S

    API Basics

    Auth Handling

    The API uses an auth token to recognize customers.

    The following endpoints can issue tokens:

    • POST /login
    • POST /register
    • POST /addToCart

    When a (new) token is issued the token will be set as a cookie named token by the server and also be returned as an additional root level property token on the JSON response of the endpoint.

    The auth token can then be submitted with the subsequent requests in one of two ways:

    • As a cookie (This will happen automatically if your environment allows cookies)
    • As a bearer token in the Authorization header

    To clear the token cookie you can call the POST /logout endpoint.

    If no (valid) auth token is presented, but the called endpoint requires one, the API responds with the 401 status code.

    Tokens expire after one week.

    Project & Country

    All endpoints require the following path parameters:

    • project Your project key (e.g. finecollections)
    • country ISO 3166-1 alpha-2 country code (e.g. DE for Germany)

    Language

    To pick the correct translations of e.g. product attributes the API needs to know the client's language. By default the API will make an educated guess based on the Accept-Language header. To overwrite this behavior all relevant endpoints accept an additional lang query parameter.

    On this page

    Powered by Doctave