Complete API documentation for the TrustCart platform.
\n","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","toc":[],"owner":"50839415","collectionId":"8595a48d-f2c0-4e70-9f61-3cb39baf28ff","publishedId":"2sBXqKofEU","public":true,"customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"FF6C37"},"publishDate":"2026-05-02T15:18:53.000Z"},"item":[{"name":"Auth","item":[{"name":"Register","event":[{"id":"0aea1caa-7c72-4ce6-b6b1-c2a2938154f0","listen":"test","script":{"type":"text/javascript","exec":["pm.test(\"Status code is 200 or 201\", function () {"," pm.expect(pm.response.code).to.be.oneOf([200, 201]);","});","pm.test(\"Response is JSON\", function () {"," pm.response.to.be.json;","});","pm.test(\"Response has token\", function () {"," const jsonData = pm.response.json();"," pm.expect(jsonData).to.have.property(\"token\");","});","pm.test(\"Response has user data\", function () {"," const jsonData = pm.response.json();"," pm.expect(jsonData).to.have.property(\"user\").or.have.property(\"data\").or.have.property(\"name\").or.have.property(\"email\");","});","pm.test(\"Response time is less than 2000ms\", function () {"," pm.expect(pm.response.responseTime).to.be.below(2000);","});","if (pm.response.code === 200 || pm.response.code === 201) {"," const jsonData = pm.response.json();"," if (jsonData.token) {"," pm.collectionVariables.set(\"token\", jsonData.token);"," }","}"]}}],"id":"59dfe6fe-ae5d-4d95-a961-ec1776a3fed2","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Content-Type","value":"application/json"}],"body":{"mode":"raw","raw":"{\n \"name\": \"John Doe\",\n \"email\": \"john@example.com\",\n \"password\": \"password123\"\n}"},"url":"http://localhost:5000/api/auth/register","description":"Registers a new user on the TrustCart platform. Provide a name, email address, and password in the request body. On success, returns the created user object along with a JWT token that can be used for authenticated requests. No authentication required.
\n","urlObject":{"path":["auth","register"],"host":["http://localhost:5000/api"],"query":[],"variable":[]}},"response":[],"_postman_id":"59dfe6fe-ae5d-4d95-a961-ec1776a3fed2"},{"name":"Login","event":[{"listen":"test","script":{"type":"text/javascript","exec":["pm.test(\"Status code is 200\", function () {"," pm.response.to.have.status(200);","});","pm.test(\"Response is JSON\", function () {"," pm.response.to.be.json;","});","pm.test(\"Response has token\", function () {"," const jsonData = pm.response.json();"," pm.expect(jsonData).to.have.property(\"token\");","});","pm.test(\"Response time is less than 2000ms\", function () {"," pm.expect(pm.response.responseTime).to.be.below(2000);","});","if (pm.response.code === 200) {"," const jsonData = pm.response.json();"," if (jsonData.token) {"," pm.collectionVariables.set(\"token\", jsonData.token);"," console.log(\"Token saved to collection variable.\");"," }","}"]}}],"id":"61108fca-dcda-4260-ac4c-a84218676463","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Content-Type","value":"application/json"}],"body":{"mode":"raw","raw":"{\n \"email\": \"john@example.com\",\n \"password\": \"password123\"\n}"},"url":"http://localhost:5000/api/auth/login","description":"Authenticates an existing user with their email and password. On success, returns a JWT token that must be included as a Bearer token in the Authorization header for all protected routes. The token is automatically saved to the token collection variable.
Returns the profile information of the currently authenticated user. Requires a valid JWT Bearer token in the Authorization header. Use this endpoint to retrieve the logged-in user's details such as name, email, and role.
\n","urlObject":{"path":["auth","me"],"host":["http://localhost:5000/api"],"query":[],"variable":[]}},"response":[],"_postman_id":"96034351-f0e9-4b4a-9ea0-87fc0d90981f"},{"name":"Google Login","event":[{"listen":"test","script":{"type":"text/javascript","exec":["pm.test(\"Status code is 200 or 201\", function () {"," pm.expect(pm.response.code).to.be.oneOf([200, 201, 400, 401]);","});","pm.test(\"Response is JSON\", function () {"," pm.response.to.be.json;","});","pm.test(\"Response time is less than 3000ms\", function () {"," pm.expect(pm.response.responseTime).to.be.below(3000);","});","if (pm.response.code === 200 || pm.response.code === 201) {"," const jsonData = pm.response.json();"," pm.test(\"Response has token on success\", function () {"," pm.expect(jsonData).to.have.property(\"token\");"," });","}"]}}],"id":"cf2bd433-67a9-41c9-8648-a622ac29211a","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Content-Type","value":"application/json"}],"body":{"mode":"raw","raw":"{\n \"token\": \"google_access_token_here\"\n}"},"url":"http://localhost:5000/api/auth/google","description":"Authenticates a user using a Google OAuth access token. Pass the Google access token obtained from the Google OAuth flow in the request body. On success, returns a JWT token for the TrustCart platform. No prior registration is required — the user will be created automatically if they don't exist.
\n","urlObject":{"path":["auth","google"],"host":["http://localhost:5000/api"],"query":[],"variable":[]}},"response":[],"_postman_id":"cf2bd433-67a9-41c9-8648-a622ac29211a"},{"name":"SSO Login","event":[{"listen":"test","script":{"type":"text/javascript","exec":["pm.test(\"Status code is 200, 201, 400, or 401\", function () {"," pm.expect(pm.response.code).to.be.oneOf([200, 201, 400, 401, 404]);","});","pm.test(\"Response is JSON\", function () {"," pm.response.to.be.json;","});","pm.test(\"Response time is less than 3000ms\", function () {"," pm.expect(pm.response.responseTime).to.be.below(3000);","});","if (pm.response.code === 200 || pm.response.code === 201) {"," const jsonData = pm.response.json();"," pm.test(\"Response has token or redirect URL on success\", function () {"," pm.expect(jsonData).to.satisfy(function(data) {"," return data.token || data.redirectUrl || data.url;"," });"," });","}"]}}],"id":"e388df30-43be-4f22-8e63-26262e0d1789","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Content-Type","value":"application/json"}],"body":{"mode":"raw","raw":"{\n \"domain\": \"example.com\"\n}"},"url":"http://localhost:5000/api/auth/sso","description":"Authenticates a user via Single Sign-On (SSO) using their organization's domain. Provide the organization domain in the request body to initiate the SSO flow. This is typically used for enterprise users who authenticate through their company's identity provider.
\n","urlObject":{"path":["auth","sso"],"host":["http://localhost:5000/api"],"query":[],"variable":[]}},"response":[],"_postman_id":"e388df30-43be-4f22-8e63-26262e0d1789"}],"id":"b1f28366-15de-4577-8562-096165a8c072","_postman_id":"b1f28366-15de-4577-8562-096165a8c072","description":""},{"name":"Products","item":[{"name":"Get All Products","event":[{"listen":"test","script":{"type":"text/javascript","exec":["pm.test(\"Status code is 200\", function () {"," pm.response.to.have.status(200);","});","pm.test(\"Response is JSON\", function () {"," pm.response.to.be.json;","});","pm.test(\"Response is an array or has products array\", function () {"," const jsonData = pm.response.json();"," pm.expect(jsonData).to.satisfy(function(data) {"," return Array.isArray(data) || Array.isArray(data.products) || Array.isArray(data.data);"," });","});","pm.test(\"Response time is less than 2000ms\", function () {"," pm.expect(pm.response.responseTime).to.be.below(2000);","});"]}}],"id":"e7ed6aaa-247d-4215-922e-77a9488ce007","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"url":"http://localhost:5000/api/products","description":"Retrieves a list of all products available on the TrustCart platform. This is a public endpoint and does not require authentication. The response includes product details such as title, description, price, brand, category, and stock availability.
\n","urlObject":{"path":["products"],"host":["http://localhost:5000/api"],"query":[],"variable":[]}},"response":[],"_postman_id":"e7ed6aaa-247d-4215-922e-77a9488ce007"},{"name":"Verify Product","event":[{"id":"926e8315-4ebe-457d-9080-a23d569b4a0e","listen":"test","script":{"type":"text/javascript","exec":["pm.test(\"Status code is 200, 404, or 400\", function () {"," pm.expect(pm.response.code).to.be.oneOf([200, 404, 400]);","});","pm.test(\"Response is JSON\", function () {"," pm.response.to.be.json;","});","pm.test(\"Response time is less than 2000ms\", function () {"," pm.expect(pm.response.responseTime).to.be.below(2000);","});","if (pm.response.code === 200) {"," pm.test(\"Response has verification status\", function () {"," const jsonData = pm.response.json();"," pm.expect(jsonData).to.satisfy(function(data) {"," return data.verified !== undefined || data.status || data.product || data.data;"," });"," });","}"]}}],"id":"930d5440-108c-46ae-ba5d-289cf8388369","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"url":"http://localhost:5000/api/products/verify/1234567890","description":"Verifies the authenticity of a product using its unique barcode or product code. Replace 1234567890 in the URL with the actual product code to verify. Returns verification status and product details if the product is genuine. No authentication required.
Retrieves detailed information about a specific product by its unique ID. Replace product_id_here in the URL with the actual product ID (e.g., a MongoDB ObjectId). Returns full product details including title, description, price, brand, category, and stock. No authentication required.
Creates a new product on the TrustCart platform. Requires admin-level JWT authentication via Bearer token. Provide product details including title, description, price, brand, category, and stock in the request body. On success, returns the newly created product object.
\n","urlObject":{"path":["products"],"host":["http://localhost:5000/api"],"query":[],"variable":[]}},"response":[],"_postman_id":"043044d8-13e4-4ab6-b57c-7dd7847e66dc"},{"name":"Update Product (Admin)","event":[{"id":"b7e67866-060a-4fd3-aece-7b8077f9740b","listen":"test","script":{"type":"text/javascript","exec":["pm.test(\"Status code is 200, 401, 403, or 404\", function () {"," pm.expect(pm.response.code).to.be.oneOf([200, 401, 403, 404]);","});","pm.test(\"Response is JSON\", function () {"," pm.response.to.be.json;","});","pm.test(\"Response time is less than 2000ms\", function () {"," pm.expect(pm.response.responseTime).to.be.below(2000);","});","if (pm.response.code === 200) {"," pm.test(\"Updated product is returned\", function () {"," const jsonData = pm.response.json();"," pm.expect(jsonData).to.satisfy(function(data) {"," return data._id || data.id || (data.product && (data.product._id || data.product.id)) || data.data;"," });"," });","}"]}}],"id":"e8fbe6e9-bb01-45c7-b823-a9a22e5672e0","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"PUT","header":[{"key":"Authorization","value":"Bearer your_jwt_token_here"},{"key":"Content-Type","value":"application/json"}],"body":{"mode":"raw","raw":"{\n \"price\": 89.99\n}"},"url":"http://localhost:5000/api/products/product_id_here","description":"Updates an existing product's details by its unique ID. Requires admin-level JWT authentication via Bearer token. Replace product_id_here in the URL with the actual product ID. Only include the fields you want to update in the request body — partial updates are supported.
Permanently deletes a product from the TrustCart platform by its unique ID. Requires admin-level JWT authentication via Bearer token. Replace product_id_here in the URL with the actual product ID. This action is irreversible — the product will be permanently removed.
Retrieves a list of all registered users on the TrustCart platform. This is an admin-only endpoint and requires a valid admin JWT Bearer token. Returns an array of user objects with details such as name, email, and role.
\n","urlObject":{"path":["users"],"host":["http://localhost:5000/api"],"query":[],"variable":[]}},"response":[],"_postman_id":"a7c73147-31a4-41f5-aaa6-2c02255751d9"},{"name":"Get User By ID","event":[{"id":"8b74428c-0016-4072-b226-d725194fd282","listen":"test","script":{"type":"text/javascript","exec":["pm.test(\"Status code is 200, 401, 403, or 404\", function () {"," pm.expect(pm.response.code).to.be.oneOf([200, 401, 403, 404]);","});","pm.test(\"Response is JSON\", function () {"," pm.response.to.be.json;","});","pm.test(\"Response time is less than 1000ms\", function () {"," pm.expect(pm.response.responseTime).to.be.below(1000);","});","if (pm.response.code === 200) {"," pm.test(\"User has required fields\", function () {"," const jsonData = pm.response.json();"," const user = jsonData.user || jsonData.data || jsonData;"," pm.expect(user).to.satisfy(function(u) {"," return u.email || u.name || u._id || u.id;"," });"," });","}"]}}],"id":"bac60846-a9b6-4eae-94d6-2069cb3a1368","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer your_jwt_token_here"}],"url":"http://localhost:5000/api/users/user_id_here","description":"Retrieves the profile details of a specific user by their unique ID. Requires a valid JWT Bearer token. Replace user_id_here in the URL with the actual user ID. Returns user information such as name, email, and role.
Updates the profile information of a specific user by their unique ID. Requires a valid JWT Bearer token. Replace user_id_here in the URL with the actual user ID. Only include the fields you want to update in the request body — partial updates are supported.
Permanently deletes a user account from the TrustCart platform by their unique ID. Requires admin-level JWT authentication via Bearer token. Replace user_id_here in the URL with the actual user ID. This action is irreversible.
Checks the health and availability of the TrustCart API server. Use this endpoint to verify that the server is running and responsive before making other API calls. No authentication required.
\n","urlObject":{"path":["health"],"host":["http://localhost:5000/api"],"query":[],"variable":[]}},"response":[],"_postman_id":"29ff8b68-5b9c-41f3-866b-12e4a7031853"}],"variable":[{"key":"base_url","value":"http://localhost:5000/api","type":"string"},{"key":"token","value":"your_jwt_token_here","type":"string"}]}