Shoptet API (1.0.0)

Created in cooperation with the Ministry of Industry and Trade of the Czech Republic within the "The Country for the Future" programme.

This documentation provides information about the interface for developers who would like to gain access to Shoptet

e-shops. For more information about Shoptet, see https://www.shoptet.cz/.

The API is available in two access modes:

  • for "Shoptet partner” developers who create the interconnection with the services and extend the Shoptet system's functions for public usage. For more information about API and conditions, under which it can be used, see https://developers.shoptet.com/addons/.

  • direct private access to eshop data for eshop owner - available only for Premium Members. See https://developers.shoptet.com/premium for more information about API access.

Basic principles

How to call API

API supports communication in JSON format. The URL for calling API requests is https://api.myshoptet.com. The API calls

(endpoints and message formats) are common for private as well as addons access, it however uses different authentication

and authorization principles.

For Addons

API is made to create the supplements for the Shoptet system and uses OAuth2 authorization principles.

To access the API it is necessary to implement a web service at your side, which will communicate with our OAuth server.

In your e-shop administration, which you are using to work with our API, you must search in the API Partner section for the Access to API tab.

Here, you will find your clientID and addresses, from where you can call our OAuth server.

The work with API begins with e-shop addon installation. (The installation process can be tested in the addon detail in the Users section, where you can cause the installation for your e-shop.)

In your addon detail, in the Settings section, enter URL to gain a OAuth code. The URL must be linked to your server, where the script is prepared, which is able to gain an OAuth access token.

At this address, you will receive the HTTP request with a GET parameter code, when installing the addon, with unique value (a 255 character long string).

The code provided only has short-term validity and can be used only once. With this code, request our OAuth server to provide an OAuth access token.

Such a request shall follow within the same script that received the code.

Do not put off gaining the OAuth access token for a later time, and do not reply to our request with a 200 OK status, until you gain the OAuth access token.

The address for you to call, and an example of implementation, can be found in e-shop administration in the Access to API section.

As a response you will obtain a JSON with your OAuth access token. Save this token securely. Never send this token to the client computer, and use it only

for communication between the servers and for gaining the temporary token for access to API.

If you have successfully received an OAuth access token, your script must end with the HTTP status code “200”.

Now you have your OAuth access token, which links your addon with a specific e-shop, perhaps you would like to communicate with the e-shop via API.

From your server, call https://<eshop-address.tld>/action/ApiOAuthServer/getAccessToken address with HTTP header Authorization: Bearer <OAuth access token>.

As the reply, you will receive a JSON containing an API access token value and the token expiration time value. An example of calling can be found in e-shop administration in the Access to API section.

It is possible to request a maximum of 5 valid tokens.

The API access token will enable you to call an individual URL of our API, for example https://api.myshoptet.com/api/eshop. Send the API access token in each request in the HTTP headerShoptet-Access-Token.

You can have several valid API access tokens available at any one time. Should the validity of the API access token expire, you will receive a HTTP status code 401 and message about token expiration.


{
    "data": 'null',
    "errors": [
        {
            "errorCode": "expired-token",
            "message": "Token is expired. Please ask for new one.",
            "instance": "unknown"
        }
    ]
}

If your token does not have the access right for a specific endpoint, you will obtain a reply with HTTP status code 403 Forbidden.


{
    "data": 'null',
    "errors": [
        {
            "errorCode": "invalid-token-no-rights",
            "message": "Your access token \"afd..123\" has no defined rights for this resource.",
            "instance": "access-token"
        }
    ]
}

For private API access (Premium)

You can create API access tokens simply in the eshop administration. Send them in the request header Shoptet-Private-API-Token.

You can automatically access all API endpoints.

Rate limiting

Rate limiting is only at the level of server overload protection (DDoS), whereas the quantity of queries or total volume of data are unlimited.

These are therefore the limits of the maximum number of coincident active connections. A maximum of 50 from a single IP address, and a maximum of

3 connections for a single token. If the limit is exceeded, the HTTP code 429 is returned. See also Nginx configuration:

    limit_conn per_ip 50;
    limit_conn per_token 3;
    limit_conn_status 429;

Some URLs, for example for bulk operations, can have their own specific limits, which are mentioned in this documentation.

Locks

Write endpoints (DELETE, PATCH, POST, PUT methods) can take longer and may be prone to two concurrent matching requests.

To avoid problems with retrying identical write requests, we have added the locking function of these requests to the application.

If you execute the same request two times in quick succession, the second request receives error response with a 423 code.

The lock is only valid for a specific called URL, for the duration of the request processing, but no longer than 5 seconds.

API versioning

Current version of API: v1.0

The client must send a Content-Type header with value of application/vnd.shoptet.v1.0,

where v1.0 is the API version supported by the client. If there is any change in the API, then we are trying to make it

reverse compatible, therefore it is not necessary to regularly update your connection after each change in our interface.

The version is the same for all endpoints described here.

Server response format

All JSON responses from the server have the same format, as a base.

If any of the sections is not present in the response, a null value is then received.

Example of call for addons:


curl --include \
    -H 'Shoptet-Access-Token: 123456-a-123-XXXXXXXXXXXXXXXXXXXXXXXXX' \
    -H 'Content-Type: application/vnd.shoptet.v1.0' \
   'https://api.myshoptet.com/api/eshop'

Example of call for private API access:


curl --include \
    -H 'Shoptet-Private-API-Token: 123456-a-123-XXXXXXXXXXXXXXXXXXXXXXXXX' \
    -H 'Content-Type: application/vnd.shoptet.v1.0' \
   'https://api.myshoptet.com/api/eshop'

Example of response:


HTTP/2 200

date: Fri, 13 Jul 2018 15:57:29 GMT

content-type: application/vnd.shoptet.v1.0+json; charset=utf-8


{
    "data": {
        "contactInformation": {
            "eshopName": "www.domena-eshopu.cz",
            "url": "https:\/\/www.domena-eshopu.cz\/",
            "companyId": "28935675",
           ...
        }
        ...
    },
    "errors": 'null'
}

The basic structure of the response in the event of an error is as follows:


{
    "data": 'null',
    "errors": [
        {
            "errorCode": "missing-access-token",
            "message": "Missing access token. Please add `Shoptet-Access-Token` header to your request.",
            "instance": "unknown"
        }
    ]
}

Most of the endpoints are synchronous, i.e. your answer is provided immediately and contains the data requested. There

are however some endpoints, where either the request or the response processing takes longer time. These are implemented as

Asynchronous requests. Your request will be queued and you

receive only job identification in the response. You will be notified using a

webhook when the job is completed and your results

downloadable. Be aware, that registration of webhook job:finished is required to be able to run asynchronous requests.

If webhook is not registered, you will receive an error response with HTTP status code 403 and job won't be queued.

Webhook job:finished is also emitted when the job is failed so there is need to check the Detail of job to get the result of the job. If an error occurs during an asynchronous request, the job is automatically marked as failed 3 hours after its creation, and in this case, the job:finished webhook is not emitted.

Some attributes may be added to the new API version, or the sequence of attributes can be changed.

Your software, therefore, shall not rely on either of these.

If some attributes are renamed or removed, you will be informed in an additional

Deprecated header + Sunset

If you are calling some endpoint in a version that will not be supported in the future, you will receive a response with the header

X-Shoptet-Deprecated. If you detect this header within the response and its presence is logged,

you should be aware of the support termination for a specific endpoint in advance and thus have enough time for correction.

Furthermore, you shall also receive the response with aSunset header with the date when the support for this endpoint is to be terminated.

Status codes

When processing the response, the client shall first detect, what response status code was received.

For GET requests for responses with 200 code, it is not necessary to explore the errors part of the response.

For PATCH/PUT requests, which can process more records at the same time and some records

are not processed successfully, these end with a 200 response code and the errors key contains info on skipped rows.

The unknown record is returned with a 404 code, etc. These responses have the error field filled in, where you can

find detailed info about the error.

The following errors might be expected:

  • 400 - Some of the validations on item level have failed. There is no reason to retry, it will fail always.

  • 401 - Invalid token or the token has expired (for addons access tokens). You have to ask for another one.

  • 403 - Forbidden. The token has no rights to the endpoint called. The endpoints must be allowed for an addon and the eshop must have approved them. Valid for addons access tokens, private tokens can always access all endpoints. Can be also returned when required module for request is missing.

  • 404 - Either the endpoint is wrong; or most commonly, an entity identifier, which is part of the URL, does not exist.

  • 409 - Conflict - the action could not be completed for some consistency rules, such as duplicate data or relation, which would be broken.

  • 413 - Payload too large - update requests can sometimes contain multiple entities to be amended. There is however a limit (varying for each request), how many can be specified within one request. If you breach the limit, you will get this error and nothing will be updated.

  • 422 - Unprocessable entity - we were not able to parse the request - it does not match the expected format. Something is wrong with the request as whole, it might not be a correct JSON or it does not match the expected JSON schema. There is no reason to retry, it will always fail.

  • 423 - Locked - for update and some read request we apply locks, usually on an URL level, which should avoid consistency problems possibly occuring from parallel updates. See chapter about locks. Retry later, try to avoid parallel update requests.

  • 500 - General server error. Yes, this might happen to our software, too. Most commonly this is a temporary database issue and it might (but might not), work a few minutes later. We monitor all such errors and we try to analyze and fix them.

  • 503 - System maintenance. Most commonly we move a database to another database cluster or a database migration is pending and it will be available in a few minutes. Please try later.

Paging

Some endpoints can return larger quantity of records. Such endpoints do not return the entire result, but support pagination of results.

You can page using page (int) and itemsPerPage (int) parameters. The first page has number 1. If you require a different

quantity of items per page, use the itemsPerPage parameter. CAUTION: the number of items per page can be decreased only, the default

value is maximum. The default value can be different for each endpoint.

When paging, check the total number of items, if not altered (totalCount), then the

items on pages could be shifted and some of them could be missed or processed twice.

Section on demand

Some endpoints return the data sections as optional, on demand. The request is done by giving the section name in the

include parameter. Part of the data is returned each time, the other section only on demand. This makes the responses smaller for those, who do not need the data

, thus saving the volume of data transmitted and shortening the time to process the request.

For example, for "Eshop Info" endpoint, you will gain basic info when simply calling [GET] /api/eshop, but payment

methods and transport options only when using [GET] /api/eshop?include=paymentMethods,shippingMethods.

More values are separated by a comma, no sequencing, no upper/lower case differentiation. Other blocks are available on demand

and each endpoint informs you which identifier to request.

Translations

For proper functionality in translations you will have to get module Foreign languages (Cizí jazyky) activated on customer e-shop. Multi-language support in API is handled by query parameter language, which can be used in whole API. If parameter is not set, default shop language is used.

Read endpoints (HTTP verb GET) will return corresponding language version of texts where applicable.

For write endpoints, first use POST endpoint to create entity and then use PATCH endpoint with corresponding language query parameter to set language fields.

Please note that in some endpoints (typically surcharge/filtering/variant parameters) you must use the identifier's currently selected language variant (which is filtered in list).

Files

For files upload, there are Files endpoints.

The file is uploaded to a temporary storage which is not accessible publicly. The file is kept there for 7 days and then deleted.

After you upload a file, you may copy it to some API entities in their endpoints - you specify filename returned in response of upload job.

Please note that currently only images (png, jpg, gif) are allowed filetypes for file upload.

Product images

Shoptet saves the product images in their original size and then prepares several sizes for standardized usage (called

image cuts). These cuts are created in advance and saved on the disk, so they are readily available. The list of cuts is

the same for each e-shop, and each e-shop can theoretically have different cut sizes. In practice, their size is given

by the template and most templates use the same sizes. The list of provided cuts is given by

the Image cuts code list.

The /api/eshop?include=imageCuts endpoint returns the imageCuts field in the response, where each cut has the actual

size defined, and the URL base path. There are two base URLs (example for classic.shoptet.cz, cut detail):

  • urlPath: "https://classic.shoptet.cz/user/shop/detail/"

  • cdnPath: "https://cdn-api.myshoptet.com/usr/classic.shoptet.cz/user/shop/detail/"

Use the urlPath in case you need an up-to-date image right now. Use the url for your backend processing and you

will retrieve the images only once. Images retrieved via urlPath are not cached. You can use image name or SEO version

of the image name - see below.

Use the cdnPath in case you want to use the image url on the frontend and users of your application will display it,

e.g. if you provide an alternative frontend, mobile application etc. The images are cached and provided with lower

latency. Use cdnName retrieved from the product detail endpoint (or similar) - see below.

Once you determine the URL based on the purpose and image cut size (for example detail for product detail, or related

for product preview), just append the filename you need. The filename can be retrieved from Product detail endpoint.

Although the e-shop is behind the content delivery network (Cloudflare CDN), API still returns the same domain. Whether

the e-shop is behind the Cloudflare CDN, you can find out from response headers (CDN-Loop: cloudflare header).

The product detail endpoint /api/products/{guid}?include=images returns the image field data.images[] in the same

sequence, as these are entered in administration. The file name name (for example 100.jpg) needs to be connected

to the URL cut and then you have complete path to the image of a given cut (size), for example

https://classic.shoptet.cz/user/shop/detail/100.jpg. You can also use seoName, which also contains a description

of the image - you will be redirected to the same image. The cdnName is intended for use with the cdnUrl only.

The fields look like: (excerpt)

    "name": "106.png",
    "description": "shamrock 2115611 640",
    "seoName": "106_shamrock-2115611-640.png",
    "cdnName": "106_shamrock-2115611-640.png?5b2a41f5"

One of the images mentioned for the product can be selected as the default image for the product variant. The selected

image is in data.variants[].image item and contains the name of the image – this can be searched for in the image

list, in the name item. Should the variant have no preselected default image, the parameter image is null.

If data.variants[].isProductDefaultImage is true, then the default product image is given. If it is false, then it is the default variant image.

The item data.items[].mainImage contains the main image in order detail - this is either a default variant image,

or, if not set (or product does not have variants), the default product image is given. The structure is the same as

in product details, but not all images are given here, only the default one – representative image. The full path can

be gained by assembling the urlPath from the e-shop info and the name or seoName items, given for the order item.

Similarly, the product list gives data.products[].mainImage, which mentions the initial image for each product.

Code lists

Image cuts

ValueDescription
origoriginal image (in the original resolution)
bigbig image (typically 1024x768 px)
detailimage detail (typically 360x270 px)
categorysize for listing in category (typically 216x105 px)

Product visibility

ValueDescription
hiddenHide product
visibleShow product
blockedCannot be ordered
show-registeredShow only to logged-in users
block-unregisteredDo not allow order to logged-out users
cash-desk-onlyShow only in cash desk
detail-onlyDo not show e-shop navigation

Product types

ValueDescription
productProduct
bazarSecond-hand product
serviceService
gift-certificateGift (deprecated)
product-setProduct set

Types of order items

ValueDescription
productProduct
bazarSecond-hand product
serviceService
shippingTransportation
billingPayment method
discount-couponDiscount coupon
volume-discountVolume discount
giftGift
gift-certificateGift certificate
generic-itemNon-specific item
product-setProduct set
product-set-itemProduct set item
depositDeposit

Sorting of products in category

ValueDescription
defaultDefault
most-sellingMost selling first
cheapestCheapest first
most-expensiveMost expensive first
oldestOldest first
newestNewest first
alphabeticallyAlphabetically
alphabetically-descAlphabetically, descending
product-codePer product code
product-code-descPer product code, descending
category-priorityCategory priority
category-priority-descCategory priority, descending

Webhook event types

ValueDescriptionIdentifier meaning
brand:createBrand creation eventString (code) - brand unique code
brand:updateBrand change eventString (code) - brand unique code
brand:deleteBrand deleting eventString (code) - brand unique code
creditNote:createCredit note creation eventNumber (code) of credit note
creditNote:deleteCredit note deleting eventNumber (code) of credit note
creditNote:updateCredit note change eventNumber (code) of credit note
customer:createNew customer was createdCustomer GUID
customer:updateCustomer was updated. Throws 409 Conflict when try to register simultaneously with customer:disableOrders or customer:enableOrdersCustomer GUID
customer:disableOrdersAn event disabled the customer, and his future orders will be automatically cancelled. Throws 409 Conflict when try to register simultaneously with customer:updateCustomer GUID
customer:enableOrdersAn event enabled the customer's future orders. Throws 409 Conflict when try to register simultaneously with customer:updateCustomer GUID
customer:importImport of 1 and more customers was executedFixed string "customers"
customer:deleteCustomer was deletedCustomer GUID
deliveryNote:createDelivery note creation eventNumber (code) of delivery note
deliveryNote:deleteDelivery note deleting eventNumber (code) of delivery note
deliveryNote:updateDelivery note change eventNumber (code) of delivery note
eshop:currenciesCurrencies settings change eventID of eshop
eshop:billingInformationBilling information (i.e. eshop billing address) change eventID of eshop
eshop:designDesign settings (template, colors, fonts, layout)ID of eshop
eshop:mandatoryFieldsMandatory fields of customer were updatedID of eshop
eshop:projectDomainDomain of eshop was changedID of eshop
invoice:createInvoice creation eventNumber (code) of invoice
invoice:deleteInvoice deleting eventNumber (code) of invoice
invoice:updateInvoice change eventNumber (code) of invoice
job:finishedThe asynchronous request was finishedJob id
mailingListEmail:createE-mail addition event into the e-mail distribution listName (code) of e-mail distribution list
mailingListEmail:deleteE-mail deleting event from the e-mail distribution listName (code) of e-mail distribution
order:cancelOrder cancel event. Webhook is emitted when order status is set to canceled. Throws 409 Conflict when try to register simultaneously with order:updateNumber (code) of order
order:createOrder creation eventNumber (code) of order
order:deleteOrder deleting eventNumber (code) of order
order:updateOrder change event. Throws 409 Conflict when try to register simultaneously with order:cancelNumber (code) of order
orderStatusesList:changeOrder status list change event. Emitted when order status is created, updated or deletedOrder status ID
paymentMethod:changePayment method change eventPayment method GUID
proformaInvoice:createProforma invoice creation eventNumber (code) of proforma invoice
proformaInvoice:deleteProforma invoice deleting eventNumber (code) of proforma invoice
proformaInvoice:updateProforma invoice change eventNumber (code) of proforma invoice
proofPayment:createProof of payment creation eventNumber (code) of proof payment
proofPayment:deleteProof of payment deleting eventNumber (code) of proof payment
proofPayment:updateProof of payment change eventNumber (code) of proof payment
shippingMethod:changeShipping method change eventShipping method GUID
shippingRequest:cancelledShipping request was not chosen for order deliveryshippingRequestCode associated with the cart
shippingRequest:confirmedShipping request was chosen for order deliveryshippingRequestCode associated with the cart
stock:movementStock change eventStock ID
stock:inStock (*)Stock change event - sum across all of the stocks raised above 0 (beta, see below)Number (code) of product
stock:soldOut (*)Stock change event - sum across all of the stocks reached 0 (beta, see below)Number (code) of product
stock:minStockSupplyReached (*)Stock change event - sum across all of the stocks reached minimum stock supply value, if this limit is set for product (beta, see below)Number (code) of product

(*) These webhooks are considered beta/experimental, for more information, please visit the X-url

Mass Webhooks

These webhooks are sent when a mass change of entities is performed. The payload contains a json serialized list of IDs of changed entities.

Purpose of these webhooks is to downgrade number of requests, while i.e. administrator performs mass change of orders status at once etc.

So instead of emitting one event for every order, we emit one event for all of them.

For now, if some mass event is performed, we also sent "single" webhook event for every updated entity as usual, but it will be changed in future, so please watch release changes for more info

ValueDescriptionIdentifier meaning
invoice:massUpdateMass change of invoices eventJson serialized list of number (code) of invoices
order:massUpdateMass change of orders eventJson serialized list of number (code) of orders

System Webhooks

These webhooks cannot be registered via API, they are setup in Partners' Addon administration section instead.

ValueDescription
addon:suspendThe addon was suspended by the eshop or by Shoptet operations staff
addon:approveThe addon was approved (resumed) after it was suspended
addon:terminateThe addon was terminated by the eshop or by Shoptet operations staff
addon:uninstallThe addon was uninstalled by the eshop admin or the eshop was terminated

URL address from endpoint Eshop info

See endpoint Eshop info

IdentDescription
admin-orders-listListing of orders in administration
admin-customers-listList of customers in administration
oauthOAuth server address, used for e-shop user verification

List of product catalogues

Provider (identification)Description
glamiGlami
googleGoogle
heurekaHeuréka
zboziZboží.cz

Invoice Billing Methods

idDescription
1COD (cz: Dobírka)
2Wire transfer (cz: Převodem)
3Cash (cz: Hotově)
4Card (cz: Kartou)

VAT modes

Value
Normal
One Stop Shop
Mini One Stop Shop
Reverse charge
Outside the EU

Postman collection

If you use Postman as an API platform for building and using APIs, we provide you a complex collection of Shoptet API.

You have 2 options how to import our postman collection (created from openApi schema - openapi.yaml ) into your postman client

Fork Shoptet API Collection from Shoptet Public API Workspace (recommended)

Also check postman documentation for more details: Fork a collection.

Step 1: Navigate to Shoptet Public API Workspace

  • Launch Postman on your desktop or in the browser.

  • In the search bar in the top header of app, type Shoptet Public API and select collection from Shoptet public API Workspace.

Step 2: Locate the Shoptet API Collection

  • Once inside the Shoptet Public API Workspace, go to the Collections tab.

  • Find the Shoptet API collection.

Step 3: Fork the Collection

  • Click on the Shoptet API collection to open it.

  • In the collection view, click the Fork button in the top-right corner.

  • In the fork dialog, choose a name for your forked collection.

  • Select the workspace where you want to save the forked collection.

  • It’s recommended to check watch original collection to get notified about changes in the original collection.

  • Click Fork Collection.

Step 4: Access Your Forked Collection

  • Navigate to the workspace where you saved the forked collection.

  • You’ll now find the forked Shoptet API collection under the Collections tab, ready for you to use and modify.

Now you have your own copy of the Shoptet API collection! If you want to add changes from the original collection, you can do so by click on pull changes in collection settings.

Import openapi.yaml into Postman as a Collection

Step 1: Upload the openapi.yaml File

  • Download the openapi.yaml file from our developers repository.

  • Launch Postman on your desktop or in the browser.

  • In the top-left corner of Postman, click the Import button.

  • A pop-up window will appear.

  • Drag and drop your openapi.yaml file into the window, or click Upload Files and browse to the file's location.

Step 2: Verify OpenAPI Import

  • Postman will automatically recognize the OpenAPI schema.

  • It will display a preview of the API schema.

Step 3: Import as Collection

  • Once the file is recognized, click Import.

  • Postman will convert the OpenAPI schema into a collection of requests, based on the defined endpoints in the openapi.yaml file.

Step 4: Access the Imported Collection

  • After the import is successful, go to the Collections tab.

  • You’ll find your new collection, named after the OpenAPI schema, containing all the API requests generated from the file.

Now you can explore the API endpoints and use them directly within Postman!

Collection settings

  1. Click the Shoptet API collection name.

  2. Go to Authorization tab.

  3. Set your access token into the value of Shoptet-Access-Token key.

  4. Go to Variables tab.

  5. You can set baseUrl variable here.

Last changes

Last API changes are published on the [API news] page (https://developers.shoptet.com/category/api/).

Download OpenAPI description
Languages
Servers
https://api.myshoptet.com/

Eshop

This endpoint is used for general information about the e-shop settings.

Operations

Products

Product endpoints are used for managing products in the e-shop and also for its related modules.

Operations

Price lists

Price lists are used for setting up different prices for products for different customer groups.

Operations

Orders

Order endpoints are used for managing orders in the e-shop.

Operations

Invoices

Invoice endpoints are used for managing invoices in the e-shop.

Operations

Proforma invoices

Proforma invoice endpoints are used for managing proforma invoices in the e-shop.

The code (code) is the proforma invoice identifier. Although this is usually a number, it is necessary to take into account that this might also include

letters, a dash, etc.

Operations

Credit notes

Credit note endpoints are used for managing credit notes in the e-shop.

The code (code) is the credit note identifier. Although this is usually a number, it is necessary to take into account that this might also include

letters, a dash, etc.

Operations

Delivery notes

Delivery note endpoints are used for managing delivery notes in the e-shop.

The code (code) is the credit notes identifier. Although this is usually a number, it is necessary to take into account that this might also include

letters, a dash, etc.

Operations

Proof payments

The code (code) is the proof payments identifier. Although this is usually a number, it is necessary to take into account that this might also include letters, a dash, etc.

Operations

Stocks

Stock endpoints are used for managing stocks in the e-shop.

Operations

Suppliers

Supplier endpoints are used for managing suppliers in the e-shop.

Operations

Brands

Brand endpoints are used for managing brands in the e-shop.

Please note, the field code is deprecated - use indexName instead. Parameter code accepts both: guid string style, e.g. d467bfbe-4334-11ef-ad70-0242ac1f0005, and index name string style, e.g. willy-wonka. The index name string style is deprecated - use guid style.

Operations

Customers

Customer endpoints are used for managing customers in the e-shop.

Operations

Templates

In the last Shoptet version, it is not possible to change the e-shop design via API. However, it is possible to include HTML codes

into previously defined places. This enables the code or link to a file containing additional CSS styles or JavaScript codes to be entered.

The same functionality is now included within the e-shop administration (/admin/html-kody/, HTML code tab).

There are 3 possible locations, where HTML codes can be inserted:

  • common-header - the code will be inserted into each e-shop page header (<HEAD>)

  • common-footer - the code will be inserted into each e-shop page foot (before end </BODY>)

  • order-confirmed - the code will be inserted in the page confirming the order (the "thank you page")

The inserted codes may come from 3 sources, and they are included in the following order:

  1. Codes from addons (the addon defines HTML codes to be inserted for anybody, who installs the addon). If there are more of these, they are inserted progressively, the order cannot be relied upon.

  2. Codes entered via API. Each addon can insert only one code into each location. If there are more of these addons, the codes will be inserted progressively, one after another, the order cannot be relied upon.

  3. The code entered in the administration GUI (/admin/html-kody/, HTML code tab).

Operations

Payment gateways

API endpoints for integration of payment gateways.

If you are a Premium client, contact your Account or Onboarding manager. New payment gateway has to be approved by Shoptet and client needs to be familiar with the terms of payment in advance.

Operations

Webhooks

API endpoints for webhook servicing. It offers the possibility to read, add, change and delete the registered webhooks. Furthermore, it offers

a list of notifications about invoked webhooks and their status.

The webhooks are HTTP calls, which send HTTPs calls to registered subscribers if a specific event happens,

for example creating an order. Then the information, in JSON format, is delivered to the defined URL.


{
    "eshopId": 222651,
    "event": "order:create",
    "eventCreated": "2019-01-08T15:13:39+0100",
    "eventInstance": "2018000057"
}

The meaning of individual items:

  • eshopId - number of the e-shop, where the event happened

  • event - event which invoked the call (see code list Webhook event types)

  • eventCreated - accurate time, when the event happened

  • eventInstance - reference to a specified entity - according to the context, order number, invoice number, product GUID, etc.

For more information about the function of webhooks, see https://developers.shoptet.com/webhooks/.

Operations

Overview of registered webhooks

Request

Returns the list of webhooks, registered by the specific addon for a single e-shop. It is therefore bound to the specific installation.

The addon does not have any access to another addon (not even for the same e-shop, or two addons from the same developer).

Headers
Content-Typestringrequired
Default application/vnd.shoptet.v1.0
curl -i -X GET \
  https://api.myshoptet.com/api/webhooks \
  -H 'Content-Type: application/vnd.shoptet.v1.0' \
  -H 'Shoptet-Access-Token: YOUR_API_KEY_HERE'

Responses

OK

Bodyapplication/vnd.shoptet.v1.0+json; charset=utf-8
dataobjectrequired
data.​webhooksArray of objects(webhook)required
data.​webhooks[].​idintegerrequired

notification unique ID

data.​webhooks[].​eventstringrequired
data.​webhooks[].​urlstringrequired

webhook URL

data.​webhooks[].​createdstring or null(typeDateTime)^[0-9]{4}-[01][0-9]-[0123][0-9]T[012][0-9]:[0...required

webhook registration date

data.​webhooks[].​updatedstring or null(typeDateTime)^[0-9]{4}-[01][0-9]-[0123][0-9]T[012][0-9]:[0...required

webhook update date (can be null)

data.​paginatorobject(paginator)required
data.​paginator.​totalCountintegerrequired

total number of available records

data.​paginator.​pageintegerrequired

current page

data.​paginator.​pageCountintegerrequired

total available of pages

data.​paginator.​itemsOnPageintegerrequired

number of currently returned records

data.​paginator.​itemsPerPageintegerrequired

required number of records per page

errorsArray of objects or null(Errors)required
errors[].​errorCodestringrequired

Short text error identification

errors[].​messagestringrequired

Descriptive error message

errors[].​instancestringrequired

Identification of the entity referenced

Response
application/vnd.shoptet.v1.0+json; charset=utf-8
{ "data": { "webhooks": [], "paginator": {} }, "errors": [ {} ] }

Registration of new webhook

Request

Registers the webhook. For a single event (event, for example order:create) ONLY ONE URL can be registered.

If you try to enter the webhook for an event that already exists, you will receive error 422 with message Webhook already exists for this event. Successful creation (registration) of webhook is signaled by code 201. The endpoint returns the info on the created webhook. One of the items is id, which is assigned to the webhook and is used for its identification

upon change or deletion.

The supported event can be found in code list Webhook event types.

It is possible to enter up to 50 webhooks using a single call.

Please note that url cannot be longer than 2000 characters.

Headers
Content-Typestringrequired
Default application/vnd.shoptet.v1.0
Bodyapplication/vnd.shoptet.v1.0+json
dataArray of objectsrequired
data[].​eventstringrequired
data[].​urlstring<= 2000 charactersrequired

Webhook URL

curl -i -X POST \
  https://api.myshoptet.com/api/webhooks \
  -H 'Content-Type: application/vnd.shoptet.v1.0+json' \
  -H 'Shoptet-Access-Token: YOUR_API_KEY_HERE' \
  -d '{
    "data": [
      {
        "event": "order.created",
        "url": "https://myapplication.tld/orders.php"
      }
    ]
  }'

Responses

Created

Bodyapplication/vnd.shoptet.v1.0+json; charset=utf-8
dataobjectrequired
data.​webhooksArray of objects(webhook)required
data.​webhooks[].​idintegerrequired

notification unique ID

data.​webhooks[].​eventstringrequired
data.​webhooks[].​urlstringrequired

webhook URL

data.​webhooks[].​createdstring or null(typeDateTime)^[0-9]{4}-[01][0-9]-[0123][0-9]T[012][0-9]:[0...required

webhook registration date

data.​webhooks[].​updatedstring or null(typeDateTime)^[0-9]{4}-[01][0-9]-[0123][0-9]T[012][0-9]:[0...required

webhook update date (can be null)

errorsArray of objects or null(Errors)required
errors[].​errorCodestringrequired

Short text error identification

errors[].​messagestringrequired

Descriptive error message

errors[].​instancestringrequired

Identification of the entity referenced

Response
application/vnd.shoptet.v1.0+json; charset=utf-8
{ "data": { "webhooks": [] }, "errors": [ {} ] }

Detail of registered webhooks

Request

Shows the information about a single specific registered webhook.

Path
idnumberrequired
Example: 3
Headers
Content-Typestringrequired
Default application/vnd.shoptet.v1.0
curl -i -X GET \
  'https://api.myshoptet.com/api/webhooks/{id}' \
  -H 'Content-Type: application/vnd.shoptet.v1.0' \
  -H 'Shoptet-Access-Token: YOUR_API_KEY_HERE'

Responses

OK

Bodyapplication/vnd.shoptet.v1.0+json; charset=utf-8
dataobjectrequired
data.​webhookobject(webhook)required
data.​webhook.​idintegerrequired

notification unique ID

data.​webhook.​eventstringrequired
data.​webhook.​urlstringrequired

webhook URL

data.​webhook.​createdstring or null(typeDateTime)^[0-9]{4}-[01][0-9]-[0123][0-9]T[012][0-9]:[0...required

webhook registration date

data.​webhook.​updatedstring or null(typeDateTime)^[0-9]{4}-[01][0-9]-[0123][0-9]T[012][0-9]:[0...required

webhook update date (can be null)

errorsArray of objects or null(Errors)required
errors[].​errorCodestringrequired

Short text error identification

errors[].​messagestringrequired

Descriptive error message

errors[].​instancestringrequired

Identification of the entity referenced

Response
application/vnd.shoptet.v1.0+json; charset=utf-8
{ "data": { "webhook": {} }, "errors": [ {} ] }

Update of existing webhook

Request

Modification of the existing webhook. The id of the webhook serves as the identifier. Using just one call, only one webhook can be modified.

Please note that url cannot be longer than 2000 characters.

Path
idnumberrequired
Example: 3
Headers
Content-Typestringrequired
Default application/vnd.shoptet.v1.0
Bodyapplication/vnd.shoptet.v1.0+json
dataobjectrequired
data.​urlstring<= 2000 charactersrequired
curl -i -X PATCH \
  'https://api.myshoptet.com/api/webhooks/{id}' \
  -H 'Content-Type: application/vnd.shoptet.v1.0+json' \
  -H 'Shoptet-Access-Token: YOUR_API_KEY_HERE' \
  -d '{
    "data": {
      "url": "https://myapplication.tld/orders-new.php"
    }
  }'

Responses

OK

Bodyapplication/vnd.shoptet.v1.0+json; charset=utf-8
dataobjectrequired
data.​dataobject or nullrequired
errorsArray of objects or null(Errors)required
errors[].​errorCodestringrequired

Short text error identification

errors[].​messagestringrequired

Descriptive error message

errors[].​instancestringrequired

Identification of the entity referenced

Response
application/vnd.shoptet.v1.0+json; charset=utf-8
{ "data": { "data": "null" }, "errors": [ {} ] }

Deletion of registered webhook

Request

Deletes the registered webhook, identified by means of id.

Path
idnumberrequired
Example: 3
Headers
Content-Typestringrequired
Default application/vnd.shoptet.v1.0
curl -i -X DELETE \
  'https://api.myshoptet.com/api/webhooks/{id}' \
  -H 'Content-Type: application/vnd.shoptet.v1.0' \
  -H 'Shoptet-Access-Token: YOUR_API_KEY_HERE'

Responses

OK

Bodyapplication/vnd.shoptet.v1.0+json; charset=utf-8
datanullrequired
errorsArray of objects or null(Errors)required
errors[].​errorCodestringrequired

Short text error identification

errors[].​messagestringrequired

Descriptive error message

errors[].​instancestringrequired

Identification of the entity referenced

Response
application/vnd.shoptet.v1.0+json; charset=utf-8
{ "data": null, "errors": [ {} ] }

Generating of signature key

Request

The endpoint call does not require any body. The endpoint always generates a new signature key

for calculating the digest mentioned in the HTTP header of the notification – Shoptet-Webhook-Signature. The same key

is to be used during check after the receipt of notification. For more information see https://developers.shoptet.com/webhooks/#signature

Headers
Content-Typestringrequired
Default application/vnd.shoptet.v1.0
curl -i -X POST \
  https://api.myshoptet.com/api/webhooks/renew-signature-key \
  -H 'Content-Type: application/vnd.shoptet.v1.0' \
  -H 'Shoptet-Access-Token: YOUR_API_KEY_HERE'

Responses

OK

Bodyapplication/vnd.shoptet.v1.0+json; charset=utf-8
dataobjectrequired
data.​signatureKeystringrequired
errorsArray of objects or null(Errors)required
errors[].​errorCodestringrequired

Short text error identification

errors[].​messagestringrequired

Descriptive error message

errors[].​instancestringrequired

Identification of the entity referenced

Response
application/vnd.shoptet.v1.0+json; charset=utf-8
{ "data": { "signatureKey": "8a5e881b19ad6cc0bc986587b22e30be" }, "errors": [ {} ] }

Webhook notification

Request

Returns the notification (invoking) list of webhooks and provides information about these. If you do not have a registered webhook, and the given event happens (for example creation of an order), the registered URLs are called. A notification about a call contains information about the webhook that requested the call, the URL called, the time, delivery status, number of delivery attempts and other information.

It is possible to request 7 days history of notification.

Query
statusstring

supported values: new, failed, success

Example: status=failed
eventstring

event

Example: event=order:delete
activeboolean

flag that the notification was not delivered yet, and the number of attempts did not reach the maximum amount. The notification will be resent to the target URL

Example: active=true
fromstring

DateTime for the log, up to the present, which we are interested in. + in the time zone designation, html shall be coded as %2B.

Example: from=2018-05-28T14:17:00+02:00
Headers
Content-Typestringrequired
Default application/vnd.shoptet.v1.0
curl -i -X GET \
  'https://api.myshoptet.com/api/webhooks/notifications?active=true&event=string&from=string&status=string' \
  -H 'Content-Type: application/vnd.shoptet.v1.0' \
  -H 'Shoptet-Access-Token: YOUR_API_KEY_HERE'

Responses

OK

Bodyapplication/vnd.shoptet.v1.0+json; charset=utf-8
dataobjectrequired
data.​notificationsArray of objects(webhookNotification)required
data.​notifications[].​idintegerrequired

notification unique ID

data.​notifications[].​webhookIdintegerrequired

link to webhook, which invoked the notification

data.​notifications[].​webhookUrlstringrequired

webhook URL in the instant, when the notification was created

data.​notifications[].​eventstringrequired
data.​notifications[].​eventCreatedstring or null(typeDateTime)^[0-9]{4}-[01][0-9]-[0123][0-9]T[012][0-9]:[0...required

time of event creation - notification

data.​notifications[].​createdstring or null(typeDateTime)^[0-9]{4}-[01][0-9]-[0123][0-9]T[012][0-9]:[0...required

date and time, when the webhook notification was created

data.​notifications[].​attemptedstring or null(typeDateTime)^[0-9]{4}-[01][0-9]-[0123][0-9]T[012][0-9]:[0...required

date and time of last notification delivery attempt at webhook URL (can be null)

data.​notifications[].​attemptsintegerrequired

number of implemented attempts to deliver the notification

data.​notifications[].​statusstringrequired

results of the last attempt to deliver the notification

data.​notifications[].​activebooleanrequired

flag that the notification was not delivered yet, and the number of attempts did not reach the maximum amount The notification will be resent to the target URL

data.​notifications[].​dataobject(notificationData)required

content of sent notification

data.​notifications[].​data.​eshopIdintegerrequired

number of (id) e-shop

data.​notifications[].​data.​eventstringrequired
data.​notifications[].​data.​eventCreatedstring or null(typeDateTime)^[0-9]{4}-[01][0-9]-[0123][0-9]T[012][0-9]:[0...required
data.​notifications[].​data.​eventInstancestringrequired

Identification of the entity that the notification concerns. For example order number, product GUID, etc.

data.​paginatorobject(paginator)required
data.​paginator.​totalCountintegerrequired

total number of available records

data.​paginator.​pageintegerrequired

current page

data.​paginator.​pageCountintegerrequired

total available of pages

data.​paginator.​itemsOnPageintegerrequired

number of currently returned records

data.​paginator.​itemsPerPageintegerrequired

required number of records per page

errorsArray of objects or null(Errors)required
errors[].​errorCodestringrequired

Short text error identification

errors[].​messagestringrequired

Descriptive error message

errors[].​instancestringrequired

Identification of the entity referenced

Response
application/vnd.shoptet.v1.0+json; charset=utf-8
{ "data": { "notifications": [], "paginator": {} }, "errors": [ {} ] }

Shipping methods

Shipping methods endpoints are used for managing shipping methods in the e-shop.

Operations

Shipping requests

Shipping requests endpoints are used for managing shipping requests in the e-shop.

Operations

Payment methods

Payment methods endpoints are used for managing payment methods in the e-shop.

Operations

Unsubscribed emails

This functionality allows you to manage a list of email addresses that opted out of receiving marketing communications in compliance with legal requirements, including the possibility of comparing any further mailings with this list to exclude opt-out contacts.

Operations

E-mail distribution lists

The functionality is subject to module activation Mass e-mailing within the e-shop. The addon using this endpoint must therefore have this module defined as dependency.

Operations

Discount coupons

Discount coupons endpoints are used for managing discount coupons in the e-shop.

Operations

X + Y discounts

X + Y discounts endpoints are used for managing X + Y discounts in the e-shop.

Operations

Articles

Article endpoints are used for managing articles in the e-shop.

Operations

Pages

Page endpoints are used for managing pages in the e-shop.

Operations

Discussions

Discussion endpoints are used for managing discussions in the e-shop.

Operations

Job endpoints

Job endpoints are used for managing asynchronous jobs in the e-shop.

Operations

Files

File endpoints are used for managing files in the e-shop.

Operations

System endpoints

This endpoints are used for obtaining information for endpoints in API.

Operations