> ## Documentation Index
> Fetch the complete documentation index at: https://api-doc.xmenu.it/llms.txt
> Use this file to discover all available pages before exploring further.

# Customer list

> Returns a paginated list of customers registered or with existing orders in xMenu.



## OpenAPI

````yaml openapi-en.json GET /customerstats/customers
openapi: 3.1.0
info:
  title: xMenu API
  description: xMenu Public API - REST endpoints and webhook notifications
  version: 1.0.0
servers:
  - url: https://app.xmenu.it/api
    description: xMenu API Production
security: []
paths:
  /customerstats/customers:
    get:
      tags:
        - Customer Registry
      summary: Customer list
      description: >-
        Returns a paginated list of customers registered or with existing orders
        in xMenu.
      operationId: getCustomers
      parameters:
        - name: restuid
          in: query
          required: true
          schema:
            type: string
          description: Unique restaurant identifier
        - name: page
          in: query
          required: true
          schema:
            type: integer
            minimum: 1
          description: Page number to retrieve
        - name: pagesize
          in: query
          required: false
          schema:
            type: integer
            minimum: 1
            maximum: 100
            default: 100
          description: 'Number of results per page (max: 100)'
        - name: added_from
          in: query
          required: false
          schema:
            type: string
            format: date
          description: Filter customers added from this date (YYYY-MM-dd format)
        - name: added_to
          in: query
          required: false
          schema:
            type: string
            format: date
          description: Filter customers added until this date (YYYY-MM-dd format)
        - name: signedup
          in: query
          required: false
          schema:
            type: string
            enum:
              - '0'
              - '1'
          description: |-
            Filter by registration status
            - `0` = unregistered customers
            - `1` = registered customers
        - name: first_order_from
          in: query
          required: false
          schema:
            type: string
            format: date
          description: Filter customers with first order from this date (YYYY-MM-dd format)
        - name: first_order_to
          in: query
          required: false
          schema:
            type: string
            format: date
          description: >-
            Filter customers with first order until this date (YYYY-MM-dd
            format)
        - name: devices_unregistered_from
          in: query
          required: false
          schema:
            type: string
            format: date
          description: Filter customers with most recent app uninstall from this date
        - name: devices_unregistered_to
          in: query
          required: false
          schema:
            type: string
            format: date
          description: Filter customers with most recent app uninstall until this date
        - name: signup_deleted_from
          in: query
          required: false
          schema:
            type: string
            format: date
          description: >-
            Filter customers with account deleted from this date (YYYY-MM-dd
            format)
        - name: signup_deleted_to
          in: query
          required: false
          schema:
            type: string
            format: date
          description: >-
            Filter customers with account deleted until this date (YYYY-MM-dd
            format)
      responses:
        '200':
          description: Customer list response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CustomerListResponse'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
      security:
        - apiKey: []
        - clientId: []
          clientSecret: []
        - oauth2: []
components:
  schemas:
    CustomerListResponse:
      type: object
      required:
        - success
      properties:
        success:
          type: boolean
          description: |-
            Operation status:
            - `false` = Error
            - `true` = Success
        error:
          type: string
          description: >-
            Error code if the operation failed.


            See [Error codes](/docs/en/overview/error-codes) for general error
            codes that may occur.
        message:
          type: string
          description: Textual error description if the operation failed
        page:
          type: integer
          description: Current page number
        pagesize:
          type: integer
          description: Maximum number of elements per page
        total_count:
          type: integer
          description: Total number of results
        more:
          type: boolean
          description: |-
            Whether there are additional results:
            - `false` = No more results
            - `true` = More results available
        customers:
          type: array
          items:
            $ref: '#/components/schemas/Customer'
          description: Array of customer objects
    Customer:
      type: object
      properties:
        email:
          type: string
          description: Email address
        uid:
          type: string
          description: Unique customer identifier
        first_name:
          type: string
          description: First name
        last_name:
          type: string
          description: Last name
        phone:
          type: string
          description: Phone number
        address:
          type: string
          description: Street address
        number:
          type: string
          description: House/building number
        city:
          type: string
          description: City
        province:
          type: string
          description: Province
        zip:
          type: string
          description: Postal code
        country:
          type: string
          description: Country
        invoice_data:
          type: object
          description: >-
            Customer invoicing data. Present when the customer has requested an
            invoice.
          properties:
            name:
              type: string
              description: Company name or invoice holder
            address:
              type: string
              description: Billing street address
            city:
              type: string
              description: Billing city
            province:
              type: string
              description: Billing province
            zip:
              type: string
              description: Billing postal code
            country:
              type: string
              description: Billing country (ISO 3166-1 alpha-2 code)
            vat_code:
              type: string
              description: VAT number (Partita IVA)
            tax_code:
              type: string
              description: Tax code (Codice fiscale)
            sdi_codice:
              type: string
              description: SDI recipient code (Codice destinatario, Italian e-invoicing)
            sdi_pec:
              type: string
              description: Certified email address (PEC) for e-invoicing
        orders_count:
          type: integer
          description: Total online orders count
        pickup_orders_count:
          type: integer
          description: Pickup orders count
        delivery_orders_count:
          type: integer
          description: Home delivery orders count
        offline_orders_count:
          type: integer
          description: Total in-store purchases count
        first_order:
          type: string
          description: First order date (null = no order placed)
          nullable: true
        last_order:
          type: string
          description: Last order date (null = no order placed)
          nullable: true
        last_offline_order:
          type: string
          description: Last in-store purchase date (null = no purchase made)
          nullable: true
        orders_total:
          type: number
          description: Total spent on online orders
        added:
          type: string
          description: Date added to customer database
        accept_marketing:
          type: boolean
          description: |-
            Marketing consent status:
            - `false` = Consent not given
            - `true` = Consent given
        mobile_app:
          type: boolean
          description: Uses or has used the mobile app
        signedup:
          type: boolean
          description: |-
            Registration status:
            - `false` = Unregistered customer
            - `true` = Registered customer
        signup_uid:
          type: string
          description: Registered customer account UID or loyalty card code (if registered)
        birthday:
          type: string
          format: date
          description: Date of birth (only for registered customers; null if not set)
          nullable: true
        loyalty_points:
          type: integer
          description: >-
            Loyalty points balance (present only for registered customers when
            the loyalty program is active)
        devices_unregistered:
          type: string
          description: Most recent app uninstall detection date
        code:
          type: string
          description: Customer code (if present)
        subrestaurant_code:
          type: string
          description: Location code (if present)
        subrestaurant_uid:
          type: string
          description: Location UID (if present)
        signup_deleted:
          type: string
          description: Account deletion date (if present)
  responses:
    Unauthorized:
      description: Authentication failed.
      content:
        application/json:
          schema:
            oneOf:
              - type: object
                description: >-
                  Standard error format (when using API Key or Client ID/Secret
                  authentication)
                required:
                  - success
                  - error
                properties:
                  success:
                    type: boolean
                    enum:
                      - false
                    description: Always false for errors
                  error:
                    type: string
                    enum:
                      - RESTAURANT_NOT_FOUND
                      - INVALID_KEY
                      - INVALID_AUTH
                    description: Error code
                  message:
                    type: string
                    description: Human-readable error description
              - type: object
                description: OAuth error format (when using Bearer token authentication)
                required:
                  - error
                properties:
                  error:
                    type: string
                    enum:
                      - invalid_token
                      - invalid_request
                    description: OAuth error code (RFC 6749)
                  error_description:
                    type: string
                    description: Human-readable error description
          examples:
            standard:
              summary: Standard error format (API Key / Client ID+Secret)
              value:
                success: false
                error: INVALID_KEY
                message: The provided API key is not valid
            oauth:
              summary: OAuth error format (Bearer token)
              value:
                error: invalid_token
                error_description: Access token is invalid or expired
    Forbidden:
      description: Authorization failed - insufficient permissions or access denied.
      content:
        application/json:
          schema:
            oneOf:
              - type: object
                description: >-
                  Standard error format (when using API Key or Client ID/Secret
                  authentication)
                required:
                  - success
                  - error
                properties:
                  success:
                    type: boolean
                    enum:
                      - false
                    description: Always false for errors
                  error:
                    type: string
                    enum:
                      - API_DISABLED
                      - INSUFFICIENT_SCOPE
                      - UNAUTHORIZED
                    description: Error code
                  message:
                    type: string
                    description: Human-readable error description
              - type: object
                description: OAuth error format (when using Bearer token authentication)
                required:
                  - error
                properties:
                  error:
                    type: string
                    enum:
                      - insufficient_scope
                      - invalid_request
                    description: OAuth error code (RFC 6749)
                  error_description:
                    type: string
                    description: Human-readable error description
          examples:
            standard:
              summary: Standard error format (API Key / Client ID+Secret)
              value:
                success: false
                error: API_DISABLED
                message: API access is not enabled for the restaurant
            oauth:
              summary: OAuth error format (Bearer token)
              value:
                error: insufficient_scope
                error_description: 'Missing required permissions: write:orders'
  securitySchemes:
    apiKey:
      type: apiKey
      in: header
      name: X-Api-Key
      description: >-
        Restaurant API Key. Can be obtained from Tools > API Access in the xMenu
        dashboard.
    clientId:
      type: apiKey
      in: header
      name: X-Client-Id
      description: >-
        Client ID for API Client authentication (must be used together with
        Client Secret)
    clientSecret:
      type: apiKey
      in: header
      name: X-Client-Secret
      description: >-
        Client Secret for API Client authentication (must be used together with
        Client ID)
    oauth2:
      type: oauth2
      flows:
        clientCredentials:
          tokenUrl: https://app.xmenu.it/oauth/token
          scopes: {}
      description: >-
        OAuth 2.0 authentication using client credentials flow. The access token
        must be included in the Authorization header as a Bearer token.

````