Version: 1.0.0

• OpenAPI Spec

Sarucci Public API

External Partner-facing REST API for Sarucci's price-recommendation engines.

Authentication

1. Sarucci provisions your Partner account and gives you an access_key and secret_key.
2. POST /auth/token with those keys to receive a short-lived JWT.
3. Send the JWT as Authorization: Bearer <token> on every request (in Swagger UI, paste it into the green Authorize button).

There is no refresh token; re-exchange your keys when the JWT expires.

Errors

Every 4xx / 5xx response uses the envelope:

{"error": {"code": "<machine_code>", "message": "<human>", "request_id": "<uuid>"}}

CORS / browser access

This API is designed for server-side clients. Browser-origin (CORS) access is disabled unless Sarucci configures an explicit origin allowlist (PUBLIC_API_CORS_ORIGINS).

Authentication

HTTP: Bearer Auth

Partner JWT obtained from POST /auth/token.

Security Scheme Type:	http
HTTP Authorization Scheme:	bearer

Contact

Sarucci API Support: developers@sarucci.com