Obox API

The OBox API serves as the Explorer Node for the Züs decentralized storage network. It exposes endpoints to query and track the network’s state, including allocation metadata, usage statistics, and user-driven actions over time.

In addition to network observability, OBox also provides critical support for user profile management and features used by Züs web applications (such as wallet onboarding, funding tasks, and S3-compatible deployments).

It acts as a bridge between developers and the Züs ecosystem, enabling both individual users and enterprise clients to interact programmatically with the network.

Signup / Login & Identity Checks

These endpoints handles user identity verification, including username, email, and phone number checks for secure onboarding.

Check Username Exists

• Path: /v2/username/exists

• Method: GET

• Access: Public API

• Description: Checks if a username already exists.

• Query Parameters:

  • username (string, required)

• Response:

{
  "field": "username",
  "exists": true
}

• Error Responses:

  • 400 Bad Request – Missing/invalid username

  • 500 Internal Server Error – Unexpected error

• Example: GET /v2/username/exists?username=johndoe

Check Email Exists

• Path: /v2/email/exist

• Method: GET

• Access: Public API

• Description: Checks if an email is already registered.

• Query Parameters:

  • email (string, required)

• Response:

{
  "field": "phone_number",
  "exists": true
}

• Error Responses:

{ 
"error": "email not provided"
}

Check Phone Number Exists

• Path: /v2/phone/exist

• Method: GET

• Access: Public API

• Description: Verifies if a phone number is in use.

• Query Parameters:

  • phone_number (string, required)

• Response:

{
  "field": "phone_number",
  "exists": true
}

• Error Responses:

{
  "error": "phone_number not provided"
}

Owner Profile Management

These endpoints manages creation, retrieval, and updates to owner profiles linked to wallets and storage activities.

Get Owner by Wallet ID

• Path: /v2/owner/wallet/:ID

• Method: GET

• Access: CSRF API

• Description: Public profile fetch by wallet ID.

• Path Params: ID (string)

• Response:

{
  "user_id": "abcdef123456",
  "username": "johndoe",
  "biography": "Short bio here",
  "avatar": "<base64>",
  "background": "<base64>",
  "created_at": "2024-05-30T12:34:00"
}

• Error: {"error": "owner not found"}

Get Current Owner

• Path: /v2/owner

• Method: GET

• Access: Signature API

• Response:

{
  "user_id": "abcdef123456",
  "phone_number": "+1234567890",
  "username": "johndoe",
  "email": "john@example.com",
  "biography": "Short bio here",
  "avatar": "<base64>",
  "background": "<base64>",
  "created_at": "2024-05-30T12:34:00"
}

Update Owner

• Path: /v2/owner

• Method: PUT

• Access: Signature API

• Form Data:

  • username (optional)

  • avatar (optional file)

  • background (optional file)

  • biography (optional string)

• Response:

{
  "message": "updated owner details successfully"
}

Delete Owner

• Path: /v2/owner

• Method: DELETE

• Access: Private API

• Response:

{
  "message": "owner deleted successfully"
}

• Deletes: DB record, Elasticsearch index, Stripe subscriptions, Firebase account.

Autocomplete Owners by Name

• Path: /v2/owner/autocomplete

• Method: GET

• Access: Signature API

• Query Parameters:

  • name (required)

  • app_type (required)

  • offset, limit, order (optional)

• Response:

[
  {
    "user_id": "abcdef123456",
    "username": "johndoe",
    "biography": "Short bio here",
    "avatar": "<base64>",
    "background": "<base64>",
    "created_at": "2024-05-30T12:34:00"
  }
]

Wallet Management

These endpoints enables wallet creation, updates, and funding workflows essential for interacting with the Züs network.

Create Wallet

• Path: /v2/wallet

• Method: POST

• Access: Signature API

• Description: Creates a new wallet for the authenticated user. Can optionally include a referral code and custom mnemonic.

• Form Data (multipart/form-data):

  • name (string, optional): Wallet name.

  • description (string, optional): Wallet description.

  • mnemonic (string, optional): Predefined mnemonic (if restoring).

  • pub_encryption_key (string, optional): Public encryption key.

  • refcode (string, optional): Referral code.

• Response (201 Created):

{
  "client_id": "abcdef123456",
  "wallet_id": 123,
  "name": "My Wallet",
  "description": "Personal wallet",
  "mnemonic": "word1 word2 ...",
  "public_key": "abcdef...",
  "last_update": "2024-06-01T12:00:00",
  "referral_success": false
}

• Error Response:

{
  "error": "owner not found"
}

Update Wallet

• Path: /v2/wallet

• Method: PUT

• Access: Signature API

• Description: Updates metadata for an existing wallet.

• Form Data:

  • Any wallet metadata fields from handler.WalletDetails such as:

    • name, description, pub_encryption_key, etc.

• Response:

{
  "message": "wallet updated successfully"
}

• Error Response:

{
  "error": "wallet not found"
}

Delete Wallet

• Path: /v2/wallet

• Method: DELETE

• Access: Signature API

• Description: Deletes a wallet for the authenticated user.

• Query Parameters:

  • wallet_id (string, required): ID of wallet to be deleted.

• Response:

{
  "message": "wallet deleted successfully"
}

Set Active Wallet

• Path: /v2/wallet

• Method: PUT

• Access: Signature API

• Description: Sets the currently active wallet for an app type (e.g., Vult/Blimp). Also updates the user's profile and rewards signup tokens if first-time setup.

• Form Data (multipart/form-data):

  • refcode (string, optional): Referral code for reward.

• Response:

{
  "owner_id": 123,
  "wallet_id": "abcdef123456",
  "app_type": "vult",
  "kms_public_key": "kms_pub_key_value"
}

• Error Response:

{
  "error": "Cannot switch wallet"
}

Get Wallet Keys

• Path: /v2/wallet/keys

• Method: GET

• Access: Signature API

• Description: Retrieves public keys and metadata of the currently active wallet.

• Response:

{
  "client_id": "abcdef123456",
  "wallet_id": 123,
  "name": "My Wallet",
  "public_key": "abcdef..."
}

Check Wallet Exists

• Path: /v2/wallet/exist

• Method: GET

• Access: CSRF API

• Headers: Non-auth headers required

• Description: Checks whether a wallet already exists for the user.

• Response:

{
  "field": "wallet",
  "exists": true
}

Get Wallet List

• Path: /v2/wallet/list

• Method: GET

• Access: CSRF API

• Headers: Non-auth headers required

• Query Parameters (optional):

  • limit (string)

  • offset (string)

• Response:

[
  {
    "client_id": "abcdef123456",
    "wallet_id": 123,
    "name": "My Wallet",
    "public_key": "abcdef..."
  }
]

Get Active Wallet

• Path: /v2/wallet/list (Overloaded)

• Method: GET

• Access: CSRF API

• Description: Fetches the currently active wallet for the logged-in user.

• Response:

{
  "owner_id": "abcdef123456",
  "wallet_id": 123,
  "kms_public_key": "abcdef...",
  "app_type": "vult"
}

Update KMS Keys

• Path: /v2/wallet/kms

• Method: PUT

• Access: Signature API

• Description: Updates the KMS (Key Management Service) public key for encryption purposes.

• Form Data (multipart/form-data):

  • Fields from handler.WalletKMSDetails, e.g.:

    • kms_public_key, etc.

• Response:

{
  "message": "setting KMS successfully"
}

Call Contact Wallets

• Path: /v2/contact/wallets

• Method: GET

• Access: Signature API

• Description: Retrieves wallets associated with user contacts.

• Response:

[
  {
    "name": "abcdef123456",
    "phone_number": "walletid1",
    "pub_encryption_key": "johndoe",
    "client_id": "vult"
  }
]

Storage Allocation Management

These endpoints manage decentralized storage allocations and permissions.

Insert Allocation

• Path: /v2/allocation

• Method: POST

• Access: Signature API

• Description: Creates a new allocation for the authenticated user. Used to provision decentralized storage via blobbers.

• Headers Required: AuthHeader

• Body:

{
  "id": "a1b2c3d4e5f6g7h8i9j0",
  "name": "My First Allocation",
  "description": "This is my primary storage allocation.",
  "allocation_type": "standard",
  "alloc_blobbers_type": "hot"
}

• Response:

{
  "message": "allocation created successfully"
}

Update Allocation

• Path: /v2/allocation

• Method: PUT

• Access: Signature API

• Description: Updates an existing allocation with new configuration such as size or blobber replacement.

• Headers Required: AuthHeader

• Body:

{
  "id": "a1b2c3d4e5f6g7h8i9j0",
  // Additional fields from handler.AllocationDetails
}

• Response:

{
  "message": "allocation updated successfully"
}

Delete Allocation

• Path: /v2/allocation/:ID

• Method: DELETE

• Access: Signature API

• Description: Permanently deletes a specified allocation.

• Path Param: ID (string)

• Headers Required: AuthHeader

• Response:

{
  "message": "allocation deleted successfully"
}

Get Allocation

• Path: /v2/allocation

• Method: GET

• Access: Signature API

• Description: Fetches details of an allocation by ID using body data.

• Headers Required: AuthHeader

• Body:

{
  "id": "allocation-id"
}

• Response:

{
  "id": "a1b2c3d4e5f6g7h8i9j0",
  "wallet_id": 12345,
  "name": "My First Allocation",
  "description": "This is my primary storage allocation.",
  "allocation_type": "standard",
  "blobbers_replaced": 0,
  "app_type": "vult",
  "last_update": "2025-06-02T14:30:00",
  "alloc_blobbers_type": "hot"
}

Get Allocation List

• Path: /v2/allocation/list

• Method: GET

• Access: Signature API

• Description: Retrieves all allocations for the authenticated owner.

• Headers Required: AuthHeader

• Response: Array of AllocResponse objects.

Check Allocation Name

• Path: /v2/allocation/exists/name

• Method: GET

• Access: Signature API

• Query Parameter: allocation_name (string, required)

• Headers Required: AuthHeader

• Response:

{
  "field": "allocation_name",
  "exists": true
}

Check Allocation (by user + app)

• Path: /v2/allocation/exists

• Method: GET

• Access: CSRF API

• Headers Required: NonAuthHeader

• Response:

{
  "field": "allocation",
  "exists": true
}

Public Smart Contract Allocation Info

GetSCAllocation

• Path: /v2/getAllocation

• Method: GET

• Access: Public

• Query Parameter: allocation (string, required)

• Description: Returns full SC data and blobber info.

• Response (simplified):

{
  "id": "a1b2c3d4e5f6g7h8i9j0",
  "data_shards": 2,
  "parity_shards": 2,
  "size": 1073741824,
  "expiration": 1750000000,
  "owner": "abcdef1234567890",
  "blobbers": [
    {
      "id": "blobberid1",
      "url": "https://blobber1.example.com",
      "terms": {
        "read_price": 100,
        "write_price": 200
      }
    }
  ]
}

GetSCAllocations

• Path: /v2/geAllocations

• Method: GET

• Access: Public

• Query Parameter: client (string, required)

• Description: Lists SC allocations for a specific client ID.

File Sharing

These endpoints supports secure data sharing using auth tickets, share links, and metadata across user wallets.

Insert Share Info

• Path: /v2/shareinfo

• Method: POST

• Access: Signature API

• Description: Creates a new share record using an auth_ticket, which encapsulates access rights.

• Headers Required: AuthHeader

• Form Data (multipart/form-data):

  • auth_ticket (string, required)

  • message (string, optional)

  • share_info_type (string, optional, e.g. public or private)

  • link (string, optional)

• Response:

{
  "message": "shareinfo added successfully",
  "data": {
    "auth_ticket": "base64ticket...",
    "message": "Here is your file",
    "share_info_type": "private",
    "client_id": "sender_client_id",
    "receiver": "receiver_client_id",
    "lookup_hash": "lookuphash123",
    "sender_name": "Alice",
    "link": "https://share.link",
    "receiver_name": "Bob"
  }
}

Get Shared Files (Sent)

• Path: /v2/shareinfo/shared

• Method: GET

• Access: Signature API

• Description: Retrieves files the user has shared with others.

• Query Parameters:

  • limit (optional)

  • offset (optional)

  • lookup_hash (optional)

  • shareInfoType (required: e.g. public, private)

  • exclude_ai (optional): "true" to exclude AI-related shares

• Response:

{
  "message": "Data is present for the given details",
  "data": [
    {
      "id": 1,
      "auth_ticket": "base64ticket...",
      "message": "Shared with you",
      "share_info_type": "private",
      "receiver_client_id": "receiver_client_id",
      "link": "https://share.link",
      "receiver_name": "Bob",
      "lookup_hash": "lookuphash123",
      "created_at": "2025-06-04T12:00:00",
      "updated_at": "2025-06-04T12:00:00"
    }
  ]
}

Get Shared Files (Received)

• Path: /v2/shareinfo/received

• Method: GET

• Access: Signature API

• Description: Retrieves files that others have shared with the user.

• Query Parameters:

  • limit, offset, lookup_hash (optional)

  • shareInfoType (required)

• Response:

{
  "message": "Data is present for the given details",
  "data": [
    {
      "auth_ticket": "base64ticket...",
      "message": "Here is your file",
      "share_info_type": "private",
      "client_id": "sender_client_id",
      "receiver_client_id": "receiver_client_id",
      "lookup_hash": "lookuphash123",
      "sender_name": "Alice",
      "created_at": "2025-06-04T12:00:00",
      "updated_at": "2025-06-04T12:00:00"
    }
  ]
}

Delete Share Info

• Path: /v2/shareinfo

• Method: DELETE

• Access: Signature API

• Query Parameters (at least one required):

  • auth_ticket (string)

  • lookup_hash (string)

• Response (Success):

{
  "message": "deleting shareinfo successful"
}

• If nothing was deleted:

{
  "message": "no shareinfo was deleted for these details"
}

Share Requests

These endpoints handles inbound and outbound requests for accessing shared files or permissions.

Create Share Request

• Path: /v2/sharereq

• Method: POST

• Access: Signature API

• Description: Used to request access to someone else's file. Allows one-time re-request if previously declined.

• Body:

{
  "owner_id": "ownerid",
  "auth_ticket": "base64ticket...",
  "lookup_hash": "lookuphash",
  "message": "Please share this file"
}

• Response:

{
  "message": "New Share Request is created"
}

Get Received Share Requests

• Path: /v2/sharereq/received

• Method: GET

• Access: Signature API

• Description: Lists all incoming share requests for the user.

• Query Parameters (optional): client_id, lookup_hash, status, all, offset, limit

• Response:

{
  "message": "Data is present for the given details",
  "data": [
    {
      "id": "reqid1",
      "owner_id": "ownerid",
      "client_id": "clientid",
      "lookup_hash": "lookuphash",
      "status": "pending",
      "message": "Please share this file",
      "created_at": "2025-06-04T12:00:00"
    }
  ]
}

Get Sent Share Requests

• Path: /v2/sharereq/requested

• Method: GET

• Access: Signature API

• Description: Lists all share requests sent by the user.

• Query Parameters (optional): owner_id, lookup_hash, status, all, offset, limit

• Response:{

  "message": "Data is present for the given details",
  "data": [
    {
      "id": "reqid2",
      "owner_id": "ownerid",
      "client_id": "clientid",
      "lookup_hash": "lookuphash",
      "status": "approved",
      "message": "Requesting access",
      "created_at": "2025-06-04T12:00:00"
    }
  ]
}

Update Share Request

• Path: /v2/sharereq

• Method: PUT

• Access: Signature API

• Description: Updates a share request (usually to approve it). Also writes to ShareInfo table using the auth_ticket.

• Body:

{
  "id": "reqid1",
  "status": "approved",
  "link": "https://share.link",
  "auth_ticket": "base64ticket..."
}

• Response:

{
  "message": "share request updated successfully"
}

Delete Share Request

• Path: /v2/sharereq

• Method: DELETE

• Access: Signature API

• Query Parameters:

  • id (string, required)

• Response:

{
  "message": "share request deleted successfully"
}

Wallet Funding Tasks (ZBOX)

These endpoints allow users to receive initial funding (one-time) to perform actions like creating allocations.

Create Funding Task Wallet

• Path: /zbox/fund/wallet

• Method: POST

• Access: Signature API

• Description: Creates a new funding task for a wallet. This enables one-time token funding per owner/app type for bootstrapping usage.

• Headers Required: X-App-Client-ID, X-App-Client-Key, X-App-Timestamp, X-App-ID-TOKEN, X-App-Phone-Number, X-CSRF-TOKEN, X-APP-TYPE

• Body:

{
  "client_id": "abcdef123456",
  "description": "Initial funding for allocation"
}

• Response (201 Created):

{
  "id": 1,
  "client_id": "abcdef123456",
  "owner_id": 123,
  "amount": 100000000,
  "checkout_session": null,
  "description": "Initial funding for allocation",
  "funded": false,
  "tx_done": false,
  "tx_hash": "",
  "app_type": "vult",
  "funding_type": "allocation",
  "cool_down": 0
}

Get Funding Task

• Path: /v2/zbox/fund/:ID

• Method: GET

• Access: Signature API

• Description: Retrieves a specific funding task using its ID.

• Path Param: ID (integer)

• Response:

{
  "id": 1,
  "client_id": "abcdef123456",
  "owner_id": 123,
  "amount": 100000000,
  "checkout_session": null,
  "description": "Initial funding for allocation",
  "funded": false,
  "tx_done": false,
  "tx_hash": "",
  "app_type": "vult",
  "funding_type": "allocation",
  "cool_down": 0
}

Get Wallet Spending Status

• Path: /v2/zbox/fund/spent/status

• Method: GET

• Access: Signature API

• Description: Returns wallet’s current spending usage stats (daily/weekly) to prevent abuse.

• Response:

{
  "owner_id": 123,
  "daily_spent": 50000000,
  "weekly_spent": 200000000,
  "app_type": "vult"
}

Delete Funding Task

• Path: /v2/zbox/fund/:ID

• Method: DELETE

• Access: Signature API

• Description: Deletes a previously created funding task.

• Path Param: ID (integer)

• Response (Success):

{
  "message": "funding task successful"
}

• If nothing was deleted:

{
  "message": "no funding task was deleted for these details"
}

Blimp – S3 Server Deployment

These endpoints deploys S3-compatible MinIO servers on Züs, enabling seamless object storage for user allocations.

Deploy S3 Server

• Path: /v2/blimp/deploy

• Method: POST

• Access: Signature API

• Description: Deploys an S3-compatible MinIO server for the authenticated user and returns the generated domain for access.

• Body: handler.S3ServerDetails (must include allocation ID, wallet ID, and configuration)

• Response (201 Created):

{
  "id": 1,
  "wallet_id": 123,
  "ip": "192.168.1.10",
  "access_key": "AKIAIOSFODNN7EXAMPLE",
  "secret_key": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
  "allocation_id": "a1b2c3d4e5f6g7h8i9j0",
  "block_worker_url": "https://dev.0box.io/dns/",
  "minio_token": "minio-token-xyz",
  "s3_server_deployed": true,
  "domain": "blimp-192-168-1-10.0box.io",
  "last_update": "2025-06-08T12:34:00"
}

Get All Blimp Deployments

• Path: /v2/blimp/deploy

• Method: GET

• Access: Signature API

• Description: Retrieves a list of all S3 server deployments for the authenticated user.

• Query Parameters (optional):

  • limit, offset

• Response: Array of handler.S3ServerDetailsResponse objects.

Get Blimp Status by Deployment ID

• Path: /v2/blimp/deploy/:ID

• Method: GET

• Access: Signature API

• Description: Retrieves updated deployment status by ID.

• Path Param: ID (integer)

• Response: Same as deploy response with updated s3_server_deployed flag and fields.

Get Blimp Status by Allocation ID

• Path: /v2/blimp/deploy/allocation/:allocation_id

• Method: GET

• Access: Signature API

• Description: Fetches the S3 deployment tied to a specific allocation.

• Path Param: allocation_id (string)

• Response: Same as above.

Delete Blimp Deployment

• Path: /v2/blimp/deploy/:ID

• Method: DELETE

• Access: Signature API

• Description: Deletes a specific Blimp deployment by ID.

• Path Param: ID (integer)

• Response:

{
  "message": "blimp deployment deleted successfully"
}

Migration Deployments (S3 Migration)

Migrates data from existing S3 sources into Züs allocations using dedicated migration microservices.

Deploy S3 Migration Application

• Path: /v2/migration/deploy

• Method: POST

• Access: Signature API

• Description: Deploys an S3 migration server for a specified allocation. This tool is used to migrate data from external S3-compatible sources into a Züs allocation.

• Body: handler.S3MigrationDetails (must include wallet ID, IP, allocation ID, etc.)

• Response (201 Created):

{
  "id": "1",
  "wallet_id": 123,
  "ip": "192.168.1.10",
  "bucket": "my-bucket",
  "allocation_id": "a1b2c3d4e5f6g7h8i9j0",
  "s3_migration_running": true,
  "domain": "blimp-192-168-1-10.0box.io",
  "block_worker_url": "https://dev.0box.io/dns/",
  "last_update": "2025-06-08T12:34:00"
}

Get All Migration Deployments

• Path: /v2/migration/deploy

• Method: GET

• Access: Signature API

• Description: Retrieves a list of all S3 migration deployments created by the authenticated user.

• Query Parameters (optional): limit, offset

• Response: Array of handler.S3MigrationDetailsResponse objects.

Get Migration Deployment by ID

• Path: /v2/migration/deploy/:ID

• Method: GET

• Access: Signature API

• Description: Fetches detailed status of a migration deployment using its numeric ID.

• Path Param: ID (integer)

• Response: A single handler.S3MigrationDetailsResponse object, updated with live status fields.

Get Migration Deployment by Allocation ID

• Path: /v2/migration/deploy/allocation/:allocation_id

• Method: GET

• Access: Signature API

• Description: Retrieves a migration deployment by its linked allocation ID.

• Path Param: allocation_id (string)

• Response: handler.S3MigrationDetailsResponse

Delete Migration Deployment

• Path: /v2/migration/deploy/:ID

• Method: DELETE

• Access: Signature API

• Description: Deletes a specific S3 migration deployment task by its ID.

• Path Param: ID (integer)

• Response:

{
  "message": "migration deployment deleted successfully"
}

DEX State APIs

These endpoints manage a user’s participation or workflow stage within a DEX (Decentralized Exchange) lifecycle.

Create DEX State

• Path: /v2/dex/state

• Method: POST

• Access: Signature API

• Description: Initializes a DEX state record for the authenticated user, typically when beginning a DEX-related process or session.

• Body: Follows handler.DexState structure.

{
  "wallet_id": 12345,
  "stage": "active",
  "reference": "some-reference-string"
}

• Response (200 OK):

{
  "wallet_id": 12345,
  "stage": "active",
  "reference": "some-reference-string",
  "last_update": "2025-06-09T12:00:00"
}

Update DEX State

• Path: /v2/dex/state

• Method: PUT

• Access: Signature API

• Description: Updates the current stage or status of the DEX state. Typically used when moving from one process step to another.

• Body: handler.DexState

{
  "wallet_id": 12345,
  "stage": "completed",
  "reference": "updated-reference"
}

• Response:

{
  "message": "updating dex state successful"
}

• If no update occurred:

{
  "message": "no dex state was updated for these details"
}

Get DEX State

• Path: /v2/dex/state

• Method: GET

• Access: Signature API

• Description: Retrieves the current DEX state for the authenticated wallet.

• Response:

{
  "wallet_id": "abcdef123456",
  "stage": "active",
  "reference": "",
  "last_update": "2025-06-09T12:00:00"
}

Delete DEX State

• Path: /v2/dex/state

• Method: DELETE

• Access: Signature API

• Description: Deletes the DEX state for the authenticated user. This is typically used to reset or clear participation records.

• Response (Success):

{
  "message": "deleting dex state successful"
}

• If nothing was deleted:

{
  "message": "no dex state was deleted for these details"
}

User Notifications

These APIs allow users to retrieve and manage system notifications, such as share requests, updates, or alerts. Notifications are typically pushed over WebSocket but can be fetched via API for redundancy or polling.

Fetch Unread Notifications

• Path: /v2/user/notifications

• Method: GET

• Access: Signature API

• Description: Retrieves all unread notifications for the authenticated user.

• Response (200 OK):

[
  {
    "id": 1,
    "entity_id": "abcdef123456",        // The associated entity (e.g., user)
    "entity_type": "user",
    "title": "You have a new share request",
    "body": "body of notification",
    "read": false,
    "created_at": "2025-06-09T12:00:00",
    "updated_at": "2025-06-09T12:00:00",
    "client_id": "client_id_xyz",
    "app_type": "vult"
  }
]

Delete Notifications (Mark as Read)

• Path: /v2/user/notifications

• Method: DELETE

• Access: Signature API

• Description: Deletes all unread notifications (i.e., marks them as read) for the current user.

• Response (200 OK):

{
  "message": "notifications deleted successfully"
}