Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.tybritelabs.com/llms.txt

Use this file to discover all available pages before exploring further.

The CustomersService class (accessed via client.customers) provides administrative and logistical control over customer profiles.

Profile Management

createCustomer

Create a new customer profile. This is ideal for bulk imports or custom CRM integrations.
This method requires a Secret Key and should only be called from secure server-side environments.
const customer = await client.customers.createCustomer({
  requestBody: {
    email: 'client@example.com',
    name: 'John Doe',
    phone: '254711222333',
    address: '123 Business Way, Nairobi'
  }
});

getCustomer

Retrieve complete details for a specific customer, including store metrics and purchase history.
This method requires both a Publishable/Secret Key (in client constructor) AND the customer’s session token (xAuthToken). The token resolves to a customer whose id must match the id parameter — otherwise 403 is returned. This prevents enumeration of other customers’ profiles.
const customer = await client.customers.getCustomer({
  id: 'customer-uuid-here',
  xAuthToken: customerSession.access_token, // Required customer JWT
  fields: 'name,email,store_metrics.total_spent'
});

updateCustomer

Perform partial updates on a customer record. Only the fields you provide will be modified.
Customers may only update their own record. The xAuthToken (session JWT) must resolve to a customer whose id matches the id parameter, or the server returns 403.
const updated = await client.customers.updateCustomer({
  id: 'customer-uuid-here',
  xAuthToken: customerSession.access_token, // Required customer JWT
  requestBody: {
    status: 'active',
    address: '123 Business Way, Nairobi',
    name: 'John Updated'
  }
});

Customer Utilities

Retention Tip: Use store_metrics to identify your top 10% of customers by lifetime value (LTV) and offer them personalized discount codes via the Promotions Service.

Authentication Flow

The getCustomer and updateCustomer methods require a customer session JWT (xAuthToken) in addition to your API key. Obtain the token via the AuthenticationService — either through login or verifyOtp.
Never expose Secret Keys in client-side code. For browser-based customer portals, use a Publishable Key in combination with the customer’s xAuthToken.
// 1. Customer logs in via AuthenticationService
const session = await client.authentication.login({
  requestBody: { email: 'jane@example.com', password: '...' }
});

// 2. Use the returned access_token for subsequent customer-scoped calls
const profile = await client.customers.getCustomer({
  id: session.customer.id,
  xAuthToken: session.session.access_token
});
createCustomer is intentionally Secret Key only — it is an admin/CRM operation (e.g. bulk imports) and does not involve customer authentication. No xAuthToken is required or accepted.

Response Codes

CodeMeaning
201Customer created successfully (createCustomer)
400Invalid request — malformed body or missing required fields
401Invalid API key, or missing/invalid xAuthToken
403Forbidden — the customer token does not match the customer_id in the path
404Customer not found
409Duplicate email at this store (on createCustomer)