> ## Documentation Index
> Fetch the complete documentation index at: https://docs.arcuserp.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Probe whether a serial is valid for a return

> Non-destructive check: verifies that the scanned serial number was on the
original shipment for the given order. Returns a verdict object without
throwing. Useful for inline scanner UI feedback before submitting a receive.

Response shapes:
- `valid: true`  -- serial is sold, linked to the original order, and not yet returned.
- `valid: false` -- serial exists but fails one of: wrong order, not sold, already returned.
- `valid: null`  -- no `original_order_id` supplied; cannot validate.

This endpoint honors the entity's `settings.returns.serial_validation_mode` in the
sense that its verdict is for informational use; the actual gate is enforced by
`POST /v1/returns/:id/receive` and `POST /v1/returns/:id/disposition` when
`serial_validation_mode` is `hard`. Requires the `serials:read` scope.




## OpenAPI

````yaml /openapi.yaml post /serials/validate-for-return
openapi: 3.1.0
info:
  title: Arcus ERP Public API
  version: 1.0.0
  description: >
    Arcus ERP public REST API. Designed for external integrations and data
    migration.


    **Authentication.** Bearer token (API key) via the `Authorization` header.

    Format: `Authorization: Bearer ark_live_ent_<code>_<random>` (or
    `ark_test_*` for sandbox).

    API keys are issued per-entity in **Settings > Developers > API Keys**.


    **Entity scoping.** The entity is encoded in the API key prefix; routes are
    flat

    (e.g. `/v1/accounts`, `/v1/orders`, `/v1/products`). A small set of platform
    endpoints

    (migration, reconciliation, events, webhook endpoints, API keys) use the

    `/v1/entities/{entity_id}/...` form -- those are noted in their tags.


    **Key capabilities.**
      - Related-resource hydration via `?expand[]=` (see `x-arcus-expand` on each resource).
      - Cursor-based pagination (`starting_after` / `ending_before` / `limit`).
      - Idempotency via the `Idempotency-Key` header.
      - Webhook events for asynchronous notification.
      - Conditional requests / ETag for cache validation.
servers:
  - url: https://api.arcuserp.com/v1
    description: Arcus ERP API (accepts both live `ark_live_*` and test `ark_test_*` keys)
  - url: https://dev-api.arcuserp.com/v1
    description: >-
      Dev sandbox API (test-only data, accepts `ark_test_*` keys against dev
      RDS)
security: []
paths:
  /serials/validate-for-return:
    post:
      tags:
        - Serials
      summary: Probe whether a serial is valid for a return
      description: >
        Non-destructive check: verifies that the scanned serial number was on
        the

        original shipment for the given order. Returns a verdict object without

        throwing. Useful for inline scanner UI feedback before submitting a
        receive.


        Response shapes:

        - `valid: true`  -- serial is sold, linked to the original order, and
        not yet returned.

        - `valid: false` -- serial exists but fails one of: wrong order, not
        sold, already returned.

        - `valid: null`  -- no `original_order_id` supplied; cannot validate.


        This endpoint honors the entity's
        `settings.returns.serial_validation_mode` in the

        sense that its verdict is for informational use; the actual gate is
        enforced by

        `POST /v1/returns/:id/receive` and `POST /v1/returns/:id/disposition`
        when

        `serial_validation_mode` is `hard`. Requires the `serials:read` scope.
      operationId: validateSerialForReturnV1
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              required:
                - serial_number
              properties:
                serial_number:
                  type: string
                  description: The serial number to validate.
                original_order_id:
                  type: string
                  format: uuid
                  nullable: true
                  description: The order the RMA is being raised against. Omit if unknown.
                product_id:
                  type: string
                  format: uuid
                  nullable: true
                  description: Scope validation to a specific product (optional).
      responses:
        '200':
          description: >-
            Validation verdict (never 4xx from this endpoint; check `valid`
            field)
          content:
            application/json:
              schema:
                type: object
                properties:
                  data:
                    type: object
                    properties:
                      valid:
                        oneOf:
                          - type: boolean
                          - type: 'null'
                        description: >-
                          `true` = OK, `false` = mismatch, `null` = cannot
                          determine
                      reason:
                        type: string
                        nullable: true
                        description: Set to `no_original_order` when `valid` is null.
                      code:
                        type: string
                        nullable: true
                        description: >-
                          Machine code when `valid` is false (serial_not_found /
                          serial_not_on_original_order / serial_not_sold /
                          serial_already_returned).
                      hint:
                        type: string
                        nullable: true
                        description: Human-readable explanation when valid is false.
                      serial_id:
                        type: string
                        format: uuid
                        nullable: true
                        description: DB id of the serial record when valid is true.
                      status:
                        type: string
                        nullable: true
                        description: Current serial_status when valid is true.
                      order_number:
                        type: string
                        nullable: true
                        description: >-
                          Order number of the original shipment when valid is
                          true.
        '400':
          $ref: '#/components/responses/Error'
        '401':
          $ref: '#/components/responses/Error'
        '403':
          $ref: '#/components/responses/Error'
      security:
        - ApiKeyAuth:
            - serials:read
components:
  responses:
    Error:
      description: Error response (400/401/403/404/409/422/429/500)
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorEnvelope'
  schemas:
    ErrorEnvelope:
      type: object
      description: |
        Canonical error response envelope. All API errors use this shape.
      required:
        - error
        - code
      properties:
        error:
          type: string
          description: Machine-readable error key
          example: not_found
        code:
          type: string
          description: Machine-readable error code (often same as error)
          example: not_found
        type:
          type: string
          enum:
            - validation_error
            - permission_error
            - not_found
            - conflict
            - rate_limit
            - internal
            - expand_error
            - not_implemented
          example: not_found
        hint:
          type: string
          description: Human-readable one-sentence explanation (English)
          example: >-
            The requested order does not exist or does not belong to this
            entity.
        param:
          type: string
          description: The parameter that caused the error, if applicable
          example: expand[0]
        required:
          type: string
          description: The scope required (only on insufficient_scope errors)
          example: accounts:read
        request_id:
          type: string
          description: >-
            Unique request ID for support tracing (maps to CloudWatch log
            stream)
          example: req_abc123
  securitySchemes:
    ApiKeyAuth:
      type: http
      scheme: bearer
      description: |
        API key issued per entity via Settings > Developers > API Keys.
        Each key carries scopes (e.g. orders:read, products:write).
        Bearer token format: Authorization: Bearer ark_live_ent_<code>_<random>
        Test keys use ark_test_ent_<code>_<random>. Both are issued per entity
        via Settings > Developers > API Keys.

````