Skip to content

API endpoints

Mediaverse v2 exposes a small number of admin HTTP endpoints, primarily used by the admin UI to prevent accidental deletion of media that is in use.

All endpoints require a valid admin session (cookie or Authorization: Bearer … token from /api/oauth/token).

MethodPathPurpose
GET/api/p2lab-product-video/get-media-in-products-usage/{mediaId}Returns a list of products that use the given media as a video.
GET/api/p2lab-product-video/get-media-in-cms-usage/{mediaId}Returns a list of CMS pages / blocks that use the given media.

Both return 200 OK with a JSON body listing the consumers, or an empty array if the media is unused.

v2 does not register XML for custom fields — settings per media entry are stored as JSON in the existing product_media.custom_fields column. The shape is roughly:

{
"p2labProductVideo": {
"url": "https://...",
"source": "youtube | vimeo | facebook | dailymotion | tiktok",
"mediaId": "uuid",
"videoSources": ["uuid-360p", "uuid-720p", "uuid-1080p"],
"translation": {
"de-DE": "uuid-of-german-media"
},
"translationSources": {
"de-DE": ["uuid-360p", "uuid-720p"]
}
}
}

The stored field is source (the recognised provider). The type (embed vs media) is computed at runtime from the presence of url (embed) or mediaId (media) — it is not persisted in the JSON.

Auto-detected sources are limited to YouTube, Vimeo, Facebook, Dailymotion and TikTok. Gcore is selectable in the system config but is not auto-recognised from a pasted URL — it must be picked explicitly.

This JSON is the source of truth for per-video behaviour. The system-config settings only define defaults.

For the Mediaverse CMS block (p2lab-cms-video), configuration is stored in cms_slot.config (JSON) with a similar shape. Each CMS slot has its own config — they do not share state across pages.

All error responses follow Shopware’s standard admin error format:

{
"errors": [
{
"code": "...",
"detail": "Human-readable error",
"status": "400"
}
]
}