Notification Service โ API Reference ๐
This document describes the read-only notification APIs exposed by the Notification Service in ShopVerse.
Notifications are generated asynchronously based on domain events and are accessed via the API Gateway.
๐ Base URLโ
/api/notifications
๐ Authentication & Authorizationโ
- JWT is validated at the API Gateway
- Gateway injects:
X-User-EmailX-User-Role
- Users can access only their notifications
- Admins can access all notifications
๐ฅ Get My Notifications (User)โ
Fetch notifications for the authenticated user.
โค Endpointโ
GET /api/notifications
โค Query Parameters (Optional)โ
| Param | Description |
|---|---|
page | Page number |
size | Page size |
unread | Filter unread notifications |
โค Success Response (200 OK)โ
[
{
"id": "NTF101",
"eventType": "ORDER_PLACED",
"message": "Your order ORD789 has been placed successfully",
"timestamp": "2026-01-21T12:35:00",
"read": false
}
]
โ๏ธ Mark Notification as Readโ
Mark a notification as read.
โค Endpointโ
PUT /api/notifications/{notificationId}/read
โค Success Response (200 OK)โ
{
"message": "Notification marked as read"
}
๐ Get All Notifications (Admin)โ
Fetch all notifications in the system.
โค Endpointโ
GET /api/notifications/all
โค Role Requiredโ
ADMIN
โค Success Response (200 OK)โ
[
{
"id": "NTF101",
"userEmail": "user@example.com",
"eventType": "PAYMENT_SUCCESS",
"message": "Payment successful for order ORD789",
"timestamp": "2026-01-21T12:45:00",
"read": true
}
]
๐ก Events Sourceโ
Notifications are generated from Kafka events published by:
| Source Service | Event Examples |
|---|---|
| Auth Service | USER_REGISTERED, USER_LOGIN |
| Order Service | ORDER_PLACED |
| Payment Service | PAYMENT_SUCCESS |
| Product Service | PRODUCT_CREATED |
๐ Request Flowโ
๐ก๏ธ Security Rules Summaryโ
| Role | Access |
|---|---|
| CUSTOMER | Own notifications |
| ADMIN | All notifications |
Ownership is enforced using X-User-Email.
โ ๏ธ Common Errorsโ
| Status | Meaning |
|---|---|
| 401 | Unauthorized |
| 403 | Forbidden |
| 404 | Notification not found |
| 500 | Internal server error |
๐ Summaryโ
The Notification API provides:
- Asynchronous user notifications
- Secure, role-based access
- Clean read-only endpoints
- Event-driven extensibility
It improves user experience without impacting core workflows.