Skip to main content

Update Aggregate

Modify the configuration of an existing sub-tenant (aggregate). All fields are optional; only include fields you want to change.


Endpoint

PUT /api/v3/aggregates/{id}

Path Parameters

ParameterTypeDescription
idstringAggregate's tenant ID

Request Body

All fields are optional. Only include fields you want to update. Omitted fields are left unchanged.

Core Fields

FieldTypeDescription
namestringStore name (max 255 characters)
final_domainstringStore domain; platform subdomain or custom domain (max 255 characters, must be unique)
langstringStore language (ISO 639-1 code)
timezonestringStore timezone (IANA format)
support_emailstringSupport and notifications email address (max 255 characters)
disable_sellingbooleanWhen true, disables all e-commerce functionality on the store (checkout, paid plans, paid content).
landing_enabledbooleanWhen true, the public landing page is shown.

Branding Fields

FieldTypeDescription
primary_colorstringPrimary brand color (hex format, e.g., #336699)
secondary_colorstringSecondary brand color (hex format, e.g., #FF6600)
logo_urlstringURL to the store logo image (max 2048 characters)
icon_urlstringURL to the store icon/favicon (max 2048 characters)
Nullable Fields

primary_color, secondary_color, logo_url, and icon_url accept null to clear the value.

Auth Token (SSO) Fields

Send an external_auth object to configure single sign-on for the sub-tenant. See the Auth Token guide for the token format and login flow.

FieldTypeDescription
external_auth.keystringWrite-only HMAC secret (minimum 32 characters). Never returned. See the update rules below.
external_auth.issuerstringYour platform identifier. Required when a new key is sent.
external_auth.redirect_urlstringWhere users are sent on auth errors. Required when a new key is sent.
external_auth.login_urlstringYour platform's login URL.
external_auth.logout_urlstringWhere users are sent after logging out.
external_auth.home_urlstringYour platform's home URL.
external_auth.account_urlstringYour platform's account URL.

The key field drives how an update is applied:

  • Omit key: the stored secret is kept, and any other external_auth fields you send are updated. Use this to edit the issuer or URLs without resending the secret.
  • Send a non-empty key: it replaces the stored secret and (re)activates SSO. issuer and redirect_url are required in this case.
  • Send key as null: SSO is deactivated and the whole external_auth configuration is cleared.
Key is write-only

Responses never include key. They return an external_auth object with every other field plus an enabled boolean that reflects whether a key is currently configured.


Request Examples

Update Store Name

curl -X PUT "https://yourstore.publica.la/api/v3/aggregates/42" \
-H "X-User-Token: your-api-token" \
-H "Content-Type: application/json" \
-d '{
"name": "My Updated Bookstore"
}'

Update Branding

curl -X PUT "https://yourstore.publica.la/api/v3/aggregates/42" \
-H "X-User-Token: your-api-token" \
-H "Content-Type: application/json" \
-d '{
"primary_color": "#1A237E",
"secondary_color": "#FF6F00",
"logo_url": "https://example.com/new-logo.png"
}'

Update Domain and Language

curl -X PUT "https://yourstore.publica.la/api/v3/aggregates/42" \
-H "X-User-Token: your-api-token" \
-H "Content-Type: application/json" \
-d '{
"final_domain": "new-bookstore-domain.publica.la",
"lang": "es",
"timezone": "America/Buenos_Aires"
}'

Update Support Email

curl -X PUT "https://yourstore.publica.la/api/v3/aggregates/42" \
-H "X-User-Token: your-api-token" \
-H "Content-Type: application/json" \
-d '{
"support_email": "[email protected]"
}'

Configure or Update Auth Token (SSO)

curl -X PUT "https://yourstore.publica.la/api/v3/aggregates/42" \
-H "X-User-Token: your-api-token" \
-H "Content-Type: application/json" \
-d '{
"external_auth": {
"key": "your-32-character-or-longer-secret-key",
"issuer": "my-platform",
"redirect_url": "https://my-platform.com/auth-error"
}
}'

Edit Auth Token Fields Without Resending the Secret

curl -X PUT "https://yourstore.publica.la/api/v3/aggregates/42" \
-H "X-User-Token: your-api-token" \
-H "Content-Type: application/json" \
-d '{
"external_auth": {
"redirect_url": "https://my-platform.com/new-auth-error"
}
}'

Deactivate Auth Token (SSO)

curl -X PUT "https://yourstore.publica.la/api/v3/aggregates/42" \
-H "X-User-Token: your-api-token" \
-H "Content-Type: application/json" \
-d '{
"external_auth": { "key": null }
}'

Combined Update

curl -X PUT "https://yourstore.publica.la/api/v3/aggregates/42" \
-H "X-User-Token: your-api-token" \
-H "Content-Type: application/json" \
-d '{
"name": "Rebranded Bookstore",
"primary_color": "#006341",
"secondary_color": null,
"logo_url": "https://example.com/rebrand-logo.png",
"support_email": "[email protected]"
}'

Response

Success Response (200 OK)

{
"data": {
"id": 42,
"slug": "my-bookstore",
"name": "My Updated Bookstore",
"final_domain": "mybookstore.publica.la",
"lang": "en",
"timezone": "America/New_York",
"support_email": "[email protected]",
"primary_color": "#1A237E",
"secondary_color": "#FF6F00",
"logo_url": "https://example.com/new-logo.png",
"icon_url": null,
"disable_selling": false,
"landing_enabled": true,
"external_auth": {
"enabled": true,
"issuer": "my-platform",
"redirect_url": "https://my-platform.com/auth-error",
"login_url": null,
"logout_url": null,
"home_url": null,
"account_url": null
},
"created_at": "2026-03-24T15:30:00+00:00"
}
}

Error Handling

Not Found (404)

Returned when the aggregate does not exist or does not belong to your store:

{
"message": "Not found."
}

Validation Errors (422)

{
"message": "The given data was invalid.",
"errors": {
"final_domain": ["The final domain has already been taken."],
"primary_color": ["The primary color format is invalid."]
}
}

Authentication Errors (401)

{
"message": "Unauthenticated."
}

Authorization Errors (403)

{
"message": "Tenant does not have aggregation capabilities."
}

Validation Rules

FieldRules
nameOptional, string, max 255 characters
final_domainOptional, string, max 255 characters, unique (excluding current), valid format
langOptional, valid language code
timezoneOptional, valid IANA timezone
support_emailOptional, valid email, max 255 characters
primary_colorOptional, nullable, hex color format (#RRGGBB)
secondary_colorOptional, nullable, hex color format (#RRGGBB)
logo_urlOptional, nullable, valid URL, max 2048 characters
icon_urlOptional, nullable, valid URL, max 2048 characters
disable_sellingOptional, boolean
landing_enabledOptional, boolean
external_auth.keyOptional, nullable, string with a minimum of 32 characters. Send null to clear the configuration
external_auth.issuerRequired when a non-empty key is sent, string, max 255 characters
external_auth.redirect_urlRequired when a non-empty key is sent, valid URL, max 2048 characters
external_auth.login_urlOptional, nullable, valid URL, max 2048 characters
external_auth.logout_urlOptional, nullable, valid URL, max 2048 characters
external_auth.home_urlOptional, nullable, valid URL, max 2048 characters
external_auth.account_urlOptional, nullable, valid URL, max 2048 characters

See Also

X

Graph View