{ "openapi": "3.0.0", "paths": { "/health": { "get": { "description": "Returns the current health status of the CMS REST API gateway. This endpoint does not require authentication and can be used for liveness and readiness probes.", "operationId": "HealthController_getHealth", "parameters": [], "responses": { "200": { "description": "Health status returned successfully. Returns an object with status \"ok\"." } }, "summary": "Get Health Status", "tags": [ "Health" ] } }, "/app/partners": { "get": { "description": "Retrieves a paginated list of all registered partners. Supports query filters for searching and pagination. Requires application JWT and CMS user authentication.", "operationId": "PartnersController_getAll", "parameters": [ { "name": "page", "required": false, "in": "query", "description": "Page number to query", "schema": { "minimum": 1, "default": 1, "example": 1, "type": "number" } }, { "name": "limit", "required": false, "in": "query", "description": "Number of items per page", "schema": { "minimum": 1, "default": 10, "example": 10, "type": "number" } }, { "name": "sortBy", "required": false, "in": "query", "description": "Field to sort the list by", "schema": { "default": "createdAt", "example": "createdAt", "type": "string" } }, { "name": "sortOrder", "required": false, "in": "query", "description": "Sort direction", "schema": { "default": "desc", "example": "desc", "type": "string", "enum": [ "asc", "desc" ] } }, { "name": "searchText", "required": false, "in": "query", "description": "Search text by email or name", "schema": { "example": "john@example.com", "type": "string" } } ], "responses": { "200": { "description": "Partners list retrieved successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/GetAllPartnersResponseDto" } } } }, "400": { "description": "Invalid query parameters" }, "401": { "description": "Invalid or missing authentication token" } }, "security": [ { "bearer": [] } ], "summary": "Get All Partners", "tags": [ "Partners" ] } }, "/app/partners/{partnerId}": { "get": { "description": "Retrieves detailed information for a specific partner by its unique identifier. Returns partner configuration including branding details. Requires application JWT and CMS user authentication.", "operationId": "PartnersController_getById", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique partner identifier", "schema": { "example": "partner-123", "type": "string" } } ], "responses": { "200": { "description": "Partner details retrieved successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/GetPartnerByIdResponseDto" } } } }, "400": { "description": "Invalid partner identifier" }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "Partner not found" } }, "security": [ { "bearer": [] } ], "summary": "Get Partner By ID", "tags": [ "Partners" ] } }, "/app/partners/{partnerId}/users": { "get": { "description": "Retrieves a paginated list of CMS users associated with a specific partner. Supports query filters for searching and pagination. Requires dual authentication and CMS user permissions.", "operationId": "PartnersController_getAllUsersById", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique partner identifier", "schema": { "example": "partner-123", "type": "string" } }, { "name": "page", "required": false, "in": "query", "description": "Page number to query", "schema": { "minimum": 1, "default": 1, "example": 1, "type": "number" } }, { "name": "limit", "required": false, "in": "query", "description": "Number of items per page", "schema": { "minimum": 1, "default": 10, "example": 10, "type": "number" } }, { "name": "sortBy", "required": false, "in": "query", "description": "Field to sort the list by", "schema": { "default": "createdAt", "example": "createdAt", "type": "string" } }, { "name": "sortOrder", "required": false, "in": "query", "description": "Sort direction", "schema": { "default": "desc", "example": "desc", "type": "string", "enum": [ "asc", "desc" ] } }, { "name": "searchText", "required": false, "in": "query", "description": "Search text by email or name", "schema": { "example": "john@example.com", "type": "string" } } ], "responses": { "200": { "description": "CMS users for the partner retrieved successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "Partner not found" } }, "security": [ { "bearer": [] } ], "summary": "Get Users By Partner", "tags": [ "Partners" ] } }, "/app/partners/{partnerId}/users/{cmsUserId}": { "get": { "description": "Retrieves detailed information for a specific CMS user within a partner context. Returns user profile, permissions, and status. Requires dual authentication and CMS user permissions.", "operationId": "PartnersController_getCmsUserById", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique partner identifier", "schema": { "example": "partner-123", "type": "string" } }, { "name": "cmsUserId", "required": true, "in": "path", "description": "CMS user identifier", "schema": { "example": 1, "type": "number" } } ], "responses": { "200": { "description": "CMS user details retrieved successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "CMS user or partner not found" } }, "security": [ { "bearer": [] } ], "summary": "Get CMS User By Partner", "tags": [ "Partners" ] } }, "/app/partners/{partnerId}/users/{cmsUserId}/status": { "patch": { "description": "Updates the status (active/inactive) of a specific CMS user within a partner context. Requires dual authentication and CMS user permissions for status change or update operations.", "operationId": "PartnersController_updateCmsUserStatus", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique partner identifier", "schema": { "example": "partner-123", "type": "string" } }, { "name": "cmsUserId", "required": true, "in": "path", "description": "CMS user identifier", "schema": { "example": 1, "type": "number" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UpdateCmsUserStatusDto" } } } }, "responses": { "200": { "description": "CMS user status updated successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid status value" }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "CMS user or partner not found" } }, "security": [ { "bearer": [] } ], "summary": "Update CMS User Status", "tags": [ "Partners" ] } }, "/app/partners/{partnerId}/users/status/{status}": { "patch": { "description": "Updates the status of multiple CMS users at once within a partner context. Accepts a list of user IDs and applies the specified status to all of them. Requires dual authentication and CMS permissions.", "operationId": "PartnersController_updateCmsUsersStatuses", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique partner identifier", "schema": { "example": "partner-123", "type": "string" } }, { "name": "status", "required": true, "in": "path", "description": "Target status to apply to all users", "schema": { "example": "active", "type": "string" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UpdateCmsUsersStatusesDto" } } } }, "responses": { "200": { "description": "CMS users statuses updated successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid status value or user IDs" }, "401": { "description": "Invalid or missing authentication token" } }, "security": [ { "bearer": [] } ], "summary": "Bulk Update CMS Users Status", "tags": [ "Partners" ] } }, "/app/partners/users": { "post": { "description": "Creates a new CMS user with the specified details and permissions. A temporary password is generated and sent via email. Requires dual authentication and CMS user creation permissions.", "operationId": "PartnersController_createCmsUser", "parameters": [], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CreateCmsUserDto" } } } }, "responses": { "201": { "description": "CMS user created successfully. Returns the created user details.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CreateCmsUserResponseDto" } } } }, "400": { "description": "Invalid request parameters or duplicate email" }, "401": { "description": "Invalid or missing authentication token" } }, "security": [ { "bearer": [] } ], "summary": "Create CMS User", "tags": [ "Partners" ] } }, "/app/partners/{partnerId}/cardholders/upload": { "post": { "description": "Uploads an Excel file containing cardholder data for bulk creation. The file is validated and processing begins asynchronously. Use the SSE progress endpoint to track the upload status.", "operationId": "PartnersController_uploadCardholders", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique partner identifier", "schema": { "example": "partner-123", "type": "string" } } ], "requestBody": { "required": true, "content": { "multipart/form-data": { "schema": { "$ref": "#/components/schemas/CardHoldersUploadDto" } } } }, "responses": { "200": { "description": "Cardholders upload started successfully. Returns batch ID for progress tracking.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CardholdersUploadResponseDto" } } } }, "400": { "description": "Invalid file format or missing required columns" }, "401": { "description": "Invalid or missing authentication token" } }, "security": [ { "bearer": [] } ], "summary": "Bulk Upload Cardholders File", "tags": [ "Partners" ] } }, "/app/partners/{partnerId}/cardholders/batch/{batchId}/progress": { "get": { "description": "Opens a Server-Sent Events (SSE) stream to track the progress of a bulk cardholder upload. The stream emits progress events until the batch is complete. Note: only works with a single pod deployment.", "operationId": "PartnersController_getCardholdersProgress", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique partner identifier", "schema": { "example": "partner-123", "type": "string" } }, { "name": "batchId", "required": true, "in": "path", "description": "Batch identifier from the upload response", "schema": { "example": "batch-abc-123", "type": "string" } } ], "responses": { "200": { "description": "SSE progress stream started successfully." }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "Batch or partner not found" } }, "security": [ { "bearer": [] } ], "summary": "Get Cardholders Upload Progress (SSE)", "tags": [ "Partners" ] } }, "/app/partners/users/{cmsUserId}": { "patch": { "description": "Updates the profile information of a specific CMS user. Supports partial updates for fields such as name and email. Requires dual authentication and CMS user update permissions.", "operationId": "PartnersController_updateCmsUser", "parameters": [ { "name": "cmsUserId", "required": true, "in": "path", "description": "CMS user identifier", "schema": { "example": 1, "type": "number" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UpdateCmsUserDto" } } } }, "responses": { "200": { "description": "CMS user updated successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid request parameters" }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "CMS user not found" } }, "security": [ { "bearer": [] } ], "summary": "Update CMS User", "tags": [ "Partners" ] } }, "/app/partners/{partnerId}/cards/upload": { "post": { "description": "Uploads an Excel file containing card data for bulk creation. The file is validated and processing begins asynchronously. Requires application JWT and card bulk creation permissions.", "operationId": "PartnersController_uploadCards", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique partner identifier", "schema": { "example": "partner-123", "type": "string" } } ], "requestBody": { "required": true, "content": { "multipart/form-data": { "schema": { "$ref": "#/components/schemas/CardsUploadDto" } } } }, "responses": { "200": { "description": "Cards upload started successfully. Returns processing details.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CardsUploadResponseDto" } } } }, "400": { "description": "Invalid file format or missing required columns" }, "401": { "description": "Invalid or missing authentication token" } }, "security": [ { "bearer": [] } ], "summary": "Bulk Upload Cards File", "tags": [ "Partners" ] } }, "/app/partners/{partnerId}/cardholders": { "post": { "description": "Creates a new cardholder associated with the specified partner. Requires dual authentication and cardholder creation permissions.", "operationId": "CardholderController_create", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique identifier of the partner", "schema": { "example": "partner-123", "type": "string" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CardholderDataDto" } } } }, "responses": { "201": { "description": "Cardholder created successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid request parameters" }, "401": { "description": "Invalid or missing authentication token" } }, "security": [ { "bearer": [] } ], "summary": "Create Cardholder", "tags": [ "Cardholders" ] }, "get": { "description": "Retrieves a paginated list of cardholders for the specified partner. Supports search and pagination query parameters. Requires dual authentication and cardholder list permissions.", "operationId": "CardholderController_getAllUsersById", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique identifier of the partner", "schema": { "example": "partner-123", "type": "string" } }, { "name": "page", "required": false, "in": "query", "description": "Page number to query", "schema": { "minimum": 1, "default": 1, "example": 1, "type": "number" } }, { "name": "limit", "required": false, "in": "query", "description": "Number of items per page", "schema": { "minimum": 1, "default": 10, "example": 10, "type": "number" } }, { "name": "sortBy", "required": false, "in": "query", "description": "Field to sort the list by", "schema": { "default": "createdAt", "example": "createdAt", "type": "string" } }, { "name": "sortOrder", "required": false, "in": "query", "description": "Sort direction", "schema": { "default": "desc", "example": "desc", "type": "string", "enum": [ "asc", "desc" ] } }, { "name": "searchText", "required": false, "in": "query", "description": "Search text by email or name", "schema": { "example": "john@example.com", "type": "string" } }, { "name": "status", "required": false, "in": "query", "description": "Cardholder status(es). Can be a single value or multiple comma-separated values", "schema": { "example": "Active,Blocked", "type": "string" } } ], "responses": { "200": { "description": "Cardholders list retrieved successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "401": { "description": "Invalid or missing authentication token" } }, "security": [ { "bearer": [] } ], "summary": "List Cardholders", "tags": [ "Cardholders" ] } }, "/app/partners/{partnerId}/cards": { "get": { "description": "Retrieves all cards associated with the specified client/partner. Requires dual authentication and cardholder permissions.", "operationId": "CardholderController_getCardsByClientId", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique identifier of the partner (client)", "schema": { "example": "partner-123", "type": "string" } } ], "responses": { "200": { "description": "Cards retrieved successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "Partner not found" } }, "security": [ { "bearer": [] } ], "summary": "Get Cards by Client", "tags": [ "Cardholders" ] } }, "/app/partners/{partnerId}/cardholders/{cardholderId}": { "post": { "description": "Retrieves detailed information for a specific cardholder. Requires OTP verification when applicable. Requires dual authentication and conditional OTP guard.", "operationId": "CardholderController_detail", "parameters": [ { "name": "cardholderId", "required": true, "in": "path", "description": "Unique identifier of the cardholder", "schema": { "example": 1, "type": "number" } }, { "name": "partnerId", "required": true, "in": "path", "description": "Unique identifier of the partner", "schema": { "example": "partner-123", "type": "string" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/OtpDto" } } } }, "responses": { "200": { "description": "Cardholder detail retrieved successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid request parameters or OTP code" }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "Cardholder not found" } }, "security": [ { "bearer": [] } ], "summary": "Get Cardholder Detail", "tags": [ "Cardholders" ] } }, "/app/partners/{partnerId}/cardholders/{cardholderId}/cards/{cardId}/block": { "patch": { "description": "Blocks a specific card for the given cardholder. The card will be unusable until unblocked. Requires dual authentication and card admin block permissions.", "operationId": "CardholderController_block", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique identifier of the partner", "schema": { "example": "partner-123", "type": "string" } }, { "name": "cardholderId", "required": true, "in": "path", "description": "Unique identifier of the cardholder", "schema": { "example": 1, "type": "number" } }, { "name": "cardId", "required": true, "in": "path", "description": "Unique identifier of the card", "schema": { "example": 10, "type": "number" } } ], "responses": { "200": { "description": "Card blocked successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "Card or cardholder not found" } }, "security": [ { "bearer": [] } ], "summary": "Block Card", "tags": [ "Cardholders" ] } }, "/app/partners/{partnerId}/cardholders/cards/block": { "patch": { "description": "Blocks multiple cards at once for the specified partner. Accepts a list of card identifiers to block. Requires dual authentication and card admin block permissions.", "operationId": "CardholderController_blockCards", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique identifier of the partner", "schema": { "example": "partner-123", "type": "string" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ChangeStatusesCardsDto" } } } }, "responses": { "200": { "description": "Cards blocked successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid request parameters or card identifiers" }, "401": { "description": "Invalid or missing authentication token" } }, "security": [ { "bearer": [] } ], "summary": "Block Multiple Cards", "tags": [ "Cardholders" ] } }, "/app/partners/{partnerId}/cardholders/{cardholderId}/cards/{cardId}/unblock": { "patch": { "description": "Unblocks a previously blocked card for the given cardholder. The card will become usable again after unblocking. Requires dual authentication and card admin unblock permissions.", "operationId": "CardholderController_unblock", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique identifier of the partner", "schema": { "example": "partner-123", "type": "string" } }, { "name": "cardholderId", "required": true, "in": "path", "description": "Unique identifier of the cardholder", "schema": { "example": 1, "type": "number" } }, { "name": "cardId", "required": true, "in": "path", "description": "Unique identifier of the card", "schema": { "example": 10, "type": "number" } } ], "responses": { "200": { "description": "Card unblocked successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "Card or cardholder not found" } }, "security": [ { "bearer": [] } ], "summary": "Unblock Card", "tags": [ "Cardholders" ] } }, "/app/partners/{partnerId}/cardholders/cards/unblock": { "patch": { "description": "Unblocks multiple cards at once for the specified partner. Accepts a list of card identifiers to unblock. Requires dual authentication and card admin unblock permissions.", "operationId": "CardholderController_unblockCards", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique identifier of the partner", "schema": { "example": "partner-123", "type": "string" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ChangeStatusesCardsDto" } } } }, "responses": { "200": { "description": "Cards unblocked successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid request parameters or card identifiers" }, "401": { "description": "Invalid or missing authentication token" } }, "security": [ { "bearer": [] } ], "summary": "Unblock Multiple Cards", "tags": [ "Cardholders" ] } }, "/app/partners/{partnerId}/cardholders/{cardholderId}/cards/{cardId}/activate": { "patch": { "description": "Activates a specific card for the given cardholder. Only inactive cards can be activated. Requires dual authentication and card admin activate permissions.", "operationId": "CardholderController_cardActivate", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique identifier of the partner", "schema": { "example": "partner-123", "type": "string" } }, { "name": "cardholderId", "required": true, "in": "path", "description": "Unique identifier of the cardholder", "schema": { "example": 1, "type": "number" } }, { "name": "cardId", "required": true, "in": "path", "description": "Unique identifier of the card", "schema": { "example": 10, "type": "number" } } ], "responses": { "200": { "description": "Card activated successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "Card or cardholder not found" } }, "security": [ { "bearer": [] } ], "summary": "Activate Card", "tags": [ "Cardholders" ] } }, "/app/partners/{partnerId}/cardholders/{cardholderId}/cards/association": { "post": { "description": "Associates a third-party card with the specified cardholder. The card must not already be assigned to another cardholder. Requires dual authentication and card admin transfer permissions.", "operationId": "CardholderController_assignThirdPartyCard", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique identifier of the partner", "schema": { "example": "partner-123", "type": "string" } }, { "name": "cardholderId", "required": true, "in": "path", "description": "Unique identifier of the cardholder", "schema": { "example": 1, "type": "number" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/AssignThirdPartyCardPayloadDto" } } } }, "responses": { "200": { "description": "Third-party card assigned successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid request parameters or card already assigned" }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "Cardholder not found" } }, "security": [ { "bearer": [] } ], "summary": "Assign Third-Party Card", "tags": [ "Cardholders" ] }, "get": { "description": "Retrieves all third-party cards associated with the specified cardholder. Returns card details and association metadata. Requires dual authentication and card admin transfer permissions.", "operationId": "CardholderController_getThirdPartyCard", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique identifier of the partner", "schema": { "example": "partner-123", "type": "string" } }, { "name": "cardholderId", "required": true, "in": "path", "description": "Unique identifier of the cardholder", "schema": { "example": 1, "type": "number" } } ], "responses": { "200": { "description": "Third-party cards retrieved successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "Cardholder not found" } }, "security": [ { "bearer": [] } ], "summary": "Get Third-Party Cards", "tags": [ "Cardholders" ] } }, "/app/partners/{partnerId}/cardholders/{cardholderId}/cards/funds/add": { "post": { "description": "Adds funds to a specific card for the given cardholder. The amount is debited from the partner account and credited to the card. Requires dual authentication and card admin add funds permissions.", "operationId": "CardholderController_addFunds", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique identifier of the partner", "schema": { "example": "partner-123", "type": "string" } }, { "name": "cardholderId", "required": true, "in": "path", "description": "Unique identifier of the cardholder", "schema": { "example": 1, "type": "number" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FundsDto" } } } }, "responses": { "200": { "description": "Funds added successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid amount or request parameters" }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "Cardholder not found" } }, "security": [ { "bearer": [] } ], "summary": "Add Funds to Card", "tags": [ "Cardholders" ] } }, "/app/partners/{partnerId}/cardholders/{cardholderId}/cards/funds/withdraw": { "post": { "description": "Withdraws funds from a specific card for the given cardholder. The amount is credited back to the partner account. Requires dual authentication and card admin withdraw funds permissions.", "operationId": "CardholderController_withdrawFunds", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique identifier of the partner", "schema": { "example": "partner-123", "type": "string" } }, { "name": "cardholderId", "required": true, "in": "path", "description": "Unique identifier of the cardholder", "schema": { "example": 1, "type": "number" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FundsDto" } } } }, "responses": { "200": { "description": "Funds withdrawn successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid amount or insufficient card balance" }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "Cardholder not found" } }, "security": [ { "bearer": [] } ], "summary": "Withdraw Funds from Card", "tags": [ "Cardholders" ] } }, "/app/partners/{partnerId}/cardholders/{cardholderId}/cards/transfers": { "post": { "description": "Transfers funds between two cards belonging to the specified cardholder. Both cards must be active and belong to the same cardholder. Requires dual authentication and card admin transfer permissions.", "operationId": "CardholderController_transferBetweenCards", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique identifier of the partner", "schema": { "example": "partner-123", "type": "string" } }, { "name": "cardholderId", "required": true, "in": "path", "description": "Unique identifier of the cardholder", "schema": { "example": 1, "type": "number" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/TransferBetweenCardsDto" } } } }, "responses": { "200": { "description": "Transfer completed successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid amount or insufficient source card balance" }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "Cardholder or cards not found" } }, "security": [ { "bearer": [] } ], "summary": "Transfer Between Cards", "tags": [ "Cardholders" ] } }, "/app/partners/{partnerId}/cardholders/{cardholderId}/cards": { "get": { "description": "Retrieves all cards associated with the specified cardholder, including card details and balances. Requires dual authentication and card admin detail permissions.", "operationId": "CardholderController_cardsDetail", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique identifier of the partner", "schema": { "example": "partner-123", "type": "string" } }, { "name": "cardholderId", "required": true, "in": "path", "description": "Unique identifier of the cardholder", "schema": { "example": 1, "type": "number" } } ], "responses": { "200": { "description": "Cardholder cards retrieved successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "Cardholder not found" } }, "security": [ { "bearer": [] } ], "summary": "Get Cardholder Cards", "tags": [ "Cardholders" ] } }, "/app/partners/{partnerId}/cardholders/{cardholderId}/cards/{cardId}/movements": { "get": { "description": "Retrieves a paginated list of movements (transactions) for a specific card. Supports date range and pagination query parameters. Requires dual authentication and card movements list permissions.", "operationId": "CardholderController_movements", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique identifier of the partner", "schema": { "example": "partner-123", "type": "string" } }, { "name": "cardholderId", "required": true, "in": "path", "description": "Unique identifier of the cardholder", "schema": { "example": 1, "type": "number" } }, { "name": "cardId", "required": true, "in": "path", "description": "Unique identifier of the card", "schema": { "example": 10, "type": "number" } }, { "name": "page", "required": false, "in": "query", "description": "Page number to query", "schema": { "minimum": 1, "default": 1, "example": 1, "type": "number" } }, { "name": "limit", "required": false, "in": "query", "description": "Number of items per page", "schema": { "minimum": 1, "default": 10, "example": 10, "type": "number" } }, { "name": "sortBy", "required": false, "in": "query", "description": "Field to sort the list by", "schema": { "default": "createdAt", "example": "createdAt", "type": "string" } }, { "name": "sortOrder", "required": false, "in": "query", "description": "Sort direction", "schema": { "default": "desc", "example": "desc", "type": "string", "enum": [ "asc", "desc" ] } }, { "name": "searchText", "required": false, "in": "query", "description": "Search text by email or name", "schema": { "example": "john@example.com", "type": "string" } }, { "name": "from", "required": false, "in": "query", "description": "Start date for filtering (ISO format)", "schema": { "example": "2023-01-01", "type": "string" } }, { "name": "to", "required": false, "in": "query", "description": "End date for filtering (ISO format)", "schema": { "example": "2023-12-31", "type": "string" } } ], "responses": { "200": { "description": "Card movements retrieved successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "Card or cardholder not found" } }, "security": [ { "bearer": [] } ], "summary": "Get Card Movements", "tags": [ "Cardholders" ] } }, "/app/partners/{partnerId}/cardholders/{cardholderId}/cards/{cardId}/movements/report": { "get": { "description": "Generates and downloads a PDF report of card movements filtered by date range. The report is returned as a binary PDF attachment. Requires dual authentication and card movements list permissions.", "operationId": "CardholderController_movementsReport", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique identifier of the partner", "schema": { "example": "partner-123", "type": "string" } }, { "name": "cardholderId", "required": true, "in": "path", "description": "Unique identifier of the cardholder", "schema": { "example": 1, "type": "number" } }, { "name": "cardId", "required": true, "in": "path", "description": "Unique identifier of the card", "schema": { "example": 10, "type": "number" } }, { "name": "page", "required": false, "in": "query", "description": "Page number to query", "schema": { "minimum": 1, "default": 1, "example": 1, "type": "number" } }, { "name": "limit", "required": false, "in": "query", "description": "Number of items per page", "schema": { "minimum": 1, "default": 10, "example": 10, "type": "number" } }, { "name": "sortBy", "required": false, "in": "query", "description": "Field to sort the list by", "schema": { "default": "createdAt", "example": "createdAt", "type": "string" } }, { "name": "sortOrder", "required": false, "in": "query", "description": "Sort direction", "schema": { "default": "desc", "example": "desc", "type": "string", "enum": [ "asc", "desc" ] } }, { "name": "searchText", "required": false, "in": "query", "description": "Search text by email or name", "schema": { "example": "john@example.com", "type": "string" } }, { "name": "from", "required": false, "in": "query", "description": "Start date for filtering (ISO format)", "schema": { "example": "2023-01-01", "type": "string" } }, { "name": "to", "required": false, "in": "query", "description": "End date for filtering (ISO format)", "schema": { "example": "2023-12-31", "type": "string" } } ], "responses": { "200": { "description": "Movements PDF report generated and returned as a downloadable file." }, "400": { "description": "Failed to generate movements report" }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "Card or cardholder not found" } }, "security": [ { "bearer": [] } ], "summary": "Download Movements Report", "tags": [ "Cardholders" ] } }, "/app/partners/{partnerId}/cardholders/{cardholderId}/cards/{cardId}/movements/{transferId}": { "get": { "description": "Retrieves detailed information for a specific card movement/transfer, including amount, date, status, and transaction metadata. Requires dual authentication and card movements detail permissions.", "operationId": "CardholderController_movementDetail", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique identifier of the partner", "schema": { "example": "partner-123", "type": "string" } }, { "name": "cardholderId", "required": true, "in": "path", "description": "Unique identifier of the cardholder", "schema": { "example": 1, "type": "number" } }, { "name": "cardId", "required": true, "in": "path", "description": "Unique identifier of the card", "schema": { "example": 10, "type": "number" } }, { "name": "transferId", "required": true, "in": "path", "description": "Unique identifier of the transfer/movement", "schema": { "example": 100, "type": "number" } } ], "responses": { "200": { "description": "Movement detail retrieved successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "Movement, card, or cardholder not found" } }, "security": [ { "bearer": [] } ], "summary": "Get Movement Detail", "tags": [ "Cardholders" ] } }, "/app/partners/{partnerId}/process-request": { "post": { "description": "Creates a balance increase request for the specified partner. The request includes a PDF or image evidence file (PDF, JPEG, PNG, WEBP, max 10MB). Requires dual authentication (application JWT + CMS user token), balance management permissions, and OTP verification when the user is subject to it.", "operationId": "ProcessRequestController_create", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique partner identifier", "schema": { "example": "partner-abc123", "type": "string" } } ], "requestBody": { "required": true, "description": "Request payload with evidence file attached", "content": { "multipart/form-data": { "schema": { "$ref": "#/components/schemas/CreateProcessRequestDto" } } } }, "responses": { "201": { "description": "Balance process request created successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CreateProcessRequestResponseDto" } } } }, "400": { "description": "Invalid request payload or unsupported evidence file" }, "401": { "description": "Invalid or missing authentication token" }, "403": { "description": "Insufficient permissions" } }, "security": [ { "bearer": [] } ], "summary": "Create Balance Process Request", "tags": [ "Process Requests" ] } }, "/app/partners/{clientId}/balance": { "get": { "description": "Retrieves the current available balance of the specified client/partner. Returns balance amount, currency, and last update timestamp. Requires dual authentication and card admin or balance management permissions.", "operationId": "ProcessRequestController_getAvailable", "parameters": [ { "name": "clientId", "required": true, "in": "path", "description": "Unique identifier of the client/partner", "schema": { "example": "partner-abc123", "type": "string" } } ], "responses": { "200": { "description": "Partner available balance retrieved successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/GetBalanceResponseDto" } } } }, "401": { "description": "Invalid or missing authentication token" }, "403": { "description": "Insufficient permissions" }, "404": { "description": "Partner balance not found" } }, "security": [ { "bearer": [] } ], "summary": "Get Partner Available Balance", "tags": [ "Process Requests" ] } }, "/app/partners/{clientId}/process-request/progress": { "get": { "description": "Opens a Server-Sent Events (SSE) stream that emits real-time updates for balance process requests of the specified client. The stream sends events when a request is created, approved, or rejected. Response content type is text/event-stream. Requires dual authentication and balance management permissions. Only works with a single pod deployment.", "operationId": "ProcessRequestController_getProcessRequestProgress", "parameters": [ { "name": "clientId", "required": true, "in": "path", "description": "Unique identifier of the client/partner", "schema": { "example": "partner-abc123", "type": "string" } } ], "responses": { "200": { "description": "SSE stream started successfully. Emits progress events as plain text/event-stream." }, "401": { "description": "Invalid or missing authentication token" }, "403": { "description": "Insufficient permissions" } }, "security": [ { "bearer": [] } ], "summary": "Get Process Request Progress (SSE)", "tags": [ "Process Requests" ] } }, "/app/partners/{clientId}/process-requests": { "get": { "description": "Retrieves a paginated list of balance process requests for the specified client. Supports sorting by creation date, requester email, requested amount, or process type, and free-text search. Requires dual authentication and balance management list permissions.", "operationId": "ProcessRequestController_getProcessRequests", "parameters": [ { "name": "clientId", "required": true, "in": "path", "description": "Unique identifier of the client/partner", "schema": { "example": "partner-abc123", "type": "string" } }, { "name": "page", "required": false, "in": "query", "description": "Page number to query", "schema": { "minimum": 1, "default": 1, "example": 1, "type": "number" } }, { "name": "limit", "required": false, "in": "query", "description": "Number of items per page", "schema": { "minimum": 1, "default": 10, "example": 10, "type": "number" } }, { "name": "sortBy", "required": false, "in": "query", "description": "Field to sort the list by", "schema": { "default": "createdAt", "example": "createdAt", "type": "string", "enum": [ "createdAt", "requestedByEmail", "requestedAmount", "processTypeName" ] } }, { "name": "sortOrder", "required": false, "in": "query", "description": "Sort direction", "schema": { "default": "desc", "example": "desc", "type": "string", "enum": [ "asc", "desc" ] } }, { "name": "searchText", "required": false, "in": "query", "description": "Free-text search by requester email, process name, or amount", "schema": { "example": "john@example.com", "type": "string" } } ], "responses": { "200": { "description": "Paginated process request list retrieved successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/PaginatedProcessRequestsResponseDto" } } } }, "400": { "description": "Invalid query parameters" }, "401": { "description": "Invalid or missing authentication token" }, "403": { "description": "Insufficient permissions" } }, "security": [ { "bearer": [] } ], "summary": "List Process Requests (Paginated)", "tags": [ "Process Requests" ] } }, "/app/partners/{clientId}/process-request": { "get": { "description": "Retrieves all balance process requests for the specified client, including the associated process type metadata. Requires dual authentication and balance management list permissions.", "operationId": "ProcessRequestController_getBalancesRequest", "parameters": [ { "name": "clientId", "required": true, "in": "path", "description": "Unique identifier of the client/partner", "schema": { "example": "partner-abc123", "type": "string" } } ], "responses": { "200": { "description": "Partner balance request list retrieved successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/GetBalancesRequestResponseDto" } } } }, "401": { "description": "Invalid or missing authentication token" }, "403": { "description": "Insufficient permissions" } }, "security": [ { "bearer": [] } ], "summary": "List Partner Balance Requests", "tags": [ "Process Requests" ] } }, "/app/partners/{clientId}/process-request/{processRequestId}/evidence/download": { "get": { "description": "Generates a pre-signed download URL for the evidence file attached to a specific balance process request. The URL is temporary and expires after a configured time window. Requires dual authentication and balance management list permissions.", "operationId": "ProcessRequestController_getEvidenceDownloadUrl", "parameters": [ { "name": "processRequestId", "required": true, "in": "path", "description": "Unique identifier of the balance process request", "schema": { "example": "c374b63f-39ee-4081-b78d-092b4bf2ee08", "type": "string" } }, { "name": "clientId", "required": true, "in": "path", "description": "Unique identifier of the client/partner", "schema": { "example": "partner-abc123", "type": "string" } } ], "responses": { "200": { "description": "Evidence download URL generated successfully.", "content": { "application/json": { "schema": { "type": "object", "properties": { "success": { "type": "boolean", "example": true }, "data": { "type": "object", "properties": { "downloadUrl": { "type": "string", "example": "https://ali-users-files.s3.us-east-1.amazonaws.com/process-requests/evidence.pdf?..." }, "expiresIn": { "type": "number", "example": 3600 } } } } } } } }, "401": { "description": "Invalid or missing authentication token" }, "403": { "description": "Insufficient permissions" }, "404": { "description": "Balance process request not found" } }, "security": [ { "bearer": [] } ], "summary": "Get Evidence Download URL", "tags": [ "Process Requests" ] } }, "/app/partners/{partnerId}/process-request/{processRequestId}/{action}": { "patch": { "description": "Approves or rejects a pending balance process request. The action path parameter determines the outcome (approve or reject). Returns 204 No Content on success. Requires dual authentication and approval update permissions.", "operationId": "ProcessRequestController_handleProcessRequestReview", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "Unique partner identifier", "schema": { "example": "partner-abc123", "type": "string" } }, { "name": "processRequestId", "required": true, "in": "path", "description": "Unique identifier of the balance process request", "schema": { "example": "c374b63f-39ee-4081-b78d-092b4bf2ee08", "type": "string" } }, { "name": "action", "required": true, "in": "path", "description": "Action to perform on the request", "schema": { "enum": [ "approve", "reject" ], "type": "string" } } ], "responses": { "204": { "description": "Process request updated successfully." }, "400": { "description": "Invalid action or request payload." }, "401": { "description": "Invalid or missing authentication token." }, "403": { "description": "Insufficient permissions." }, "404": { "description": "Process request not found." }, "409": { "description": "Process request is not pending review." } }, "security": [ { "bearer": [] } ], "summary": "Approve Or Reject Balance Process Request", "tags": [ "Process Requests" ] } }, "/app/partners/{partnerId}/process-request/{processRequestId}/cancel": { "patch": { "operationId": "ProcessRequestController_cancelProcessRequest", "parameters": [ { "name": "partnerId", "required": true, "in": "path", "description": "ID del partner", "schema": { "type": "string" } }, { "name": "processRequestId", "required": true, "in": "path", "description": "ID de la solicitud de proceso", "schema": { "type": "string" } } ], "responses": { "204": { "description": "Solicitud cancelada exitosamente" }, "400": { "description": "Datos inválidos" }, "401": { "description": "No autorizado" }, "403": { "description": "Sin permisos suficientes" }, "404": { "description": "Solicitud no encontrada" }, "409": { "description": "Solicitud no pendiente de revisión" } }, "security": [ { "bearer": [] } ], "summary": "Cancelar una solicitud de actualización de saldo", "tags": [ "Process Requests" ] } }, "/app/permissions": { "post": { "description": "Creates one or more permission entries in the system. Permissions define the actions that CMS users can perform on specific resources. Requires application JWT and permission creation privileges.", "operationId": "PermissionsController_createPermissions", "parameters": [], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CreatePermissionsDto" } } } }, "responses": { "201": { "description": "Permissions created successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid request parameters or duplicate permissions" }, "401": { "description": "Invalid or missing authentication token" } }, "security": [ { "bearer": [] } ], "summary": "Create Permissions", "tags": [ "Permissions" ] } }, "/app/modules": { "post": { "description": "Creates one or more module entries in the CMS permission system. Modules represent logical groupings of permissions that can be assigned to CMS users. Requires application JWT and module creation privileges.", "operationId": "ModulesController_createModules", "parameters": [], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CreateModulesDto" } } } }, "responses": { "201": { "description": "Modules created successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid request parameters or duplicate module names" }, "401": { "description": "Invalid or missing authentication token" } }, "security": [ { "bearer": [] } ], "summary": "Create Modules", "tags": [ "Modules" ] }, "get": { "description": "Retrieves a list of all available CMS modules with their associated permissions. Requires application JWT, CMS user authentication, and module list permissions.", "operationId": "ModulesController_getModules", "parameters": [], "responses": { "200": { "description": "All CMS modules retrieved successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Failed to retrieve modules" }, "401": { "description": "Invalid or missing authentication token" } }, "security": [ { "bearer": [] } ], "summary": "Get All Modules", "tags": [ "Modules" ] } }, "/app/users/login": { "post": { "description": "Authenticates a CMS user with email and password credentials. Returns user details along with access and refresh tokens. Requires a valid application JWT token.", "operationId": "UsersController_login", "parameters": [], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/LoginDto" } } } }, "responses": { "200": { "description": "Login successful. Returns user details with access and refresh tokens.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CmsUserLoginResponseDto" } } } }, "400": { "description": "Invalid email or password" }, "401": { "description": "Invalid or missing authentication token" } }, "security": [ { "bearer": [] } ], "summary": "CMS User Login", "tags": [ "CMS Users" ] } }, "/app/users/refresh": { "post": { "description": "Refreshes the CMS user authentication token using a valid refresh token. Returns a new access token and refresh token pair. Requires a valid application JWT token.", "operationId": "UsersController_getNewRefreshToken", "parameters": [], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CmsUserRefreshTokenDto" } } } }, "responses": { "200": { "description": "Token refreshed successfully. Returns new access and refresh tokens.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid or expired refresh token" }, "401": { "description": "Invalid or missing authentication token" } }, "security": [ { "bearer": [] } ], "summary": "Refresh CMS User Token", "tags": [ "CMS Users" ] } }, "/app/users/{cmsUserId}/permissions": { "put": { "description": "Assigns a set of permissions to a specific CMS user. Replaces the current permission set for the user. Requires application JWT and appropriate CMS permissions.", "operationId": "UsersController_assignPermissions", "parameters": [ { "name": "cmsUserId", "required": true, "in": "path", "description": "CMS user identifier", "schema": { "example": 1, "type": "number" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/AssignPermissionsDto" } } } }, "responses": { "200": { "description": "Permissions assigned successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid request parameters" }, "401": { "description": "Invalid or missing authentication token" } }, "security": [ { "bearer": [] } ], "summary": "Assign Permissions To CMS User", "tags": [ "CMS Users" ] } }, "/app/users/{cmsUserId}/permissions/revoke": { "patch": { "description": "Revokes specific permissions from a CMS user. The specified permissions will be disabled for the user. Requires application JWT and appropriate CMS permissions.", "operationId": "UsersController_revokePermissions", "parameters": [ { "name": "cmsUserId", "required": true, "in": "path", "description": "CMS user identifier", "schema": { "example": 1, "type": "number" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/AssignPermissionsDto" } } } }, "responses": { "200": { "description": "Permissions revoked successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid request parameters" }, "401": { "description": "Invalid or missing authentication token" } }, "security": [ { "bearer": [] } ], "summary": "Revoke CMS User Permissions", "tags": [ "CMS Users" ] } }, "/app/users/{cmsUserId}/permissions/grant": { "patch": { "description": "Grants specific permissions to a CMS user. The specified permissions will be enabled for the user. Requires application JWT and appropriate CMS permissions.", "operationId": "UsersController_grantPermissions", "parameters": [ { "name": "cmsUserId", "required": true, "in": "path", "description": "CMS user identifier", "schema": { "example": 1, "type": "number" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/AssignPermissionsDto" } } } }, "responses": { "200": { "description": "Permissions granted successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid request parameters" }, "401": { "description": "Invalid or missing authentication token" } }, "security": [ { "bearer": [] } ], "summary": "Grant CMS User Permissions", "tags": [ "CMS Users" ] } }, "/app/users/{cmsUserId}/partners": { "get": { "description": "Retrieves all partners associated with a specific CMS user. Requires application JWT and CMS user authentication. The CMS user must have the appropriate permissions to view partners.", "operationId": "UsersController_getAllPartners", "parameters": [ { "name": "cmsUserId", "required": true, "in": "path", "description": "CMS user identifier", "schema": { "example": 1, "type": "number" } } ], "responses": { "200": { "description": "Partners associated with the CMS user retrieved successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "CMS user not found" } }, "security": [ { "bearer": [] } ], "summary": "Get CMS User Partners", "tags": [ "CMS Users" ] } }, "/app/users/{cmsUserId}/partners/{partnerId}/permissions": { "get": { "description": "Retrieves the permissions assigned to a CMS user for a specific partner. Requires application JWT and CMS user authentication.", "operationId": "UsersController_getPermissionsByPartner", "parameters": [ { "name": "cmsUserId", "required": true, "in": "path", "description": "CMS user identifier", "schema": { "example": 1, "type": "number" } }, { "name": "partnerId", "required": true, "in": "path", "description": "Unique partner identifier", "schema": { "example": "partner-123", "type": "string" } } ], "responses": { "200": { "description": "Permissions for the CMS user and partner retrieved successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "CMS user or partner not found" } }, "security": [ { "bearer": [] } ], "summary": "Get Permissions By Partner", "tags": [ "CMS Users" ] } }, "/app/users/auth/otp": { "post": { "description": "Requests a one-time password (OTP) for authentication verification. The OTP is sent to the user via email or push notification. Requires a valid application JWT token.", "operationId": "UsersController_requestOtp", "parameters": [], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/RequestOtpDto" } } } }, "responses": { "201": { "description": "OTP sent successfully to the user.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid request parameters" }, "401": { "description": "Invalid or missing authentication token" } }, "security": [ { "bearer": [] } ], "summary": "Request Authentication OTP", "tags": [ "CMS Users" ] }, "put": { "description": "Verifies a previously requested OTP code. Returns a verification session token upon successful validation. The OTP expires after a configured time period.", "operationId": "UsersController_verifyOtp", "parameters": [], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/VerifyOtpDto" } } } }, "responses": { "200": { "description": "OTP verified successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid or expired OTP code" }, "401": { "description": "Invalid or missing authentication token" } }, "security": [ { "bearer": [] } ], "summary": "Verify Authentication OTP", "tags": [ "CMS Users" ] } }, "/app/users/auth/passwords": { "put": { "description": "Updates the password for the currently authenticated CMS user. Requires the current password and the new password. Authentication is optional for password reset flows.", "operationId": "UsersController_updatePassword", "parameters": [], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/AppUpdatePasswordDto" } } } }, "responses": { "200": { "description": "Password updated successfully.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid current password or weak new password" }, "401": { "description": "Invalid or missing authentication token" } }, "security": [ { "bearer": [] } ], "summary": "Update User Password", "tags": [ "CMS Users" ] } }, "/app/users/{cmsUserId}/auth/passwords": { "put": { "description": "Generates a temporary password for a specific CMS user and sends it via email. The user will be required to change the password on next login. Requires application JWT and admin permissions.", "operationId": "UsersController_generateTempPassword", "parameters": [ { "name": "cmsUserId", "required": true, "in": "path", "description": "CMS user identifier", "schema": { "example": 1, "type": "number" } } ], "responses": { "200": { "description": "Temporary password generated and sent to the user via email.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Failed to generate temporary password" }, "401": { "description": "Invalid or missing authentication token" }, "404": { "description": "CMS user not found" } }, "security": [ { "bearer": [] } ], "summary": "Generate Temporary Password", "tags": [ "CMS Users" ] } }, "/app/auth/login": { "post": { "description": "Authenticates the application using the merchant identifier. Returns access and refresh tokens for subsequent API calls. This endpoint does not require a prior JWT token.", "operationId": "AuthController_login", "parameters": [], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/AppLoginDto" } } } }, "responses": { "200": { "description": "Login successful. Returns access and refresh tokens.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/AppLoginResponseDto" } } } }, "400": { "description": "Invalid or missing merchant identifier" } }, "summary": "Application Login", "tags": [ "Authentication" ] } }, "/app/auth/refresh": { "post": { "description": "Refreshes the application authentication token using a valid refresh token. Returns a new access token and refresh token pair. The previous refresh token is invalidated after use.", "operationId": "AuthController_refreshToken", "parameters": [], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/RefreshTokenDto" } } } }, "responses": { "201": { "description": "Token refreshed successfully. Returns new access and refresh tokens.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CustomResponseDto" } } } }, "400": { "description": "Invalid or expired refresh token" } }, "summary": "Refresh Authentication Token", "tags": [ "Authentication" ] } } }, "info": { "title": "Migo CMS API", "description": "CMS REST API for the Migo Payments backoffice. Manages partners, cardholders, permissions, and CMS users.", "version": "1.0", "contact": {} }, "tags": [ { "name": "Health", "description": "Service health monitoring and status checks" }, { "name": "Authentication", "description": "Application-level authentication and token management" }, { "name": "CMS Users", "description": "CMS backoffice user management, authentication, permissions, and password management" }, { "name": "Partners", "description": "Partner organization management, CMS user assignment, and bulk operations" }, { "name": "Cardholders", "description": "Cardholder management including card operations, fund management, transfers, and movement history" }, { "name": "Process Requests", "description": "Balance process requests including creation with evidence upload, listing, progress tracking via SSE, and evidence download" }, { "name": "Permissions", "description": "Permission definition and management for role-based access control" }, { "name": "Modules", "description": "CMS module configuration and management" } ], "servers": [ { "url": "https://api.ali.app/cms/rest", "description": "Production" }, { "url": "https://ali-qa.ali.app/cms/rest", "description": "QA" }, { "url": "http://localhost:3000", "description": "Local" } ], "components": { "securitySchemes": { "bearer": { "scheme": "bearer", "bearerFormat": "JWT", "type": "http", "name": "Authorization", "description": "Enter JWT token", "in": "header" } }, "schemas": { "PartnerItemDto": { "type": "object", "properties": { "id": { "type": "string", "example": "partner-id-123", "description": "Unique partner identifier" }, "name": { "type": "string", "example": "Partner Name", "description": "Partner display name" }, "merchant": { "type": "string", "example": "partner-merchant", "description": "Associated merchant identifier" } }, "required": [ "id", "name", "merchant" ] }, "GetAllPartnersResponseDto": { "type": "object", "properties": { "success": { "type": "boolean", "example": true }, "message": { "type": "string", "example": "All partners registered found successfully" }, "data": { "description": "List of partners associated with the CMS user", "type": "array", "items": { "$ref": "#/components/schemas/PartnerItemDto" } } }, "required": [ "success", "message", "data" ] }, "PartnerDetailDataDto": { "type": "object", "properties": { "backgroundColor": { "type": "string", "example": "#FFFFFF", "description": "Partner brand background color (HEX)" }, "imageUrl": { "type": "string", "example": "https://example.com/logo.png", "description": "Partner brand image URL" } }, "required": [ "backgroundColor", "imageUrl" ] }, "GetPartnerByIdResponseDto": { "type": "object", "properties": { "success": { "type": "boolean", "example": true }, "message": { "type": "string", "example": "Partner partner-id found successfully" }, "data": { "$ref": "#/components/schemas/PartnerDetailDataDto" } }, "required": [ "success", "message", "data" ] }, "CustomResponseDto": { "type": "object", "properties": { "success": { "type": "boolean", "example": true, "description": "Indicates operation success" }, "message": { "type": "string", "example": "Operation completed", "description": "Human-readable response message" }, "data": { "type": "object", "description": "Response payload (shape depends on the endpoint)" } }, "required": [ "success" ] }, "UpdateCmsUserStatusDto": { "type": "object", "properties": { "status": { "type": "string", "description": "New status for the CMS user", "example": "active", "enum": [ "active", "blocked", "inactive" ] }, "otp": { "type": "string", "description": "OTP sent to the user", "example": "123456" } }, "required": [ "status", "otp" ] }, "UpdateCmsUsersStatusesDto": { "type": "object", "properties": { "users": { "description": "Array of CMS user IDs to update", "example": [ 1, 2, 3 ], "type": "array", "items": { "type": "number" } }, "otp": { "type": "string", "description": "OTP sent to the user", "example": "123456" } }, "required": [ "users", "otp" ] }, "CreateCmsUserDto": { "type": "object", "properties": { "email": { "type": "string", "description": "User email address", "example": "user@example.com", "format": "email" }, "name": { "type": "string", "description": "Full name of the user", "example": "John Doe", "minLength": 3 }, "partners": { "description": "Partner IDs associated with the user", "example": [ "partner-123", "partner-456" ], "items": { "type": "string" }, "type": "array" }, "permissions": { "description": "Permission IDs assigned to the user", "example": [ 1, 2, 3 ], "items": { "type": "number" }, "type": "array" } }, "required": [ "email", "name", "partners", "permissions" ] }, "CreatedCmsUserDataDto": { "type": "object", "properties": { "id": { "type": "number", "example": 42, "description": "Created CMS user identifier" }, "email": { "type": "string", "example": "user@example.com", "description": "CMS user email address" }, "name": { "type": "string", "example": "John Doe", "description": "CMS user full name" }, "status": { "type": "string", "example": "active", "description": "Initial status assigned to the user" } }, "required": [ "id", "email", "name", "status" ] }, "CreateCmsUserResponseDto": { "type": "object", "properties": { "success": { "type": "boolean", "example": true }, "message": { "type": "string", "example": "cms user created successfully" }, "data": { "description": "Created CMS user details", "allOf": [ { "$ref": "#/components/schemas/CreatedCmsUserDataDto" } ] } }, "required": [ "success", "message", "data" ] }, "CardHoldersUploadDto": { "type": "object", "properties": { "users": { "type": "string", "description": "Excel file (.xls / .xlsx) containing cardholder rows to import in bulk", "format": "binary" } }, "required": [ "users" ] }, "CardholdersUploadDataDto": { "type": "object", "properties": { "batchId": { "type": "string", "example": "batch-xyz789", "description": "Unique identifier of the upload batch" }, "status": { "type": "string", "example": "PROCESSING", "description": "Initial status of the batch" } }, "required": [ "batchId", "status" ] }, "CardholdersUploadResponseDto": { "type": "object", "properties": { "success": { "type": "boolean", "example": true }, "message": { "type": "string", "example": "cardholders file uploaded successfully" }, "data": { "description": "Created upload batch details", "allOf": [ { "$ref": "#/components/schemas/CardholdersUploadDataDto" } ] } }, "required": [ "success", "message", "data" ] }, "UpdateCmsUserDto": { "type": "object", "properties": { "name": { "type": "string", "description": "Updated name of the CMS user", "example": "John Doe" }, "status": { "type": "string", "description": "Updated status of the CMS user", "example": "active", "enum": [ "active", "blocked", "inactive" ] }, "addPartners": { "description": "Partner IDs to add to the CMS user", "example": [ "partner-123" ], "type": "array", "items": { "type": "string" } }, "removePartners": { "description": "Partner IDs to remove from the CMS user", "example": [ "partner-456" ], "type": "array", "items": { "type": "string" } }, "addPermissions": { "description": "Permission IDs to add to the CMS user", "example": [ 1, 2 ], "type": "array", "items": { "type": "number" } }, "removePermissions": { "description": "Permission IDs to remove from the CMS user", "example": [ 3, 4 ], "type": "array", "items": { "type": "number" } } } }, "CardsUploadDto": { "type": "object", "properties": { "cards": { "type": "string", "description": "Excel file (.xls / .xlsx) containing card rows to import in bulk", "format": "binary" } }, "required": [ "cards" ] }, "CardsUploadDataDto": { "type": "object", "properties": { "batchId": { "type": "string", "example": "cards-batch-abc123", "description": "Identifier of the cards upload batch" }, "status": { "type": "string", "example": "PROCESSING", "description": "Initial status of the cards upload batch" } }, "required": [ "batchId", "status" ] }, "CardsUploadResponseDto": { "type": "object", "properties": { "success": { "type": "boolean", "example": true }, "message": { "type": "string", "example": "cards file is processing successfully" }, "data": { "description": "Processing details for the uploaded cards file", "allOf": [ { "$ref": "#/components/schemas/CardsUploadDataDto" } ] } }, "required": [ "success", "message", "data" ] }, "CardholderDataDto": { "type": "object", "properties": { "name": { "type": "string", "description": "First name of the cardholder", "example": "Juan" }, "lastName": { "type": "string", "description": "Last name of the cardholder", "example": "Perez" }, "address": { "type": "string", "description": "Residential address of the cardholder", "example": "Calle Principal 123" }, "countryOfBirth": { "type": "string", "description": "Country of birth (ISO country code)", "example": "GT", "enum": [ "ARG", "BOL", "BRA", "CHL", "COL", "CRI", "CUB", "DOM", "ECU", "SLV", "GTM", "HTI", "HND", "MEX", "NIC", "PAN", "PRY", "PER", "PRI", "URY", "VEN" ] }, "dateOfBirth": { "type": "string", "description": "Date of birth in YYYY-MM-DD format", "example": "1990-01-15" }, "maritalStatus": { "type": "string", "description": "Marital status of the cardholder", "example": "soltero", "enum": [ "soltero", "casado", "viudo", "divorciado", "separado" ] }, "gender": { "type": "string", "description": "Gender of the cardholder (F or M)", "example": "M", "enum": [ "F", "M", "OTHER" ] }, "phoneNumber": { "type": "string", "description": "Phone number of the cardholder", "example": "50212345678" }, "email": { "type": "string", "description": "Email address of the cardholder", "example": "juan.perez@example.com" }, "documentType": { "type": "string", "description": "Type of identification document", "example": "DPI", "enum": [ "DPI", "NIT", "PASSPORT", "LEGAL_ID", "PERSONAL_ID", "RESIDENCE_ID" ] }, "documentNumber": { "type": "string", "description": "Identification document number", "example": "1234567890101" }, "cardId": { "type": "number", "description": "Unique identifier of the card to assign", "example": 1 } }, "required": [ "name", "lastName", "address", "countryOfBirth", "dateOfBirth", "maritalStatus", "gender", "phoneNumber", "email", "documentType", "documentNumber", "cardId" ] }, "OtpDto": { "type": "object", "properties": { "otp": { "type": "string", "description": "6-digit numeric OTP code (required only if the user has OTP permission)", "example": "123456", "pattern": "^[0-9]{6}$" } } }, "ChangeStatusesCardsDto": { "type": "object", "properties": { "cardIds": { "description": "Array of card IDs to change status", "example": [ 1, 2, 3 ], "type": "array", "items": { "type": "number" } }, "otp": { "type": "string", "description": "OTP code for verification (exactly 6 numeric digits)", "example": "123456" } }, "required": [ "cardIds", "otp" ] }, "AssignThirdPartyCardPayloadDto": { "type": "object", "properties": { "email": { "type": "string", "description": "Email address of the third-party card owner", "example": "user@example.com" }, "suffix": { "type": "string", "description": "Last digits (suffix) of the third-party card number", "example": "4321" }, "alias": { "type": "string", "description": "Alias name for the third-party card", "example": "My Visa Card" } }, "required": [ "email", "suffix", "alias" ] }, "FundsDto": { "type": "object", "properties": { "amount": { "type": "number", "description": "Amount to add or withdraw", "example": 150 }, "cardId": { "type": "number", "description": "Unique identifier of the target card", "example": 10 }, "observations": { "type": "string", "description": "Optional observations or notes for the transaction", "example": "Monthly allowance" } }, "required": [ "amount", "cardId" ] }, "TransferBetweenCardsDto": { "type": "object", "properties": { "fromCardId": { "type": "number", "description": "Unique identifier of the source card", "example": 10 }, "toCardId": { "type": "number", "description": "Unique identifier of the destination card", "example": 20 }, "amount": { "type": "number", "description": "Amount to transfer between cards", "example": 100 }, "observations": { "type": "string", "description": "Optional observations or notes for the transfer", "example": "Balance reallocation" } }, "required": [ "fromCardId", "toCardId", "amount" ] }, "CreateProcessRequestDto": { "type": "object", "properties": { "requestedAmount": { "type": "number", "description": "Requested amount for the balance increase", "example": 1000.5 }, "metadata": { "type": "object", "description": "Additional metadata for the process request", "example": { "notes": "Urgent request" } }, "otp": { "type": "string", "description": "6-digit numeric OTP code (required only if the user has OTP permission)", "example": "123456", "pattern": "^[0-9]{6}$" }, "observations": { "type": "string", "description": "Additional observations for the request (max 500 characters)", "example": "Customer requests the balance increase for a marketing campaign" } }, "required": [ "requestedAmount", "observations" ] }, "ClientBalanceResponseDto": { "type": "object", "properties": { "id": { "type": "string", "example": "748fb8da-24cc-47b1-8681-09735776476c" }, "clientId": { "type": "string", "example": "8d775d62-7580-449b-afb0-315f497f212b" }, "available": { "type": "number", "example": 62800 }, "currency": { "type": "string", "example": "GTQ" }, "updatedAt": { "type": "string", "example": "2026-02-13T20:05:08.235Z" }, "createdAt": { "type": "string", "example": "2026-02-05T04:25:57.180Z" } }, "required": [ "id", "clientId", "available", "currency", "updatedAt", "createdAt" ] }, "ProcessRequestResponseDto": { "type": "object", "properties": { "id": { "type": "string", "example": "c374b63f-39ee-4081-b78d-092b4bf2ee08" }, "processTypeId": { "type": "number", "example": 1 }, "clientBalanceId": { "type": "string", "example": "748fb8da-24cc-47b1-8681-09735776476c" }, "requestedAmount": { "type": "string", "example": "10000" }, "evidenceUrl": { "type": "string", "example": "https://ali-users-files.s3.us-east-1.amazonaws.com/process-requests/example/evidence.jpg" }, "metadata": { "type": "object", "example": null, "nullable": true }, "status": { "type": "string", "example": "APPROVED", "enum": [ "PENDING", "APPROVED", "REJECTED" ] }, "requestedBy": { "type": "number", "example": 1 }, "requestedByEmail": { "type": "string", "example": null, "nullable": true }, "reviewedBy": { "type": "number", "example": 1, "nullable": true }, "reviewedByEmail": { "type": "string", "example": "user@example.com", "nullable": true }, "reviewedAt": { "type": "string", "example": "2026-02-13T20:05:08.338Z", "nullable": true }, "rejectionReason": { "type": "string", "example": null, "nullable": true }, "createdAt": { "type": "string", "example": "2026-02-13T20:05:07.363Z" }, "updatedAt": { "type": "string", "example": "2026-02-13T20:05:08.340Z" }, "clientBalance": { "$ref": "#/components/schemas/ClientBalanceResponseDto" } }, "required": [ "id", "processTypeId", "clientBalanceId", "requestedAmount", "evidenceUrl", "status", "requestedBy", "createdAt", "updatedAt", "clientBalance" ] }, "CreateProcessRequestResponseDto": { "type": "object", "properties": { "success": { "type": "boolean", "example": true }, "message": { "type": "string", "example": "Balance request created successfully" }, "data": { "$ref": "#/components/schemas/ProcessRequestResponseDto" } }, "required": [ "success", "message", "data" ] }, "GetBalanceResponseDto": { "type": "object", "properties": { "success": { "type": "boolean", "example": true }, "message": { "type": "string", "example": "Client balance found successfully" }, "data": { "$ref": "#/components/schemas/ClientBalanceResponseDto" } }, "required": [ "success", "message", "data" ] }, "ProcessRequestSummaryDto": { "type": "object", "properties": { "id": { "type": "string", "example": "c374b63f-39ee-4081-b78d-092b4bf2ee08" }, "requestedByEmail": { "type": "string", "example": "user@example.com" }, "requestedAmount": { "type": "string", "example": "5000" }, "createdAt": { "type": "string", "example": "2026-02-13T20:05:07.363Z" }, "status": { "type": "string", "example": "PENDING", "enum": [ "PENDING", "APPROVED", "REJECTED" ] }, "processType": { "type": "object", "example": { "name": "Actualización de saldo principal" } } }, "required": [ "id", "requestedByEmail", "requestedAmount", "createdAt", "status", "processType" ] }, "PaginatedProcessRequestsResponseDto": { "type": "object", "properties": { "success": { "type": "boolean", "example": true }, "message": { "type": "string", "example": "Process requests found successfully" }, "data": { "description": "Paginated list of process request summaries", "type": "array", "items": { "$ref": "#/components/schemas/ProcessRequestSummaryDto" } }, "total": { "type": "number", "example": 50 }, "page": { "type": "number", "example": 1 }, "limit": { "type": "number", "example": 10 } }, "required": [ "success", "message", "data", "total", "page", "limit" ] }, "ProcessTypeResponseDto": { "type": "object", "properties": { "id": { "type": "number", "example": 1 }, "code": { "type": "string", "example": "BALANCE_INCREASE" }, "name": { "type": "string", "example": "Solicitud de incremento de balance" }, "description": { "type": "string", "example": null, "nullable": true }, "isActive": { "type": "boolean", "example": true }, "config": { "type": "object", "example": null, "nullable": true }, "createdAt": { "type": "string", "example": "2026-02-05T04:12:47.810Z" } }, "required": [ "id", "code", "name", "isActive", "createdAt" ] }, "ProcessRequestWithProcessTypeResponseDto": { "type": "object", "properties": { "id": { "type": "string", "example": "c374b63f-39ee-4081-b78d-092b4bf2ee08" }, "processTypeId": { "type": "number", "example": 1 }, "clientBalanceId": { "type": "string", "example": "748fb8da-24cc-47b1-8681-09735776476c" }, "requestedAmount": { "type": "string", "example": "10000" }, "evidenceUrl": { "type": "string", "example": "https://ali-users-files.s3.us-east-1.amazonaws.com/process-requests/example/evidence.jpg" }, "metadata": { "type": "object", "example": null, "nullable": true }, "status": { "type": "string", "example": "APPROVED", "enum": [ "PENDING", "APPROVED", "REJECTED" ] }, "requestedBy": { "type": "number", "example": 1 }, "requestedByEmail": { "type": "string", "example": null, "nullable": true }, "reviewedBy": { "type": "number", "example": 1, "nullable": true }, "reviewedByEmail": { "type": "string", "example": "user@example.com", "nullable": true }, "reviewedAt": { "type": "string", "example": "2026-02-13T20:05:08.338Z", "nullable": true }, "rejectionReason": { "type": "string", "example": null, "nullable": true }, "createdAt": { "type": "string", "example": "2026-02-13T20:05:07.363Z" }, "updatedAt": { "type": "string", "example": "2026-02-13T20:05:08.340Z" }, "clientBalance": { "$ref": "#/components/schemas/ClientBalanceResponseDto" }, "processType": { "$ref": "#/components/schemas/ProcessTypeResponseDto" } }, "required": [ "id", "processTypeId", "clientBalanceId", "requestedAmount", "evidenceUrl", "status", "requestedBy", "createdAt", "updatedAt", "clientBalance", "processType" ] }, "GetBalancesRequestResponseDto": { "type": "object", "properties": { "success": { "type": "boolean", "example": true }, "message": { "type": "string", "example": "Process requests found successfully" }, "data": { "description": "List of balance process requests with their process type metadata", "type": "array", "items": { "$ref": "#/components/schemas/ProcessRequestWithProcessTypeResponseDto" } } }, "required": [ "success", "message", "data" ] }, "PermissionItemDto": { "type": "object", "properties": { "resource": { "type": "string", "description": "Resource the permission applies to", "example": "users", "minLength": 1 }, "action": { "type": "string", "description": "Action that can be performed on the resource", "example": "create", "minLength": 1 }, "description": { "type": "string", "description": "Optional description of the permission", "example": "Allows creating new users in the system" } }, "required": [ "resource", "action" ] }, "CreatePermissionsDto": { "type": "object", "properties": { "permissions": { "description": "Array of permissions to create", "example": [ { "resource": "users", "action": "create", "description": "Allows creating new users" }, { "resource": "users", "action": "read", "description": "Allows reading user information" }, { "resource": "users", "action": "update" }, { "resource": "users", "action": "delete", "description": "Allows deleting users from the system" } ], "type": "array", "items": { "$ref": "#/components/schemas/PermissionItemDto" } } }, "required": [ "permissions" ] }, "ModulesItemDto": { "type": "object", "properties": { "module": { "type": "string", "description": "Module key", "example": "users", "minLength": 1 }, "name": { "type": "string", "description": "Module display name", "example": "Users", "minLength": 1 }, "frontPath": { "type": "string", "description": "Front-end route path of the module", "example": "/users" }, "frontIcon": { "type": "string", "description": "Front-end icon identifier for the module", "example": "icon-user" } }, "required": [ "module", "name" ] }, "CreateModulesDto": { "type": "object", "properties": { "modules": { "description": "Array of modules to create", "example": [ { "module": "users", "name": "Users", "frontPath": "/users", "frontIcon": "icon-user" } ], "type": "array", "items": { "$ref": "#/components/schemas/ModulesItemDto" } } }, "required": [ "modules" ] }, "LoginDto": { "type": "object", "properties": { "email": { "type": "string", "description": "User email address", "example": "maria@example.com" }, "password": { "type": "string", "description": "User password", "example": "testing123453$" } }, "required": [ "email", "password" ] }, "CmsUserLoginDataDto": { "type": "object", "properties": { "id": { "type": "number", "example": 1, "description": "CMS user identifier" }, "accessToken": { "type": "string", "example": "eyJhbGciOi...", "description": "Access token" }, "refreshToken": { "type": "string", "example": "eyJhbGciOi...", "description": "Refresh token" }, "email": { "type": "string", "example": "admin@ali.com", "description": "User email address" }, "name": { "type": "string", "example": "Admin User", "description": "User display name" } }, "required": [ "id", "accessToken", "refreshToken", "email", "name" ] }, "CmsUserLoginResponseDto": { "type": "object", "properties": { "success": { "type": "boolean", "example": true }, "data": { "$ref": "#/components/schemas/CmsUserLoginDataDto" } }, "required": [ "success", "data" ] }, "CmsUserRefreshTokenDto": { "type": "object", "properties": { "refreshToken": { "type": "string", "description": "CMS user refresh token used to obtain a new access token", "example": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." } }, "required": [ "refreshToken" ] }, "UserPermissionItemDto": { "type": "object", "properties": { "permissionId": { "type": "number", "description": "Identifier of the permission to assign", "example": 1, "minimum": 1 }, "partnerId": { "type": "string", "description": "Identifier of the partner the permission applies to", "example": "partner-123", "minLength": 1 } }, "required": [ "permissionId", "partnerId" ] }, "AssignPermissionsDto": { "type": "object", "properties": { "permissions": { "description": "Array of permissions paired with their associated partners", "example": [ { "permissionId": 1, "partnerId": "partner-A" }, { "permissionId": 2, "partnerId": "partner-A" }, { "permissionId": 1, "partnerId": "partner-B" }, { "permissionId": 3, "partnerId": "partner-B" } ], "type": "array", "items": { "$ref": "#/components/schemas/UserPermissionItemDto" } }, "granted": { "type": "boolean", "description": "Whether to grant (true) or revoke (false) the permissions", "example": true, "minLength": 1 } }, "required": [ "permissions", "granted" ] }, "RequestOtpDto": { "type": "object", "properties": { "email": { "type": "string", "description": "User email address to send the OTP", "example": "user@example.com", "format": "email" }, "purpose": { "type": "string", "description": "Purpose of the OTP request", "example": "login" } }, "required": [ "email", "purpose" ] }, "VerifyOtpDto": { "type": "object", "properties": { "email": { "type": "string", "description": "User email address associated with the OTP", "example": "user@example.com", "format": "email" }, "otp": { "type": "string", "description": "6-digit OTP code", "example": "123456" }, "purpose": { "type": "string", "description": "Purpose of the OTP verification", "example": "login" } }, "required": [ "email", "otp", "purpose" ] }, "AppUpdatePasswordDto": { "type": "object", "properties": { "email": { "type": "string", "description": "User email address", "example": "user@example.com", "format": "email" }, "token": { "type": "string", "description": "Password reset token", "example": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." }, "newPassword": { "type": "string", "description": "New password for the user", "example": "NewSecureP@ss1" }, "confirmPassword": { "type": "string", "description": "Password confirmation (must match newPassword)", "example": "NewSecureP@ss1" } }, "required": [ "email", "newPassword", "confirmPassword" ] }, "AppLoginDto": { "type": "object", "properties": { "merchant": { "type": "string", "description": "Merchant identifier issued to the integrating application", "example": "merchant-abc123" } }, "required": [ "merchant" ] }, "AppLoginDataDto": { "type": "object", "properties": { "accessToken": { "type": "string", "example": "eyJhbGciOi...", "description": "Access token" }, "refreshToken": { "type": "string", "example": "eyJhbGciOi...", "description": "Refresh token" } }, "required": [ "accessToken", "refreshToken" ] }, "AppLoginResponseDto": { "type": "object", "properties": { "success": { "type": "boolean", "example": true }, "data": { "$ref": "#/components/schemas/AppLoginDataDto" } }, "required": [ "success", "data" ] }, "RefreshTokenDto": { "type": "object", "properties": { "refreshToken": { "type": "string", "description": "Refresh token for obtaining a new access token", "example": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." } }, "required": [ "refreshToken" ] } } } }