What It Does
The Attachments API lets you create metadata records for product attachments, list attachments for a product, and soft-delete attachments. Attachment metadata is managed through RPCs; actual file upload and download use the storage layer separately.Authentication & Permissions
All RPCs require an authenticated session. Mutations require a role with sufficient permissions for the target brand.RPCs
create_product_attachment_record
Creates a metadata record for a new product attachment. Request- Not authenticated — request has no valid JWT.
- Forbidden — caller does not have sufficient access.
- Invalid input — request is malformed or cannot be processed.
- This RPC creates the metadata record only. File upload is handled separately via the storage layer.
list_product_attachments
Returns all active (non-deleted) attachments for a product. Request- Not authenticated — request has no valid JWT.
- Forbidden — caller does not have sufficient access.
- Invalid input — request is malformed or cannot be processed.
soft_delete_product_attachment
Marks an attachment as deleted without permanently removing it. Request- Not authenticated — request has no valid JWT.
- Forbidden — caller does not have sufficient access.
- Invalid input — request is malformed or cannot be processed.
- Soft-deleted attachments are excluded from
list_product_attachmentsresults.