​

Public Marketplace and Invite Flows

​

Marketplace endpoints

• GET /api/affiliate/marketplace/eligibility
• GET /api/affiliate/marketplace/programs
• GET /api/affiliate/marketplace/programs/:slug
• GET /api/affiliate/marketplace/programs/:slug/application-form
• POST /api/affiliate/marketplace/programs/:slug/apply
• GET /api/affiliate/marketplace/programs/:slug/similar
• DELETE /api/affiliate/marketplace/programs/:slug/application

​

Auth model for marketplace routes

​

Eligibility rules

• approved in at least one program
• earned minimum commission threshold
• no ban status

​

Browse programs

• page
• limit
• query (search by name)

​

Apply payload

{
  "partnerId": "part_123",
  "formData": {
    "website": "https://creator.example",
    "audience": "EU SaaS founders"
  }
}

• Session partner must match partnerId.
• Rate limited to 5 apply attempts/hour per partner.
• Rejects duplicate enrollments.
• Supports dynamic custom application forms.
• Enrollment may be approved or pending depending on auto-approve and fraud checks.

​

Withdraw application

​

Public invite accept

• POST /api/invites/:token/accept

• Public route with IP rate limit (5/hour).
• Validates token format and expiry.
• Auto-creates partner if needed.
• Creates approved enrollment with referral code.

​

Public discount validation

• GET /api/discounts/validate?code=...&programId=...&amount=...

• Public route with IP rate limit (10/min).
• Validates code status, expiry, and max uses.
• Returns calculated discount amount and attribution partner ID if valid.

​

Common errors

• 400: malformed payload, invalid status transition, token format errors
• 401: missing partner auth for marketplace routes
• 403: not eligible or partner/session mismatch
• 404: program/token/code not found
• 409: duplicate enrollment/application conflict
• 429: rate limited