Welcome to our API Documentation!


Our API is organized around REST and contains predictable, resource-oriented URLs. We use common HTTP methods such as GET, POST, PUT,PATCH and DELETE which can be understood and used by off-the-shelf HTTP clients. We also support cross-origin resource sharing (CORS) which allows you to interact securely with our API from a client-side web application.

Base URLs

All API requests have to be sent to this URL:

https://api.ordermesh.io/

Authentication

Overview

Our API leverages OAuth 2.0 for secure authentication and authorization. This ensures a straightforward and protected integration process. Authentication requires obtaining an access token that must be included in your API requests.

Step 1: Obtain Your Credentials

Sign in to the alphabroder Portal using your username and password. 

Once signed in, navigate to Settings → API to fetch Your Client ID and Client Secret.

Note: The client secret is displayed only once, so make sure to store it securely. If needed, you can generate a new client secret from the portal.

Step 2: Requesting an Access Token

To request an access token, use your client ID and client secret to make a POST request to the authenticate endpoint: 

http://api.ordermesh.io/user/v1/clients/token

Sample Request:

{

  "client_id": "YOUR_CLIENT_ID",

  "client_secret": "YOUR_CLIENT_SECRET"

}

Sample Response:

{

 "access_token": "your_access_token",

 "expires_in": 3600, // The lifetime of the access token in seconds

 "refresh_token": "your_refresh_token"

}

Step 3: Making API Calls

To make API calls, include the access token in the Authorization header of your requests. The header should be in the format: Authorization: Bearer <your_access_token>

Additionally, set the Content-Type header to specify the media type of the resource, typically application/json for API calls

Headers:

  • Authorization: Contains the word Bearer followed by a space and your access_token.

  • Content-Type: Specifies the media type of the resource, typically application/json for API calls.

Example API Call:

To create an order, you would make a POST request to the order creation endpoint with the authorization token in the header:

POST /api/orders HTTP/1.1

Host: api.company.com

Authorization: Bearer your_access_token

Content-Type: application/json

{

 "orderDetails": {

  // JSON structure containing order payload

  }

}

Step 4: Handling Token Expiry

When your access token expires, use the refresh token to obtain a new one without re-entering credentials. To refresh the token, make a POST request to the token endpoint with the refresh token, client ID, and client secret.

Refresh Request:

{

  "refresh_token": "your_refresh_token",

}

Refresh Response:

{

 "access_token": "new_access_token",

 "expires_in": 3600, // New lifetime of the access token

 "refresh_token": "new_refresh_token" // Only if refresh token rotation is enabled

}

Pagination

Our API contains page-based pagination which involves using a page and pageSize parameters that you can use with most of our GET requests. You have the option to specify the size and number of pages you wish to get in response, by including the parameters in the request URL.

  • page - optional - page number, how many items to skip / defaults to 1

  • pageSize - optional - how many items to return in response / defaults to 50 


Metadata

Some objects like order and orderItem can contain a meta parameter. You can use this parameter to attach key-value data to these objects with any information you want to be attached to the object. 

You can specify up to ? keys, with key names up to ? characters long and values up to ? characters long.

Note: Don’t store any sensitive information (bank account numbers, card details, and so on) as metadata.


Continue to Webhooks Overview

Explore APIs