Owner Claim

Owner-claim flow: public token-based claim view, claim confirmation, and the authenticated start of an owner claim.

View owner claim details

GET

https://api.faireplace.com/api

/owner-claim/{token}

Returns a minimal public summary of an owner claim so the recipient can confirm they are looking at the right request before logging in.

Authentication

This endpoint is public (the user is not yet authenticated when they click the email link). The only credential is the claim token in the URL path.

Privacy

Anti-leak by design: the initiator email is masked (jo***@example.com), the owner email is never returned, and no internal IDs are exposed. Unknown / consumed tokens return a generic 404 (anti-oracle); responses are padded to a constant minimum latency.

Example

Code
curl https://api.faireplace.com/api/owner-claim/3f8b1c2d-...-9a0e

Response:


Code
{
  "initiator_email_partial": "jo***@example.com",
  "owner_display_name": "Jean Dupont",
  "expires_at": "2026-06-27T10:00:00Z"
}

View owner claim details › path Parameters

token

string · required

Owner claim token (clear value from the email link).

View owner claim details › Responses

Owner claim details retrieved.

Minimal public summary shown on the confirmation screen before login. Anti-leak: the initiator email is masked, the owner email is never returned, and no internal IDs (auth_user_id, owner_id) are exposed.

OwnerClaimDetailsView

initiator_email_partial

string · required

Masked initiator email (first chars + domain), e.g. jo***@example.com.

Example: jo***@example.com

owner_display_name

string · required

Owner display name (last name, plus first name for individuals).

Example: Jean Dupont

expires_at

string · date-time · required

Expiration date of the claim session.

Example: 2026-06-27T10:00:00Z

Confirm an owner claim

POST

https://api.faireplace.com/api

/owner-claim/{token}/confirm

Finalizes an owner claim: links owner.auth_user_id to the currently authenticated account and marks the claim session as consumed.

Authentication

Unlike the GET above, this endpoint requires authentication (Bearer JWT, PropertiesRead permission). The user must be logged in; the confirmation matches the authenticated account against the claim initiator. The token is still read from the URL path.

Body

The request body may be empty — the confirmation is derived from the JWT and the path token.

Example

Code
curl -X POST https://api.faireplace.com/api/owner-claim/3f8b1c2d-...-9a0e/confirm \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{}'

Response:


Code
{
  "owner_id": "550e8400-e29b-41d4-a716-446655440000",
  "claimed_at": "2026-06-20T14:30:00Z"
}

Confirm an owner claim › path Parameters

token

string · required

Owner claim token (clear value from the email link).

Confirm an owner claim › Request Body optional

Body for the confirm endpoint. An empty body is accepted — the confirmation is derived from the authenticated JWT and the token in the path. The optional field exists only to allow forward-compatible extension (e.g. consent flags).

ConfirmOwnerClaimBody

Confirm an owner claim › Responses

Claim confirmed and linked to the authenticated account.

Response after a guest claim has been confirmed and linked to the current account.

ConfirmOwnerClaimResponse

owner_id

string · uuid · required

Identifier of the owner that is now linked to the authenticated account.

Example: 550e8400-e29b-41d4-a716-446655440000

claimed_at

string · date-time · required

Timestamp at which the claim was confirmed.

Example: 2026-06-20T14:30:00Z

Start an owner claim

POST

https://api.faireplace.com/api

/owners/{owner_id}/claim/start

Starts an owner-claim workflow for the given owner_id. The backend generates a token, persists the claim session, and the targeted owner receives an email containing the confirmation link.

Authentication

This endpoint requires authentication (Bearer JWT, PropertiesWrite permission) — it modifies the account ↔ owner association. The initiator identity (auth user id + email) and tenant are taken from the JWT.

The claim TTL defaults to 7 days (168 hours).

Example

Code
curl -X POST https://api.faireplace.com/api/owners/550e8400-e29b-41d4-a716-446655440000/claim/start \
  -H "Authorization: Bearer YOUR_API_KEY"

Response (201 Created):


Code
{
  "frontend_url": "https://app.faireplace.com/owner-claim/3f8b1c2d-...-9a0e",
  "owner_email": "[email protected]"
}

Start an owner claim › path Parameters

owner_id

string · uuid · required

Identifier of the owner to start a claim for.

Start an owner claim › Responses

Claim started; the link has been issued for the owner.

Response after starting an owner claim. The targeted owner receives the link by email.

StartOwnerClaimResponse

frontend_url

string · required

Frontend URL (containing the claim token) sent to the owner by email.

Example: https://app.faireplace.com/owner-claim/3f8b1c2d-4e5f-6a7b-8c9d-0e1f2a3b4c5d

owner_email

string · email · required

Email address of the owner the claim was started for.

Example: [email protected]

Guest Signature Syndic Management