Complete Mock API with OAuth 2.0, API Key, and Basic Auth. Full CRUD operations, advanced filtering, file uploads, and rich nested data structures for comprehensive integration testing.
Client credentials, password, authorization_code, and refresh_token grant types. Token introspection and revocation included.
JWT Bearer tokens, API Key (X-API-Key header), and HTTP Basic Auth. All methods work interchangeably.
GET, POST, PUT, PATCH, DELETE for all resources. No field restrictions on updates - perfect for mock testing.
Field filters, numeric ranges, date ranges, text search, tags, and field selection. Paginated responses with metadata.
Single and multiple file upload endpoints returning mock CDN URLs. Image validation endpoint included.
Products with variants, specs, reviews. Users with addresses, permissions. Sales with tracking events and pricing breakdowns.
# Request token using client credentials
curl -X POST /oauth/token \
-H "Content-Type: application/json" \
-d '{
"grant_type": "client_credentials",
"client_id": "client123",
"client_secret": "secret123"
}'# Simple API Key authentication
curl -X GET /api/products \
-H "X-API-Key: api-key-123456"
# Available API Keys:
# • api-key-123456 (admin)
# • api-key-789012 (user)# HTTP Basic Authentication
curl -X GET /api/users \
-u admin:admin123
# Valid credentials:
# • admin:admin123
# • johndoe:password123# Filter products by multiple criteria
curl -X GET "/api/products/paginated?\
brand=Apple&\
minPrice=500&\
maxPrice=2000&\
minRating=4&\
fields=id,name,price,brand" \
-H "X-API-Key: api-key-123456"| Parameter | Type | Description | Example |
|---|---|---|---|
page |
number | Page number (1-based) | 1 |
limit |
number | Items per page | 10 |
sortBy |
string | Sort field (supports nested paths) | price, pricing.total |
sortOrder |
string | Sort direction | asc, desc |
search |
string | Global text search | laptop |
category |
string | Filter by category | Electronics |
brand |
string | Filter by brand | Apple |
minPrice / maxPrice |
number | Price range | 100, 1000 |
minRating |
number | Minimum rating (1-5) | 4 |
status |
string | Filter by status (sales) | delivered |
createdAfter / createdBefore |
ISO 8601 | Date range filter | 2024-01-01T00:00:00Z |
tags |
string | Filter by tags (comma-separated) | premium,wireless |
fields |
string | Select specific fields | id,name,price |
/oauth/authorize
/oauth/token
/oauth/introspect
/oauth/revoke
/oauth/userinfo
/.well-known/oauth-authorization-server
/api/users
List all
/api/users/paginated
With filters
/api/users/:id
/api/users
/api/users/:id
Full update
/api/users/:id
Partial
/api/users/:id
/api/products
List all
/api/products/paginated
With filters
/api/products/:id
/api/products
/api/products/:id
Full update
/api/products/:id
Partial
/api/products/:id
/api/sales
List all
/api/sales/paginated
With filters
/api/sales/:id
/api/sales
/api/sales/:id
Full update
/api/sales/:id
Partial
/api/sales/:id
/api/upload/single
Single file
/api/upload/multiple
Multiple files
/api/upload/image
Image only
Authorization: Bearer <access_token>
# Get token first via POST /oauth/token
# Token expires in 3600 seconds
X-API-Key: api-key-123456
# Available keys:
• api-key-123456 (admin)
• api-key-789012 (user)
Authorization: Basic <base64>
# Or use -u flag in curl:
curl -u admin:admin123 /api/users
POST /oauth/token
{
"grant_type": "client_credentials",
"client_id": "client123",
"client_secret": "secret123"
}