Affiliate Program Owner Modules
These routes are mounted under/api/affiliate/* and are workspace-authenticated.
Feature and access model
- Entire
/affiliate/*surface requires affiliate-program entitlement. - Authenticated workspace context is required.
- Module permissions are split across
affiliates:*,payouts:*, andfraud:*.
Module map (route families)
/affiliate/programs(+ rewards)/affiliate/partners/affiliate/enrollments/affiliate/commissions/affiliate/payouts/affiliate/fraud/affiliate/analytics/affiliate/customers/affiliate/messages/affiliate/groups/affiliate/discounts/affiliate/bounties/affiliate/referrals/affiliate/automation/affiliate/activity-logs/affiliate/invites/affiliate/categories/affiliate/invoices/affiliate/comments/affiliate/campaigns
Representative endpoints
GET /api/affiliate/programsPOST /api/affiliate/programsGET /api/affiliate/partnersPATCH /api/affiliate/enrollments/:id/statusGET /api/affiliate/commissionsPOST /api/affiliate/payoutsGET /api/affiliate/fraud/summaryGET /api/affiliate/analytics/timeseries
Money and lifecycle operations
- Commission lifecycle: create/approve/cancel/refund/clawback/duplicate/bulk operations.
- Payout lifecycle: create/process/retry/cancel/complete and provider-specific processing paths.
- Fraud lifecycle: rules, groups, resolution, event inspection, and partner checks.
Typical failures
403entitlement/permission denied404unknown partner/program/enrollment/commission/payout in workspace scope409duplicate/constraint violations in partner and discount flows- provider/payment errors during payout processing