Loyalty - REST Binding
This document specifies the HTTP/REST binding for the Loyalty Extension .
Protocol Fundamentals
Discovery
Participants advertise Loyalty REST availability through discovery metadata,
including extension name, transport (rest), and endpoint base URL.
Authentication
All endpoints require bearerAuth (HTTP Bearer JWT).
Content Type
Request content type: application/json
Response content type: application/json
Base URL
Example base URL from committee draft:
https://api.opendelivery.io/v2
Operations
List Customer Loyalty Accounts
Method and path: GET /customers/{customerId}/loyalty/accounts
Field
Type
Required
Description
customerId
string
Yes
Customer identifier
Output Schema
Field
Type
Required
Description
body
Loyalty
Yes
Loyalty account summary
Example
Get Customer Loyalty Account
Method and path: GET /customers/{customerId}/loyalty/accounts/{accountId}
Field
Type
Required
Description
customerId
string
Yes
Customer identifier
accountId
string
Yes
Loyalty account identifier
Output Schema
Field
Type
Required
Description
body
Loyalty
Yes
Loyalty account payload
Example
List Customer Loyalty Transactions
Method and path: GET /customers/{customerId}/loyalty/transactions
Field
Type
Required
Description
customerId
string
Yes
Customer identifier
Output Schema
Field
Type
Required
Description
body
array[LoyaltyTransaction]
Yes
Loyalty transaction list
Example
List Loyalty Rewards
Method and path: GET /loyalty/rewards
Field
Type
Required
Description
query params
object
No
Optional implementation-specific filters
Output Schema
Field
Type
Required
Description
body
array[Reward]
Yes
Rewards catalog
Example
Create Customer Loyalty Redemption
Method and path: POST /customers/{customerId}/loyalty/redemptions
Field
Type
Required
Description
customerId
string
Yes
Customer identifier
body
RedemptionRequest
Yes
Redemption request payload
Output Schema
Field
Type
Required
Description
body
RedemptionResult
Yes
Redemption result payload
status
integer
Yes
201 on success
Example
Request Response (201)
POST /customers/cust-001/loyalty/redemptions HTTP / 1.1
Host : api.opendelivery.io
Authorization : Bearer {token}
Content-Type : application/json
{
"rewardId" : "reward-001" ,
"quantity" : 1
}
{
"redemptionId" : "red-001" ,
"transactionId" : "txn-009" ,
"coupon" : {
"id" : "coupon-001" ,
"code" : "SAVE10" ,
"type" : "discount" ,
"value" : 10 ,
"currency" : "BRL" ,
"status" : "available" ,
"source" : "loyalty" ,
"customerId" : "cust-001"
}
}
List Customer Coupons
Method and path: GET /customers/{customerId}/coupons
Field
Type
Required
Description
customerId
string
Yes
Customer identifier
Output Schema
Field
Type
Required
Description
body
array[Coupon]
Yes
Coupon list
Example
Get Customer Coupon
Method and path: GET /customers/{customerId}/coupons/{couponId}
Field
Type
Required
Description
customerId
string
Yes
Customer identifier
couponId
string
Yes
Coupon identifier
Output Schema
Field
Type
Required
Description
body
Coupon
Yes
Coupon payload
Example
Error Handling
UCP-style two-layer interpretation applies: transport-level failures use HTTP status,
while business semantics are expressed by endpoint responses and payloads.
Transport Errors
HTTP
Description
400
Bad request (defined in committee OpenAPI)
401
Unauthorized (auth policy)
403
Forbidden (authz policy)
404
Not found (resource path/ID resolution)
500
Internal server error
Business Outcomes
Business outcomes are represented by endpoint-specific success responses (200, 201)
and response payloads (Loyalty, LoyaltyTransaction, Reward, RedemptionResult, Coupon).
Entities
Loyalty Response
Field
Type
Required
Description
body
Loyalty
Yes
Loyalty account summary response
Loyalty Transactions Response
Field
Type
Required
Description
body
array[LoyaltyTransaction]
Yes
Loyalty transaction collection
Rewards Response
Field
Type
Required
Description
body
array[Reward]
Yes
Reward collection
Coupons Response
Field
Type
Required
Description
body
array[Coupon]
Yes
Coupon collection
Error Response (BadRequest)
Field
Type
Required
Description
code
string
No
Machine-readable error code
message
string
No
Human-readable error message
A conforming Loyalty REST implementation MUST:
Implement all advertised Loyalty operations in discovery metadata.
Enforce Bearer authentication on all operations.
Accept and return JSON payloads as defined by Loyalty schemas.
Preserve path-scoped customer semantics for account, transaction, redemption, and coupon operations.
Return status codes consistent with this binding and committee OpenAPI.