API REST controller can be triggered via the following route:
/v1/ordermanagementorderpayments2
Rest Request Parameters The
listOrderManagementOrderPayments2
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/ordermanagementorderpayments2
axios({
method: 'GET',
url: '/v1/ordermanagementorderpayments2',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "sys_orderManagementOrderPayments",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"sys_orderManagementOrderPayments": [
{
"id": "ID",
"ownerId": "ID",
"orderId": "ID",
"paymentId": "String",
"paymentStatus": "String",
"statusLiteral": "String",
"redirectUrl": "String",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Create Ordermanagementorderpayment
API
This route is used to create a new payment.
Rest Route
The
createOrderManagementOrderPayment
API REST controller can be triggered via the following route:
/v1/ordermanagementorderpayment
Rest Request Parameters
The
createOrderManagementOrderPayment
api has got 5 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| orderId | ID | true | request.body?.orderId |
| paymentId | String | true | request.body?.paymentId |
| paymentStatus | String | true | request.body?.paymentStatus |
| statusLiteral | String | true | request.body?.statusLiteral |
| redirectUrl | String | false | request.body?.redirectUrl |
| orderId : an ID value to represent the orderId which is the ID parameter of the source orderManagementOrder object | |||
| paymentId : A String value to represent the paymentId which is generated on the Stripe gateway. This id may represent different objects due to the payment gateway and the chosen flow type | |||
| paymentStatus : A string value to represent the payment status which belongs to the lifecyle of a Stripe payment. | |||
| statusLiteral : A string value to represent the logical payment status which belongs to the application lifecycle itself. | |||
| redirectUrl : A string value to represent return page of the frontend to show the result of the payment, this is used when the callback is made to server not the client. |
REST Request To access the api you can use the REST controller with the path POST /v1/ordermanagementorderpayment
axios({
method: 'POST',
url: '/v1/ordermanagementorderpayment',
data: {
orderId:"ID",
paymentId:"String",
paymentStatus:"String",
statusLiteral:"String",
redirectUrl:"String",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "201",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "sys_orderManagementOrderPayment",
"method": "POST",
"action": "create",
"appVersion": "Version",
"rowCount": 1,
"sys_orderManagementOrderPayment": {
"id": "ID",
"ownerId": "ID",
"orderId": "ID",
"paymentId": "String",
"paymentStatus": "String",
"statusLiteral": "String",
"redirectUrl": "String",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Update Ordermanagementorderpayment
API
This route is used to update an existing payment.
Rest Route
The
updateOrderManagementOrderPayment
API REST controller can be triggered via the following route:
/v1/ordermanagementorderpayment/:sys_orderManagementOrderPaymentId
Rest Request Parameters
The
updateOrderManagementOrderPayment
api has got 5 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| sys_orderManagementOrderPaymentId | ID | true | request.params?.sys_orderManagementOrderPaymentId |
| paymentId | String | false | request.body?.paymentId |
| paymentStatus | String | false | request.body?.paymentStatus |
| statusLiteral | String | false | request.body?.statusLiteral |
| redirectUrl | String | false | request.body?.redirectUrl |
| sys_orderManagementOrderPaymentId : This id paremeter is used to select the required data object that will be updated | |||
| paymentId : A String value to represent the paymentId which is generated on the Stripe gateway. This id may represent different objects due to the payment gateway and the chosen flow type | |||
| paymentStatus : A string value to represent the payment status which belongs to the lifecyle of a Stripe payment. | |||
| statusLiteral : A string value to represent the logical payment status which belongs to the application lifecycle itself. | |||
| redirectUrl : A string value to represent return page of the frontend to show the result of the payment, this is used when the callback is made to server not the client. |
REST Request To access the api you can use the REST controller with the path PATCH /v1/ordermanagementorderpayment/:sys_orderManagementOrderPaymentId
axios({
method: 'PATCH',
url: `/v1/ordermanagementorderpayment/${sys_orderManagementOrderPaymentId}`,
data: {
paymentId:"String",
paymentStatus:"String",
statusLiteral:"String",
redirectUrl:"String",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "sys_orderManagementOrderPayment",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"sys_orderManagementOrderPayment": {
"id": "ID",
"ownerId": "ID",
"orderId": "ID",
"paymentId": "String",
"paymentStatus": "String",
"statusLiteral": "String",
"redirectUrl": "String",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Delete Ordermanagementorderpayment
API
This route is used to delete a payment.
Rest Route
The
deleteOrderManagementOrderPayment
API REST controller can be triggered via the following route:
/v1/ordermanagementorderpayment/:sys_orderManagementOrderPaymentId
Rest Request Parameters
The
deleteOrderManagementOrderPayment
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| sys_orderManagementOrderPaymentId | ID | true | request.params?.sys_orderManagementOrderPaymentId |
| sys_orderManagementOrderPaymentId : This id paremeter is used to select the required data object that will be deleted |
REST Request To access the api you can use the REST controller with the path DELETE /v1/ordermanagementorderpayment/:sys_orderManagementOrderPaymentId
axios({
method: 'DELETE',
url: `/v1/ordermanagementorderpayment/${sys_orderManagementOrderPaymentId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "sys_orderManagementOrderPayment",
"method": "DELETE",
"action": "delete",
"appVersion": "Version",
"rowCount": 1,
"sys_orderManagementOrderPayment": {
"id": "ID",
"ownerId": "ID",
"orderId": "ID",
"paymentId": "String",
"paymentStatus": "String",
"statusLiteral": "String",
"redirectUrl": "String",
"isActive": false,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
List Ordermanagementorderpayments2
API
This route is used to list all payments.
Rest Route
The
listOrderManagementOrderPayments2
API REST controller can be triggered via the following route:
/v1/ordermanagementorderpayments2
Rest Request Parameters The
listOrderManagementOrderPayments2
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/ordermanagementorderpayments2
axios({
method: 'GET',
url: '/v1/ordermanagementorderpayments2',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "sys_orderManagementOrderPayments",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"sys_orderManagementOrderPayments": [
{
"id": "ID",
"ownerId": "ID",
"orderId": "ID",
"paymentId": "String",
"paymentStatus": "String",
"statusLiteral": "String",
"redirectUrl": "String",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Get Ordermanagementorderpaymentbyorderid
API
This route is used to get the payment information by order id.
Rest Route
The
getOrderManagementOrderPaymentByOrderId
API REST controller can be triggered via the following route:
/v1/orderManagementOrderpaymentbyorderid/:orderId
Rest Request Parameters
The
getOrderManagementOrderPaymentByOrderId
api has got 2 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| sys_orderManagementOrderPaymentId | ID | true | request.params?.sys_orderManagementOrderPaymentId |
| orderId | String | true | request.params?.orderId |
| sys_orderManagementOrderPaymentId : This id paremeter is used to query the required data object. | |||
| orderId : This parameter will be used to select the data object that is queried |
REST Request To access the api you can use the REST controller with the path GET /v1/orderManagementOrderpaymentbyorderid/:orderId
axios({
method: 'GET',
url: `/v1/orderManagementOrderpaymentbyorderid/${orderId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "sys_orderManagementOrderPayment",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"sys_orderManagementOrderPayment": {
"id": "ID",
"ownerId": "ID",
"orderId": "ID",
"paymentId": "String",
"paymentStatus": "String",
"statusLiteral": "String",
"redirectUrl": "String",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Get Ordermanagementorderpaymentbypaymentid
API
This route is used to get the payment information by payment id.
Rest Route
The
getOrderManagementOrderPaymentByPaymentId
API REST controller can be triggered via the following route:
/v1/orderManagementOrderpaymentbypaymentid/:paymentId
Rest Request Parameters
The
getOrderManagementOrderPaymentByPaymentId
api has got 2 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| sys_orderManagementOrderPaymentId | ID | true | request.params?.sys_orderManagementOrderPaymentId |
| paymentId | String | true | request.params?.paymentId |
| sys_orderManagementOrderPaymentId : This id paremeter is used to query the required data object. | |||
| paymentId : This parameter will be used to select the data object that is queried |
REST Request To access the api you can use the REST controller with the path GET /v1/orderManagementOrderpaymentbypaymentid/:paymentId
axios({
method: 'GET',
url: `/v1/orderManagementOrderpaymentbypaymentid/${paymentId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "sys_orderManagementOrderPayment",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"sys_orderManagementOrderPayment": {
"id": "ID",
"ownerId": "ID",
"orderId": "ID",
"paymentId": "String",
"paymentStatus": "String",
"statusLiteral": "String",
"redirectUrl": "String",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Get Ordermanagementorderpayment2
API
This route is used to get the payment information by ID.
Rest Route
The
getOrderManagementOrderPayment2
API REST controller can be triggered via the following route:
/v1/ordermanagementorderpayment2/:sys_orderManagementOrderPaymentId
Rest Request Parameters
The
getOrderManagementOrderPayment2
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| sys_orderManagementOrderPaymentId | ID | true | request.params?.sys_orderManagementOrderPaymentId |
| sys_orderManagementOrderPaymentId : This id paremeter is used to query the required data object. |
REST Request To access the api you can use the REST controller with the path GET /v1/ordermanagementorderpayment2/:sys_orderManagementOrderPaymentId
axios({
method: 'GET',
url: `/v1/ordermanagementorderpayment2/${sys_orderManagementOrderPaymentId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "sys_orderManagementOrderPayment",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"sys_orderManagementOrderPayment": {
"id": "ID",
"ownerId": "ID",
"orderId": "ID",
"paymentId": "String",
"paymentStatus": "String",
"statusLiteral": "String",
"redirectUrl": "String",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Start Ordermanagementorderpayment
API
Start payment for orderManagementOrder
Rest Route
The
startOrderManagementOrderPayment
API REST controller can be triggered via the following route:
/v1/startordermanagementorderpayment/:orderManagementOrderId
Rest Request Parameters
The
startOrderManagementOrderPayment
api has got 2 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| orderManagementOrderId | ID | true | request.params?.orderManagementOrderId |
| paymentUserParams | Object | false | request.body?.paymentUserParams |
| orderManagementOrderId : This id paremeter is used to select the required data object that will be updated | |||
| paymentUserParams : The user parameters that should be defined to start a stripe payment process |
REST Request To access the api you can use the REST controller with the path PATCH /v1/startordermanagementorderpayment/:orderManagementOrderId
axios({
method: 'PATCH',
url: `/v1/startordermanagementorderpayment/${orderManagementOrderId}`,
data: {
paymentUserParams:"Object",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "orderManagementOrder",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"orderManagementOrder": {
"id": "ID",
"orderNumber": "String",
"items": "ID",
"buyerId": "ID",
"status": "Enum",
"status_idx": "Integer",
"paymentMethodId": "String",
"stripeCustomerId": "String",
"paymentIntentId": "String",
"shippingAddress": "Object",
"summary": "Object",
"trackingNumber": "String",
"estimatedDelivery": "Date",
"cancelledAt": "Date",
"paidAt": "Date",
"deliveredAt": "Date",
"shippedAt": "Date",
"carrier": "String",
"_paymentConfirmation": "Enum",
"_paymentConfirmation_idx": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
"paymentResult": {
"paymentTicketId": "ID",
"orderId": "ID",
"paymentId": "String",
"paymentStatus": "Enum",
"paymentIntentInfo": "Object",
"statusLiteral": "String",
"amount": "Double",
"currency": "String",
"success": true,
"description": "String",
"metadata": "Object",
"paymentUserParams": "Object"
}
}
Refresh Ordermanagementorderpayment
API
Refresh payment info for orderManagementOrder from Stripe
Rest Route
The
refreshOrderManagementOrderPayment
API REST controller can be triggered via the following route:
/v1/refreshordermanagementorderpayment/:orderManagementOrderId
Rest Request Parameters
The
refreshOrderManagementOrderPayment
api has got 2 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| orderManagementOrderId | ID | true | request.params?.orderManagementOrderId |
| paymentUserParams | Object | false | request.body?.paymentUserParams |
| orderManagementOrderId : This id paremeter is used to select the required data object that will be updated | |||
| paymentUserParams : The user parameters that should be defined to refresh a stripe payment process |
REST Request To access the api you can use the REST controller with the path PATCH /v1/refreshordermanagementorderpayment/:orderManagementOrderId
axios({
method: 'PATCH',
url: `/v1/refreshordermanagementorderpayment/${orderManagementOrderId}`,
data: {
paymentUserParams:"Object",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "orderManagementOrder",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"orderManagementOrder": {
"id": "ID",
"orderNumber": "String",
"items": "ID",
"buyerId": "ID",
"status": "Enum",
"status_idx": "Integer",
"paymentMethodId": "String",
"stripeCustomerId": "String",
"paymentIntentId": "String",
"shippingAddress": "Object",
"summary": "Object",
"trackingNumber": "String",
"estimatedDelivery": "Date",
"cancelledAt": "Date",
"paidAt": "Date",
"deliveredAt": "Date",
"shippedAt": "Date",
"carrier": "String",
"_paymentConfirmation": "Enum",
"_paymentConfirmation_idx": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
"paymentResult": {
"paymentTicketId": "ID",
"orderId": "ID",
"paymentId": "String",
"paymentStatus": "Enum",
"paymentIntentInfo": "Object",
"statusLiteral": "String",
"amount": "Double",
"currency": "String",
"success": true,
"description": "String",
"metadata": "Object",
"paymentUserParams": "Object"
}
}
Callback Ordermanagementorderpayment
API
Refresh payment values by gateway webhook call for orderManagementOrder
Rest Route
The
callbackOrderManagementOrderPayment
API REST controller can be triggered via the following route:
/v1/callbackordermanagementorderpayment
Rest Request Parameters
The
callbackOrderManagementOrderPayment
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| orderManagementOrderId | ID | true | request.body?.orderManagementOrderId |
| orderManagementOrderId : The order id parameter that will be read from webhook callback params |
REST Request To access the api you can use the REST controller with the path POST /v1/callbackordermanagementorderpayment
axios({
method: 'POST',
url: '/v1/callbackordermanagementorderpayment',
data: {
orderManagementOrderId:"ID",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "orderManagementOrder",
"method": "POST",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"orderManagementOrder": {
"id": "ID",
"orderNumber": "String",
"items": "ID",
"buyerId": "ID",
"status": "Enum",
"status_idx": "Integer",
"paymentMethodId": "String",
"stripeCustomerId": "String",
"paymentIntentId": "String",
"shippingAddress": "Object",
"summary": "Object",
"trackingNumber": "String",
"estimatedDelivery": "Date",
"cancelledAt": "Date",
"paidAt": "Date",
"deliveredAt": "Date",
"shippedAt": "Date",
"carrier": "String",
"_paymentConfirmation": "Enum",
"_paymentConfirmation_idx": "Integer",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
"paymentResult": {
"paymentTicketId": "ID",
"orderId": "ID",
"paymentId": "String",
"paymentStatus": "Enum",
"paymentIntentInfo": "Object",
"statusLiteral": "String",
"amount": "Double",
"currency": "String",
"success": true,
"description": "String",
"metadata": "Object",
"paymentUserParams": "Object"
}
}
Get Paymentcustomerbyuserid
API
This route is used to get the payment customer information by user id.
Rest Route
The
getPaymentCustomerByUserId
API REST controller can be triggered via the following route:
/v1/paymentcustomers/:userId
Rest Request Parameters
The
getPaymentCustomerByUserId
api has got 2 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| sys_paymentCustomerId | ID | true | request.params?.sys_paymentCustomerId |
| userId | String | true | request.params?.userId |
| sys_paymentCustomerId : This id paremeter is used to query the required data object. | |||
| userId : This parameter will be used to select the data object that is queried |
REST Request To access the api you can use the REST controller with the path GET /v1/paymentcustomers/:userId
axios({
method: 'GET',
url: `/v1/paymentcustomers/${userId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "sys_paymentCustomer",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"sys_paymentCustomer": {
"id": "ID",
"userId": "ID",
"customerId": "String",
"platform": "String",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
List Paymentcustomers
API
This route is used to list all payment customers.
Rest Route
The
listPaymentCustomers
API REST controller can be triggered via the following route:
/v1/paymentcustomers
Rest Request Parameters The
listPaymentCustomers
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/paymentcustomers
axios({
method: 'GET',
url: '/v1/paymentcustomers',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "sys_paymentCustomers",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"sys_paymentCustomers": [
{
"id": "ID",
"userId": "ID",
"customerId": "String",
"platform": "String",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
List Paymentcustomermethods
API
This route is used to list all payment customer methods.
Rest Route
The
listPaymentCustomerMethods
API REST controller can be triggered via the following route:
/v1/paymentcustomermethods/:userId
Rest Request Parameters
The
listPaymentCustomerMethods
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| userId | String | true | request.params?.userId |
| userId : This parameter will be used to select the data objects that want to be listed |
REST Request To access the api you can use the REST controller with the path GET /v1/paymentcustomermethods/:userId
axios({
method: 'GET',
url: `/v1/paymentcustomermethods/${userId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "sys_paymentMethods",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"sys_paymentMethods": [
{
"id": "ID",
"paymentMethodId": "String",
"userId": "ID",
"customerId": "String",
"cardHolderName": "String",
"cardHolderZip": "String",
"platform": "String",
"cardInfo": "Object",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Feedback Service
Handles feedback for order items: one feedback per buyer/orderItem, attached to sellerId for analytical feedback/rating aggregation and reputation tracking. Enables querying feedbacks received/given for sellers and buyers. test
Feedback Service Data Objects
Feedback One feedback per (buyer, orderItem). Stores rating (1-5), comment, ties to seller for analytics. Created only after delivery confirmed on order item.
Feedback Service Access urls
This service is accessible via the following environment-specific URLs:
-
Preview:
https://ebaycclone.prw.mindbricks.com/feedback-api -
Staging:
https://ebaycclone-stage.mindbricks.co/feedback-api -
Production:
https://ebaycclone.mindbricks.co/feedback-api
List Feedbacks
API
List feedback with filtering by buyerId (given), sellerId (received), productId, or orderItemId. Used for showing seller profile, buyer profile, or order analytics.
Rest Route
The
listFeedbacks
API REST controller can be triggered via the following route:
/v1/feedbacks
Rest Request Parameters The
listFeedbacks
api has got no request parameters.
REST Request To access the api you can use the REST controller with the path GET /v1/feedbacks
axios({
method: 'GET',
url: '/v1/feedbacks',
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "feedbacks",
"method": "GET",
"action": "list",
"appVersion": "Version",
"rowCount": "\"Number\"",
"feedbacks": [
{
"id": "ID",
"rating": "Integer",
"orderId": "ID",
"buyerId": "ID",
"orderItemId": "ID",
"sellerId": "ID",
"comment": "String",
"productId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
},
{},
{}
],
"paging": {
"pageNumber": "Number",
"pageRowCount": "NUmber",
"totalRowCount": "Number",
"pageCount": "Number"
},
"filters": [],
"uiPermissions": []
}
Get Feedback
API
Get a single feedback by id. Accessible to public (for seller profile, product, or audit views).
Rest Route
The
getFeedback
API REST controller can be triggered via the following route:
/v1/feedbacks/:feedbackId
Rest Request Parameters
The
getFeedback
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| feedbackId | ID | true | request.params?.feedbackId |
| feedbackId : This id paremeter is used to query the required data object. |
REST Request To access the api you can use the REST controller with the path GET /v1/feedbacks/:feedbackId
axios({
method: 'GET',
url: `/v1/feedbacks/${feedbackId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "feedback",
"method": "GET",
"action": "get",
"appVersion": "Version",
"rowCount": 1,
"feedback": {
"id": "ID",
"rating": "Integer",
"orderId": "ID",
"buyerId": "ID",
"orderItemId": "ID",
"sellerId": "ID",
"comment": "String",
"productId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Update Feedback
API
Update feedback (comment/rating) for existing feedback record (buyer only). Admin can update as override.
Rest Route
The
updateFeedback
API REST controller can be triggered via the following route:
/v1/feedbacks/:feedbackId
Rest Request Parameters
The
updateFeedback
api has got 3 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| feedbackId | ID | true | request.params?.feedbackId |
| rating | Integer | false | request.body?.rating |
| comment | String | false | request.body?.comment |
| feedbackId : This id paremeter is used to select the required data object that will be updated | |||
| rating : Rating (1-5 stars) submitted by buyer. Required. | |||
| comment : Optional textual feedback comment, max ~500 chars. |
REST Request To access the api you can use the REST controller with the path PATCH /v1/feedbacks/:feedbackId
axios({
method: 'PATCH',
url: `/v1/feedbacks/${feedbackId}`,
data: {
rating:"Integer",
comment:"String",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "feedback",
"method": "PATCH",
"action": "update",
"appVersion": "Version",
"rowCount": 1,
"feedback": {
"id": "ID",
"rating": "Integer",
"orderId": "ID",
"buyerId": "ID",
"orderItemId": "ID",
"sellerId": "ID",
"comment": "String",
"productId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Delete Feedback
API
Delete (soft-delete) feedback (by buyer or admin). Only feedback owner or admin.
Rest Route
The
deleteFeedback
API REST controller can be triggered via the following route:
/v1/feedbacks/:feedbackId
Rest Request Parameters
The
deleteFeedback
api has got 1 request parameter
| Parameter | Type | Required | Population |
|---|---|---|---|
| feedbackId | ID | true | request.params?.feedbackId |
| feedbackId : This id paremeter is used to select the required data object that will be deleted |
REST Request To access the api you can use the REST controller with the path DELETE /v1/feedbacks/:feedbackId
axios({
method: 'DELETE',
url: `/v1/feedbacks/${feedbackId}`,
data: {
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "200",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "feedback",
"method": "DELETE",
"action": "delete",
"appVersion": "Version",
"rowCount": 1,
"feedback": {
"id": "ID",
"rating": "Integer",
"orderId": "ID",
"buyerId": "ID",
"orderItemId": "ID",
"sellerId": "ID",
"comment": "String",
"productId": "ID",
"isActive": false,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}
Create Feedback
API
Buyer creates feedback for a delivered order item. Only allowed once per (buyer, orderItemId). Allowed only once order item is delivered.
Rest Route
The
createFeedback
API REST controller can be triggered via the following route:
/v1/feedbacks
Rest Request Parameters
The
createFeedback
api has got 6 request parameters
| Parameter | Type | Required | Population |
|---|---|---|---|
| rating | Integer | true | request.body?.rating |
| orderId | ID | true | request.body?.orderId |
| orderItemId | ID | true | request.body?.orderItemId |
| sellerId | ID | true | request.body?.sellerId |
| comment | String | false | request.body?.comment |
| productId | ID | true | request.body?.productId |
| rating : Rating (1-5 stars) submitted by buyer. Required. | |||
| orderId : Order containing this purchased item. Used for aggregation and validation. | |||
| orderItemId : Purchased item (line item) in order. Feedback is per (buyer, orderItem). | |||
| sellerId : Seller of product for analytics/aggregation. Not author; used for querying feedback about sellers. | |||
| comment : Optional textual feedback comment, max ~500 chars. | |||
| productId : The product listing being reviewed (snapshot at order time). |
REST Request To access the api you can use the REST controller with the path POST /v1/feedbacks
axios({
method: 'POST',
url: '/v1/feedbacks',
data: {
rating:"Integer",
orderId:"ID",
orderItemId:"ID",
sellerId:"ID",
comment:"String",
productId:"ID",
},
params: {
}
});
REST Response
{
"status": "OK",
"statusCode": "201",
"elapsedMs": 126,
"ssoTime": 120,
"source": "db",
"cacheKey": "hexCode",
"userId": "ID",
"sessionId": "ID",
"requestId": "ID",
"dataName": "feedback",
"method": "POST",
"action": "create",
"appVersion": "Version",
"rowCount": 1,
"feedback": {
"id": "ID",
"rating": "Integer",
"orderId": "ID",
"buyerId": "ID",
"orderItemId": "ID",
"sellerId": "ID",
"comment": "String",
"productId": "ID",
"isActive": true,
"recordVersion": "Integer",
"createdAt": "Date",
"updatedAt": "Date",
"_owner": "ID"
}
}