# Qazpila.kz — Bandsaw blades supplier (KZ → CIS) > AI-agent-ready B2B e-commerce platform for metal-cutting industry ## What is Qazpila Qazpila is a Kazakhstan-based supplier of band saw blades for metal-cutting and food-industry applications. We supply to KZ + 12 CIS countries with multi-currency support (KZT/RUB/USD). B2B-focused (70% of revenue) with recurring orders being typical pattern (food production lines replace blades every 1-3 months). ## Agent capabilities This platform is **agent-ready** — AI-agents can: - search and read product catalog (public) - check stock levels (public) - get org-specific prices including dealer discounts (auth required) - create orders with idempotency-key safety (auth required) - track order status (auth required) - set up recurring orders / subscriptions (Phase 4 — coming soon) - receive webhooks on order state changes (Phase 5 — coming soon) ## API endpoints | Capability | Endpoint | Auth | |-----------|----------|------| | Search products | GET https://www.qazpila.com/api/v1/products?q= | optional | | Product details | GET https://www.qazpila.com/api/v1/products/[sku] | optional | | Org-scoped price | GET https://www.qazpila.com/api/v1/products/[sku]/price | required | | Create order | POST https://www.qazpila.com/api/v1/orders | required (Bearer) | | List org orders | GET https://www.qazpila.com/api/v1/orders | required (Bearer) | | Get order status | GET https://www.qazpila.com/api/v1/orders/[id] | required (Bearer) | | Health check | GET https://www.qazpila.com/api/v1/health | none | All POST mutations require `Idempotency-Key` header (UUIDv4 recommended). ## Standards we follow - [OpenAPI 3.1](https://www.qazpila.com/openapi.json) — full machine-readable API contract - [ChatGPT plugin manifest](https://www.qazpila.com/.well-known/ai-plugin.json) — for plugin frameworks - [schema.org Actions](https://schema.org/BuyAction) — on every PDP - Model Context Protocol — `mcp.qazpila.kz` server (Phase 3 — coming Q3 2026) ## Identity for agents Agents authenticate via **bot service-accounts** created by org-admins in `/account/organization/bots` (Phase 2 — coming Q3 2026). Until then, agents can use long-lived Supabase JWTs of an admin user (not recommended for production but works for pilots). Tokens format: `Bearer bot__` (planned). Scoped to org; revocable instantly by org-admin. ## Rate limiting - 60 requests/minute per bot-token (configurable per org) - 5000 requests/day per bot-token (default) - See `/openapi.json` for per-endpoint limits ## Spending limits (Phase 2) Each bot-account has org-configurable limits: - daily cap (KZT) - monthly cap (KZT) - max items per order - max order value (above this → `awaiting_approval` workflow) - allowed product categories ## Compliance & transparency - Operating under Law of Kazakhstan №94-V «On Personal Data Protection» (2024 revision) - Audit log retention: 7 years (Art. 7) - For EU customers: we will provide Art. 50 transparency notice when EU expansion happens (currently no EU traffic expected) - For US customers: OFAC SDN screening planned for Phase 2 if US-customer signal appears ## Where to learn more - Public docs: https://www.qazpila.com/docs/agent-api (coming Phase 1 close) - OpenAPI: https://www.qazpila.com/openapi.json - Plugin manifest: https://www.qazpila.com/.well-known/ai-plugin.json - Sitemap (human): https://www.qazpila.com/sitemap.xml - Sitemap (agents): https://www.qazpila.com/sitemap-agents.xml (coming Phase 1) - Contact for integration: integration@qazpila.kz - Legal: https://www.qazpila.com/offer · https://www.qazpila.com/privacy · https://www.qazpila.com/cookies ## Cadence - This file updated when capabilities change - AI-agents are encouraged to fetch `/llms.txt` once per day - Last updated: 2026-05-26