API Reference
Next Commerce API
REST API for manufacturers and dealers. Import products, manage dealers, process orders, and control GPSR compliance.
Base URL
https://portal.next-commerce.io
📖
Overview
🏭 Manufacturer API
Products, dealers, webhooks, GPSR compliance
🏪 Dealer API
Inventory, assignments, Stripe payouts
🔒 Session-Cookie
NextAuth.js. Public widget endpoints need no auth.
📦 application/json
Default. Exceptions marked
multipart/form-data.⚙️
Conventions
| Field | Note | Example |
|---|---|---|
| Preise | Integer · Cent | 2500 = 25.00 EUR |
| Countries | ISO 3166-1 alpha-2 | DE, AT, CH |
| Timestamps | ISO 8601 | 2026-04-17T10:30:00Z |
| SKU | Unique per brand | brandId + sku |
Pagination Envelope
{
"success": true,
"data": [...],
"pagination": {
"page": 1, "limit": 30, "totalCount": 142,
"hasNextPage": true, "hasPreviousPage": false
}
}🔑
Authentication
Session-Cookie via NextAuth.js
ℹ️
Session cookie: All dashboard APIs require a valid session cookie. Public widget/checkout endpoints are auth-free.
POST
/api/auth/registerPOST
/api/auth/callback/credentialsPOST
/api/auth/forgot-passwordGET
/api/auth/verify-email?token=xxx📦
Manufacturer — Products
role: BRAND
GET
/api/brand/products?page=1&limit=30POST
/api/brand/productsGET
/api/brand/products/:idPOST
/api/brand/products/bulk-importPOST
/api/brand/products/bulk-assignPOST
/api/brand/products/activate🤝
Manufacturer — Dealers
role: BRAND
GET
/api/brand/dealers?productId=xxxPATCH
/api/brand/dealers/countriesPOST
/api/brand/dealers/:dealerId/assign-productsPOST
/api/brand/invitations🔔
Manufacturer — Webhooks
role: BRAND
💡
Webhooks send POST on order events. Retry backoff: 1 min → 5 min → 30 min → 2h → 24h.
POST
/api/brand/webhooks🛡️
Manufacturer — Compliance / GPSR
role: BRAND · ListingShield
ℹ️
Compliance cascades: brand → category → product. Product-level values override category values.
GET
/api/brand/compliance/companyPOST
/api/brand/compliance/categoriesGET
/api/brand/products/:id/compliancePOST
/api/brand/compliance/invite-dealer📦
Dealer — Inventory
role: DEALER
POST
/api/dealer/inventoryPUT
/api/dealer/inventory/:idDELETE
/api/inventory/:id📋
Dealer — Assignments
role: DEALER
GET
/api/dealer/assignments?status=PENDINGPOST
/api/dealer/assignments/:id/acceptDELETE
/api/dealer/assignments/:id🛒
Dealer — Orders
role: DEALER
POST
/api/dealer/orders/refund💰
Händler — Stripe
role: DEALER
💡
Dealers receive their margin via Stripe Split-Payment automatically at checkout.
POST
/api/dealer/stripe/onboarding-link📡
Webhook Events
| Event | When |
|---|---|
| order.created | Order created, awaiting payment |
| order.confirmed | Payment succeeded |
| order.fulfilled | Order shipped/fulfilled |
Webhook Payload
{
"event": "order.created",
"timestamp": "2026-04-17T10:30:00Z",
"data": {
"orderId": "order_id", "orderCode": "ORD-12345",
"grandTotal": 10700, // 107,00 EUR
"currency": "EUR",
"customer": { "email": "customer@example.com" },
"items": [{ "sku": "ABC-123", "quantity": 1, "dealerId": "dealer_id" }]
}
}⚠️
Errors & HTTP Codes
Error Format
{
"error": "Human-readable message",
"code": "MACHINE_READABLE_CODE",
"required": ["field1"]
}| Status | Meaning |
|---|---|
200 | OK |
400 | Validation error |
401 | Not authenticated |
403 | Not authorized / COUNTRY_NOT_ASSIGNED |
404 | Not found |
409 | Conflict |
429 | Rate limited |
500 | Server error |
🚦
Rate Limits
| Tier | Limit | Window | Applies To |
|---|---|---|---|
| AUTH | 5 | 1 min / IP | Register, login, password reset |
| REGISTRATION_EMAIL | 5 | 24h / email | Registration only |
| AUTHENTICATED | 500 | 1 min / IP | All dashboard APIs |
| PUBLIC | 100 | 1 min / IP | Widget, checkout |
429 Response
{ "error": "Too many requests", "retryAfter": 45 }