# Customer

## Get authenticated customer profile

> Retrieves comprehensive customer information by validating and enriching the authentication token claims.

```json
{"openapi":"3.1.1","info":{"title":"Neostore internal API","version":"v1"},"tags":[{"name":"Customer"}],"servers":[{"url":"https://app.neostore.cloud","description":"Production Server"},{"url":"https://app-qa.neostore.cloud","description":"Staging Server"}],"security":[{"neo-customer":[null]}],"components":{"securitySchemes":{"neo-customer":{"type":"http","description":"a JWT token describing the customer","scheme":"bearer"}},"schemas":{"ProblemDetails":{"type":"object","properties":{"type":{"type":["null","string"]},"title":{"type":["null","string"]},"status":{"type":["null","integer"],"format":"int32"},"detail":{"type":["null","string"]},"instance":{"type":["null","string"]}},"additionalProperties":{}},"HttpValidationProblemDetails":{"type":"object","allOf":[{"$ref":"#/components/schemas/ProblemDetails"}],"properties":{"errors":{"type":"object","additionalProperties":{"type":"array","items":{"type":"string"}}}},"additionalProperties":{}}}},"paths":{"/api/{tenantId}/customer":{"get":{"tags":["Customer"],"summary":"Get authenticated customer profile","description":"Retrieves comprehensive customer information by validating and enriching the authentication token claims.","parameters":[{"name":"tenantId","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"Authenticated customer profile returned.","content":{"text/plain":{"schema":{"type":"object","additionalProperties":{}}},"application/json":{"schema":{"type":"object","additionalProperties":{}}},"text/json":{"schema":{"type":"object","additionalProperties":{}}}}},"401":{"description":"Caller not authenticated as customer.","content":{"text/plain":{"schema":{"oneOf":[{"$ref":"#/components/schemas/ProblemDetails"},{"$ref":"#/components/schemas/HttpValidationProblemDetails"}]}},"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/ProblemDetails"},{"$ref":"#/components/schemas/HttpValidationProblemDetails"}]}},"text/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/ProblemDetails"},{"$ref":"#/components/schemas/HttpValidationProblemDetails"}]}}}},"500":{"description":"Unexpected server error."}}}}}}
```

## Create or update a customer account

> Creates a new customer account or updates an existing one with provided information.\
> Supports optional flow execution (e.g., preregistration) and multi-factor authentication challenges.\
> \
> \## Account Modification\
> \- Creates account if customer does not exist\
> \- Updates existing customer data\
> \- Validates and enriches account data (e.g., deriving location from postal code)\
> \- Fills missing fields with defaults or derived values\
> \
> \## Flow Execution\
> When a flow name is specified:\
> 1\. Account is created/updated\
> 2\. Named flow is executed (e.g., "preregistration", "activation")\
> 3\. Additional security challenges may be issued\
> \
> When flow is omitted:\
> 1\. Account data is validated\
> 2\. Fields are enriched and filled\
> 3\. No additional processing occurs\
> \
> \## Authorization\
> No explicit authorization required; customer context derived from account identifier.

```json
{"openapi":"3.1.1","info":{"title":"Neostore internal API","version":"v1"},"tags":[{"name":"Customer"}],"servers":[{"url":"https://app.neostore.cloud","description":"Production Server"},{"url":"https://app-qa.neostore.cloud","description":"Staging Server"}],"paths":{"/api/{tenantId}/customer":{"post":{"tags":["Customer"],"summary":"Create or update a customer account","description":"Creates a new customer account or updates an existing one with provided information.\nSupports optional flow execution (e.g., preregistration) and multi-factor authentication challenges.\n\n## Account Modification\n- Creates account if customer does not exist\n- Updates existing customer data\n- Validates and enriches account data (e.g., deriving location from postal code)\n- Fills missing fields with defaults or derived values\n\n## Flow Execution\nWhen a flow name is specified:\n1. Account is created/updated\n2. Named flow is executed (e.g., \"preregistration\", \"activation\")\n3. Additional security challenges may be issued\n\nWhen flow is omitted:\n1. Account data is validated\n2. Fields are enriched and filled\n3. No additional processing occurs\n\n## Authorization\nNo explicit authorization required; customer context derived from account identifier.","parameters":[{"name":"flow","in":"query","description":"Optional flow name to execute after account creation (e.g., \"preregistration\"). When empty, data is validated and filled without additional processing","schema":{"type":"string"}},{"name":"tenantId","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"description":"Customer account payload with contact, identity, and profile data","content":{"application/json":{"schema":{"type":"object","additionalProperties":{}}},"text/json":{"schema":{"type":"object","additionalProperties":{}}},"application/*+json":{"schema":{"type":"object","additionalProperties":{}}}}},"responses":{"200":{"description":"Account created or updated.","content":{"text/plain":{"schema":{"type":"object","additionalProperties":{}}},"application/json":{"schema":{"type":"object","additionalProperties":{}}},"text/json":{"schema":{"type":"object","additionalProperties":{}}}}},"202":{"description":"Challenge issued for additional verification."},"401":{"description":"Caller not authorized to create or update the account.","content":{"text/plain":{"schema":{"oneOf":[{"$ref":"#/components/schemas/ProblemDetails"},{"$ref":"#/components/schemas/HttpValidationProblemDetails"}]}},"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/ProblemDetails"},{"$ref":"#/components/schemas/HttpValidationProblemDetails"}]}},"text/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/ProblemDetails"},{"$ref":"#/components/schemas/HttpValidationProblemDetails"}]}}}},"412":{"description":"Validation failed for provided account data.","content":{"text/plain":{"schema":{"oneOf":[{"$ref":"#/components/schemas/ProblemDetails"},{"$ref":"#/components/schemas/HttpValidationProblemDetails"}]}},"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/ProblemDetails"},{"$ref":"#/components/schemas/HttpValidationProblemDetails"}]}},"text/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/ProblemDetails"},{"$ref":"#/components/schemas/HttpValidationProblemDetails"}]}}}},"500":{"description":"Unexpected server error."}}}}},"components":{"schemas":{"ProblemDetails":{"type":"object","properties":{"type":{"type":["null","string"]},"title":{"type":["null","string"]},"status":{"type":["null","integer"],"format":"int32"},"detail":{"type":["null","string"]},"instance":{"type":["null","string"]}},"additionalProperties":{}},"HttpValidationProblemDetails":{"type":"object","allOf":[{"$ref":"#/components/schemas/ProblemDetails"}],"properties":{"errors":{"type":"object","additionalProperties":{"type":"array","items":{"type":"string"}}}},"additionalProperties":{}}}}}
```

## Authenticate customer and generate JWT token

> Authenticates a customer using a specified identity provider and returns a JWT token for subsequent API calls.\
> \
> \## Supported Providers\
> \- \*\*Social Login\*\*: Facebook, Apple, Google, Line, etc.\
> \- \*\*One-Time Password (OTP)\*\*: SMS, email, or other delivery methods\
> \- \*\*Custom Providers\*\*: Tenant-specific authentication mechanisms\
> \
> \## Authentication Flow\
> 1\. Client sends provider name and provider-specific authentication data\
> 2\. System validates credentials with the specified provider\
> 3\. Provider returns claims (identity attributes)\
> 4\. System generates JWT token with 24-hour validity\
> 5\. Token includes provider identifier for auditing\
> \
> \## Token Usage\
> The returned JWT token should be included in subsequent API requests using the \`Authorization: Bearer \<token>\` header.

```json
{"openapi":"3.1.1","info":{"title":"Neostore internal API","version":"v1"},"tags":[{"name":"Customer"}],"servers":[{"url":"https://app.neostore.cloud","description":"Production Server"},{"url":"https://app-qa.neostore.cloud","description":"Staging Server"}],"paths":{"/api/{tenantId}/customer/authenticate":{"post":{"tags":["Customer"],"summary":"Authenticate customer and generate JWT token","description":"Authenticates a customer using a specified identity provider and returns a JWT token for subsequent API calls.\n\n## Supported Providers\n- **Social Login**: Facebook, Apple, Google, Line, etc.\n- **One-Time Password (OTP)**: SMS, email, or other delivery methods\n- **Custom Providers**: Tenant-specific authentication mechanisms\n\n## Authentication Flow\n1. Client sends provider name and provider-specific authentication data\n2. System validates credentials with the specified provider\n3. Provider returns claims (identity attributes)\n4. System generates JWT token with 24-hour validity\n5. Token includes provider identifier for auditing\n\n## Token Usage\nThe returned JWT token should be included in subsequent API requests using the `Authorization: Bearer <token>` header.","parameters":[{"name":"provider","in":"query","description":"Provider used to authenticate the user.","schema":{"type":"string"}},{"name":"tenantId","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"description":"Required data for the specified provider","content":{"application/json":{"schema":{}},"text/json":{"schema":{}},"application/*+json":{"schema":{}}}},"responses":{"200":{"description":"Authentication succeeded and token returned.","content":{"text/plain":{"schema":{"type":"string"}},"application/json":{"schema":{"type":"string"}},"text/json":{"schema":{"type":"string"}}}},"400":{"description":"Request is missing provider or contains malformed data.","content":{"text/plain":{"schema":{"oneOf":[{"$ref":"#/components/schemas/ProblemDetails"},{"$ref":"#/components/schemas/HttpValidationProblemDetails"}]}},"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/ProblemDetails"},{"$ref":"#/components/schemas/HttpValidationProblemDetails"}]}},"text/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/ProblemDetails"},{"$ref":"#/components/schemas/HttpValidationProblemDetails"}]}}}},"422":{"description":"Invalid authentication data for the specified provider.","content":{"text/plain":{"schema":{"oneOf":[{"$ref":"#/components/schemas/ProblemDetails"},{"$ref":"#/components/schemas/HttpValidationProblemDetails"}]}},"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/ProblemDetails"},{"$ref":"#/components/schemas/HttpValidationProblemDetails"}]}},"text/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/ProblemDetails"},{"$ref":"#/components/schemas/HttpValidationProblemDetails"}]}}}},"500":{"description":"Unexpected server error."}}}}},"components":{"schemas":{"ProblemDetails":{"type":"object","properties":{"type":{"type":["null","string"]},"title":{"type":["null","string"]},"status":{"type":["null","integer"],"format":"int32"},"detail":{"type":["null","string"]},"instance":{"type":["null","string"]}},"additionalProperties":{}},"HttpValidationProblemDetails":{"type":"object","allOf":[{"$ref":"#/components/schemas/ProblemDetails"}],"properties":{"errors":{"type":"object","additionalProperties":{"type":"array","items":{"type":"string"}}}},"additionalProperties":{}}}}}
```