Customer Endpoints
Normative source: Customer Capability.
This page defines the REST/HTTP transport contract for Customer Capability operations.
It does not redefine protocol semantics.
Endpoint Catalog
| operation |
method |
path |
authentication |
scope |
ingestCustomer |
POST |
/v1/customer/customers:ingest |
required |
customer.write |
getCustomers |
GET |
/v1/customer/customers |
required |
customer.read |
ingestOrdersForCRM |
POST |
/v1/customer/orders:ingest |
required |
orders.crm.write |
getOrdersForCRM |
GET |
/v1/customer/orders |
required |
orders.crm.read |
receiveCustomerEvent |
POST |
/v1/customer/events |
required |
customer.events.write |
ingestLead |
POST |
/v1/customer/leads:ingest |
required |
lead.write |
ingestReview (draft) |
POST |
/v1/customer/reviews:ingest |
required |
review.write |
All endpoints in this binding MUST use HTTPS and application/json payloads.
Request Payload Fields
Customer Ingestion (ingestCustomer)
| name |
type |
required |
description |
customer.id |
string |
YES |
Logical customer identifier |
customer.externalIds[] |
array[string] |
YES |
External identifiers for deduplication |
customer.name |
string |
YES |
Customer display name |
customer.contacts |
object |
YES |
Contact channels |
customer.consent |
object |
YES |
Consent metadata |
customer.createdAt |
string |
YES |
Creation timestamp (ISO 8601 date-time) |
customer.updatedAt |
string |
YES |
Update timestamp (ISO 8601 date-time) |
Lead Ingestion (ingestLead)
| name |
type |
required |
description |
lead.id |
string |
YES |
Lead identifier |
lead.source |
string |
YES |
Lead source |
lead.status |
string |
YES |
Lead stage |
lead.customerRef |
string |
NO |
Linked customer id |
Customer Event (receiveCustomerEvent)
| name |
type |
required |
description |
event.eventType |
string |
YES |
Business fact type |
event.entityType |
string |
YES |
customer, order, lead, or review |
event.occurredAt |
string |
YES |
Occurrence timestamp (ISO 8601 date-time) |
event.payload |
object |
YES |
Event payload |
Payload Examples
ingestCustomer
{
"customer": {
"id": "customer-123",
"externalIds": ["app:123", "crm:ABC-9"],
"name": "Maria Souza",
"contacts": {
"email": "maria@example.com",
"phone": "+55-11-99999-0000"
},
"consent": {
"marketing": true,
"updatedAt": "2026-03-24T12:00:00Z"
},
"createdAt": "2026-03-01T10:00:00Z",
"updatedAt": "2026-03-24T12:00:00Z"
}
}
receiveCustomerEvent
{
"event": {
"eventType": "customer.updated",
"entityType": "customer",
"occurredAt": "2026-03-24T12:00:00Z",
"payload": {
"customerId": "customer-123",
"changedFields": ["contacts.email", "consent.marketing"]
}
}
}
Response Contract
Successful Status Codes
| endpoint type |
status |
meaning |
Ingestion endpoints (POST) |
202 Accepted |
Accepted for asynchronous processing |
Query endpoints (GET) |
200 OK |
Data returned successfully |
Error Status Codes
| status |
when |
body |
400 Bad Request |
malformed payload/params |
ODP error model |
401 Unauthorized |
missing/invalid credentials |
ODP error model |
403 Forbidden |
missing required scope |
ODP error model |
404 Not Found |
endpoint/resource not found |
ODP error model |
409 Conflict |
duplicate or version conflict |
ODP error model |
500 Internal Server Error |
unexpected server failure |
ODP error model |
Error payloads SHOULD follow Error Model.
Protocol Rules Applied
Normative source: Customer Capability
- CRM software MUST be consumer-oriented and MUST NOT control operational order lifecycle.
- Ordering Applications MUST expose declared customer and customer-linked order operations.
- Events MUST represent business facts.
- External identifiers MUST be supported for deduplication.
- Customer-centric order view MUST NOT replace operational order lifecycle semantics.
OpenAPI Artifact