Grant a reward (for an action that occurred in the partner's own systems.)
POST/api/rewards/grant
Requires admin token. Mints a reward (in Confirmed state, immediately claimable) against a user for an action that happened outside Ownli — for example a device purchase, app migration, or completed referral tracked in the partner's backend. The reward then surfaces in the standard list/claim endpoints.
Idempotency: the supplied clientReference is unique per partner; a repeat call with the same clientReference returns the existing reward instead of minting a new one. A repeat with a different userId or amount returns 409 — guard against accidental key reuse.
Request
- application/json
Body
required
Id of the user receiving the reward.
Possible values: >= 1 and <= 100
Reward amount in dollars. Must be >= 1.00 and <= 100.00.
Possible values: <= 64 characters, Value must match regular expression [a-zA-Z0-9._-]+
Partner-chosen label identifying the action that triggered this reward. Free-form, no Ownli-side validation. Used purely for grouping and reporting.
Possible values: <= 128 characters
Caller-supplied unique reference for this grant (e.g. their order id or transaction id). Used for idempotency: a repeat call with the same value returns the existing reward instead of minting a new one.
Responses
- 200
- 400
- 401
- 403
- 404
- 409
- 500
Reward granted (or existing reward returned for an idempotent replay).
- application/json
- Schema
- Example (from schema)
Schema
Id of the granted reward (XT_*).
Id of the user who received the reward.
Reward amount in dollars.
Reward type. Always Custom for grant-reward calls.
Partner-supplied actionCode echoed back.
Partner-supplied clientReference echoed back.
Status of the reward. Grant-reward calls always create the reward in Confirmed state so it is immediately claimable.
ISO-8601 timestamp at which the reward was created.
True when this call returned an existing reward (idempotent replay) rather than minting a new one.
{
"id": "XT_DBRabc123",
"userId": "XT_USRabc123",
"amount": 25,
"type": "Custom",
"actionCode": "device-purchase",
"clientReference": "order-12345",
"status": "Confirmed",
"dateRewarded": "2026-04-25T10:15:30Z",
"idempotentReplay": false
}
Invalid parameters. Possible error codes
-
ERROR_INVALID_PARAMETERS
- application/json
- Schema
- Example (from schema)
Schema
Error code
A verbose error message
{
"error_code": "string",
"error_message": "string"
}
Authorization error e.g. due to an invalid or missing token.
Forbidden. Possible error codes
-
INSUFFICIENT_SCOPE (the JWT does not have admin scope)
-
ERROR_NO_PERMISSIONS_TO_RESOURCE (the user does not belong to the calling partner)
- application/json
- Schema
- Example (from schema)
Schema
Error code
A verbose error message
{
"error_code": "string",
"error_message": "string"
}
User not found. Possible error codes
-
ERROR_USER_NOT_FOUND
- application/json
- Schema
- Example (from schema)
Schema
Error code
A verbose error message
{
"error_code": "string",
"error_message": "string"
}
The supplied clientReference already exists with different attributes. Possible error codes
-
ERROR_REWARD_CONFLICT
- application/json
- Schema
- Example (from schema)
Schema
Error code
A verbose error message
{
"error_code": "string",
"error_message": "string"
}
Internal error. Possible error codes
-
INTERNAL_SERVER_ERROR
- application/json
- Schema
- Example (from schema)
Schema
Error code
A verbose error message
{
"error_code": "string",
"error_message": "string"
}