A-Market Docs

Appearance

Using the REST API

A-Market has a plain HTTP REST API at /v1. Reads are public (no auth); writes need a bearer token with the right scope. The full endpoint list is in the developer REST API reference.

EnvironmentBase URL
Productionhttps://mcp.amrkt.ch/v1
Staginghttps://mcp-staging.amrkt.ch/v1
Localhttp://localhost:3000/v1

Public reads — no token

bash
# search
curl -s 'https://mcp.amrkt.ch/v1/listings?type=car&make=BMW&priceMax=3000000&limit=5'

# one listing, natural-language search, price rating
curl -s 'https://mcp.amrkt.ch/v1/listings/<id>'
curl -s -X POST 'https://mcp.amrkt.ch/v1/search/nl' \
  -H 'content-type: application/json' -d '{"query":"electric SUV under 40k after 2021"}'
curl -s 'https://mcp.amrkt.ch/v1/listings/<id>/price-rating'

Authenticate for writes

Authentication is OAuth 2.1 against Keycloak. Real apps use the Authorization Code + PKCE flow (the same login the website uses); for scripts and trying things out, the password grant is enabled on the redline-mcp-client test client:

bash
TOKEN=$(curl -s https://auth.amrkt.ch/realms/redline/protocol/openid-connect/token \
  -d grant_type=password -d client_id=redline-mcp-client \
  -d username=<you> -d password=<pw> \
  -d 'scope=openid listings:read listings:write' | jq -r .access_token)

Scopes: listings:read (your account, favorites, saved searches, reviews), listings:write (listings, profile, locations, organizations), listings:moderate (staff only). See Data models.

Authenticated writes

bash
# create a listing
curl -s -X POST https://mcp.amrkt.ch/v1/listings \
  -H "authorization: Bearer $TOKEN" -H 'content-type: application/json' \
  -d '{"type":"car","make":"BMW","model":"320d","year":2019,"priceCents":2190000,"currency":"CHF","mileageKm":64000,"fuelType":"diesel","transmission":"automatic","condition":"used"}'

# your own listings, add a favorite, update your profile
curl -s https://mcp.amrkt.ch/v1/me/listings -H "authorization: Bearer $TOKEN"
curl -s -X POST https://mcp.amrkt.ch/v1/me/favorites \
  -H "authorization: Bearer $TOKEN" -H 'content-type: application/json' -d '{"listingId":"<id>"}'

Notes

  • Errors: 400 invalid body, 401 missing/invalid token, 403 missing scope, 404 not found (also returned instead of 403 when you reference someone else's private resource), 429 write rate limit.
  • Caching: listing detail supports ETag / If-None-Match (304).
  • CORS: reads are open (*); the API also sends standard security headers.
  • Prefer talking to an AI assistant? The same actions are MCP tools — see MCP in ChatGPT / Claude.

A-Market — AI-first marketplace for cars, motorcycles and scooters.