> ## Documentation Index
> Fetch the complete documentation index at: https://api-doc.xmenu.it/llms.txt
> Use this file to discover all available pages before exploring further.

# Delivery address validation

> Validates a delivery address before order creation, confirming if the location is reachable and retrieving delivery zone information.

<Badge color="blue" icon="key">`write:orders`</Badge>


## OpenAPI

````yaml openapi-en.json POST /order/validate_address
openapi: 3.1.0
info:
  title: xMenu API
  description: xMenu Public API - REST endpoints and webhook notifications
  version: 1.0.0
servers:
  - url: https://app.xmenu.it/api
    description: xMenu API Production
security: []
paths:
  /order/validate_address:
    post:
      tags:
        - Order Insertion
      summary: Delivery address validation
      description: >-
        Validates a delivery address before order creation, confirming if the
        location is reachable and retrieving delivery zone information.
      operationId: orderValidateAddress
      requestBody:
        required: true
        description: >-
          The address can be provided in two alternative ways:

          - **Mode 1**: `address` field with complete address as a single string

          - **Mode 2**: separate fields (`street`, `number`, `city`, `province`,
          `zip`, `country`)


          You must provide the address using one of the two modes.
        content:
          application/json:
            schema:
              type: object
              properties:
                address:
                  type: string
                  description: >-
                    **[Mode 1]** Complete address as a single string
                    (alternative to separate fields)
                street:
                  type: string
                  description: '**[Mode 2]** Street/avenue name'
                number:
                  type: string
                  description: '**[Mode 2]** Civic number'
                city:
                  type: string
                  description: '**[Mode 2]** Municipality'
                province:
                  type: string
                  description: '**[Mode 2]** Province code'
                zip:
                  type: string
                  description: '**[Mode 2]** Postal code'
                country:
                  type: string
                  description: '**[Mode 2]** Country code (e.g., IT)'
                language:
                  type: string
                  description: ISO 639-1 language code; defaults to restaurant settings
      responses:
        '200':
          description: Address validation response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OrderValidateAddressResponse'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
      security:
        - clientId: []
          clientSecret: []
        - oauth2: []
components:
  schemas:
    OrderValidateAddressResponse:
      type: object
      required:
        - success
      properties:
        success:
          type: boolean
          description: 'Operation result: `true` if successful, `false` if failed'
        error:
          type: string
          description: >-
            Error code if the operation failed. Possible values:

            - `INVALID_ADDRESS` = invalid, incomplete or not found address

            - `ADDRESS_NOT_SERVED` = address outside service zone

            - `DELIVERY_NOT_AVAILABLE` = delivery service unavailable


            See [Error codes](/docs/en/overview/error-codes) for general error
            codes that may occur.
        message:
          type: string
          description: Human-readable error description if the operation failed
        data:
          type: object
          description: Validated address data (present only if success = true)
          required:
            - address
            - subrestaurant_uid
            - kms
          properties:
            address:
              type: object
              required:
                - place_id
                - street
                - number
                - city
                - province
                - zip
                - country
                - lat
                - lng
              properties:
                place_id:
                  type: string
                  description: Unique address identifier
                street:
                  type: string
                  description: Street/avenue name
                number:
                  type: string
                  description: Civic number
                city:
                  type: string
                  description: Municipality
                province:
                  type: string
                  description: Province code
                zip:
                  type: string
                  description: Postal code
                country:
                  type: string
                  description: Country code
                lat:
                  type: number
                  format: double
                  description: Latitude
                lng:
                  type: number
                  format: double
                  description: Longitude
            subrestaurant_uid:
              type: string
              description: UID of the assigned location to handle the delivery
            kms:
              type: number
              format: double
              description: Distance in kilometers
            delivery_fee:
              type: number
              format: double
              description: Delivery cost
            order_min:
              type: number
              format: double
              nullable: true
              description: >-
                Minimum order amount required for deliveries in this distance
                range. `null` if no minimum is configured for this range.
  responses:
    Unauthorized:
      description: Authentication failed.
      content:
        application/json:
          schema:
            oneOf:
              - type: object
                description: >-
                  Standard error format (when using API Key or Client ID/Secret
                  authentication)
                required:
                  - success
                  - error
                properties:
                  success:
                    type: boolean
                    enum:
                      - false
                    description: Always false for errors
                  error:
                    type: string
                    enum:
                      - RESTAURANT_NOT_FOUND
                      - INVALID_KEY
                      - INVALID_AUTH
                    description: Error code
                  message:
                    type: string
                    description: Human-readable error description
              - type: object
                description: OAuth error format (when using Bearer token authentication)
                required:
                  - error
                properties:
                  error:
                    type: string
                    enum:
                      - invalid_token
                      - invalid_request
                    description: OAuth error code (RFC 6749)
                  error_description:
                    type: string
                    description: Human-readable error description
          examples:
            standard:
              summary: Standard error format (API Key / Client ID+Secret)
              value:
                success: false
                error: INVALID_KEY
                message: The provided API key is not valid
            oauth:
              summary: OAuth error format (Bearer token)
              value:
                error: invalid_token
                error_description: Access token is invalid or expired
    Forbidden:
      description: Authorization failed - insufficient permissions or access denied.
      content:
        application/json:
          schema:
            oneOf:
              - type: object
                description: >-
                  Standard error format (when using API Key or Client ID/Secret
                  authentication)
                required:
                  - success
                  - error
                properties:
                  success:
                    type: boolean
                    enum:
                      - false
                    description: Always false for errors
                  error:
                    type: string
                    enum:
                      - API_DISABLED
                      - INSUFFICIENT_SCOPE
                      - UNAUTHORIZED
                    description: Error code
                  message:
                    type: string
                    description: Human-readable error description
              - type: object
                description: OAuth error format (when using Bearer token authentication)
                required:
                  - error
                properties:
                  error:
                    type: string
                    enum:
                      - insufficient_scope
                      - invalid_request
                    description: OAuth error code (RFC 6749)
                  error_description:
                    type: string
                    description: Human-readable error description
          examples:
            standard:
              summary: Standard error format (API Key / Client ID+Secret)
              value:
                success: false
                error: API_DISABLED
                message: API access is not enabled for the restaurant
            oauth:
              summary: OAuth error format (Bearer token)
              value:
                error: insufficient_scope
                error_description: 'Missing required permissions: write:orders'
  securitySchemes:
    clientId:
      type: apiKey
      in: header
      name: X-Client-Id
      description: >-
        Client ID for API Client authentication (must be used together with
        Client Secret)
    clientSecret:
      type: apiKey
      in: header
      name: X-Client-Secret
      description: >-
        Client Secret for API Client authentication (must be used together with
        Client ID)
    oauth2:
      type: oauth2
      flows:
        clientCredentials:
          tokenUrl: https://app.xmenu.it/oauth/token
          scopes: {}
      description: >-
        OAuth 2.0 authentication using client credentials flow. The access token
        must be included in the Authorization header as a Bearer token.

````