Stock summary
GET /api/v1/external/inventory/stock · scope inventory:read
Returns available stock per variation. Optional filter by product.
Query parameters
| Param | Type | Description |
|---|---|---|
productId | UUID | Filter only variations of that product. Optional. |
Request
curl "https://api.nuvlyx.com/api/v1/external/inventory/stock?productId=0f1c…" \
-H "Authorization: Bearer nvl_live_YOUR_TOKEN"Bulk-upload licenses
POST /api/v1/external/inventory/licenses · scope inventory:write
Equivalent to the .txt upload in the admin: send an array of credentials
(one entry per stock unit). Credentials are encrypted at rest with AES-256-GCM before being persisted.
Body
| Field | Type | Description |
|---|---|---|
variationId | UUID | Target variation. Required. |
credentials | string[] | Credentials (1–2000). One per stock unit. Required. |
expiresAt | ISO 8601 | Expiry timestamp applied to ALL licenses in the batch. Optional. |
Request
curl -X POST https://api.nuvlyx.com/api/v1/external/inventory/licenses \
-H "Authorization: Bearer nvl_live_YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"variationId": "abc12345-…",
"credentials": [
"user1@email.com|password1",
"user2@email.com|password2",
"user3@email.com|password3"
],
"expiresAt": "2027-01-01T00:00:00Z"
}'Rules and limits
- Up to 2000 credentials per request. For larger volumes, batch into multiple POSTs.
- Deduplication: if a credential already exists on the variation it is skipped and counted in
skippedDuplicates. - Plan limit: if your plan caps imports, the server enforces it (
400response). - Encryption: credentials never appear in logs or read endpoints — only when delivered to the customer on a completed order.