Auxilia Trade API Documentation
Welcome to the Auxilia Trade API documentation.
This documentation provides high-level guidance, architectural overview, business context and human-readable descriptions of available API modules.
For interactive testing and full OpenAPI reference, use Swagger UI.
Authentication
All API requests require authentication using Bearer Token authorization.
Credentials
To access the API you need:
- ClientId
- Secret
- AppId
These credentials are used to generate an access token via the authentication endpoint.
Token configuration
- Access token lifetime: 560 minutes
Authorization
All authenticated requests must include the Bearer Token
in the Authorization header:
Tokens are validated on every request and are required for all API endpoints, except explicitly public ones (e.g. documentation and token generation).
API Reference (Swagger)
Swagger UI provides a complete, machine-readable API reference generated directly from the codebase.
Use Swagger when you need to:
- test endpoints interactively
- inspect request / response schemas
- see full OpenAPI definitions
- verify required headers and parameters
👉 Open Swagger UI
API Modules
The API is divided into logical modules based on business domains. Each module has its own documentation describing services, models and endpoints.
Available modules
Catalog
Product catalog management, including brands, categories, products and attributes.Inventory
Stock levels, warehouses and availability.Entities
Customers, suppliers, and related entity data management.Pricing
Prices, discounts and pricing rules.Sales
Orders, carts, and sales processes.Reference Reference and lookup data, including currencies, entity statuses, and the activity log.
CRM Task and activity management for entities.
Pagination
All paginated list endpoints accept the following common query parameters:
| Parameter | Type | Default | Notes |
|---|---|---|---|
page |
int | 1 | Page number, 1-based |
pageSize |
int | 20 | Items per page (max 100). Pass 0 to return only totalCount with an empty items array — useful for efficient count-only queries |
sortBy |
string | — | Field to sort by (endpoint-specific) |
sortDesc |
bool | false | Sort descending |
search |
string | — | Search term across key text fields |
isActive |
bool? | — | Filter by active status; omit for all |
Paginated responses use PagedResponse<T>:
{
"items": [...],
"totalCount": 150,
"page": 1,
"pageSize": 20
}
Rate Limiting
| Policy | Applies to | Limit |
|---|---|---|
| Global | All endpoints | 500 requests / minute |
| Login | POST /api/v1/auth/login |
5 attempts / 15 minutes |
| AccountWrite | register, reset-password, confirm | 10 attempts / 15 minutes |
Exceeding a limit returns 429 Too Many Requests. Auth endpoints add a 2-second delay on rejection.
See Auth documentation for full details.
Soft Delete
The following resources support soft delete. A DELETE request sets IsDeleted = true and records a DeletedAt timestamp; the record is retained in the database and excluded from standard queries.
- Category, Product, ProductVariant
- Entity (Customer / Supplier)
- Address
- User
- Country, Currency
- SalesOrder, SalesOrderLine
Notes
- All endpoints are tenant-aware
- All state-changing operations are audited
- Internal errors are logged and not exposed to API consumers
- Swagger UI is generated automatically and reflects the current API version