> ## Documentation Index > Fetch the complete documentation index at: https://help-plum.xoxoday.com/llms.txt > Use this file to discover all available pages before exploring further. # Fetch Points API > Fetch the current reward points balance for a specific user. Can be used to display balances inside your own UI. **Real URL:** `POST https://stagingstores.xoxoday.com/chef/v1/oauth/api` | \*\*Property \*\* | \*\* Type \*\* | \*\* Description\*\* | | :---------------- | :------------- | :------------------------------------ | | `user_data.email` | `String` | User’s email ID to fetch balance. | | `user_data.phone` | `String` | User’s phone number to fetch balance. | ## Response Schema | \*\*Path \*\* | \*\* Type \*\* | \*\* Description\*\* | | ----------------------------- | -------------- | ----------------------------------------------- | | data | object | Root response object. | | data.user\_balance | object | Container for user points/balance data. | | data.user\_balance.success | number | API execution status (`1` = success). | | data.user\_balance.message | string/null | API message (null when no message is returned). | | data.user\_balance.data | object | Actual points data. | | data.user\_balance.data.total | number | Total available reward points for the user. | ## OpenAPI ````yaml specs/reward-points-api.yaml POST /fetchPoints openapi: 3.0.3 info: title: Xoxoday Reward Points API version: '1.2' description: > APIs for sending, fetching, and cancelling reward points in the Xoxoday ecosystem. **Auth endpoints** use operation-level server overrides against `https://stagingstores.xoxoday.com/chef/v1/oauth`. **Points operations** (`/fetchPoints`, `/sendPoints`, `/cancelPoints`) are virtual path suffixes — all three really dispatch to `POST /v1/oauth/api` via the body `query` field. OpenAPI does not allow two POST operations on the same path, so virtual suffixes are used for playground differentiation. **Cancel Points** uses `accounts.xoxoday.com` as its real host (operation-level server override applied). servers: - url: https://stagingstores.xoxoday.com/chef/v1/oauth/api description: Sandbox - url: https://accounts.xoxoday.com/chef/v1/oauth/api description: Production - url: https://canvas.xoxoday.com/chef/v1/oauth/api description: Testing security: - BearerAuth: [] tags: - name: Authentication description: Token management — validate, refresh, and create user tokens. - name: Points description: Send, fetch, and cancel reward points. paths: /fetchPoints: post: tags: - Points summary: Fetch Points API description: > Fetch the current reward points balance for a specific user. Can be used to display balances inside your own UI. **Real URL:** `POST https://stagingstores.xoxoday.com/chef/v1/oauth/api` operationId: fetchPoints requestBody: required: true content: application/json: schema: type: object required: - query - tag - variables properties: query: type: string enum: - storesAdmin.query.user_balance default: storesAdmin.query.user_balance description: Always use `storesAdmin.query.user_balance`. tag: type: string enum: - storeAdmin default: storeAdmin description: Always use `storeAdmin`. variables: type: object properties: user_data: type: object properties: email: type: string format: email description: User's email address to fetch balance for. example: your.email@example.com phone: type: string description: User's phone number to fetch balance for. example: +91-8999888887 example: query: storesAdmin.query.user_balance tag: storeAdmin variables: user_data: email: your.email@example.com phone: +91-8999888887 responses: '200': description: User points balance returned successfully. content: application/json: schema: type: object properties: data: type: object properties: user_balance: type: object properties: success: type: integer description: '`1` = success.' message: type: string nullable: true data: type: object properties: total: type: number description: Total available reward points for the user. example: data: user_balance: success: 1 message: null data: total: 1500 '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '502': $ref: '#/components/responses/BadGateway' components: responses: BadRequest: description: Invalid request body or parameters. content: application/json: schema: type: object properties: error: type: string message: type: string Unauthorized: description: Missing or invalid access token. content: application/json: schema: type: object properties: error: type: string example: Unauthorized BadGateway: description: Upstream service error. securitySchemes: BearerAuth: type: http scheme: bearer description: '`Authorization: Bearer `' ````