Document customer API + Order Configs + service_quote on customer orders

postman/collections/Fleetbase API/Customers/.resources/definition.yaml

@@ -0,0 +1,4 @@
+$kind: collection
+description: |-
+  Customer endpoints provide email/password + verification-code authentication and customer-scoped order management for FleetOps, without requiring the Storefront publishable key. All flows authenticate to a single Fleetbase company resolved from your `flb_live_…` API credential; per-customer requests additionally require the `Customer-Token` returned by signup/login.
+order: 5000

postman/collections/Fleetbase API/Customers/.resources/object.yaml

@@ -0,0 +1,79 @@
+$kind: object
+name: Customer
+description: |-
+  A customer is a Fleet-Ops contact of `type=customer` that is linked to a user for authentication. Returned by all `/v1/customers/...` endpoints. The `token` field is only present on responses to signup, login, and verify-code; persist it client-side and send it on subsequent requests via the `Customer-Token` header.
+example: |
+  {
+    "id": "customer_A1b2C3d4E5",
+    "internal_id": null,
+    "name": "Jane Customer",
+    "title": null,
+    "email": "jane@example.com",
+    "phone": "+15555550111",
+    "photo_url": null,
+    "address": null,
+    "addresses": [],
+    "token": "1|f4Wd3jY9aB...",
+    "orders_count": 0,
+    "company": {
+      "id": "company_6zV1KqN9pR",
+      "name": "ACME Logistics",
+      "currency": "USD",
+      "country": "US",
+      "phone": "+1-555-0100"
+    },
+    "meta": {},
+    "slug": "jane-customer",
+    "created_at": "2026-05-21T10:00:00.000000Z",
+    "updated_at": "2026-05-21T10:00:00.000000Z"
+  }
+fields:
+  - name: id
+    type: string
+    description: Public customer identifier. Prefixed `customer_` on the public API.
+  - name: internal_id
+    type: string
+    description: Optional internal identifier.
+  - name: name
+    type: string
+    description: Customer display name.
+  - name: title
+    type: string
+    description: Optional title.
+  - name: email
+    type: string
+    description: Customer email address.
+  - name: phone
+    type: string
+    description: Customer phone number (E.164 format).
+  - name: photo_url
+    type: string
+    description: Customer photo URL.
+  - name: address
+    type: string
+    description: Default address derived from the linked place, when one is set.
+  - name: addresses
+    type: array of objects
+    description: Saved Place addresses, when the `places` relation is loaded.
+  - name: token
+    type: string
+    description: Sanctum personal-access-token returned by signup/login/verify-code. Send back on authenticated requests as the `Customer-Token` header.
+  - name: orders_count
+    type: integer
+    description: Number of non-deleted orders linked to this customer.
+  - name: company
+    type: object
+    description: |-
+      Public-safe projection of the customer's company. Contains the company's public id, name, resolved transaction currency (with fallback through `companies.currency` → ledger `base_currency` → `"USD"`), country, and phone. Useful for portals that need to render currency labels and contact info without making a separate request.
+  - name: meta
+    type: object
+    description: Free-form metadata stored on the contact's `meta` column. The API does not write to this field — it is client-owned.
+  - name: slug
+    type: string
+    description: URL-friendly slug.
+  - name: created_at
+    type: timestamp
+    description: When the customer was created.
+  - name: updated_at
+    type: timestamp
+    description: When the customer was last updated.

postman/collections/Fleetbase API/Customers/Create a Customer Order.params.yaml

@@ -0,0 +1,57 @@
+$kind: params
+fields:
+  - name: type
+    type: string
+    required: false
+    description: Order config key (e.g. `transport`, `freight`). When omitted, the company's default OrderConfig is used.
+  - name: order_config
+    type: string
+    required: false
+    description: Explicit OrderConfig public id, overrides `type`.
+  - name: scheduled_at
+    type: timestamp
+    required: false
+    description: Requested fulfillment timestamp (ISO 8601).
+  - name: notes
+    type: string
+    required: false
+    description: Free-form notes / special handling instructions.
+  - name: internal_id
+    type: string
+    required: false
+    description: Optional caller-supplied identifier.
+  - name: meta
+    type: object
+    required: false
+    description: Free-form metadata stored on the order's `meta` column.
+  - name: service_quote
+    type: string
+    required: false
+    description: |-
+      Optional ServiceQuote reference (uuid or `sqte_…` public_id) returned by `GET /v1/service-quotes`. When supplied, the controller resolves the quote via `ServiceQuote::resolveFromRequest` and consumes it via `$order->purchaseServiceQuote()` to lock the pricing onto the order's PurchaseRate (same behavior as `OrderController::create`).
+  - name: payload
+    type: string|object
+    required: false
+    description: |-
+      Either an existing Payload public_id, or an inline object with `{ pickup, dropoff, return, waypoints, entities }`. The controller mirrors `OrderController::create`'s payload-building branch — Place sub-objects accept either a public_id or the standard Place fillable shape; entities accept the standard Entity fillable shape.
+  - name: pickup
+    type: string|object
+    required: false
+    description: Accepted only when `payload` is not provided. Either an existing Place public_id or a Place-shaped object (`name`, `street1`, `street2`, `city`, `province`, `postal_code`, `country`, `phone`, `meta`).
+  - name: dropoff
+    type: string|object
+    required: false
+    description: Same shape as `pickup`. Accepted only when `payload` is not provided.
+  - name: return
+    type: string|object
+    required: false
+    description: Same shape as `pickup`. Accepted only when `payload` is not provided.
+  - name: waypoints
+    type: array of strings|objects
+    required: false
+    description: Accepted only when `payload` is not provided. Each item is either a Place public_id or a Place-shaped object.
+  - name: entities
+    type: array of objects
+    required: false
+    description: |-
+      Accepted only when `payload` is not provided. Each entity uses the standard Entity field shape: `name`, `description`, `weight`, `weight_unit`, `declared_value`, `currency`, `meta`. The controller delegates to `Payload::setEntities` so customer-created orders are indistinguishable from operator-created ones at the data layer.

postman/collections/Fleetbase API/Customers/Create a Customer Order.request.yaml

@@ -0,0 +1,52 @@
+$kind: http-request
+name: "Create a Customer Order"
+description: |-
+  Creates an Order on behalf of the authenticated customer. Accepts the canonical Fleet-Ops Order create shape — the same fields as `POST /v1/orders` would accept from an operator. The customer's `uuid` is automatically attached as `orders.customer_uuid`; any client-supplied `customer` field is ignored. `status` is forced to `created` (customers cannot self-dispatch). The Order lands in the company resolved from the API credential.
+url: "{{base_url}}/{{namespace}}/customers/orders"
+method: POST
+headers:
+  Accept: application/json
+  Customer-Token: "{{customer_token}}"
+body:
+  type: json
+  content: |-
+    {
+      "type": "transport",
+      "scheduled_at": "2026-05-25T10:00:00Z",
+      "notes": "Handle with care.",
+      "pickup": {
+        "name": "Pickup",
+        "street1": "4169 N State RD 7",
+        "city": "Lauderdale Lakes",
+        "province": "FL",
+        "postal_code": "33319",
+        "country": "US"
+      },
+      "dropoff": {
+        "name": "Dropoff",
+        "city": "Kingston",
+        "country": "JM"
+      },
+      "entities": [
+        {
+          "name": "Wireless Headphones",
+          "description": "Electronics",
+          "weight": 2.5,
+          "weight_unit": "lb",
+          "declared_value": 150,
+          "currency": "USD"
+        }
+      ]
+    }
+scripts:
+  - type: afterResponse
+    code: |-
+      var json_response = pm.response.json();
+      let cv = pm.environment;
+
+      if (json_response && json_response.id) {
+        cv.set("customer_order_id", json_response.id);
+      }
+    language: text/javascript
+
+order: 14000

postman/collections/Fleetbase API/Customers/Create a Customer.params.yaml

@@ -0,0 +1,43 @@
+$kind: params
+fields:
+  - name: identity
+    type: string
+    required: true
+    description: Email or phone the verification code was requested for.
+  - name: code
+    type: string
+    required: true
+    description: Verification code received via email or SMS.
+  - name: name
+    type: string
+    required: true
+    description: Customer display name.
+  - name: password
+    type: string
+    required: true
+    description: Account password (minimum 8 characters).
+  - name: email
+    type: string
+    required: false
+    description: Email address, if different from the identity. Must be unique within the company.
+  - name: phone
+    type: string
+    required: false
+    description: Phone number (E.164 recommended). Must be unique within the company.
+  - name: title
+    type: string
+    required: false
+    description: Optional title.
+  - name: photo
+    type: string
+    required: false
+    description: Either a `file_…` public id or a base64-encoded data URI.
+  - name: place
+    type: string|object
+    required: false
+    description: |-
+      Optional default Place for the customer. Either the public_id of an existing Place in this company (`place_…`), or an inline Place object using the standard Place fields: `name`, `street1`, `street2`, `city`, `province`, `postal_code`, `neighborhood`, `district`, `building`, `country`, `phone`, `meta`. When supplied, the controller creates the Place with the new customer as `owner_uuid` and sets it as `place_uuid` on the contact.
+  - name: meta
+    type: object
+    required: false
+    description: Free-form metadata stored on the contact's `meta` column.

postman/collections/Fleetbase API/Customers/Create a Customer.request.yaml

@@ -0,0 +1,40 @@
+$kind: http-request
+name: "Create a Customer"
+description: |-
+  Creates a customer account (Contact + linked User) after verifying the code from `Request Customer Creation Code`. Returns the customer with a Sanctum `token` — persist this client-side and send it back as the `Customer-Token` header on authenticated requests.
+url: "{{base_url}}/{{namespace}}/customers"
+method: POST
+body:
+  type: json
+  content: |-
+    {
+      "identity": "{{customer_identity}}",
+      "code": "{{verification_code}}",
+      "name": "Jane Customer",
+      "password": "{{customer_password}}",
+      "phone": "{{$randomPhoneNumber}}",
+      "place": {
+        "name": "Home",
+        "street1": "123 Main Street",
+        "city": "Kingston",
+        "province": "Kingston",
+        "postal_code": "00000",
+        "country": "JM"
+      }
+    }
+scripts:
+  - type: afterResponse
+    code: |-
+      var json_response = pm.response.json();
+      let cv = pm.environment;
+
+      if (json_response && json_response.id) {
+        cv.set("customer_id", json_response.id);
+        cv.set("customer_name", json_response.name);
+        if (json_response.token) {
+          cv.set("customer_token", json_response.token);
+        }
+      }
+    language: text/javascript
+
+order: 2000

postman/collections/Fleetbase API/Customers/Forgot Customer Password.params.yaml

@@ -0,0 +1,6 @@
+$kind: params
+fields:
+  - name: identity
+    type: string
+    required: true
+    description: Customer email or phone number to send the reset code to.

postman/collections/Fleetbase API/Customers/Forgot Customer Password.request.yaml

@@ -0,0 +1,13 @@
+$kind: http-request
+name: "Forgot Customer Password"
+description: "Sends a password-reset verification code to the customer's email or phone. Always returns `{ status: ok }` regardless of whether the identity matches an account (prevents enumeration)."
+url: "{{base_url}}/{{namespace}}/customers/forgot-password"
+method: POST
+body:
+  type: json
+  content: |-
+    {
+      "identity": "{{customer_identity}}"
+    }
+
+order: 6000

postman/collections/Fleetbase API/Customers/List Customer Orders.queryParams.yaml

@@ -0,0 +1,18 @@
+$kind: params
+fields:
+  - name: limit
+    type: integer
+    required: false
+    description: Page size.
+  - name: offset
+    type: integer
+    required: false
+    description: Page offset.
+  - name: status
+    type: string
+    required: false
+    description: Filter by order status (e.g. `created`, `dispatched`, `completed`).
+  - name: query
+    type: string
+    required: false
+    description: Free-text search across order fields.

postman/collections/Fleetbase API/Customers/List Customer Orders.request.yaml

@@ -0,0 +1,10 @@
+$kind: http-request
+name: "List Customer Orders"
+description: "Lists orders owned by the authenticated customer (scoped to `orders.customer_uuid`)."
+url: "{{base_url}}/{{namespace}}/customers/orders"
+method: GET
+headers:
+  Accept: application/json
+  Customer-Token: "{{customer_token}}"
+
+order: 13000

postman/collections/Fleetbase API/Customers/List Customer Places.queryParams.yaml

@@ -0,0 +1,14 @@
+$kind: params
+fields:
+  - name: limit
+    type: integer
+    required: false
+    description: Page size.
+  - name: offset
+    type: integer
+    required: false
+    description: Page offset.
+  - name: query
+    type: string
+    required: false
+    description: Free-text search against Place fields.

postman/collections/Fleetbase API/Customers/List Customer Places.request.yaml

@@ -0,0 +1,10 @@
+$kind: http-request
+name: "List Customer Places"
+description: "Lists the authenticated customer's saved Places (delivery addresses, etc.)."
+url: "{{base_url}}/{{namespace}}/customers/places"
+method: GET
+headers:
+  Accept: application/json
+  Customer-Token: "{{customer_token}}"
+
+order: 12000

postman/collections/Fleetbase API/Customers/Login Customer.params.yaml

@@ -0,0 +1,10 @@
+$kind: params
+fields:
+  - name: identity
+    type: string
+    required: true
+    description: Customer email or phone number.
+  - name: password
+    type: string
+    required: true
+    description: Customer account password.

postman/collections/Fleetbase API/Customers/Login Customer.request.yaml

@@ -0,0 +1,25 @@
+$kind: http-request
+name: "Login Customer"
+description: "Authenticates a customer with email/phone + password. Returns the customer with a Sanctum `token` to use as `Customer-Token`."
+url: "{{base_url}}/{{namespace}}/customers/login"
+method: POST
+body:
+  type: json
+  content: |-
+    {
+      "identity": "{{customer_identity}}",
+      "password": "{{customer_password}}"
+    }
+scripts:
+  - type: afterResponse
+    code: |-
+      var json_response = pm.response.json();
+      let cv = pm.environment;
+
+      if (json_response && json_response.token) {
+        cv.set("customer_token", json_response.token);
+        cv.set("customer_id", json_response.id);
+      }
+    language: text/javascript
+
+order: 3000