Stores Management API
Audience: Frontend engineers and administrators managing store data.- Base URL:
https://jethings-backend.fly.dev - Content-Type:
application/json
Conventions
- All responses are JSON.
- Errors follow standard HTTP status codes with
{ message: string }body. - Unless noted, successful responses are
200 OK. - Admin endpoints require
adminorsuper_adminrole. - All endpoints require authentication via Bearer token.
Create Store
POST/stores
Requires Authentication: Bearer token in Authorization header
Request Body
Success Response
Possible Errors
400 Bad Request: Invalid request data or validation errors
Example Request
Update Store (Admin Only)
PUT/stores/:id
Requires Authentication: Bearer token in Authorization headerRequires Role: Admin or Super Admin
Path Parameters
id(string): Store ID (UUID format)
Request Body
Success Response
Possible Errors
404 Not Found:{ "message": "Store not found" }
Example Request
Update Store (User)
PUT/stores/:id/user
Requires Authentication: Bearer token in Authorization header
Path Parameters
id(string): Store ID (UUID format)
Request Body
Note: Users can only update their own stores and cannot change status or isActive fields.
Success Response
Possible Errors
404 Not Found:{ "message": "Store not found or you do not have permission to update it" }
Example Request
Get User’s Stores
GET/stores/my
Requires Authentication: Bearer token in Authorization header
Query Parameters
Success Response
Example Requests
Get all user’s stores:Get All Stores (Admin Only)
GET/stores
Requires Authentication: Bearer token in Authorization headerRequires Role: Admin or Super Admin
Query Parameters
Success Response
Example Requests
Get all stores with pagination:Get Store by ID
GET/stores/:id
Requires Authentication: Bearer token in Authorization header
Path Parameters
id(string): Store ID (UUID format)
Success Response
Possible Errors
404 Not Found:{ "message": "Store not found" }
Example Request
Delete Store (Admin Only)
DELETE/stores/:id
Requires Authentication: Bearer token in Authorization headerRequires Role: Admin or Super Admin
Path Parameters
id(string): Store ID (UUID format)
Success Response
Possible Errors
404 Not Found:{ "message": "Store not found" }
deletedAt timestamp. The store data is preserved but hidden from normal queries.
Example Request
Store Status Values
The store status field can have the following values:Error Responses
Common Error Codes
400 Bad Request: Invalid request data or validation errors401 Unauthorized: Missing or invalid authentication token403 Forbidden: Insufficient permissions (not admin for admin-only endpoints)404 Not Found: Resource not found500 Internal Server Error: Server error
Error Response Format
Business Logic
Store Creation Flow
- User creates a store with name, description, and optional icon
- Store is created with
status: "pending"andisActive: true - Store names can be duplicated (no uniqueness constraint)
- Admin can later approve/reject the store
Store Update Permissions
- Users: Can update name, description, and icon of their own stores
- Admins: Can update any field including status and isActive
- Status Changes: Only admins can change store status (pending/rejected/accepted)
Store Deletion
- Only admins can delete stores
- Deletion is soft (sets deletedAt timestamp)
- Deleted stores are hidden from normal queries but data is preserved