Public marketplace surface. Read-only — auth, write paths, and webhook subscriptions arrive in Phase 1 (Clerk) and Phase 4 (public API). All endpoints below return JSON unless noted; CORS is open; no auth required for marketplace reads.
https://grm-app-us698.ondigitalocean.app/api
Liveness probe — returns ok if the process is up.
{ "status": "ok" }
Readiness probe — verifies the database connection.
{ "status": "ready" }
Returns the resolved tenant context for the request. Until Clerk lands, this echoes X-GRM-* headers (X-GRM-Org, X-GRM-User, X-GRM-Role).
{ "tenant": { "tenantId": "...", "userId": "...", "role": "..." } }
Search & list public marketplace items. Query params: q (full-text search via Postgres tsvector + trigram fallback), category (prefix-matched against items.category_path), limit (max 100, default 20).
{ "items": [...], "total": 16 }
Item detail with the seller record, public rate cards (each with quantity tiers), and similar items from other vendors matched by name OR category.
Category navigation tree. Returns leaf paths with item counts plus a derived top-level grouping by first segment.
Public verified-vendor list with their item counts.
Vendor profile + Phase-1 scorecard signals + their full public catalog.
Top items sold by 2+ vendors, ranked by largest spread between the cheapest and most expensive offer (any quantity tier).
FX rate cache. USD-anchored quotes-per-USD. Source: Phase-1 fixture seed; production refreshes daily from ECB / xe / Fixer.
application/problem+json) with stable type URIs.Idempotency-Key header) become required on all writes once auth lands.X-GRM-Org / X-GRM-User / X-GRM-Role headers as a stub; real session validation lands with Clerk.