English en العربية ar Français fr

Client

Merchant / seller — scoped strictly to their own records.

3 min read

Client

Summary. The merchant / seller — the core customer of NQLA. They list products, send stock into storage, create orders, and manage their wallet, all strictly scoped to their own records. Most of their work is on the mobile/client API under /api/v1/client/....

What you can do

Products (manage products, create products, export products, view products)

  • Full CRUD on your own products — GET/POST/PUT/DELETE /api/v1/client/products (and /{product}).

Inventory (view inventory-requests, create inventory-requests, export inventory-requests)

  • Submit inventory requests for your products — POST /api/v1/inventory-requests — and list/view them at GET /api/v1/inventory-requests.

Orders (create orders, view orders, export orders)

  • Create orders — POST /api/v1/client/orders — view/track them, fetch the QR, and cancel — GET /api/v1/client/orders, /{order}, /{order}/qr, /{order}/cancel, /{order}/tracking.

Custom shapes (manage shapes, create shapes, update shapes, delete shapes, export shapes, view shapes)

  • Manage your own custom shapes — /api/v1/.../shapes (the controller scopes shapes to your user_id so the picker never leaks another merchant's shapes).

Wallet & withdrawals (view wallet)

  • View wallet balance and transactions — GET /api/v1/client/wallet, /wallet/transactions.
  • Request a withdrawal — POST /api/v1/client/wallet/withdraw (rate-limited via throttle:withdraw) — and list/cancel/receipt them under /wallet/withdrawals.

Subscription (view my-subscription)

  • View your subscription and plans, upgrade, renew, cancel, toggle auto-renew, and view invoices — /api/v1/client/subscription/....

Returns & disputes (view return-requests)

  • View your return requests — GET /api/v1/return-requests, /{return_request}, and cancel — /{return_request}/cancel.
  • File disputes — POST /api/v1/client/disputes — and view them.

What you cannot do

  • Cannot see any other merchant's products, orders, inventory, shapes, or wallet.
  • Cannot approve their own orders, assign drivers, or confirm storage — those belong to admin/staff and the companies.
  • No admin master data, no other users, no platform settings.
  • Cannot release their own withdrawals — they only request; an admin with approve withdrawal-requests releases funds.

Data scope

Own records only (owner scope). Every list is filtered to rows the client owns — e.g. /api/v1/client/orders returns only orders they created, and shapes are filtered by their user_id. They can never see another merchant's data.

Permissions

Exact list (synced in SaasRoleSeeder): view my-subscription, view products, create products, manage products, export products, view inventory-requests, create inventory-requests, export inventory-requests, view orders, create orders, export orders, view wallet, view shapes, create shapes, update shapes, delete shapes, manage shapes, export shapes, view return-requests.

How this role is assigned

Assigned at self-registration — a merchant signs up and is placed in client. No admin approval is required for the merchant role itself (unlike company roles).

See roles/overview for scoping, and the merchant guide (e.g. merchant-guide/creating-orders) for step-by-step flows.