Documentation You are here: start » v » 2.0 » api

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
v:2.0:api [2019/01/04 20:50]
marija [Subscriptions]
v:2.0:api [2019/05/01 02:00] (current)
adam [Connecting to the API]
Line 11: Line 11:
 FoxyCart'​s API is partially RESTful, but for security reasons only supports ''​POST''​ requests at this point. **''​GET''​** requests are //NOT// supported, which cuts down on potential security risks (particularly with regard to how ''​GET''​ requests tend to get logged, cached, stored, and etc.). FoxyCart'​s API is partially RESTful, but for security reasons only supports ''​POST''​ requests at this point. **''​GET''​** requests are //NOT// supported, which cuts down on potential security risks (particularly with regard to how ''​GET''​ requests tend to get logged, cached, stored, and etc.).
  
-The endpoint URL for your FoxyCart store will look like ''​https://​example.foxycart.com/​api''​ or ''​https://​secure.example.tld/​api'',​ depending on what your FoxyCart store URL is set to. All requests need the ''​api_token''​ passed in along with any request. ​Your API Token is the same as your datafeed encryption key, and can be set in the Advanced tab in your FoxyCart ​admin.+The endpoint URL for your FoxyCart store will look like ''​https://​example.foxycart.com/​api''​ or ''​https://​secure.example.tld/​api'',​ depending on what your FoxyCart store URL is set to. All requests need the ''​api_token''​ passed in along with any request. ​The API key is available from the “advanced” settings page in the FoxyCart ​administration,​ from the [[v:​2.0:​store_secret|"​store secret"​ value]].
  
 <wrap important>​It is your responsibility to keep this key secure.</​wrap>​ If a malicious person finds your API key they will have access that they definitely should //not// have. <wrap important>​It is your responsibility to keep this key secure.</​wrap>​ If a malicious person finds your API key they will have access that they definitely should //not// have.

Site Tools