The Zippi Orders API lets customers place delivery orders either as a guest (phone number only) or as a registered customer with a JWT session. In both cases, the server looks up every item’s price directly from the catalog — any totals or unit prices sent by the client are silently ignored. Order state progresses through a defined FSM and is surfaced via theDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/CRISTIANCAMACH34/Zippi/llms.txt
Use this file to discover all available pages before exploring further.
status field on every order response.
Order Item Structure
Every order must include anitems array. Each element describes one product line in the cart.
Order item object
Product reference in
prod-{id} format (e.g. prod-101). Plain numeric IDs
are also accepted. Must correspond to an active product that belongs to the
target business.Number of units. Must be greater than zero.
Selected option groups (e.g. size, temperature). Each element must include
option_id and a choices array of selected choice IDs. Currently reserved
for future use — the server stores the raw payload but does not yet add option
surcharges to the price.Free-text line note for kitchen staff (e.g. allergy instructions). Stored in
the
observaciones field of the order item.Create Guest Order
Places an order without requiring a customer account. The server matches or creates a customer record by phone number and returns a signedguestAccessToken that
can be used later to retrieve the order.
POST /api/v1/orders/guest
No authentication required.
Request Body
Business reference object.
Composite business ref (
biz-{businessId}-branch-{branchId}) or branch slug.Numeric parent business ID. Used to scope product price lookups.
Delivery fee in centavos, as advertised to the customer. The server stores
this value as the logistics component of
valor_servicio.Platform service fee in centavos.
One or more order item objects. Must contain at least
one element; an empty array returns HTTP 422.
Payment method. Defaults to
cash. Common values: cash, card, wompi.Customer phone number. Used to find or create the customer record. Required
for guest orders; omit for authenticated customer orders.
Customer name. Used when creating a new guest customer record. Defaults to
"Cliente invitado" if omitted.General notes for the entire order (separate from per-item notes).
cURL — guest order
Response
HTTP 201 on success.Order reference in the format
order-{id} (e.g. order-42). Use this to
retrieve the order later.Human-readable order code, formatted as
ZP-{YYMMDD}-{clientId}-{seq}
(e.g. ZP-250115-0007-3421).Signed token required to retrieve this order as a guest. Store this token in
the client. Present only for guest orders (absent for authenticated customers).
Initial order state. Always
pending on creation.Server-calculated product subtotal (sum of
price × quantity for all items).Combined logistics and service fee stored on the order.
Final total (
subtotal + deliveryFee + serviceFee), calculated server-side.ISO 8601 UTC timestamp of order creation.
Example response (guest order)
The
ALLOW_MANUAL_ORDER_CREATION environment variable controls whether this
endpoint accepts orders outside of configured operating hours. When set to
false, orders submitted while all branches are closed are rejected. Defaults
to true in the provided .env.example.Create Authenticated Customer Order
Places an order on behalf of the currently logged-in customer. Identical to the guest flow except that contact fields (phone, name) are sourced from the
authenticated customer record and no guestAccessToken is returned.
POST /api/v1/orders/customer
Requires customer JWT in the Authorization: Bearer {token} header.
Request Body
Same as guest order, butphone and name are not required —
they are ignored when a valid customer JWT is present. The customer record is resolved
from the id claim in the JWT.
cURL — authenticated customer order
guestAccessToken field. HTTP 201 on success.
List Customer Order History
Returns up to 100 of the authenticated customer’s most recent orders, newest first.GET /api/v1/customer/orders
Requires customer JWT in the Authorization: Bearer {token} header.
cURL
Response
List of order summary objects ordered by
createdAt descending.Order reference (
order-{id}).Human-readable order code (
ZP-YYMMDD-CCCC-SSSS).Current order state. See Order States below.
Product subtotal in the platform’s monetary unit.
Final total including fees.
Payment method used (
cash, card, wompi, etc.).ISO 8601 creation timestamp (UTC).
Get Single Order
Retrieves the full detail of one order. Works for both authenticated customers and guests, with different access proofs.GET /api/v1/customer/orders/:order_id
- Authenticated customers: provide
Authorization: Bearer {token}. The server validates that the order belongs to the requesting customer. - Guest customers: omit the
Authorizationheader and pass theX-Guest-Order-Tokenheader with the token returned at order creation.
The
order_id path segment accepts both the order-{id} format (e.g.
order-42) and the human-readable order code (e.g. ZP-250115-0007-3421).Path Parameters
Order reference in
order-{id} format or the full order code (ZP-…).Headers
Bearer {jwt} — required when retrieving an order as a registered customer.Signed guest access token returned at order creation. Required for unauthenticated
retrieval of a guest order. Can also be passed as the
access_token or
guestAccessToken query parameter as a fallback.cURL — authenticated customer
cURL — guest access via header
cURL — guest access via query parameter (fallback)
Response
Order reference (
order-{id}).Human-readable order code.
Current order state. See Order States below.
Brief business info:
id and name.Delivery address:
address (text) and optional reference.Line items as stored. Each item includes
name, quantity,
precio_unitario_estimado, and subtotal_estimado.Payment method (
cash, card, wompi, etc.).Product subtotal (server-calculated).
Combined delivery and logistics fee stored on the order.
Platform service fee component.
Final order total (server-calculated).
General order notes.
ISO 8601 UTC timestamp.
Order state history events. Each event includes
estado_nuevo (new state),
actor_tipo, and fecha_cambio.Order States
The Zippi order FSM uses the followingstatus values. Transitions are validated
server-side and cannot be skipped.
| State | Description |
|---|---|
pending | Order received, awaiting acceptance by the business |
confirmed | Business has confirmed the order |
preparing | Order is being prepared |
ready | Ready for pickup by the courier |
in_transit | Courier has picked up the order |
delivered | Order successfully delivered |
cancelled | Order cancelled before delivery |
failed | Order could not be completed |
customer_absent | Customer was unreachable at delivery |
rescheduled | Delivery rescheduled by agreement |
refunded | Payment refunded |
Guest order retrieval is fail-closed: if the
X-Guest-Order-Token is
missing, expired, or invalid, the server returns HTTP 404 rather than 401 to
avoid disclosing that the order exists. Store the token from the creation
response immediately and persistently.