Skip to content

Instantly share code, notes, and snippets.

@jerrywonderr

jerrywonderr/brand-dashboard.md

Created February 10, 2026 14:52
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save jerrywonderr/bd2c3580b7ec561a573641a3155c3bb1 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save jerrywonderr/bd2c3580b7ec561a573641a3155c3bb1 to your computer and use it in GitHub Desktop.
Download ZIP
Sync for GoCreators (Brand)
Raw
brand-dashboard.md

Brand Settings + Company Email Verification (OTP) – Backend Data Spec

Context

  • Frontend removed budget_range from Brand global settings.
  • Budget should now be campaign-level only (e.g. campaign brief/budget flows).
  • Brand Settings now has:
    • General tab (owner + company profile)
    • Email Verification tab (company email OTP verification)

1) Brand Profile Settings

Endpoint

GET /api/brands/settings/profile

Use this as the current Brand settings profile endpoint (frontend expects backend to implement/update this exact contract).

Purpose

Hydrates Brand Settings General tab.

Response Interface (TypeScript)

export interface BrandSettingsProfileResponse {
  owner_name: string;
  owner_title: string | null;
  company_name: string;
  brand_name: string | null;
  industry: string | null;
  account_email: string | null; // auth/login email (signup email)
  company_email: string | null; // editable business contact email
  company_email_verified: boolean;
  company_email_verified_at: string | null;
}

JSON Example

{
  "owner_name": "Jane Doe",
  "owner_title": "Marketing Manager",
  "company_name": "Acme Group Pte Ltd",
  "brand_name": "Acme Beauty",
  "industry": "Beauty & Personal Care",
  "account_email": "jane@acme.com",
  "company_email": "marketing@acmebeauty.com",
  "company_email_verified": true,
  "company_email_verified_at": "2026-02-10T14:42:10.000Z"
}

Update Endpoint

PUT /api/brands/settings/profile

Use this as the current Brand settings update endpoint (same path, contract extended with new fields).

Request Interface

export interface UpdateBrandSettingsProfileRequest {
  owner_name: string;
  owner_title?: string | null;
  company_name: string;
  brand_name?: string | null;
  industry?: string | null;
}

Success Response

export interface UpdateBrandSettingsProfileResponse {
  success: boolean;
  data: BrandSettingsProfileResponse;
}

Notes

  • Do not include budget_range in this endpoint anymore.
  • owner_name maps to account owner display name.
  • account_email is read-only in this endpoint.
  • company_email is separate from account_email.
  • If no company email is set, frontend defaults company email input to account_email.

2) Company Email Verification (OTP)

Endpoint A: Get Verification Status

GET /api/brands/verification/company-email

Response Interface

export interface CompanyEmailVerificationStatus {
  company_email: string | null;
  is_verified: boolean;
  verified_at: string | null; // ISO timestamp
  pending_verification: boolean;
  otp_expires_at: string | null; // ISO timestamp
}

JSON Example

{
  "company_email": "marketing@acmebeauty.com",
  "is_verified": false,
  "verified_at": null,
  "pending_verification": true,
  "otp_expires_at": "2026-02-10T14:40:00.000Z"
}

Endpoint B: Request OTP

POST /api/brands/verification/company-email/request-otp

Request Interface

export interface InitiateCompanyEmailVerificationRequest {
  company_email: string;
}

Response Interface

export interface InitiateCompanyEmailVerificationResponse {
  success: boolean;
  data: {
    company_email: string;
    otp_expires_at: string; // ISO timestamp
    cooldown_seconds: number;
  };
}

Endpoint C: Verify OTP

POST /api/brands/verification/company-email/verify-otp

Request Interface

export interface VerifyCompanyEmailOtpRequest {
  company_email: string;
  otp_code: string; // 6 digits
}

Response Interface

export interface VerifyCompanyEmailOtpResponse {
  success: boolean;
  data: {
    company_email: string;
    is_verified: boolean;
    verified_at: string; // ISO timestamp
  };
}

Validation + Security Rules

  • OTP should be numeric and 6 digits.
  • OTP expiration recommended: 10 minutes.
  • Max attempts recommended: 5 attempts per OTP.
  • Request cooldown recommended: 60 seconds between OTP sends.
  • If company email changes, previous verification should be invalidated.
  • All endpoints require authenticated Brand user context.

Error Shapes (Recommended)

export interface ApiErrorResponse {
  success: false;
  error: string;
  code?: string;
  details?: string;
}

Recommended error codes:

  • INVALID_EMAIL
  • OTP_EXPIRED
  • OTP_INVALID
  • OTP_MAX_ATTEMPTS_EXCEEDED
  • OTP_RATE_LIMITED
  • UNAUTHORIZED

Frontend Usage

  • General tab updates profile settings and owner/company metadata.
  • Email Verification tab:
    • Enter company email
    • Request OTP
    • Verify OTP
    • Show verification status badge + timestamps
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment