List distribution destinations
/distribution/destinationsDistribution destinations available to the api-key's linked user (feed
targets such as ONIX/metadata drops). FTP credentials are never
returned. Destinations are server-wide — the data model has no
per-usergroup destination — so every caller with distribution access
sees the same set. Requires the read scope and the linked user's
distribution permission (dm or dv).
Authorization
apiKey Issued to you when your integration is provisioned. Determines which catalogue resources are visible and which AI tools are available.
In: header
Response Body
application/json
application/json
application/json
curl -X GET "https://example.com/distribution/destinations"{ "success": true, "status": "success", "message": "Success", "data": { "items": [ { "ref": 3, "name": "ONIX feed", "format": "ONIX", "transport": "sftp", "enabled": true }, { "ref": 5, "name": "FTP drop", "format": "Standard", "transport": "ftp", "enabled": true } ], "total": 2 }}{ "success": false, "status": "fail", "message": "API key is required", "error": { "code": "NO_API_KEY", "message": "API key is required" }}{ "success": false, "status": "fail", "message": "This API key does not have the 'write' scope", "error": { "code": "INSUFFICIENT_SCOPE", "message": "This API key does not have the 'write' scope" }}Create a collection POST
Creates a collection owned by the api-key's linked user. Requires the `write` scope. ### Visibility Defaults to **team** — the publisher's other users (and other api-keys in the same usergroup) can see and list the collection. If the linked user may not create team collections, the default silently falls back to `private`; the response's `visibility` field reports what was applied. Requesting `team` explicitly when it isn't permitted returns 403 rather than downgrading. `private` collections are visible only to the owning (linked) user — including in this API's own `GET /collections` for other keys. ### Description `description` is accepted and validated but **not yet stored** — the collection data model has no description field today. Send it for forward-compatibility only. ### Idempotency Pass an `Idempotency-Key` header (a unique random string per logical create, e.g. a UUID) to make retries safe. The first successful response with a given key is cached for 24 hours; replays return the same body byte-for-byte with `Idempotent-Replayed: true`. Reusing the key with a different request body returns 422 `IDEMPOTENCY_KEY_CONFLICT`.
Get the status of a distribution run GET
Status of one queued run. Ownership is enforced via the run's collection (usergroup scope); a run the linked user doesn't own — or one that doesn't exist — returns **404**. Requires the `read` scope and distribution access (`dm` or `dv`).