Skip to main content
REST API enables developers to integrate Oro functionality into third-party software systems. An application programming interface (API) is a software interface designed to be used by other software for integration with the application. Whilst an ordinary software program is used by a computer user, an API is a software program used by another software program. The Representational State Transfer (REST) architectural style is an abstraction of the architectural elements within a distributed hypermedia system. REST ignores the details of component implementation and protocol syntax to focus on the roles of the components, the constraints on their interaction with other components, and their interpretation of significant data elements. JSON:API is a specification for how a client should request resources to be fetched or modified, and how a server should respond to them. It is designed to minimize both the number of requests and the amount of data transmitted between clients and servers — without compromising readability, flexibility, or discoverability. The term API here refers to the REST API that conforms to the JSON:API specification, providing programmatic access to read and write data. All requests and responses use JSON format. All API access is over HTTP or HTTPS (depending on server configuration) and is accessed from: 
http(s)://<hostname_of_your_oro_application>/api/<resource_name>

Quick start

A typical request can be performed via curl: 
curl -X GET \
  -H "Accept: application/vnd.api+json" \
  -H "Authorization: Bearer <access_token>" \
  http://localhost.com/api/users/1
Throughout this documentation, a short format is used to represent request examples:
GET /api/users/1 HTTP/1.1
Accept: application/vnd.api+json

Topics

Enabling an API Feature

How to enable the API for back-office and storefront.

Authentication

OAuth 2.0 authentication flows and token generation.

HTTP Methods

GET, POST, PATCH, and DELETE method behavior and semantics.

HTTP Header Specifics

Required and optional request headers including X-Include.

Response Status Codes

Success and error HTTP status codes returned by the API.

Error Messages

Structure of error response bodies.

Client Requirements

Media type and header requirements for API clients.

Resource Fields

Common fields available on all API resources.

Filters

Filtering, sorting, pagination, and field selection.

Create/Update Related Resources

Create or update related resources within a single request.

Upsert Operation

Create or update a resource via a single API request.

Validate Operation

Validate a resource without persisting it.

Batch API

Asynchronously create or update multiple entities in one request.

Synchronous Batch API

Synchronously process a list of entities in a single request.

Simple Search

Full-text search across all entities.

Advanced Search

Advanced query language for complex search operations.

Checkout API

Complete the checkout process using the storefront API.

API Sandbox

Explore and test API requests directly in the browser.

Build docs developers (and LLMs) love

Get started for freeTalk to us