diff --git a/.spectral.yml b/.spectral.yml index edb4d5a5c..3aac3e824 100644 --- a/.spectral.yml +++ b/.spectral.yml @@ -27,12 +27,17 @@ rules: function: defined must-include-response-examples: - description: At least one example should be included for each API response + description: At least one example must be included for each API response, declared as a sibling of `schema` at the content-type level. Use `example` (singular) for a single payload, or `examples` (plural, an object of named entries with `summary` and `value`) when the schema uses `anyOf`/`oneOf` and each branch needs its own illustrative payload. severity: error given: "$.paths..responses.*.content.*" then: - - field: "example" - function: defined + function: schema + functionOptions: + schema: + type: object + anyOf: + - required: ["example"] + - required: ["examples"] must-include-response-schemas: description: Each API response must contain a schema @@ -156,12 +161,31 @@ rules: match: "^(?:VTEX|SKU|SKUs|ID|API|CMS|EAN|URL|JSON|OAuth|SLA|Session Manager|Storefront Permissions|B2B|[A-Z][a-z0-9]*(?:-[a-z][a-z0-9]*)*)(?:\\s+(?:VTEX|SKU|SKUs|ID|API|CMS|EAN|URL|JSON|OAuth|SLA|Session Manager|Storefront Permissions|B2B|[a-z][a-z0-9]*(?:-[a-z][a-z0-9]*)*))*$" request-example-parallel-to-schema: - description: The example for request body must be at the same level as the schema (as siblings), not nested inside schema properties. Place the example at the content-type level alongside the schema. + description: The request body must declare an example at the content-type level (as a sibling of `schema`), not nested inside schema properties. Use `example` (singular) for a single payload, or `examples` (plural, an object of named entries with `summary` and `value`) when the schema uses `anyOf`/`oneOf` and each branch needs its own illustrative payload. severity: error given: "$.paths..requestBody.content.*" then: - field: "example" - function: defined + function: schema + functionOptions: + schema: + type: object + anyOf: + - required: ["example"] + - required: ["examples"] + + anyof-oneof-branches-must-be-documented: + description: Each subschema of an `anyOf` or `oneOf` (in a request body or response body) must declare both a `title` and a `description`, per the VTEX API reference guidelines (sections 4.7.1 and 4.8.1). The rendered API reference uses the `title` to label each variant tab and the `description` to explain when that variant applies; without them, consumers see anonymous "Option 1 / Option 2" entries and cannot tell the branches apart. + severity: error + given: + - "$.paths.*.*.requestBody.content.*.schema..anyOf[*]" + - "$.paths.*.*.requestBody.content.*.schema..oneOf[*]" + - "$.paths.*.*.responses.*.content.*.schema..anyOf[*]" + - "$.paths.*.*.responses.*.content.*.schema..oneOf[*]" + then: + - field: "title" + function: defined + - field: "description" + function: defined no-chained-refs-in-components: description: Components cannot use a $ref that points to another component which also contains a $ref (chained refs are not allowed). This may cause rendering errors on the Developer Portal. When this error is shown, check the $ref at the next level and rearrange the content to allow it to be removed, eliminating the need for cascading $refs. diff --git a/PostmanCollections/VTEX - Payment Policies API.json b/PostmanCollections/VTEX - Payment Policies API.json new file mode 100644 index 000000000..5c22c6705 --- /dev/null +++ b/PostmanCollections/VTEX - Payment Policies API.json @@ -0,0 +1,2973 @@ +{ + "_": { + "postman_id": "f87aadb6-0651-43d1-8608-ad36d16e160d" + }, + "item": [ + { + "id": "d93e751d-604b-49a1-972b-11d18fc65919", + "name": "Payment policy rules", + "description": { + "content": "", + "type": "text/plain" + }, + "item": [ + { + "id": "83a29a1a-ce6f-45b8-ba5a-974f691bd557", + "name": "Create policy rule", + "request": { + "name": "Create policy rule", + "description": { + "content": "Creates a payment policy rule for the VTEX account informed in the `an` query parameter. Policy rules define conditions that determine which payment systems are included or excluded when those conditions match a cart item.\r\n\r\n> ⚠️ This feature is in closed beta, meaning only specific customers can access it now. If you want to implement it in the future, please contact [our Support](https://support.vtex.com/hc/en-us/).\r\n\r\n## Permissions\r\n\r\nAny user or [API key](https://developers.vtex.com/docs/guides/authentication-overview#api-keys) must have at least one of the appropriate [License Manager resources](https://help.vtex.com/en/tutorial/license-manager-resources--3q6ztrC8YynQf6rdc6euk3) to be able to successfully run this request. Otherwise, they will receive a status code `403` error. These are the applicable resources for this endpoint:\r\n\r\n| **Product** | **Category** | **Resource** |\r\n| --------------- | ----------------- | ----------------- |\r\n| Payments | Payment Policies | **ManageStore** |\r\n\r\nThere are no applicable [predefined roles](https://help.vtex.com/en/tutorial/predefined-roles--jGDurZKJHvHJS13LnO7Dy) for this resource list. You must [create a custom role](https://help.vtex.com/en/tutorial/roles--7HKK5Uau2H6wxE1rH5oRbc#creating-a-role) and add at least one of the resources above in order to use this endpoint.\r\n\r\nTo learn more about machine authentication at VTEX, see [Authentication overview](https://developers.vtex.com/docs/guides/authentication-overview#machine-authentication).\r\n\r\n>❗ To prevent integrations from having excessive permissions, consider the [best practices for managing API keys](https://help.vtex.com/en/tutorial/best-practices-api-keys--7b6nD1VMHa49aI5brlOvJm) when assigning License Manager roles to integrations.", + "type": "text/plain" + }, + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Exclude EBT for collection 139 in NY\",\n \"expression\": {\n \"and\": [\n {\n \"in\": [\n 139,\n {\n \"var\": \"collectionIds\"\n }\n ]\n },\n {\n \"==\": [\n {\n \"var\": \"shippingState\"\n },\n \"NY\"\n ]\n }\n ]\n },\n \"enabled\": true,\n \"priority\": 90,\n \"action\": \"Exclude\",\n \"paymentSystems\": [\n 100\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "9980ff41-3d34-4456-bc0d-5be2001c0ff2", + "name": "Created", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Exclude EBT for collection 139 in NY\",\n \"expression\": {\n \"and\": [\n {\n \"in\": [\n 139,\n {\n \"var\": \"collectionIds\"\n }\n ]\n },\n {\n \"==\": [\n {\n \"var\": \"shippingState\"\n },\n \"NY\"\n ]\n }\n ]\n },\n \"enabled\": true,\n \"priority\": 90,\n \"action\": \"Exclude\",\n \"paymentSystems\": [\n 100\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"3fa85f64-5717-4562-b3fc-2c963f66afa6\",\n \"accountName\": \"cosmetics2\",\n \"name\": \"Exclude EBT for collection 139 in NY\",\n \"expression\": {\n \"and\": [\n {\n \"in\": [\n 139,\n {\n \"var\": \"collectionIds\"\n }\n ]\n },\n {\n \"==\": [\n {\n \"var\": \"shippingState\"\n },\n \"NY\"\n ]\n }\n ]\n },\n \"enabled\": true,\n \"priority\": 90,\n \"action\": \"Exclude\",\n \"paymentSystems\": [\n 100\n ],\n \"createdAt\": \"2026-04-01T10:00:00Z\",\n \"updatedAt\": \"2026-04-01T10:00:00Z\"\n}", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "4387af5c-9640-4ced-89b3-cc448eb56d9f", + "name": "Bad Request", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Exclude EBT for collection 139 in NY\",\n \"expression\": {\n \"and\": [\n {\n \"in\": [\n 139,\n {\n \"var\": \"collectionIds\"\n }\n ]\n },\n {\n \"==\": [\n {\n \"var\": \"shippingState\"\n },\n \"NY\"\n ]\n }\n ]\n },\n \"enabled\": true,\n \"priority\": 90,\n \"action\": \"Exclude\",\n \"paymentSystems\": [\n 100\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"Invalid JSONLogic expression, malformed request body, or policy rule limit exceeded.\"\n}", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "966bafc4-8844-4e6a-8145-cfeab2a989ad", + "name": "Unauthorized", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Exclude EBT for collection 139 in NY\",\n \"expression\": {\n \"and\": [\n {\n \"in\": [\n 139,\n {\n \"var\": \"collectionIds\"\n }\n ]\n },\n {\n \"==\": [\n {\n \"var\": \"shippingState\"\n },\n \"NY\"\n ]\n }\n ]\n },\n \"enabled\": true,\n \"priority\": 90,\n \"action\": \"Exclude\",\n \"paymentSystems\": [\n 100\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"Missing or invalid credentials.\"\n}", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "306f3f04-5e53-4d0f-a4d9-afb2062a6328", + "name": "Forbidden", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Exclude EBT for collection 139 in NY\",\n \"expression\": {\n \"and\": [\n {\n \"in\": [\n 139,\n {\n \"var\": \"collectionIds\"\n }\n ]\n },\n {\n \"==\": [\n {\n \"var\": \"shippingState\"\n },\n \"NY\"\n ]\n }\n ]\n },\n \"enabled\": true,\n \"priority\": 90,\n \"action\": \"Exclude\",\n \"paymentSystems\": [\n 100\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"The user or API key does not have the required permission.\"\n}", + "cookie": [] + } + ], + "event": [ + { + "listen": "test", + "script": { + "id": "e9da6194-82c8-4102-95ae-83e33e244877", + "type": "text/javascript", + "exec": [ + "// Validate status 2xx \npm.test(\"[POST]::/api/payment-configuration-service/policy-rules - Status code is 2xx\", function () {\n pm.response.to.be.success;\n});\n", + "// Validate if response header has matching content-type\npm.test(\"[POST]::/api/payment-configuration-service/policy-rules - Content-Type is application/json\", function () {\n pm.expect(pm.response.headers.get(\"Content-Type\")).to.include(\"application/json\");\n});\n", + "// Validate if response has JSON Body \npm.test(\"[POST]::/api/payment-configuration-service/policy-rules - Response has JSON Body\", function () {\n pm.response.to.have.jsonBody();\n});\n", + "// Response Validation\nconst schema = {\"type\":\"object\",\"description\":\"Payment policy rule returned by the API.\",\"required\":[\"id\",\"accountName\",\"name\",\"expression\",\"enabled\",\"priority\",\"action\",\"paymentSystems\",\"createdAt\",\"updatedAt\"],\"properties\":{\"id\":{\"type\":\"string\",\"format\":\"uuid\",\"description\":\"Unique identifier of the policy rule.\"},\"accountName\":{\"type\":\"string\",\"description\":\"VTEX account that owns the policy rule.\"},\"name\":{\"type\":\"string\",\"description\":\"Policy rule name.\"},\"expression\":{\"type\":\"object\",\"description\":\"JSONLogic expression evaluated against item context. Currently supports `and`, `or`, `==`, and `in`, with `collectionIds` and `shippingState` as available variables.\",\"additionalProperties\":true},\"enabled\":{\"type\":\"boolean\",\"description\":\"Indicates whether the policy rule is active.\"},\"priority\":{\"type\":\"integer\",\"format\":\"int32\",\"description\":\"Rule priority. Lower values have higher precedence when conflicting rules match the same item.\"},\"action\":{\"type\":\"string\",\"description\":\"Action applied to the payment systems when the rule expression matches.\",\"enum\":[\"Include\",\"Exclude\"]},\"paymentSystems\":{\"type\":\"array\",\"description\":\"Payment system IDs affected by the rule.\",\"items\":{\"type\":\"integer\",\"format\":\"int32\",\"description\":\"Payment system ID.\"}},\"createdAt\":{\"type\":\"string\",\"format\":\"date-time\",\"description\":\"Date and time when the policy rule was created in [ISO 8601 time zone offset format](https://learn.microsoft.com/en-us/rest/api/storageservices/formatting-datetime-values), as in `YYYY-MM-DDThh:mm:ssZ`.\"},\"updatedAt\":{\"type\":\"string\",\"format\":\"date-time\",\"description\":\"Date and time when the policy rule was last updated in [ISO 8601 time zone offset format](https://learn.microsoft.com/en-us/rest/api/storageservices/formatting-datetime-values), as in `YYYY-MM-DDThh:mm:ssZ`.\"}}}\n\n// Validate if response matches JSON schema \npm.test(\"[POST]::/api/payment-configuration-service/policy-rules - Schema is valid\", function() {\n pm.response.to.have.jsonSchema(schema,{unknownFormats: [\"int32\", \"int64\", \"float\", \"double\"]});\n});\n" + ] + } + } + ], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "100167bd-2033-4e00-98d8-50fb41d8dd7d", + "name": "List policy rules", + "request": { + "name": "List policy rules", + "description": { + "content": "Lists the payment policy rules configured for the VTEX account informed in the `an` query parameter.\r\n\r\n> ⚠️ This feature is in closed beta, meaning only specific customers can access it now. If you want to implement it in the future, please contact [our Support](https://support.vtex.com/hc/en-us/).\r\n\r\n## Permissions\r\n\r\nAny user or [API key](https://developers.vtex.com/docs/guides/authentication-overview#api-keys) must have at least one of the appropriate [License Manager resources](https://help.vtex.com/en/tutorial/license-manager-resources--3q6ztrC8YynQf6rdc6euk3) to be able to successfully run this request. Otherwise, they will receive a status code `403` error. These are the applicable resources for this endpoint:\r\n\r\n| **Product** | **Category** | **Resource** |\r\n| --------------- | ----------------- | ----------------- |\r\n| Payments | Payment Policies | **ViewPayments** |\r\n\r\nThere are no applicable [predefined roles](https://help.vtex.com/en/tutorial/predefined-roles--jGDurZKJHvHJS13LnO7Dy) for this resource list. You must [create a custom role](https://help.vtex.com/en/tutorial/roles--7HKK5Uau2H6wxE1rH5oRbc#creating-a-role) and add at least one of the resources above in order to use this endpoint.\r\n\r\nTo learn more about machine authentication at VTEX, see [Authentication overview](https://developers.vtex.com/docs/guides/authentication-overview#machine-authentication).\r\n\r\n>❗ To prevent integrations from having excessive permissions, consider the [best practices for managing API keys](https://help.vtex.com/en/tutorial/best-practices-api-keys--7b6nD1VMHa49aI5brlOvJm) when assigning License Manager roles to integrations.", + "type": "text/plain" + }, + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "fd18cb14-9adc-4009-b9cb-28f965dd3c90", + "name": "OK", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"3fa85f64-5717-4562-b3fc-2c963f66afa6\",\n \"accountName\": \"cosmetics2\",\n \"name\": \"Exclude EBT for collection 139 in NY\",\n \"expression\": {\n \"and\": [\n {\n \"in\": [\n 139,\n {\n \"var\": \"collectionIds\"\n }\n ]\n },\n {\n \"==\": [\n {\n \"var\": \"shippingState\"\n },\n \"NY\"\n ]\n }\n ]\n },\n \"enabled\": true,\n \"priority\": 90,\n \"action\": \"Exclude\",\n \"paymentSystems\": [\n 100\n ],\n \"createdAt\": \"2026-04-01T10:00:00Z\",\n \"updatedAt\": \"2026-04-01T10:00:00Z\"\n }\n]", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "dfd8a52b-7e17-44ec-b729-9dd6117953e5", + "name": "Unauthorized", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"Missing or invalid credentials.\"\n}", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "f93cf973-455d-49a0-a8c7-3bb2c9cab593", + "name": "Forbidden", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"The user or API key does not have the required permission.\"\n}", + "cookie": [] + } + ], + "event": [ + { + "listen": "test", + "script": { + "id": "55fcbf18-8d49-4fda-b65f-c0cf3297c5a2", + "type": "text/javascript", + "exec": [ + "// Validate status 2xx \npm.test(\"[GET]::/api/payment-configuration-service/policy-rules - Status code is 2xx\", function () {\n pm.response.to.be.success;\n});\n", + "// Validate if response header has matching content-type\npm.test(\"[GET]::/api/payment-configuration-service/policy-rules - Content-Type is application/json\", function () {\n pm.expect(pm.response.headers.get(\"Content-Type\")).to.include(\"application/json\");\n});\n", + "// Validate if response has JSON Body \npm.test(\"[GET]::/api/payment-configuration-service/policy-rules - Response has JSON Body\", function () {\n pm.response.to.have.jsonBody();\n});\n", + "// Response Validation\nconst schema = {\"type\":\"array\",\"description\":\"List of policy rules configured for the account.\",\"items\":{\"type\":\"object\",\"description\":\"Payment policy rule returned by the API.\",\"required\":[\"id\",\"accountName\",\"name\",\"expression\",\"enabled\",\"priority\",\"action\",\"paymentSystems\",\"createdAt\",\"updatedAt\"],\"properties\":{\"id\":{\"type\":\"string\",\"format\":\"uuid\",\"description\":\"Unique identifier of the policy rule.\"},\"accountName\":{\"type\":\"string\",\"description\":\"VTEX account that owns the policy rule.\"},\"name\":{\"type\":\"string\",\"description\":\"Policy rule name.\"},\"expression\":{\"type\":\"object\",\"description\":\"JSONLogic expression evaluated against item context. Currently supports `and`, `or`, `==`, and `in`, with `collectionIds` and `shippingState` as available variables.\",\"additionalProperties\":true},\"enabled\":{\"type\":\"boolean\",\"description\":\"Indicates whether the policy rule is active.\"},\"priority\":{\"type\":\"integer\",\"format\":\"int32\",\"description\":\"Rule priority. Lower values have higher precedence when conflicting rules match the same item.\"},\"action\":{\"type\":\"string\",\"description\":\"Action applied to the payment systems when the rule expression matches.\",\"enum\":[\"Include\",\"Exclude\"]},\"paymentSystems\":{\"type\":\"array\",\"description\":\"Payment system IDs affected by the rule.\",\"items\":{\"type\":\"integer\",\"format\":\"int32\",\"description\":\"Payment system ID.\"}},\"createdAt\":{\"type\":\"string\",\"format\":\"date-time\",\"description\":\"Date and time when the policy rule was created in [ISO 8601 time zone offset format](https://learn.microsoft.com/en-us/rest/api/storageservices/formatting-datetime-values), as in `YYYY-MM-DDThh:mm:ssZ`.\"},\"updatedAt\":{\"type\":\"string\",\"format\":\"date-time\",\"description\":\"Date and time when the policy rule was last updated in [ISO 8601 time zone offset format](https://learn.microsoft.com/en-us/rest/api/storageservices/formatting-datetime-values), as in `YYYY-MM-DDThh:mm:ssZ`.\"}}}}\n\n// Validate if response matches JSON schema \npm.test(\"[GET]::/api/payment-configuration-service/policy-rules - Schema is valid\", function() {\n pm.response.to.have.jsonSchema(schema,{unknownFormats: [\"int32\", \"int64\", \"float\", \"double\"]});\n});\n" + ] + } + } + ], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "06051bd8-4ea3-4ead-bac6-1a6cb253f082", + "name": "Get policy rule by ID", + "request": { + "name": "Get policy rule by ID", + "description": { + "content": "Retrieves a payment policy rule by ID for the VTEX account informed in the `an` query parameter.\r\n\r\n> ⚠️ This feature is in closed beta, meaning only specific customers can access it now. If you want to implement it in the future, please contact [our Support](https://support.vtex.com/hc/en-us/).\r\n\r\n## Permissions\r\n\r\nAny user or [API key](https://developers.vtex.com/docs/guides/authentication-overview#api-keys) must have at least one of the appropriate [License Manager resources](https://help.vtex.com/en/tutorial/license-manager-resources--3q6ztrC8YynQf6rdc6euk3) to be able to successfully run this request. Otherwise, they will receive a status code `403` error. These are the applicable resources for this endpoint:\r\n\r\n| **Product** | **Category** | **Resource** |\r\n| --------------- | ----------------- | ----------------- |\r\n| Payments | Payment Policies | **ViewPayments** |\r\n\r\nThere are no applicable [predefined roles](https://help.vtex.com/en/tutorial/predefined-roles--jGDurZKJHvHJS13LnO7Dy) for this resource list. You must [create a custom role](https://help.vtex.com/en/tutorial/roles--7HKK5Uau2H6wxE1rH5oRbc#creating-a-role) and add at least one of the resources above in order to use this endpoint.\r\n\r\nTo learn more about machine authentication at VTEX, see [Authentication overview](https://developers.vtex.com/docs/guides/authentication-overview#machine-authentication).\r\n\r\n>❗ To prevent integrations from having excessive permissions, consider the [best practices for managing API keys](https://help.vtex.com/en/tutorial/best-practices-api-keys--7b6nD1VMHa49aI5brlOvJm) when assigning License Manager roles to integrations.", + "type": "text/plain" + }, + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [ + { + "disabled": false, + "description": { + "content": "(Required) Unique identifier of the policy rule.", + "type": "text/plain" + }, + "type": "any", + "value": "urn:uuid:f42cc30d-fc70-2790-f480-02d5baa0249e", + "key": "id" + } + ] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "cb2ccb23-7ac4-432b-883f-ec37b46f349b", + "name": "OK", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"3fa85f64-5717-4562-b3fc-2c963f66afa6\",\n \"accountName\": \"cosmetics2\",\n \"name\": \"Exclude EBT for collection 139 in NY\",\n \"expression\": {\n \"and\": [\n {\n \"in\": [\n 139,\n {\n \"var\": \"collectionIds\"\n }\n ]\n },\n {\n \"==\": [\n {\n \"var\": \"shippingState\"\n },\n \"NY\"\n ]\n }\n ]\n },\n \"enabled\": true,\n \"priority\": 90,\n \"action\": \"Exclude\",\n \"paymentSystems\": [\n 100\n ],\n \"createdAt\": \"2026-04-01T10:00:00Z\",\n \"updatedAt\": \"2026-04-01T10:00:00Z\"\n}", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "d4ec8534-9c69-449c-9a9d-3c5484c01999", + "name": "Unauthorized", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"Missing or invalid credentials.\"\n}", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "823d2b76-e081-42f8-b8e8-97434a3f8934", + "name": "Forbidden", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"The user or API key does not have the required permission.\"\n}", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "3ccd7ca3-c3e9-4ac2-a3d2-a2fd089bc42f", + "name": "Not Found", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"Policy rule not found for the account.\"\n}", + "cookie": [] + } + ], + "event": [ + { + "listen": "test", + "script": { + "id": "9cb49cdb-09e0-4480-9a87-44a5b5affd9d", + "type": "text/javascript", + "exec": [ + "// Validate status 2xx \npm.test(\"[GET]::/api/payment-configuration-service/policy-rules/:id - Status code is 2xx\", function () {\n pm.response.to.be.success;\n});\n", + "// Validate if response header has matching content-type\npm.test(\"[GET]::/api/payment-configuration-service/policy-rules/:id - Content-Type is application/json\", function () {\n pm.expect(pm.response.headers.get(\"Content-Type\")).to.include(\"application/json\");\n});\n", + "// Validate if response has JSON Body \npm.test(\"[GET]::/api/payment-configuration-service/policy-rules/:id - Response has JSON Body\", function () {\n pm.response.to.have.jsonBody();\n});\n", + "// Response Validation\nconst schema = {\"type\":\"object\",\"description\":\"Payment policy rule returned by the API.\",\"required\":[\"id\",\"accountName\",\"name\",\"expression\",\"enabled\",\"priority\",\"action\",\"paymentSystems\",\"createdAt\",\"updatedAt\"],\"properties\":{\"id\":{\"type\":\"string\",\"format\":\"uuid\",\"description\":\"Unique identifier of the policy rule.\"},\"accountName\":{\"type\":\"string\",\"description\":\"VTEX account that owns the policy rule.\"},\"name\":{\"type\":\"string\",\"description\":\"Policy rule name.\"},\"expression\":{\"type\":\"object\",\"description\":\"JSONLogic expression evaluated against item context. Currently supports `and`, `or`, `==`, and `in`, with `collectionIds` and `shippingState` as available variables.\",\"additionalProperties\":true},\"enabled\":{\"type\":\"boolean\",\"description\":\"Indicates whether the policy rule is active.\"},\"priority\":{\"type\":\"integer\",\"format\":\"int32\",\"description\":\"Rule priority. Lower values have higher precedence when conflicting rules match the same item.\"},\"action\":{\"type\":\"string\",\"description\":\"Action applied to the payment systems when the rule expression matches.\",\"enum\":[\"Include\",\"Exclude\"]},\"paymentSystems\":{\"type\":\"array\",\"description\":\"Payment system IDs affected by the rule.\",\"items\":{\"type\":\"integer\",\"format\":\"int32\",\"description\":\"Payment system ID.\"}},\"createdAt\":{\"type\":\"string\",\"format\":\"date-time\",\"description\":\"Date and time when the policy rule was created in [ISO 8601 time zone offset format](https://learn.microsoft.com/en-us/rest/api/storageservices/formatting-datetime-values), as in `YYYY-MM-DDThh:mm:ssZ`.\"},\"updatedAt\":{\"type\":\"string\",\"format\":\"date-time\",\"description\":\"Date and time when the policy rule was last updated in [ISO 8601 time zone offset format](https://learn.microsoft.com/en-us/rest/api/storageservices/formatting-datetime-values), as in `YYYY-MM-DDThh:mm:ssZ`.\"}}}\n\n// Validate if response matches JSON schema \npm.test(\"[GET]::/api/payment-configuration-service/policy-rules/:id - Schema is valid\", function() {\n pm.response.to.have.jsonSchema(schema,{unknownFormats: [\"int32\", \"int64\", \"float\", \"double\"]});\n});\n" + ] + } + } + ], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "5b741a10-9bde-4290-b5e8-f301e96c0670", + "name": "Update policy rule", + "request": { + "name": "Update policy rule", + "description": { + "content": "Replaces a payment policy rule for the VTEX account informed in the `an` query parameter. Send the same response body as the `POST` request, excluding `id`, `accountName`, createdAt`, or `updatedAt`.\r\n\r\n> ⚠️ This feature is in closed beta, meaning only specific customers can access it now. If you want to implement it in the future, please contact [our Support](https://support.vtex.com/hc/en-us/).\r\n\r\n## Permissions\r\n\r\nAny user or [API key](https://developers.vtex.com/docs/guides/authentication-overview#api-keys) must have at least one of the appropriate [License Manager resources](https://help.vtex.com/en/tutorial/license-manager-resources--3q6ztrC8YynQf6rdc6euk3) to be able to successfully run this request. Otherwise, they will receive a status code `403` error. These are the applicable resources for this endpoint:\r\n\r\n| **Product** | **Category** | **Resource** |\r\n| --------------- | ----------------- | ----------------- |\r\n| Payments | Payment Policies | **ManageStore** |\r\n\r\nThere are no applicable [predefined roles](https://help.vtex.com/en/tutorial/predefined-roles--jGDurZKJHvHJS13LnO7Dy) for this resource list. You must [create a custom role](https://help.vtex.com/en/tutorial/roles--7HKK5Uau2H6wxE1rH5oRbc#creating-a-role) and add at least one of the resources above in order to use this endpoint.\r\n\r\nTo learn more about machine authentication at VTEX, see [Authentication overview](https://developers.vtex.com/docs/guides/authentication-overview#machine-authentication).\r\n\r\n>❗ To prevent integrations from having excessive permissions, consider the [best practices for managing API keys](https://help.vtex.com/en/tutorial/best-practices-api-keys--7b6nD1VMHa49aI5brlOvJm) when assigning License Manager roles to integrations.", + "type": "text/plain" + }, + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [ + { + "disabled": false, + "description": { + "content": "(Required) Unique identifier of the policy rule.", + "type": "text/plain" + }, + "type": "any", + "value": "urn:uuid:f42cc30d-fc70-2790-f480-02d5baa0249e", + "key": "id" + } + ] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Exclude EBT for collection 139 in NY\",\n \"expression\": {\n \"and\": [\n {\n \"in\": [\n 139,\n {\n \"var\": \"collectionIds\"\n }\n ]\n },\n {\n \"==\": [\n {\n \"var\": \"shippingState\"\n },\n \"NY\"\n ]\n }\n ]\n },\n \"enabled\": true,\n \"priority\": 90,\n \"action\": \"Exclude\",\n \"paymentSystems\": [\n 100\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "b264e2d9-25dc-426e-a6e0-8bcfeaedf312", + "name": "OK", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Exclude EBT for collection 139 in NY\",\n \"expression\": {\n \"and\": [\n {\n \"in\": [\n 139,\n {\n \"var\": \"collectionIds\"\n }\n ]\n },\n {\n \"==\": [\n {\n \"var\": \"shippingState\"\n },\n \"NY\"\n ]\n }\n ]\n },\n \"enabled\": true,\n \"priority\": 90,\n \"action\": \"Exclude\",\n \"paymentSystems\": [\n 100\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"3fa85f64-5717-4562-b3fc-2c963f66afa6\",\n \"accountName\": \"cosmetics2\",\n \"name\": \"Exclude EBT for collection 139 in NY\",\n \"expression\": {\n \"and\": [\n {\n \"in\": [\n 139,\n {\n \"var\": \"collectionIds\"\n }\n ]\n },\n {\n \"==\": [\n {\n \"var\": \"shippingState\"\n },\n \"NY\"\n ]\n }\n ]\n },\n \"enabled\": true,\n \"priority\": 90,\n \"action\": \"Exclude\",\n \"paymentSystems\": [\n 100\n ],\n \"createdAt\": \"2026-04-01T10:00:00Z\",\n \"updatedAt\": \"2026-04-01T10:00:00Z\"\n}", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "83ed68a2-62ce-43dd-93df-25997285cd3e", + "name": "Bad Request", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Exclude EBT for collection 139 in NY\",\n \"expression\": {\n \"and\": [\n {\n \"in\": [\n 139,\n {\n \"var\": \"collectionIds\"\n }\n ]\n },\n {\n \"==\": [\n {\n \"var\": \"shippingState\"\n },\n \"NY\"\n ]\n }\n ]\n },\n \"enabled\": true,\n \"priority\": 90,\n \"action\": \"Exclude\",\n \"paymentSystems\": [\n 100\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"Invalid JSONLogic expression, malformed request body, or policy rule limit exceeded.\"\n}", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "80ebc2b9-c81f-45b4-b246-c9a1899ecf0d", + "name": "Unauthorized", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Exclude EBT for collection 139 in NY\",\n \"expression\": {\n \"and\": [\n {\n \"in\": [\n 139,\n {\n \"var\": \"collectionIds\"\n }\n ]\n },\n {\n \"==\": [\n {\n \"var\": \"shippingState\"\n },\n \"NY\"\n ]\n }\n ]\n },\n \"enabled\": true,\n \"priority\": 90,\n \"action\": \"Exclude\",\n \"paymentSystems\": [\n 100\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"Missing or invalid credentials.\"\n}", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "24ce24be-9be5-4985-b3ce-f13c61381756", + "name": "Forbidden", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Exclude EBT for collection 139 in NY\",\n \"expression\": {\n \"and\": [\n {\n \"in\": [\n 139,\n {\n \"var\": \"collectionIds\"\n }\n ]\n },\n {\n \"==\": [\n {\n \"var\": \"shippingState\"\n },\n \"NY\"\n ]\n }\n ]\n },\n \"enabled\": true,\n \"priority\": 90,\n \"action\": \"Exclude\",\n \"paymentSystems\": [\n 100\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"The user or API key does not have the required permission.\"\n}", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "55d9db20-161d-4ab8-8a2e-4081f5b14c74", + "name": "Not Found", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Exclude EBT for collection 139 in NY\",\n \"expression\": {\n \"and\": [\n {\n \"in\": [\n 139,\n {\n \"var\": \"collectionIds\"\n }\n ]\n },\n {\n \"==\": [\n {\n \"var\": \"shippingState\"\n },\n \"NY\"\n ]\n }\n ]\n },\n \"enabled\": true,\n \"priority\": 90,\n \"action\": \"Exclude\",\n \"paymentSystems\": [\n 100\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"Policy rule not found for the account.\"\n}", + "cookie": [] + } + ], + "event": [ + { + "listen": "test", + "script": { + "id": "6f5e6f58-779f-444a-bed6-1738dcf21e51", + "type": "text/javascript", + "exec": [ + "// Validate status 2xx \npm.test(\"[PUT]::/api/payment-configuration-service/policy-rules/:id - Status code is 2xx\", function () {\n pm.response.to.be.success;\n});\n", + "// Validate if response header has matching content-type\npm.test(\"[PUT]::/api/payment-configuration-service/policy-rules/:id - Content-Type is application/json\", function () {\n pm.expect(pm.response.headers.get(\"Content-Type\")).to.include(\"application/json\");\n});\n", + "// Validate if response has JSON Body \npm.test(\"[PUT]::/api/payment-configuration-service/policy-rules/:id - Response has JSON Body\", function () {\n pm.response.to.have.jsonBody();\n});\n", + "// Response Validation\nconst schema = {\"type\":\"object\",\"description\":\"Payment policy rule returned by the API.\",\"required\":[\"id\",\"accountName\",\"name\",\"expression\",\"enabled\",\"priority\",\"action\",\"paymentSystems\",\"createdAt\",\"updatedAt\"],\"properties\":{\"id\":{\"type\":\"string\",\"format\":\"uuid\",\"description\":\"Unique identifier of the policy rule.\"},\"accountName\":{\"type\":\"string\",\"description\":\"VTEX account that owns the policy rule.\"},\"name\":{\"type\":\"string\",\"description\":\"Policy rule name.\"},\"expression\":{\"type\":\"object\",\"description\":\"JSONLogic expression evaluated against item context. Currently supports `and`, `or`, `==`, and `in`, with `collectionIds` and `shippingState` as available variables.\",\"additionalProperties\":true},\"enabled\":{\"type\":\"boolean\",\"description\":\"Indicates whether the policy rule is active.\"},\"priority\":{\"type\":\"integer\",\"format\":\"int32\",\"description\":\"Rule priority. Lower values have higher precedence when conflicting rules match the same item.\"},\"action\":{\"type\":\"string\",\"description\":\"Action applied to the payment systems when the rule expression matches.\",\"enum\":[\"Include\",\"Exclude\"]},\"paymentSystems\":{\"type\":\"array\",\"description\":\"Payment system IDs affected by the rule.\",\"items\":{\"type\":\"integer\",\"format\":\"int32\",\"description\":\"Payment system ID.\"}},\"createdAt\":{\"type\":\"string\",\"format\":\"date-time\",\"description\":\"Date and time when the policy rule was created in [ISO 8601 time zone offset format](https://learn.microsoft.com/en-us/rest/api/storageservices/formatting-datetime-values), as in `YYYY-MM-DDThh:mm:ssZ`.\"},\"updatedAt\":{\"type\":\"string\",\"format\":\"date-time\",\"description\":\"Date and time when the policy rule was last updated in [ISO 8601 time zone offset format](https://learn.microsoft.com/en-us/rest/api/storageservices/formatting-datetime-values), as in `YYYY-MM-DDThh:mm:ssZ`.\"}}}\n\n// Validate if response matches JSON schema \npm.test(\"[PUT]::/api/payment-configuration-service/policy-rules/:id - Schema is valid\", function() {\n pm.response.to.have.jsonSchema(schema,{unknownFormats: [\"int32\", \"int64\", \"float\", \"double\"]});\n});\n" + ] + } + } + ], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "c1c64832-5141-46b7-a3ac-d34bb0e7ec2c", + "name": "Update policy rule partially", + "request": { + "name": "Update policy rule partially", + "description": { + "content": "Updates one or more fields of a payment policy rule for the VTEX account informed in the `an` query parameter.\r\n\r\n> ⚠️ This feature is in closed beta, meaning only specific customers can access it now. If you want to implement it in the future, please contact [our Support](https://support.vtex.com/hc/en-us/).\r\n\r\n## Permissions\r\n\r\nAny user or [API key](https://developers.vtex.com/docs/guides/authentication-overview#api-keys) must have at least one of the appropriate [License Manager resources](https://help.vtex.com/en/tutorial/license-manager-resources--3q6ztrC8YynQf6rdc6euk3) to be able to successfully run this request. Otherwise, they will receive a status code `403` error. These are the applicable resources for this endpoint:\r\n\r\n| **Product** | **Category** | **Resource** |\r\n| --------------- | ----------------- | ----------------- |\r\n| Payments | Payment Policies | **ManageStore** |\r\n\r\nThere are no applicable [predefined roles](https://help.vtex.com/en/tutorial/predefined-roles--jGDurZKJHvHJS13LnO7Dy) for this resource list. You must [create a custom role](https://help.vtex.com/en/tutorial/roles--7HKK5Uau2H6wxE1rH5oRbc#creating-a-role) and add at least one of the resources above in order to use this endpoint.\r\n\r\nTo learn more about machine authentication at VTEX, see [Authentication overview](https://developers.vtex.com/docs/guides/authentication-overview#machine-authentication).\r\n\r\n>❗ To prevent integrations from having excessive permissions, consider the [best practices for managing API keys](https://help.vtex.com/en/tutorial/best-practices-api-keys--7b6nD1VMHa49aI5brlOvJm) when assigning License Manager roles to integrations.", + "type": "text/plain" + }, + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [ + { + "disabled": false, + "description": { + "content": "(Required) Unique identifier of the policy rule.", + "type": "text/plain" + }, + "type": "any", + "value": "urn:uuid:f42cc30d-fc70-2790-f480-02d5baa0249e", + "key": "id" + } + ] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "{\n \"priority\": 50,\n \"paymentSystems\": [\n 100,\n 200\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "dbf8651a-2b23-4c57-bb4a-14b633bf3b76", + "name": "OK", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "{\n \"priority\": 50,\n \"paymentSystems\": [\n 100,\n 200\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"3fa85f64-5717-4562-b3fc-2c963f66afa6\",\n \"accountName\": \"cosmetics2\",\n \"name\": \"Exclude EBT for collection 139 in NY\",\n \"expression\": {\n \"and\": [\n {\n \"in\": [\n 139,\n {\n \"var\": \"collectionIds\"\n }\n ]\n },\n {\n \"==\": [\n {\n \"var\": \"shippingState\"\n },\n \"NY\"\n ]\n }\n ]\n },\n \"enabled\": false,\n \"priority\": 50,\n \"action\": \"Exclude\",\n \"paymentSystems\": [\n 100,\n 200\n ],\n \"createdAt\": \"2026-04-01T10:00:00Z\",\n \"updatedAt\": \"2026-04-01T11:00:00Z\"\n}", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "d943b4d5-c51f-475b-bad0-2503a30cf0d3", + "name": "Bad Request", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "{\n \"priority\": 50,\n \"paymentSystems\": [\n 100,\n 200\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"Invalid JSONLogic expression, malformed request body, or policy rule limit exceeded.\"\n}", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "91f81889-a98f-494c-a4b1-d8dfc36870ba", + "name": "Unauthorized", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "{\n \"priority\": 50,\n \"paymentSystems\": [\n 100,\n 200\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"Missing or invalid credentials.\"\n}", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "657ce510-2060-4205-b02e-56dd6e07b342", + "name": "Forbidden", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "{\n \"priority\": 50,\n \"paymentSystems\": [\n 100,\n 200\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"The user or API key does not have the required permission.\"\n}", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "6adc9166-8278-4ce2-aa49-65ad12a55bc8", + "name": "Not Found", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "{\n \"priority\": 50,\n \"paymentSystems\": [\n 100,\n 200\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"Policy rule not found for the account.\"\n}", + "cookie": [] + } + ], + "event": [ + { + "listen": "test", + "script": { + "id": "9f554bcf-1d69-49a1-8493-8069a4a9f170", + "type": "text/javascript", + "exec": [ + "// Validate status 2xx \npm.test(\"[PATCH]::/api/payment-configuration-service/policy-rules/:id - Status code is 2xx\", function () {\n pm.response.to.be.success;\n});\n", + "// Validate if response header has matching content-type\npm.test(\"[PATCH]::/api/payment-configuration-service/policy-rules/:id - Content-Type is application/json\", function () {\n pm.expect(pm.response.headers.get(\"Content-Type\")).to.include(\"application/json\");\n});\n", + "// Validate if response has JSON Body \npm.test(\"[PATCH]::/api/payment-configuration-service/policy-rules/:id - Response has JSON Body\", function () {\n pm.response.to.have.jsonBody();\n});\n", + "// Response Validation\nconst schema = {\"type\":\"object\",\"description\":\"Payment policy rule returned by the API.\",\"required\":[\"id\",\"accountName\",\"name\",\"expression\",\"enabled\",\"priority\",\"action\",\"paymentSystems\",\"createdAt\",\"updatedAt\"],\"properties\":{\"id\":{\"type\":\"string\",\"format\":\"uuid\",\"description\":\"Unique identifier of the policy rule.\"},\"accountName\":{\"type\":\"string\",\"description\":\"VTEX account that owns the policy rule.\"},\"name\":{\"type\":\"string\",\"description\":\"Policy rule name.\"},\"expression\":{\"type\":\"object\",\"description\":\"JSONLogic expression evaluated against item context. Currently supports `and`, `or`, `==`, and `in`, with `collectionIds` and `shippingState` as available variables.\",\"additionalProperties\":true},\"enabled\":{\"type\":\"boolean\",\"description\":\"Indicates whether the policy rule is active.\"},\"priority\":{\"type\":\"integer\",\"format\":\"int32\",\"description\":\"Rule priority. Lower values have higher precedence when conflicting rules match the same item.\"},\"action\":{\"type\":\"string\",\"description\":\"Action applied to the payment systems when the rule expression matches.\",\"enum\":[\"Include\",\"Exclude\"]},\"paymentSystems\":{\"type\":\"array\",\"description\":\"Payment system IDs affected by the rule.\",\"items\":{\"type\":\"integer\",\"format\":\"int32\",\"description\":\"Payment system ID.\"}},\"createdAt\":{\"type\":\"string\",\"format\":\"date-time\",\"description\":\"Date and time when the policy rule was created in [ISO 8601 time zone offset format](https://learn.microsoft.com/en-us/rest/api/storageservices/formatting-datetime-values), as in `YYYY-MM-DDThh:mm:ssZ`.\"},\"updatedAt\":{\"type\":\"string\",\"format\":\"date-time\",\"description\":\"Date and time when the policy rule was last updated in [ISO 8601 time zone offset format](https://learn.microsoft.com/en-us/rest/api/storageservices/formatting-datetime-values), as in `YYYY-MM-DDThh:mm:ssZ`.\"}}}\n\n// Validate if response matches JSON schema \npm.test(\"[PATCH]::/api/payment-configuration-service/policy-rules/:id - Schema is valid\", function() {\n pm.response.to.have.jsonSchema(schema,{unknownFormats: [\"int32\", \"int64\", \"float\", \"double\"]});\n});\n" + ] + } + } + ], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "4fa1f5b0-ad82-4b3a-bfe5-507720916330", + "name": "Delete policy rule", + "request": { + "name": "Delete policy rule", + "description": { + "content": "Deletes a payment policy rule for the VTEX account informed in the `an` query parameter.\r\n\r\n> ⚠️ This feature is in closed beta, meaning only specific customers can access it now. If you want to implement it in the future, please contact [our Support](https://support.vtex.com/hc/en-us/).\r\n\r\n## Permissions\r\n\r\nAny user or [API key](https://developers.vtex.com/docs/guides/authentication-overview#api-keys) must have at least one of the appropriate [License Manager resources](https://help.vtex.com/en/tutorial/license-manager-resources--3q6ztrC8YynQf6rdc6euk3) to be able to successfully run this request. Otherwise, they will receive a status code `403` error. These are the applicable resources for this endpoint:\r\n\r\n| **Product** | **Category** | **Resource** |\r\n| --------------- | ----------------- | ----------------- |\r\n| Payments | Payment Policies | **ManageStore** |\r\n\r\nThere are no applicable [predefined roles](https://help.vtex.com/en/tutorial/predefined-roles--jGDurZKJHvHJS13LnO7Dy) for this resource list. You must [create a custom role](https://help.vtex.com/en/tutorial/roles--7HKK5Uau2H6wxE1rH5oRbc#creating-a-role) and add at least one of the resources above in order to use this endpoint.\r\n\r\nTo learn more about machine authentication at VTEX, see [Authentication overview](https://developers.vtex.com/docs/guides/authentication-overview#machine-authentication).\r\n\r\n>❗ To prevent integrations from having excessive permissions, consider the [best practices for managing API keys](https://help.vtex.com/en/tutorial/best-practices-api-keys--7b6nD1VMHa49aI5brlOvJm) when assigning License Manager roles to integrations.", + "type": "text/plain" + }, + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [ + { + "disabled": false, + "description": { + "content": "(Required) Unique identifier of the policy rule.", + "type": "text/plain" + }, + "type": "any", + "value": "urn:uuid:f42cc30d-fc70-2790-f480-02d5baa0249e", + "key": "id" + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "_": { + "postman_previewlanguage": "text" + }, + "id": "28591d64-6731-4d27-bcea-71cb19b09dbb", + "name": "No Content", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "73fbc49f-1693-46b6-a9ba-7548c9f0da1c", + "name": "Unauthorized", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"Missing or invalid credentials.\"\n}", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "cedae0bc-2d95-4c75-9d51-f95dce55d831", + "name": "Forbidden", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"The user or API key does not have the required permission.\"\n}", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "f4d1231e-a062-4a71-a827-3226567fe726", + "name": "Not Found", + "originalRequest": { + "url": { + "path": [ + "api", + "payment-configuration-service", + "policy-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"Policy rule not found for the account.\"\n}", + "cookie": [] + } + ], + "event": [ + { + "listen": "test", + "script": { + "id": "83c076e2-17fd-48ab-a2ac-9f528f98120e", + "type": "text/javascript", + "exec": [ + "// Validate status 2xx \npm.test(\"[DELETE]::/api/payment-configuration-service/policy-rules/:id - Status code is 2xx\", function () {\n pm.response.to.be.success;\n});\n", + "// Validate if response has empty Body \npm.test(\"[DELETE]::/api/payment-configuration-service/policy-rules/:id - Response has empty Body\", function () {\n pm.response.to.not.be.withBody;\n});\n" + ] + } + } + ], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ], + "event": [] + }, + { + "id": "440feb01-fa06-4360-a0d8-5d432bcf0f36", + "name": "Payment policy evaluation", + "description": { + "content": "", + "type": "text/plain" + }, + "item": [ + { + "id": "ae588a57-33c9-4567-a125-62ed7918fe0b", + "name": "Evaluate payment policies", + "request": { + "name": "Evaluate payment policies", + "description": { + "content": "Evaluates active payment policy rules against cart item context and returns payment systems available for each item. Payment systems not mentioned in any matching rule remain available by default.\r\n\r\n> ⚠️ This feature is in closed beta, meaning only specific customers can access it now. If you want to implement it in the future, please contact [our Support](https://support.vtex.com/hc/en-us/).\r\n\r\n## Permissions\r\n\r\nAny user or [API key](https://developers.vtex.com/docs/guides/authentication-overview#api-keys) must have at least one of the appropriate [License Manager resources](https://help.vtex.com/en/tutorial/license-manager-resources--3q6ztrC8YynQf6rdc6euk3) to be able to successfully run this request. Otherwise, they will receive a status code `403` error. These are the applicable resources for this endpoint:\r\n\r\n| **Product** | **Category** | **Resource** |\r\n| --------------- | ----------------- | ----------------- |\r\n| Payments | Payment Policies | **ViewPayments** |\r\n\r\nThere are no applicable [predefined roles](https://help.vtex.com/en/tutorial/predefined-roles--jGDurZKJHvHJS13LnO7Dy) for this resource list. You must [create a custom role](https://help.vtex.com/en/tutorial/roles--7HKK5Uau2H6wxE1rH5oRbc#creating-a-role) and add at least one of the resources above in order to use this endpoint.\r\n\r\nTo learn more about machine authentication at VTEX, see [Authentication overview](https://developers.vtex.com/docs/guides/authentication-overview#machine-authentication).\r\n\r\n>❗ To prevent integrations from having excessive permissions, consider the [best practices for managing API keys](https://help.vtex.com/en/tutorial/best-practices-api-keys--7b6nD1VMHa49aI5brlOvJm) when assigning License Manager roles to integrations.", + "type": "text/plain" + }, + "url": { + "path": [ + "api", + "pvt", + "payment-systems", + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"items\": [\n {\n \"id\": \"sku-01\",\n \"collectionIds\": [\n 139,\n 45\n ],\n \"shippingData\": {\n \"state\": \"NY\"\n }\n },\n {\n \"id\": \"sku-02\",\n \"collectionIds\": [\n 200\n ],\n \"shippingData\": {\n \"state\": \"NY\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "04887e31-7894-45f1-8b7b-c9a72016bc44", + "name": "OK", + "originalRequest": { + "url": { + "path": [ + "api", + "pvt", + "payment-systems", + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"items\": [\n {\n \"id\": \"sku-01\",\n \"collectionIds\": [\n 139,\n 45\n ],\n \"shippingData\": {\n \"state\": \"NY\"\n }\n },\n {\n \"id\": \"sku-02\",\n \"collectionIds\": [\n 200\n ],\n \"shippingData\": {\n \"state\": \"NY\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"paymentSystemAssignments\": [\n {\n \"paymentSystem\": 1,\n \"itemIds\": [\n \"sku-01\",\n \"sku-02\"\n ]\n },\n {\n \"paymentSystem\": 4,\n \"itemIds\": [\n \"sku-01\",\n \"sku-02\"\n ]\n },\n {\n \"paymentSystem\": 100,\n \"itemIds\": [\n \"sku-02\"\n ]\n }\n ],\n \"paymentSystemDefinitions\": [\n {\n \"id\": 1,\n \"name\": \"Debit Card\",\n \"groupName\": \"debitCard\"\n },\n {\n \"id\": 4,\n \"name\": \"Mastercard\",\n \"groupName\": \"creditCard\"\n },\n {\n \"id\": 100,\n \"name\": \"EBT Card\",\n \"groupName\": \"ebt\"\n }\n ]\n}", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "a0d5ae63-0165-48a6-8c0b-e562a14d63f9", + "name": "Bad Request", + "originalRequest": { + "url": { + "path": [ + "api", + "pvt", + "payment-systems", + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"items\": [\n {\n \"id\": \"sku-01\",\n \"collectionIds\": [\n 139,\n 45\n ],\n \"shippingData\": {\n \"state\": \"NY\"\n }\n },\n {\n \"id\": \"sku-02\",\n \"collectionIds\": [\n 200\n ],\n \"shippingData\": {\n \"state\": \"NY\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"Invalid JSONLogic expression, malformed request body, or policy rule limit exceeded.\"\n}", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "be9db25d-c998-4081-9960-7b4c369254e7", + "name": "Unauthorized", + "originalRequest": { + "url": { + "path": [ + "api", + "pvt", + "payment-systems", + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"items\": [\n {\n \"id\": \"sku-01\",\n \"collectionIds\": [\n 139,\n 45\n ],\n \"shippingData\": {\n \"state\": \"NY\"\n }\n },\n {\n \"id\": \"sku-02\",\n \"collectionIds\": [\n 200\n ],\n \"shippingData\": {\n \"state\": \"NY\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"Missing or invalid credentials.\"\n}", + "cookie": [] + }, + { + "_": { + "postman_previewlanguage": "json" + }, + "id": "d05c58f3-0076-4fe2-ad87-e81417f80d77", + "name": "Forbidden", + "originalRequest": { + "url": { + "path": [ + "api", + "pvt", + "payment-systems", + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": false, + "description": { + "content": "(Required) Name of the VTEX account whose payment policies should be created, retrieved, updated, deleted, or evaluated.", + "type": "text/plain" + }, + "key": "an", + "value": "cosmetics2" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": false, + "description": { + "content": "(Required) Type of the content being sent.", + "type": "text/plain" + }, + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": false, + "description": { + "content": "(Required) HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "type": "text/plain" + }, + "key": "Accept", + "value": "application/json" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: apikey", + "type": "text/plain" + }, + "key": "X-VTEX-API-AppKey", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"items\": [\n {\n \"id\": \"sku-01\",\n \"collectionIds\": [\n 139,\n 45\n ],\n \"shippingData\": {\n \"state\": \"NY\"\n }\n },\n {\n \"id\": \"sku-02\",\n \"collectionIds\": [\n 200\n ],\n \"shippingData\": {\n \"state\": \"NY\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"The user or API key does not have the required permission.\"\n}", + "cookie": [] + } + ], + "event": [ + { + "listen": "test", + "script": { + "id": "64a78111-922e-48af-be81-3b654c42cab0", + "type": "text/javascript", + "exec": [ + "// Validate status 2xx \npm.test(\"[POST]::/api/pvt/payment-systems/search - Status code is 2xx\", function () {\n pm.response.to.be.success;\n});\n", + "// Validate if response header has matching content-type\npm.test(\"[POST]::/api/pvt/payment-systems/search - Content-Type is application/json\", function () {\n pm.expect(pm.response.headers.get(\"Content-Type\")).to.include(\"application/json\");\n});\n", + "// Validate if response has JSON Body \npm.test(\"[POST]::/api/pvt/payment-systems/search - Response has JSON Body\", function () {\n pm.response.to.have.jsonBody();\n});\n", + "// Response Validation\nconst schema = {\"type\":\"object\",\"description\":\"Payment policy evaluation result returned by the Payment Information Service.\",\"required\":[\"paymentSystemAssignments\",\"paymentSystemDefinitions\"],\"properties\":{\"paymentSystemAssignments\":{\"type\":\"array\",\"description\":\"Relationship between payment systems and the item IDs for which each payment system is available.\",\"items\":{\"type\":\"object\",\"description\":\"Payment system availability for one or more items.\",\"required\":[\"paymentSystem\",\"itemIds\"],\"properties\":{\"paymentSystem\":{\"type\":\"integer\",\"format\":\"int32\",\"description\":\"Payment system ID.\"},\"itemIds\":{\"type\":\"array\",\"description\":\"Item IDs for which the payment system is available.\",\"items\":{\"type\":\"string\",\"description\":\"Item ID.\"}}}}},\"paymentSystemDefinitions\":{\"type\":\"array\",\"description\":\"Payment system metadata for the payment systems returned in the assignments.\",\"items\":{\"type\":\"object\",\"description\":\"Payment system metadata.\",\"required\":[\"id\",\"name\",\"groupName\"],\"properties\":{\"id\":{\"type\":\"integer\",\"format\":\"int32\",\"description\":\"Payment system ID.\"},\"name\":{\"type\":\"string\",\"description\":\"Payment system display name.\"},\"groupName\":{\"type\":\"string\",\"description\":\"Payment system group name.\"}}}}}}\n\n// Validate if response matches JSON schema \npm.test(\"[POST]::/api/pvt/payment-systems/search - Schema is valid\", function() {\n pm.response.to.have.jsonSchema(schema,{unknownFormats: [\"int32\", \"int64\", \"float\", \"double\"]});\n});\n" + ] + } + } + ], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ], + "event": [] + } + ], + "auth": { + "type": "apikey", + "apikey": [ + { + "type": "any", + "value": "X-VTEX-API-AppKey", + "key": "key" + }, + { + "type": "any", + "value": "{{apiKey}}", + "key": "value" + }, + { + "type": "any", + "value": "header", + "key": "in" + } + ] + }, + "event": [], + "variable": [ + { + "type": "any", + "value": "vtexcommercestable", + "key": "environment" + }, + { + "type": "any", + "value": "https://pcs.{{environment}}.com.br", + "key": "baseUrl" + } + ], + "info": { + "_postman_id": "f87aadb6-0651-43d1-8608-ad36d16e160d", + "name": "Payment Policies API", + "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json", + "description": { + "content": "The Payment Policies API allows VTEX merchants to configure rules that include or exclude payment systems for specific cart items. The Payment Configuration Service (PCS) stores policy rules, while the Payment Information Service (PIS) evaluates those rules during checkout and returns the payment systems available for each item.\r\n\r\n> ⚠️ This feature is in closed beta, meaning only specific customers can access it now. If you want to implement it in the future, please contact [our Support](https://support.vtex.com/hc/en-us/).\r\n\r\n## Index\r\n\r\n### Payment policy rules\r\n\r\n- `POST` [Create policy rule](https://developers.vtex.com/docs/api-reference/payment-policies-api#post-/api/payment-configuration-service/policy-rules)\r\n- `GET` [List policy rules](https://developers.vtex.com/docs/api-reference/payment-policies-api#get-/api/payment-configuration-service/policy-rules)\r\n- `GET` [Get policy rule by ID](https://developers.vtex.com/docs/api-reference/payment-policies-api#get-/api/payment-configuration-service/policy-rules/-id-)\r\n- `PUT` [Update policy rule](https://developers.vtex.com/docs/api-reference/payment-policies-api#put-/api/payment-configuration-service/policy-rules/-id-)\r\n- `PATCH` [Update policy rule partially](https://developers.vtex.com/docs/api-reference/payment-policies-api#patch-/api/payment-configuration-service/policy-rules/-id-)\r\n- `DELETE` [Delete policy rule](https://developers.vtex.com/docs/api-reference/payment-policies-api#delete-/api/payment-configuration-service/policy-rules/-id-)\r\n\r\n### Payment policy evaluation\r\n\r\n- `POST` [Evaluate payment policies](https://developers.vtex.com/docs/api-reference/payment-policies-api#post-/api/pvt/payment-systems/search)\r\n\r\n## Rule engine\r\n\r\n> ℹ️ Currently the Payment policies feature supports `and`, `or`, `==`, and `in` operators, with a limit of 500 operators per expression. Available context variables are `collectionIds`, containing the collection IDs associated with the item, and `shippingState`, containing the delivery state code.", + "type": "text/plain" + } + } +} \ No newline at end of file diff --git a/PostmanCollections/VTEX - Payment Provider Protocol.json b/PostmanCollections/VTEX - Payment Provider Protocol.json index 6671ee708..b33387ded 100644 --- a/PostmanCollections/VTEX - Payment Provider Protocol.json +++ b/PostmanCollections/VTEX - Payment Provider Protocol.json @@ -1,10 +1,10 @@ { "_": { - "postman_id": "ea0c0b2a-83d2-4ce0-ae41-d02033689827" + "postman_id": "887d88da-926b-4f59-a4b1-d0970283c8d1" }, "item": [ { - "id": "6fc4c158-6e7f-4e1f-a09c-998dbdf94cb4", + "id": "31853ffb-f70d-4a25-af82-279d7fcea7dc", "name": "Payment Flow", "description": { "content": "", @@ -12,12 +12,12 @@ }, "item": [ { - "id": "4970eb22-748e-4493-892c-8c53090e5017", + "id": "88ad60b0-b0ab-4359-8a05-c41b3dfb7bba", "name": "List Payment Provider Manifest", "request": { "name": "List Payment Provider Manifest", "description": { - "content": "Exposes the provider manifest, including metadata settings such as payment methods, split configuration, and custom fields.\r\n\r\n> ℹ️ This request is made from VTEX to the payment provider.\r\n\r\n## Available payment methods\r\n\r\n\r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n
Payment MethodTypeCountry
VisaCredit CardGlobal
MastercardCredit CardGlobal
American ExpressCredit CardGlobal
DiscoverCredit CardGlobal
JCBCredit CardGlobal
DinersCredit CardGlobal
EloCredit CardBrazil
HipercardCredit CardBrazil
AuraCredit CardBrazil
BanricomprasCredit CardBrazil
CredzCredit CardBrazil
CabalCredit CardArgentina, Brazil, Uruguay, Paraguay
Cartes Bancaires (CB)Credit CardFrance
VirtualDebitEloDebit CardBrazil
Visa ElectronDebit CardGlobal
MaestroDebit CardGlobal
Mastercard DebitDebit CardGlobal
Débito OnlineDebit CardBrazil
CobrandedCardGlobal
PrivatelabelsCardGlobal
Apple PayDigital WalletGlobal
Google PayDigital WalletGlobal
PromissoriesGenericGlobal
CashGenericGlobal
PixOnline TransferBrazil
SafetypayOnline TransferAmericas and Europe
BankInvoiceOffline/VoucherBrazil (Boleto Bancário)
FichaDepositoOffline/VoucherMexico
RapipagoOffline/VoucherArgentina
OXXOOffline/VoucherMexico
VoucherOffline/VoucherMexico
BitcoinCryptocurrencyGlobal
Venda Direta CreditoCredit Card (Physical)Global
Venda Direta DebitoDebit Card (Physical)Global
\r\n\r\n## Permissions\r\n\r\nCheck with your service provider to know what permissions are needed.", + "content": "Exposes the provider manifest, including metadata settings such as payment methods, split configuration, and custom fields.\r\n\r\n> ℹ️ This request is made from VTEX to the payment provider.\r\n\r\n## Available payment methods\r\n\r\n| Payment Method | Type | Country |\r\n|---|---|---|\r\n| `Visa` | Credit Card | Global |\r\n| `Mastercard` | Credit Card | Global |\r\n| `American Express` | Credit Card | Global |\r\n| `Discover` | Credit Card | Global |\r\n| `JCB` | Credit Card | Global |\r\n| `Diners` | Credit Card | Global |\r\n| `Elo` | Credit Card | Brazil |\r\n| `Hipercard` | Credit Card | Brazil |\r\n| `Aura` | Credit Card | Brazil |\r\n| `Banricompras` | Credit Card | Brazil |\r\n| `Credz` | Credit Card | Brazil |\r\n| `Cabal` | Credit Card | Argentina, Brazil, Uruguay, Paraguay |\r\n| `Patagonia 365` | Credit Card | Argentina |\r\n| `Cartes Bancaires (CB)` | Credit Card | France |\r\n| `VirtualDebitElo` | Debit Card | Brazil |\r\n| `Visa Electron` | Debit Card | Global |\r\n| `Maestro` | Debit Card | Global |\r\n| `Mastercard Debit` | Debit Card | Global |\r\n| `Débito Online` | Debit Card | Brazil |\r\n| `Cobranded` | Card | Global |\r\n| `Privatelabels` | Card | Global |\r\n| `Apple Pay` | Digital Wallet | Global |\r\n| `Google Pay` | Digital Wallet | Global |\r\n| `Promissories` | Generic | Global |\r\n| `Cash` | Generic | Global |\r\n| `Pix` | Online Transfer | Brazil |\r\n| `Safetypay` | Online Transfer | Americas and Europe |\r\n| `BankInvoice` | Offline/Voucher | Brazil (Boleto Bancário) |\r\n| `FichaDeposito` | Offline/Voucher | Mexico |\r\n| `Rapipago` | Offline/Voucher | Argentina |\r\n| `OXXO` | Offline/Voucher | Mexico |\r\n| `Voucher` | Offline/Voucher | Mexico |\r\n| `Bitcoin` | Cryptocurrency | Global |\r\n| `Venda Direta Credito` | Credit Card (Physical) | Global |\r\n| `Venda Direta Debito` | Debit Card (Physical) | Global | \r\n\r\n## Permissions\r\n\r\nCheck with your service provider to know what permissions are needed.", "type": "text/plain" }, "url": { @@ -62,7 +62,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "e1db3580-f3cc-4a0c-9dac-63b827095b50", + "id": "40b93487-0498-40e0-b5fc-f4d8e233894f", "name": "OK", "originalRequest": { "url": { @@ -118,7 +118,7 @@ { "listen": "test", "script": { - "id": "a326b210-561b-4e5b-904b-f060f4032677", + "id": "bf2227d5-5696-43f0-9ef4-256b9d47834e", "type": "text/javascript", "exec": [ "// Validate status 2xx \npm.test(\"[GET]::/manifest - Status code is 2xx\", function () {\n pm.response.to.be.success;\n});\n", @@ -134,7 +134,7 @@ } }, { - "id": "10d47943-894c-4e54-a302-831f0fd4575d", + "id": "5f180bbe-b5a9-40b6-ab6a-a1f010d771c2", "name": "Create payment", "request": { "name": "Create payment", @@ -235,7 +235,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "249892a4-73e9-495e-8d78-1ffd0ba2ceb9", + "id": "bbb877b2-d2ed-420b-9acb-1bc671de5e5d", "name": "Success", "originalRequest": { "url": { @@ -329,7 +329,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "499233a1-e155-40b2-8dee-85c5ee79f672", + "id": "38d20f08-ef26-4a4c-b039-66b541bafdd7", "name": "Success - PIX", "originalRequest": { "url": { @@ -423,7 +423,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "8323a971-b4e7-4fe8-aaee-1fe7cdcf9529", + "id": "afe6ebdd-d6d4-41c4-8060-1935b7ec45d3", "name": "Success - Credit Card", "originalRequest": { "url": { @@ -517,7 +517,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "facd9929-ddc4-44da-8a2a-4187ec6ea79b", + "id": "1ea3059b-749b-4a6c-b461-122a8c225ab6", "name": "Success - Bank invoice", "originalRequest": { "url": { @@ -611,7 +611,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "6cb632b1-1f68-4a6c-a42b-dced52354c64", + "id": "488c69cb-9056-4f57-ac12-1ee70e1fca22", "name": "Success - Payment App", "originalRequest": { "url": { @@ -705,7 +705,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "c133e0b9-841a-4fb0-b29a-621d02d15f6e", + "id": "002fffdb-88fb-409b-8423-7bf2b591f2e9", "name": "Success - Redirect", "originalRequest": { "url": { @@ -799,7 +799,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "ebc5aa9c-66bc-4be4-9593-0f0f3f2a106d", + "id": "eb1bc5e7-e759-4bca-a72b-30c40fe83079", "name": "Success - Callback", "originalRequest": { "url": { @@ -893,7 +893,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "0a96eb7d-9489-4e63-a1a0-972a9543e33a", + "id": "a4285272-86a8-4ac9-be00-23072f2c4ab3", "name": "Redirect Success Undefined", "originalRequest": { "url": { @@ -987,7 +987,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "e8c2e966-2c15-4ab0-be2a-e8043f47a444", + "id": "b97cfcaf-faf5-4847-988e-eb63114dce8d", "name": "Redirect Success Approved", "originalRequest": { "url": { @@ -1081,7 +1081,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "2e339be3-d2e1-43b0-abd1-29a644493a1c", + "id": "9bf42827-6e2d-4b8a-8376-c6826d6f00e5", "name": "Fail Generic Error", "originalRequest": { "url": { @@ -1175,7 +1175,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "47eac0d5-710c-4774-a383-59439ab68be1", + "id": "c6ca98b5-abde-4a4f-b7fd-43abf70ab599", "name": "Fail Bad Request", "originalRequest": { "url": { @@ -1269,7 +1269,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "c99ba60e-64b7-4056-8a65-c61a1cbe365e", + "id": "3767ec00-3839-4c86-bedf-37baaee72571", "name": "Credit Card Success Approved", "originalRequest": { "url": { @@ -1363,7 +1363,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "647ae114-cf92-4ef5-b3c0-f8b53b7d2f8a", + "id": "715ef7ab-37a3-42b6-a917-585760833fa7", "name": "Pix Success Approved", "originalRequest": { "url": { @@ -1457,7 +1457,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "c633287a-5a9b-481d-a12b-3dc1e8610667", + "id": "386d9581-ba18-4429-ae7f-53bec64bee64", "name": "Success Undefined", "originalRequest": { "url": { @@ -1551,7 +1551,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "6cd0f2b6-efe1-4386-8c3a-fb0b6eaf0b33", + "id": "20cd6ad8-273b-4921-978e-60902bb19463", "name": "BankInvoice Success Undefined", "originalRequest": { "url": { @@ -1645,7 +1645,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "7fa9f9c8-00f1-4870-b2a7-8daaf7b4e0e5", + "id": "44ceafe5-ddf6-4581-a0a1-e454f6d2a543", "name": "Success Denied", "originalRequest": { "url": { @@ -1739,7 +1739,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "d8d7e08f-4616-4f3e-a7b4-b885aac3e484", + "id": "25e02e6f-0760-4032-9d46-81015e258e05", "name": "BankInvoice Success Approved", "originalRequest": { "url": { @@ -1833,7 +1833,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "acc9d2e6-72d1-49ba-87fb-749e539df38f", + "id": "f647b520-129d-40f7-a347-139293a539bb", "name": "Payment App + Inbound Request Success Undefined", "originalRequest": { "url": { @@ -1927,7 +1927,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "7c04de29-e4b1-43bb-b305-6c8955f16da8", + "id": "32a41b0c-b5b6-461b-a588-854e7a22cb59", "name": "Redirect Success Undefined", "originalRequest": { "url": { @@ -2021,7 +2021,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "03d3bb9d-0722-4aee-b66e-9544d8ead777", + "id": "6f255aaa-9bb6-42e4-adec-817e61c3a0e3", "name": "Redirect Success Approved", "originalRequest": { "url": { @@ -2115,7 +2115,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "10ed5d26-448c-4489-9017-064ab9844216", + "id": "470edf6b-505c-48f5-bafb-47dcde4b74c8", "name": "Fail Generic Error", "originalRequest": { "url": { @@ -2209,7 +2209,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "77a36466-2bfe-4ec6-a6e0-7c9edfc8e9e4", + "id": "a4aed752-7af2-48b3-8a1c-7f368737ad54", "name": "Fail Bad Request", "originalRequest": { "url": { @@ -2303,7 +2303,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "5f8e404d-6048-4640-a418-4361558fbe2d", + "id": "e49fec1a-c256-47f1-8231-a0a019aaf4e6", "name": "Credit Card Success Approved", "originalRequest": { "url": { @@ -2397,7 +2397,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "15b64815-60ce-4c42-9843-8cd4b5a38e27", + "id": "939bb91a-92aa-476a-9917-3ddcfed77139", "name": "Pix Success Approved", "originalRequest": { "url": { @@ -2491,7 +2491,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "efc1884f-5560-4ab3-b2bd-1e8b24ac529b", + "id": "42140477-1460-4489-ac39-57c86a63e684", "name": "Success Undefined", "originalRequest": { "url": { @@ -2585,7 +2585,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "f463e0f7-e754-43bb-8f15-ef24e22ab381", + "id": "7e2c7c33-aa3b-43df-8ba4-5186609ac5f8", "name": "BankInvoice Success Undefined", "originalRequest": { "url": { @@ -2679,7 +2679,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "8c42edcc-8898-4c24-b67e-4f2e1f96be8a", + "id": "644e6014-1aef-4f1e-9aff-ecb14b757014", "name": "Success Denied", "originalRequest": { "url": { @@ -2773,7 +2773,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "91bba79e-d8fc-4d31-bf6f-8241845d0aef", + "id": "fe79cd03-6b7d-4ecc-a45c-6c91e29ab3bc", "name": "BankInvoice Success Approved", "originalRequest": { "url": { @@ -2867,7 +2867,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "3215ac2a-c155-483b-9062-d509e2ce4458", + "id": "b111e045-7b11-4a36-b9fc-8c3f01b95078", "name": "Payment App + Inbound Request Success Undefined", "originalRequest": { "url": { @@ -2961,7 +2961,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "c04dcce3-a022-47a0-bbcd-58a3f4a37f83", + "id": "9a79c61e-5b30-425b-beda-41dd44c289ea", "name": "Redirect Success Undefined", "originalRequest": { "url": { @@ -3055,7 +3055,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "ff3ee7c7-8129-45c1-b681-f6c5c174bba7", + "id": "e60c3743-25c1-4d8b-b7b4-9f2b968f7976", "name": "Redirect Success Approved", "originalRequest": { "url": { @@ -3149,7 +3149,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "a80d6b0f-d4f4-4ce9-8157-6c0ce7bc31e7", + "id": "1570163a-cf2f-47ce-b949-92f896234aba", "name": "Fail Generic Error", "originalRequest": { "url": { @@ -3243,7 +3243,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "96d076db-e111-4f0b-b3d8-79eb100a6205", + "id": "5d3dee2c-0b59-43ea-b1e6-6dd4536126a9", "name": "Fail Bad Request", "originalRequest": { "url": { @@ -3338,7 +3338,7 @@ { "listen": "test", "script": { - "id": "473c8c4d-df29-4110-8c61-2eada75aa248", + "id": "2a2dec23-4c14-4352-94bf-bf5077e555e7", "type": "text/javascript", "exec": [ "// Validate status 2xx \npm.test(\"[POST]::/payments - Status code is 2xx\", function () {\n pm.response.to.be.success;\n});\n", @@ -3354,7 +3354,7 @@ } }, { - "id": "31e41994-1df8-4e6e-a2d1-f3d101cd9e49", + "id": "3dbc407d-7b5c-4f2f-bb6f-6450cd4ba76d", "name": "Cancel payment", "request": { "name": "Cancel payment", @@ -3468,7 +3468,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "20cd6ff2-4b2a-446a-8529-5fbb304d2e1f", + "id": "a82d7112-e9ec-405e-86b9-95ba815573e2", "name": "OK", "originalRequest": { "url": { @@ -3564,7 +3564,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "e5bf9a83-c69d-4377-b1d6-5f6ea676bf88", + "id": "a89eea59-e9dc-417c-bf6f-ae28a4f99cd7", "name": "Internal Server Error", "originalRequest": { "url": { @@ -3660,7 +3660,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "449616a8-4e96-45a5-8fff-68faeaa6186f", + "id": "cfe7590b-7ca4-4510-a725-e9c37d7ca83c", "name": "Not Implemented", "originalRequest": { "url": { @@ -3757,7 +3757,7 @@ { "listen": "test", "script": { - "id": "ef61103f-56b5-452f-adae-340ea6b2d46a", + "id": "7205c11e-37c3-42e7-8cff-e856c789339b", "type": "text/javascript", "exec": [ "// Validate status 2xx \npm.test(\"[POST]::/payments/:paymentId/cancellations - Status code is 2xx\", function () {\n pm.response.to.be.success;\n});\n", @@ -3773,7 +3773,7 @@ } }, { - "id": "5378ff2e-fc5b-4e8b-84d8-3bef1ddbe82e", + "id": "12371b9a-609d-483a-b8c9-0c57e6e5ced1", "name": "Settle payment", "request": { "name": "Settle payment", @@ -3887,7 +3887,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "5875c05b-4fe7-4bad-a2a4-0382018b6bfe", + "id": "79ba53da-99fd-4793-aee0-0a48327d9760", "name": "OK", "originalRequest": { "url": { @@ -3983,7 +3983,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "6a9f8549-fffe-463b-bdfe-9028c130bf65", + "id": "c208cddc-c5fe-40fa-9aed-f125c8df8b42", "name": "Internal Server Error", "originalRequest": { "url": { @@ -4080,7 +4080,7 @@ { "listen": "test", "script": { - "id": "91c1cd5c-8b37-427b-8d70-251946cbb4c3", + "id": "21151e7a-d81d-491b-a5ca-315317a04c74", "type": "text/javascript", "exec": [ "// Validate status 2xx \npm.test(\"[POST]::/payments/:paymentId/settlements - Status code is 2xx\", function () {\n pm.response.to.be.success;\n});\n", @@ -4096,7 +4096,7 @@ } }, { - "id": "aca0502c-9c66-4ff6-bf74-d36e339a8a38", + "id": "9efed36d-88fd-45d2-bb8c-70676813172f", "name": "Refund payment", "request": { "name": "Refund payment", @@ -4210,7 +4210,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "12c081b1-de80-443a-bf91-f48b7e8af601", + "id": "f7604274-fdc7-4de8-8c3d-cf048552cded", "name": "OK", "originalRequest": { "url": { @@ -4306,7 +4306,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "022cedf0-c288-4406-85e6-005ef6413f36", + "id": "f20b7eca-a448-40b4-bd7e-2235e24f7e1e", "name": "Internal Server Error", "originalRequest": { "url": { @@ -4402,7 +4402,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "12a8f892-d762-4003-a784-dcdbd9c13180", + "id": "7b767424-b852-4301-a22d-1deabd333a42", "name": "Not Implemented", "originalRequest": { "url": { @@ -4499,7 +4499,7 @@ { "listen": "test", "script": { - "id": "54a46e33-036a-4b8e-b69b-5bd5d5f6ac80", + "id": "53245d52-fdee-4f1b-b76c-4ca5ec1af67c", "type": "text/javascript", "exec": [ "// Validate status 2xx \npm.test(\"[POST]::/payments/:paymentId/refunds - Status code is 2xx\", function () {\n pm.response.to.be.success;\n});\n", @@ -4515,7 +4515,7 @@ } }, { - "id": "255f5dd5-24fe-4377-82cd-48fa539a7500", + "id": "80abd909-397b-44b9-a424-23e1be64365c", "name": "Inbound request (BETA)", "request": { "name": "Inbound request (BETA)", @@ -4640,7 +4640,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "3b10e89d-cf9a-404d-9db5-da15b08536a4", + "id": "f9275752-00ae-494d-832e-93785c25fffe", "name": "OK", "originalRequest": { "url": { @@ -4738,7 +4738,7 @@ { "listen": "test", "script": { - "id": "5d31efa3-a786-44a8-b587-81d7ed435e20", + "id": "056cd42c-fecc-4ffb-bab1-c9e623200cc3", "type": "text/javascript", "exec": [ "// Validate status 2xx \npm.test(\"[POST]::/payments/:paymentId/inbound/:action - Status code is 2xx\", function () {\n pm.response.to.be.success;\n});\n", @@ -4757,7 +4757,7 @@ "event": [] }, { - "id": "8034e155-12a7-4b43-9dd7-8311b2e1feba", + "id": "a54a445b-afcd-458c-bf73-faf7b0d8866c", "name": "Configuration Flow", "description": { "content": "", @@ -4765,7 +4765,7 @@ }, "item": [ { - "id": "7bd3caa9-27ae-486d-9975-1fcaa701a3b9", + "id": "ca330463-6d9f-43eb-a87a-2f6d92874e22", "name": "Create authorization token", "request": { "name": "Create authorization token", @@ -4867,7 +4867,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "95dd9c8f-4bdf-4a3c-a342-e4412fa3919f", + "id": "04763a83-ce6e-4fcf-b14e-1b67a4e42255", "name": "OK", "originalRequest": { "url": { @@ -4963,7 +4963,7 @@ { "listen": "test", "script": { - "id": "0f7d3f63-e0d2-459c-8f5c-0ef68e74e5f8", + "id": "f55aaedf-2550-478c-9cb9-7e5b50e6783f", "type": "text/javascript", "exec": [ "// Validate status 2xx \npm.test(\"[POST]::/authorization/token - Status code is 2xx\", function () {\n pm.response.to.be.success;\n});\n", @@ -4979,7 +4979,7 @@ } }, { - "id": "88384ada-e62e-4714-b94e-d2c83ef3bc1c", + "id": "090b62a4-c204-486a-ad10-9291422e548a", "name": "Provider authentication", "request": { "name": "Provider authentication", @@ -5083,7 +5083,7 @@ "_": { "postman_previewlanguage": "text" }, - "id": "7e3a3215-de1f-4d7b-8959-cf83a7143b2f", + "id": "aa3b035e-e652-49c1-bfc3-e3f0a0981a92", "name": "OK. This endpoint does not return any data in the response body.", "originalRequest": { "url": { @@ -5175,7 +5175,7 @@ { "listen": "test", "script": { - "id": "68c515e3-a6a5-42b4-bf40-d4a00bf9d910", + "id": "50eb5533-45ff-4754-897c-eca2829a43c4", "type": "text/javascript", "exec": [ "// Validate status 2xx \npm.test(\"[GET]::/authorization/redirect - Status code is 2xx\", function () {\n pm.response.to.be.success;\n});\n" @@ -5188,7 +5188,7 @@ } }, { - "id": "32f583b6-c676-44ff-a570-13a6a9637168", + "id": "ee0d04be-34ed-494b-961d-524aee92c438", "name": "Get credentials", "request": { "name": "Get credentials", @@ -5296,7 +5296,7 @@ "_": { "postman_previewlanguage": "json" }, - "id": "479676d3-f20a-4205-9f12-499a3da8d9e1", + "id": "96c8defd-e555-46ed-806e-7479754b4105", "name": "OK", "originalRequest": { "url": { @@ -5398,7 +5398,7 @@ { "listen": "test", "script": { - "id": "045eddb3-0597-4efe-ab14-3c892f56793f", + "id": "c6517c82-8b6a-4ba6-baee-1e5e0abb2b40", "type": "text/javascript", "exec": [ "// Validate status 2xx \npm.test(\"[GET]::/authorization/credentials - Status code is 2xx\", function () {\n pm.response.to.be.success;\n});\n", @@ -5431,7 +5431,7 @@ } ], "info": { - "_postman_id": "ea0c0b2a-83d2-4ce0-ae41-d02033689827", + "_postman_id": "887d88da-926b-4f59-a4b1-d0970283c8d1", "name": "Payment Provider Protocol API", "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json", "description": { diff --git a/VTEX - Payment Policies API.json b/VTEX - Payment Policies API.json new file mode 100644 index 000000000..79510e1d8 --- /dev/null +++ b/VTEX - Payment Policies API.json @@ -0,0 +1,1046 @@ +{ + "openapi": "3.0.0", + "info": { + "title": "Payment Policies API", + "description": "The Payment Policies API allows VTEX merchants to configure rules that include or exclude payment systems for specific cart items. The Payment Configuration Service (PCS) stores policy rules, while the Payment Information Service (PIS) evaluates those rules during checkout and returns the payment systems available for each item.\r\n\r\n> ⚠️ This feature is in closed beta, meaning only specific customers can access it now. If you want to implement it in the future, please contact [our Support](https://support.vtex.com/hc/en-us/).\r\n\r\n## Index\r\n\r\n### Payment policy rules\r\n\r\n- `POST` [Create policy rule](https://developers.vtex.com/docs/api-reference/payment-policies-api#post-/api/payment-configuration-service/policy-rules)\r\n- `GET` [List policy rules](https://developers.vtex.com/docs/api-reference/payment-policies-api#get-/api/payment-configuration-service/policy-rules)\r\n- `GET` [Get policy rule by ID](https://developers.vtex.com/docs/api-reference/payment-policies-api#get-/api/payment-configuration-service/policy-rules/-id-)\r\n- `PUT` [Update policy rule](https://developers.vtex.com/docs/api-reference/payment-policies-api#put-/api/payment-configuration-service/policy-rules/-id-)\r\n- `DELETE` [Delete policy rule](https://developers.vtex.com/docs/api-reference/payment-policies-api#delete-/api/payment-configuration-service/policy-rules/-id-)\r\n\r\n### Payment policy evaluation\r\n\r\n- `POST` [Evaluate payment policies](https://developers.vtex.com/docs/api-reference/payment-policies-api#post-/api/pvt/payment-systems/search)\r\n\r\n## Rule engine\r\n\r\n> ℹ️ Currently the Payment policies feature supports `and`, `or`, `==`, and `in` operators, with a limit of 500 operators per expression. Available context variables are `collectionIds`, containing the collection IDs associated with the item, and `shippingState`, containing the delivery state code.", + "contact": {}, + "version": "1.0" + }, + "servers": [ + { + "url": "https://{accountName}.pcs.vtexcommercestable.com.br", + "description": "Payment Configuration Service server URL.", + "variables": { + "accountName": { + "description": "Name of the VTEX account. Used as part of the URL.", + "default": "apiexamples" + } + } + }, + { + "url": "https://{accountName}.vtexpayments.com.br", + "description": "Payment Information Service server URL.", + "variables": { + "accountName": { + "description": "Name of the VTEX account. Used as part of the URL.", + "default": "apiexamples" + } + } + } + ], + "paths": { + "/api/payment-configuration-service/policy-rules": { + "servers": [ + { + "url": "https://{accountName}.pcs.vtexcommercestable.com.br", + "description": "Payment Configuration Service server URL.", + "variables": { + "accountName": { + "description": "Name of the VTEX account. Used as part of the URL.", + "default": "apiexamples" + } + } + } + ], + "post": { + "tags": [ + "Payment policy rules" + ], + "summary": "Create policy rule", + "operationId": "createPolicyRule", + "description": "Creates a payment policy rule for the VTEX account identified by the `accountName` URL variable. Policy rules define conditions that determine which payment systems are included or excluded when those conditions match a cart item.\r\n\r\n> ⚠️ This feature is in closed beta, meaning only specific customers can access it now. If you want to implement it in the future, please contact [our Support](https://support.vtex.com/hc/en-us/).\r\n\r\n## Permissions\r\n\r\nAny user or [API key](https://developers.vtex.com/docs/guides/authentication-overview#api-keys) must have at least one of the appropriate [License Manager resources](https://help.vtex.com/en/tutorial/license-manager-resources--3q6ztrC8YynQf6rdc6euk3) to be able to successfully run this request. Otherwise, they will receive a status code `403` error. These are the applicable resources for this endpoint:\r\n\r\n| **Product** | **Category** | **Resource** |\r\n| --------------- | ----------------- | ----------------- |\r\n| Payments | Payment Policies | **ManageStore** |\r\n\r\nThere are no applicable [predefined roles](https://help.vtex.com/en/tutorial/predefined-roles--jGDurZKJHvHJS13LnO7Dy) for this resource list. You must [create a custom role](https://help.vtex.com/en/tutorial/roles--7HKK5Uau2H6wxE1rH5oRbc#creating-a-role) and add at least one of the resources above in order to use this endpoint.\r\n\r\nTo learn more about machine authentication at VTEX, see [Authentication overview](https://developers.vtex.com/docs/guides/authentication-overview#machine-authentication).\r\n\r\n>❗ To prevent integrations from having excessive permissions, consider the [best practices for managing API keys](https://help.vtex.com/en/tutorial/best-practices-api-keys--7b6nD1VMHa49aI5brlOvJm) when assigning License Manager roles to integrations.", + "parameters": [ + { + "$ref": "#/components/parameters/Content-Type" + }, + { + "$ref": "#/components/parameters/Accept" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PolicyRuleInput" + }, + "example": { + "name": "Exclude EBT for collection 139 in NY", + "expression": { + "and": [ + { + "in": [ + 139, + { + "var": "collectionIds" + } + ] + }, + { + "==": [ + { + "var": "shippingState" + }, + "NY" + ] + } + ] + }, + "enabled": true, + "priority": 90, + "action": "Exclude", + "paymentSystems": [ + 100 + ] + } + } + } + }, + "responses": { + "201": { + "description": "Created", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PolicyRule" + }, + "example": { + "id": "3fa85f64-5717-4562-b3fc-2c963f66afa6", + "name": "Exclude EBT for collection 139 in NY", + "expression": { + "and": [ + { + "in": [ + 139, + { + "var": "collectionIds" + } + ] + }, + { + "==": [ + { + "var": "shippingState" + }, + "NY" + ] + } + ] + }, + "enabled": true, + "priority": 90, + "action": "Exclude", + "paymentSystems": [ + 100 + ], + "createdAt": "2026-04-01T10:00:00Z", + "updatedAt": "2026-04-01T10:00:00Z" + } + } + } + }, + "400": { + "$ref": "#/components/responses/BadRequest" + }, + "401": { + "$ref": "#/components/responses/Unauthorized" + }, + "403": { + "$ref": "#/components/responses/Forbidden" + }, + "422": { + "$ref": "#/components/responses/UnprocessableContent" + } + } + }, + "get": { + "tags": [ + "Payment policy rules" + ], + "summary": "List policy rules", + "operationId": "listPolicyRules", + "description": "Lists the payment policy rules configured for the VTEX account identified by the `accountName` URL variable.\r\n\r\n> ⚠️ This feature is in closed beta, meaning only specific customers can access it now. If you want to implement it in the future, please contact [our Support](https://support.vtex.com/hc/en-us/).\r\n\r\n## Permissions\r\n\r\nAny user or [API key](https://developers.vtex.com/docs/guides/authentication-overview#api-keys) must have at least one of the appropriate [License Manager resources](https://help.vtex.com/en/tutorial/license-manager-resources--3q6ztrC8YynQf6rdc6euk3) to be able to successfully run this request. Otherwise, they will receive a status code `403` error. These are the applicable resources for this endpoint:\r\n\r\n| **Product** | **Category** | **Resource** |\r\n| --------------- | ----------------- | ----------------- |\r\n| Payments | Payment Policies | **ManageStore** |\r\n\r\nThere are no applicable [predefined roles](https://help.vtex.com/en/tutorial/predefined-roles--jGDurZKJHvHJS13LnO7Dy) for this resource list. You must [create a custom role](https://help.vtex.com/en/tutorial/roles--7HKK5Uau2H6wxE1rH5oRbc#creating-a-role) and add at least one of the resources above in order to use this endpoint.\r\n\r\nTo learn more about machine authentication at VTEX, see [Authentication overview](https://developers.vtex.com/docs/guides/authentication-overview#machine-authentication).\r\n\r\n>❗ To prevent integrations from having excessive permissions, consider the [best practices for managing API keys](https://help.vtex.com/en/tutorial/best-practices-api-keys--7b6nD1VMHa49aI5brlOvJm) when assigning License Manager roles to integrations.", + "parameters": [ + { + "$ref": "#/components/parameters/Accept" + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "array", + "description": "List of policy rules configured for the account.", + "items": { + "$ref": "#/components/schemas/PolicyRule" + } + }, + "example": [ + { + "id": "3fa85f64-5717-4562-b3fc-2c963f66afa6", + "name": "Exclude EBT for collection 139 in NY", + "expression": { + "and": [ + { + "in": [ + 139, + { + "var": "collectionIds" + } + ] + }, + { + "==": [ + { + "var": "shippingState" + }, + "NY" + ] + } + ] + }, + "enabled": true, + "priority": 90, + "action": "Exclude", + "paymentSystems": [ + 100 + ], + "createdAt": "2026-04-01T10:00:00Z", + "updatedAt": "2026-04-01T10:00:00Z" + } + ] + } + } + }, + "401": { + "$ref": "#/components/responses/Unauthorized" + }, + "403": { + "$ref": "#/components/responses/Forbidden" + } + } + } + }, + "/api/payment-configuration-service/policy-rules/{id}": { + "servers": [ + { + "url": "https://{accountName}.pcs.vtexcommercestable.com.br", + "description": "Payment Configuration Service server URL.", + "variables": { + "accountName": { + "description": "Name of the VTEX account. Used as part of the URL.", + "default": "apiexamples" + } + } + } + ], + "get": { + "tags": [ + "Payment policy rules" + ], + "summary": "Get policy rule by ID", + "operationId": "getPolicyRuleById", + "description": "Retrieves a payment policy rule by ID for the VTEX account identified by the `accountName` URL variable.\r\n\r\n> ⚠️ This feature is in closed beta, meaning only specific customers can access it now. If you want to implement it in the future, please contact [our Support](https://support.vtex.com/hc/en-us/).\r\n\r\n## Permissions\r\n\r\nAny user or [API key](https://developers.vtex.com/docs/guides/authentication-overview#api-keys) must have at least one of the appropriate [License Manager resources](https://help.vtex.com/en/tutorial/license-manager-resources--3q6ztrC8YynQf6rdc6euk3) to be able to successfully run this request. Otherwise, they will receive a status code `403` error. These are the applicable resources for this endpoint:\r\n\r\n| **Product** | **Category** | **Resource** |\r\n| --------------- | ----------------- | ----------------- |\r\n| Payments | Payment Policies | **ManageStore** |\r\n\r\nThere are no applicable [predefined roles](https://help.vtex.com/en/tutorial/predefined-roles--jGDurZKJHvHJS13LnO7Dy) for this resource list. You must [create a custom role](https://help.vtex.com/en/tutorial/roles--7HKK5Uau2H6wxE1rH5oRbc#creating-a-role) and add at least one of the resources above in order to use this endpoint.\r\n\r\nTo learn more about machine authentication at VTEX, see [Authentication overview](https://developers.vtex.com/docs/guides/authentication-overview#machine-authentication).\r\n\r\n>❗ To prevent integrations from having excessive permissions, consider the [best practices for managing API keys](https://help.vtex.com/en/tutorial/best-practices-api-keys--7b6nD1VMHa49aI5brlOvJm) when assigning License Manager roles to integrations.", + "parameters": [ + { + "$ref": "#/components/parameters/PolicyRuleId" + }, + { + "$ref": "#/components/parameters/Accept" + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PolicyRule" + }, + "example": { + "id": "3fa85f64-5717-4562-b3fc-2c963f66afa6", + "name": "Exclude EBT for collection 139 in NY", + "expression": { + "and": [ + { + "in": [ + 139, + { + "var": "collectionIds" + } + ] + }, + { + "==": [ + { + "var": "shippingState" + }, + "NY" + ] + } + ] + }, + "enabled": true, + "priority": 90, + "action": "Exclude", + "paymentSystems": [ + 100 + ], + "createdAt": "2026-04-01T10:00:00Z", + "updatedAt": "2026-04-01T10:00:00Z" + } + } + } + }, + "401": { + "$ref": "#/components/responses/Unauthorized" + }, + "403": { + "$ref": "#/components/responses/Forbidden" + }, + "404": { + "$ref": "#/components/responses/NotFound" + } + } + }, + "put": { + "tags": [ + "Payment policy rules" + ], + "summary": "Update policy rule", + "operationId": "updatePolicyRule", + "description": "Replaces a payment policy rule for the VTEX account identified by the `accountName` URL variable. Send the same request body used to create a rule. Do not include response-only fields such as `id`, `createdAt`, or `updatedAt`, and do not send a `version` field because concurrency is handled server-side.\r\n\r\n> ⚠️ This feature is in closed beta, meaning only specific customers can access it now. If you want to implement it in the future, please contact [our Support](https://support.vtex.com/hc/en-us/).\r\n\r\n## Permissions\r\n\r\nAny user or [API key](https://developers.vtex.com/docs/guides/authentication-overview#api-keys) must have at least one of the appropriate [License Manager resources](https://help.vtex.com/en/tutorial/license-manager-resources--3q6ztrC8YynQf6rdc6euk3) to be able to successfully run this request. Otherwise, they will receive a status code `403` error. These are the applicable resources for this endpoint:\r\n\r\n| **Product** | **Category** | **Resource** |\r\n| --------------- | ----------------- | ----------------- |\r\n| Payments | Payment Policies | **ManageStore** |\r\n\r\nThere are no applicable [predefined roles](https://help.vtex.com/en/tutorial/predefined-roles--jGDurZKJHvHJS13LnO7Dy) for this resource list. You must [create a custom role](https://help.vtex.com/en/tutorial/roles--7HKK5Uau2H6wxE1rH5oRbc#creating-a-role) and add at least one of the resources above in order to use this endpoint.\r\n\r\nTo learn more about machine authentication at VTEX, see [Authentication overview](https://developers.vtex.com/docs/guides/authentication-overview#machine-authentication).\r\n\r\n>❗ To prevent integrations from having excessive permissions, consider the [best practices for managing API keys](https://help.vtex.com/en/tutorial/best-practices-api-keys--7b6nD1VMHa49aI5brlOvJm) when assigning License Manager roles to integrations.", + "parameters": [ + { + "$ref": "#/components/parameters/PolicyRuleId" + }, + { + "$ref": "#/components/parameters/Content-Type" + }, + { + "$ref": "#/components/parameters/Accept" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PolicyRuleInput" + }, + "example": { + "name": "Exclude EBT for collection 139 in NY", + "expression": { + "and": [ + { + "in": [ + 139, + { + "var": "collectionIds" + } + ] + }, + { + "==": [ + { + "var": "shippingState" + }, + "NY" + ] + } + ] + }, + "enabled": true, + "priority": 90, + "action": "Exclude", + "paymentSystems": [ + 100 + ] + } + } + } + }, + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PolicyRule" + }, + "example": { + "id": "3fa85f64-5717-4562-b3fc-2c963f66afa6", + "name": "Exclude EBT for collection 139 in NY", + "expression": { + "and": [ + { + "in": [ + 139, + { + "var": "collectionIds" + } + ] + }, + { + "==": [ + { + "var": "shippingState" + }, + "NY" + ] + } + ] + }, + "enabled": true, + "priority": 90, + "action": "Exclude", + "paymentSystems": [ + 100 + ], + "createdAt": "2026-04-01T10:00:00Z", + "updatedAt": "2026-04-01T10:00:00Z" + } + } + } + }, + "400": { + "$ref": "#/components/responses/BadRequest" + }, + "401": { + "$ref": "#/components/responses/Unauthorized" + }, + "403": { + "$ref": "#/components/responses/Forbidden" + }, + "404": { + "$ref": "#/components/responses/NotFound" + }, + "409": { + "$ref": "#/components/responses/Conflict" + }, + "422": { + "$ref": "#/components/responses/UnprocessableContent" + } + } + }, + "delete": { + "tags": [ + "Payment policy rules" + ], + "summary": "Delete policy rule", + "operationId": "deletePolicyRule", + "description": "Deletes a payment policy rule for the VTEX account identified by the `accountName` URL variable.\r\n\r\n> ⚠️ This feature is in closed beta, meaning only specific customers can access it now. If you want to implement it in the future, please contact [our Support](https://support.vtex.com/hc/en-us/).\r\n\r\n## Permissions\r\n\r\nAny user or [API key](https://developers.vtex.com/docs/guides/authentication-overview#api-keys) must have at least one of the appropriate [License Manager resources](https://help.vtex.com/en/tutorial/license-manager-resources--3q6ztrC8YynQf6rdc6euk3) to be able to successfully run this request. Otherwise, they will receive a status code `403` error. These are the applicable resources for this endpoint:\r\n\r\n| **Product** | **Category** | **Resource** |\r\n| --------------- | ----------------- | ----------------- |\r\n| Payments | Payment Policies | **ManageStore** |\r\n\r\nThere are no applicable [predefined roles](https://help.vtex.com/en/tutorial/predefined-roles--jGDurZKJHvHJS13LnO7Dy) for this resource list. You must [create a custom role](https://help.vtex.com/en/tutorial/roles--7HKK5Uau2H6wxE1rH5oRbc#creating-a-role) and add at least one of the resources above in order to use this endpoint.\r\n\r\nTo learn more about machine authentication at VTEX, see [Authentication overview](https://developers.vtex.com/docs/guides/authentication-overview#machine-authentication).\r\n\r\n>❗ To prevent integrations from having excessive permissions, consider the [best practices for managing API keys](https://help.vtex.com/en/tutorial/best-practices-api-keys--7b6nD1VMHa49aI5brlOvJm) when assigning License Manager roles to integrations.", + "parameters": [ + { + "$ref": "#/components/parameters/PolicyRuleId" + } + ], + "responses": { + "204": { + "description": "No Content" + }, + "401": { + "$ref": "#/components/responses/Unauthorized" + }, + "403": { + "$ref": "#/components/responses/Forbidden" + }, + "404": { + "$ref": "#/components/responses/NotFound" + } + } + } + }, + "/api/pvt/payment-systems/search": { + "servers": [ + { + "url": "https://{accountName}.vtexpayments.com.br", + "description": "Payment Information Service server URL.", + "variables": { + "accountName": { + "description": "Name of the VTEX account. Used as part of the URL.", + "default": "apiexamples" + } + } + } + ], + "post": { + "tags": [ + "Payment policy evaluation" + ], + "summary": "Evaluate payment policies", + "operationId": "evaluatePaymentPolicies", + "description": "Evaluates active payment policy rules against cart item context and returns payment systems available for each item. Payment systems not mentioned in any matching rule remain available by default. You can also use this endpoint to validate which payment systems are available for cart items before checkout continues.\r\n\r\n> ⚠️ This feature is in closed beta, meaning only specific customers can access it now. If you want to implement it in the future, please contact [our Support](https://support.vtex.com/hc/en-us/).\r\n\r\n## Permissions\r\n\r\nAny user or [API key](https://developers.vtex.com/docs/guides/authentication-overview#api-keys) must have at least one of the appropriate [License Manager resources](https://help.vtex.com/en/tutorial/license-manager-resources--3q6ztrC8YynQf6rdc6euk3) to be able to successfully run this request. Otherwise, they will receive a status code `403` error. These are the applicable resources for this endpoint:\r\n\r\n| **Product** | **Category** | **Resource** |\r\n| --------------- | ----------------- | ----------------- |\r\n| Payments | Payment Policies | **ManageStore** |\r\n\r\nThere are no applicable [predefined roles](https://help.vtex.com/en/tutorial/predefined-roles--jGDurZKJHvHJS13LnO7Dy) for this resource list. You must [create a custom role](https://help.vtex.com/en/tutorial/roles--7HKK5Uau2H6wxE1rH5oRbc#creating-a-role) and add at least one of the resources above in order to use this endpoint.\r\n\r\nTo learn more about machine authentication at VTEX, see [Authentication overview](https://developers.vtex.com/docs/guides/authentication-overview#machine-authentication).\r\n\r\n>❗ To prevent integrations from having excessive permissions, consider the [best practices for managing API keys](https://help.vtex.com/en/tutorial/best-practices-api-keys--7b6nD1VMHa49aI5brlOvJm) when assigning License Manager roles to integrations.", + "parameters": [ + { + "$ref": "#/components/parameters/Content-Type" + }, + { + "$ref": "#/components/parameters/Accept" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PaymentPolicySearchRequest" + }, + "example": { + "items": [ + { + "id": "sku-01", + "collectionIds": [ + 139, + 45 + ], + "shippingData": { + "state": "NY" + } + }, + { + "id": "sku-02", + "collectionIds": [ + 200 + ], + "shippingData": { + "state": "NY" + } + } + ] + } + } + } + }, + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PaymentPolicySearchResponse" + }, + "example": { + "paymentSystemAssignments": [ + { + "paymentSystem": 1, + "itemIds": [ + "sku-01", + "sku-02" + ] + }, + { + "paymentSystem": 4, + "itemIds": [ + "sku-01", + "sku-02" + ] + }, + { + "paymentSystem": 100, + "itemIds": [ + "sku-02" + ] + } + ], + "paymentSystemDefinitions": [ + { + "id": 1, + "name": "Debit Card", + "groupName": "debitCard" + }, + { + "id": 4, + "name": "Mastercard", + "groupName": "creditCard" + }, + { + "id": 100, + "name": "EBT Card", + "groupName": "ebt" + } + ] + } + } + } + }, + "400": { + "$ref": "#/components/responses/BadRequest" + }, + "401": { + "$ref": "#/components/responses/Unauthorized" + }, + "403": { + "$ref": "#/components/responses/Forbidden" + } + } + } + } + }, + "security": [ + { + "appKey": [], + "appToken": [] + }, + { + "VtexIdclientAutCookie": [] + } + ], + "components": { + "securitySchemes": { + "appKey": { + "type": "apiKey", + "in": "header", + "name": "X-VTEX-API-AppKey", + "description": "Unique identifier of the [API key](https://developers.vtex.com/docs/guides/api-authentication-using-api-keys)." + }, + "appToken": { + "type": "apiKey", + "in": "header", + "name": "X-VTEX-API-AppToken", + "description": "Secret token of the [API key](https://developers.vtex.com/docs/guides/api-authentication-using-api-keys)." + }, + "VtexIdclientAutCookie": { + "type": "apiKey", + "in": "header", + "name": "VtexIdclientAutCookie", + "description": "[User token](https://developers.vtex.com/docs/guides/api-authentication-using-user-tokens), valid for 24 hours." + } + }, + "schemas": { + "PolicyRuleInput": { + "type": "object", + "description": "Payload used to create or replace a payment policy rule.", + "required": [ + "name", + "expression", + "enabled", + "priority", + "action", + "paymentSystems" + ], + "properties": { + "name": { + "type": "string", + "description": "Policy rule name.", + "minLength": 1 + }, + "expression": { + "$ref": "#/components/schemas/JsonLogicExpression" + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether the policy rule is active." + }, + "priority": { + "type": "integer", + "format": "int32", + "description": "Rule priority, from `0` to `999`. Lower values have higher precedence when conflicting rules match the same item.", + "minimum": 0, + "maximum": 999 + }, + "action": { + "type": "string", + "description": "Action applied to the payment systems when the rule expression matches. Accepts `Include` or `Exclude`; value matching is case-insensitive.", + "enum": [ + "Include", + "Exclude" + ] + }, + "paymentSystems": { + "type": "array", + "description": "Payment system IDs affected by the rule.", + "items": { + "type": "integer", + "format": "int32", + "description": "Payment system ID." + }, + "minItems": 1 + } + } + }, + "PolicyRule": { + "type": "object", + "description": "Payment policy rule returned by the API.", + "required": [ + "id", + "name", + "expression", + "enabled", + "priority", + "action", + "paymentSystems", + "createdAt", + "updatedAt" + ], + "properties": { + "id": { + "type": "string", + "format": "uuid", + "description": "Unique identifier of the policy rule." + }, + "name": { + "type": "string", + "description": "Policy rule name.", + "minLength": 1 + }, + "expression": { + "$ref": "#/components/schemas/JsonLogicExpression" + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether the policy rule is active." + }, + "priority": { + "type": "integer", + "format": "int32", + "description": "Rule priority, from `0` to `999`. Lower values have higher precedence when conflicting rules match the same item.", + "minimum": 0, + "maximum": 999 + }, + "action": { + "type": "string", + "description": "Action applied to the payment systems when the rule expression matches. Accepts `Include` or `Exclude`; value matching is case-insensitive.", + "enum": [ + "Include", + "Exclude" + ] + }, + "paymentSystems": { + "type": "array", + "description": "Payment system IDs affected by the rule.", + "items": { + "type": "integer", + "format": "int32", + "description": "Payment system ID." + }, + "minItems": 1 + }, + "createdAt": { + "type": "string", + "format": "date-time", + "description": "Date and time when the policy rule was created in [ISO 8601 time zone offset format](https://learn.microsoft.com/en-us/rest/api/storageservices/formatting-datetime-values), as in `YYYY-MM-DDThh:mm:ssZ`." + }, + "updatedAt": { + "type": "string", + "format": "date-time", + "description": "Date and time when the policy rule was last updated in [ISO 8601 time zone offset format](https://learn.microsoft.com/en-us/rest/api/storageservices/formatting-datetime-values), as in `YYYY-MM-DDThh:mm:ssZ`." + } + } + }, + "JsonLogicExpression": { + "type": "object", + "description": "JSONLogic expression evaluated against item context. Currently supports `and`, `or`, `==`, and `in`, with `collectionIds` and `shippingState` as available variables.", + "additionalProperties": true + }, + "PaymentPolicySearchRequest": { + "type": "object", + "description": "Payload used to evaluate payment policies for cart items.", + "required": [ + "items" + ], + "properties": { + "items": { + "type": "array", + "description": "Cart items to evaluate against active payment policy rules.", + "items": { + "$ref": "#/components/schemas/PaymentPolicySearchItem" + } + } + } + }, + "PaymentPolicySearchItem": { + "type": "object", + "description": "Cart item context used by the payment policy engine.", + "required": [ + "id", + "collectionIds", + "shippingData" + ], + "properties": { + "id": { + "type": "string", + "description": "Item identifier used to map available payment systems back to the cart item." + }, + "collectionIds": { + "type": "array", + "description": "Collection IDs associated with the item in the VTEX catalog.", + "items": { + "type": "integer", + "format": "int32", + "description": "Collection ID." + } + }, + "shippingData": { + "type": "object", + "description": "Shipping context used by the payment policy engine.", + "required": [ + "state" + ], + "properties": { + "state": { + "type": "string", + "description": "State code of the main delivery address." + } + } + } + } + }, + "PaymentPolicySearchResponse": { + "type": "object", + "description": "Payment policy evaluation result returned by the Payment Information Service.", + "required": [ + "paymentSystemAssignments", + "paymentSystemDefinitions" + ], + "properties": { + "paymentSystemAssignments": { + "type": "array", + "description": "Relationship between payment systems and the item IDs for which each payment system is available.", + "items": { + "$ref": "#/components/schemas/PaymentSystemAssignment" + } + }, + "paymentSystemDefinitions": { + "type": "array", + "description": "Payment system metadata for the payment systems returned in the assignments.", + "items": { + "$ref": "#/components/schemas/PaymentSystemDefinition" + } + } + } + }, + "PaymentSystemAssignment": { + "type": "object", + "description": "Payment system availability for one or more items.", + "required": [ + "paymentSystem", + "itemIds" + ], + "properties": { + "paymentSystem": { + "type": "integer", + "format": "int32", + "description": "Payment system ID." + }, + "itemIds": { + "type": "array", + "description": "Item IDs for which the payment system is available.", + "items": { + "type": "string", + "description": "Item ID." + } + } + } + }, + "PaymentSystemDefinition": { + "type": "object", + "description": "Payment system metadata.", + "required": [ + "id", + "name", + "groupName" + ], + "properties": { + "id": { + "type": "integer", + "format": "int32", + "description": "Payment system ID." + }, + "name": { + "type": "string", + "description": "Payment system display name." + }, + "groupName": { + "type": "string", + "description": "Payment system group name." + } + } + }, + "ProblemDetails": { + "type": "object", + "description": "RFC 7807 Problem Details response returned when the request cannot be completed.", + "required": [ + "type", + "title", + "status", + "detail", + "instance" + ], + "properties": { + "type": { + "type": "string", + "description": "URI reference that identifies the problem type." + }, + "title": { + "type": "string", + "description": "Short, human-readable summary of the problem type." + }, + "status": { + "type": "integer", + "format": "int32", + "minimum": 100, + "maximum": 599, + "description": "HTTP status code generated by the server for this occurrence of the problem." + }, + "detail": { + "type": "string", + "description": "Human-readable explanation specific to this occurrence of the problem." + }, + "instance": { + "type": "string", + "description": "URI reference that identifies the specific occurrence of the problem." + } + } + } + }, + "parameters": { + "Content-Type": { + "name": "Content-Type", + "in": "header", + "description": "Type of the content being sent.", + "required": true, + "style": "simple", + "schema": { + "type": "string", + "example": "application/json" + } + }, + "Accept": { + "name": "Accept", + "in": "header", + "description": "HTTP Client Negotiation _Accept_ Header. Indicates the types of responses the client can understand.", + "required": true, + "style": "simple", + "schema": { + "type": "string", + "example": "application/json" + } + }, + "PolicyRuleId": { + "name": "id", + "in": "path", + "description": "Unique identifier of the policy rule.", + "required": true, + "schema": { + "type": "string", + "format": "uuid" + } + } + }, + "responses": { + "BadRequest": { + "description": "Bad Request", + "content": { + "application/problem+json": { + "schema": { + "$ref": "#/components/schemas/ProblemDetails" + }, + "example": { + "type": "https://httpstatuses.com/400", + "title": "Bad Request", + "status": 400, + "detail": "The request body is malformed.", + "instance": "/api/payment-configuration-service/policy-rules" + } + } + } + }, + "Unauthorized": { + "description": "Unauthorized", + "content": { + "application/problem+json": { + "schema": { + "$ref": "#/components/schemas/ProblemDetails" + }, + "example": { + "type": "https://httpstatuses.com/401", + "title": "Unauthorized", + "status": 401, + "detail": "Missing or invalid credentials.", + "instance": "/api/payment-configuration-service/policy-rules" + } + } + } + }, + "Forbidden": { + "description": "Forbidden", + "content": { + "application/problem+json": { + "schema": { + "$ref": "#/components/schemas/ProblemDetails" + }, + "example": { + "type": "https://httpstatuses.com/403", + "title": "Forbidden", + "status": 403, + "detail": "The user or API key does not have the required permission.", + "instance": "/api/payment-configuration-service/policy-rules" + } + } + } + }, + "NotFound": { + "description": "Not Found", + "content": { + "application/problem+json": { + "schema": { + "$ref": "#/components/schemas/ProblemDetails" + }, + "example": { + "type": "https://httpstatuses.com/404", + "title": "Not Found", + "status": 404, + "detail": "Policy rule not found for the account.", + "instance": "/api/payment-configuration-service/policy-rules" + } + } + } + }, + "Conflict": { + "description": "Conflict", + "content": { + "application/problem+json": { + "schema": { + "$ref": "#/components/schemas/ProblemDetails" + }, + "example": { + "type": "https://httpstatuses.com/409", + "title": "Conflict", + "status": 409, + "detail": "The policy rule was updated by another request. Retry with the latest data.", + "instance": "/api/payment-configuration-service/policy-rules" + } + } + } + }, + "UnprocessableContent": { + "description": "Unprocessable Content", + "content": { + "application/problem+json": { + "schema": { + "$ref": "#/components/schemas/ProblemDetails" + }, + "example": { + "type": "https://httpstatuses.com/422", + "title": "Unprocessable Content", + "status": 422, + "detail": "Validation failed, the JSONLogic expression is invalid, or a domain invariant was violated.", + "instance": "/api/payment-configuration-service/policy-rules" + } + } + } + } + } + }, + "tags": [ + { + "name": "Payment policy rules" + }, + { + "name": "Payment policy evaluation" + } + ] +} diff --git a/VTEX - Payment Provider Protocol.json b/VTEX - Payment Provider Protocol.json index 01ca6bb80..365cf6f2d 100644 --- a/VTEX - Payment Provider Protocol.json +++ b/VTEX - Payment Provider Protocol.json @@ -24,7 +24,7 @@ "Payment Flow" ], "summary": "List Payment Provider Manifest", - "description": "Exposes the provider manifest, including metadata settings such as payment methods, split configuration, and custom fields.\r\n\r\n> ℹ️ This request is made from VTEX to the payment provider.\r\n\r\n## Available payment methods\r\n\r\n| Payment Method | Type | Country |\r\n|---|---|---|\r\n| `Visa` | Credit Card | Global |\r\n| `Mastercard` | Credit Card | Global |\r\n| `American Express` | Credit Card | Global |\r\n| `Discover` | Credit Card | Global |\r\n| `JCB` | Credit Card | Global |\r\n| `Diners` | Credit Card | Global |\r\n| `Elo` | Credit Card | Brazil |\r\n| `Hipercard` | Credit Card | Brazil |\r\n| `Aura` | Credit Card | Brazil |\r\n| `Banricompras` | Credit Card | Brazil |\r\n| `Credz` | Credit Card | Brazil |\r\n| `Cabal` | Credit Card | Argentina, Brazil, Uruguay, Paraguay |\r\n| `Cartes Bancaires (CB)` | Credit Card | France |\r\n| `VirtualDebitElo` | Debit Card | Brazil |\r\n| `Visa Electron` | Debit Card | Global |\r\n| `Maestro` | Debit Card | Global |\r\n| `Mastercard Debit` | Debit Card | Global |\r\n| `D\u00e9bito Online` | Debit Card | Brazil |\r\n| `Cobranded` | Card | Global |\r\n| `Privatelabels` | Card | Global |\r\n| `Apple Pay` | Digital Wallet | Global |\r\n| `Google Pay` | Digital Wallet | Global |\r\n| `Promissories` | Generic | Global |\r\n| `Cash` | Generic | Global |\r\n| `Pix` | Online Transfer | Brazil |\r\n| `Safetypay` | Online Transfer | Americas and Europe |\r\n| `BankInvoice` | Offline/Voucher | Brazil (Boleto Banc\u00e1rio) |\r\n| `FichaDeposito` | Offline/Voucher | Mexico |\r\n| `Rapipago` | Offline/Voucher | Argentina |\r\n| `OXXO` | Offline/Voucher | Mexico |\r\n| `Voucher` | Offline/Voucher | Mexico |\r\n| `Bitcoin` | Cryptocurrency | Global |\r\n| `Venda Direta Credito` | Credit Card (Physical) | Global |\r\n| `Venda Direta Debito` | Debit Card (Physical) | Global | \r\n\r\n## Permissions\r\n\r\nCheck with your service provider to know what permissions are needed.", + "description": "Exposes the provider manifest, including metadata settings such as payment methods, split configuration, and custom fields.\r\n\r\n> ℹ️ This request is made from VTEX to the payment provider.\r\n\r\n## Available payment methods\r\n\r\n| Payment Method | Type | Country |\r\n|---|---|---|\r\n| `Visa` | Credit Card | Global |\r\n| `Mastercard` | Credit Card | Global |\r\n| `American Express` | Credit Card | Global |\r\n| `Discover` | Credit Card | Global |\r\n| `JCB` | Credit Card | Global |\r\n| `Diners` | Credit Card | Global |\r\n| `Elo` | Credit Card | Brazil |\r\n| `Hipercard` | Credit Card | Brazil |\r\n| `Aura` | Credit Card | Brazil |\r\n| `Banricompras` | Credit Card | Brazil |\r\n| `Credz` | Credit Card | Brazil |\r\n| `Cabal` | Credit Card | Argentina, Brazil, Uruguay, Paraguay |\r\n| `Patagonia 365` | Credit Card | Argentina |\r\n| `Cartes Bancaires (CB)` | Credit Card | France |\r\n| `VirtualDebitElo` | Debit Card | Brazil |\r\n| `Visa Electron` | Debit Card | Global |\r\n| `Maestro` | Debit Card | Global |\r\n| `Mastercard Debit` | Debit Card | Global |\r\n| `D\u00e9bito Online` | Debit Card | Brazil |\r\n| `Cobranded` | Card | Global |\r\n| `Privatelabels` | Card | Global |\r\n| `Apple Pay` | Digital Wallet | Global |\r\n| `Google Pay` | Digital Wallet | Global |\r\n| `Promissories` | Generic | Global |\r\n| `Cash` | Generic | Global |\r\n| `Pix` | Online Transfer | Brazil |\r\n| `Safetypay` | Online Transfer | Americas and Europe |\r\n| `BankInvoice` | Offline/Voucher | Brazil (Boleto Banc\u00e1rio) |\r\n| `FichaDeposito` | Offline/Voucher | Mexico |\r\n| `Rapipago` | Offline/Voucher | Argentina |\r\n| `OXXO` | Offline/Voucher | Mexico |\r\n| `Voucher` | Offline/Voucher | Mexico |\r\n| `Bitcoin` | Cryptocurrency | Global |\r\n| `Venda Direta Credito` | Credit Card (Physical) | Global |\r\n| `Venda Direta Debito` | Debit Card (Physical) | Global | \r\n\r\n## Permissions\r\n\r\nCheck with your service provider to know what permissions are needed.", "operationId": "Manifest", "security": [], "parameters": [