Loading...
Menu
Cart
Your shopping cart is empty!
Blog

Backend API - For ERP Bridging

Admin API Overview

The Admin API is a revamped version of OpenCart's old "PseudoAPI." It leverages the same mechanism previously used in the admin section for creating users.

Key updates include:

  • No IP Restrictions: The previous IP-based limitations have been entirely removed, allowing for more flexibility in usage, particularly for integrations with dynamic IP systems like ERPs and CRMs.

  • Authentication-First Access: Unlike the front-end API, the Admin API does not permit access to any sections without a valid user signing in.

  • Simplified Security Measures: Given its intended use case with dynamic IPs, strict security protocols (e.g., custom headers, nonces, etc.) have been omitted. Instead, security relies on restricting knowledge of the admin folder path.

Note: Ensure the admin folder's location is securely protected, as it forms the foundation of the API's security.


 

Getting a Token

To authenticate with the Admin API, you need to obtain a token. Follow these steps to acquire it:

Step 1: Send Credentials

Make a POST request to the endpoint with the following fields, either as HTTP headers or as POST fields:

  • Field 1: username - Your API username.

  • Field 2: key - Your API key.

You can find your username and key in the Admin section under: System > Users > API

Endpoint URL: /admin/index.php?route=api/account/login


Expected Response

Upon successful authentication, you will receive a response in the following format:

{
  "success": "text_success",
  "apitoken": "2de7aa9da219d86366a7265b32",
  "help_endpoint": "/index.php?route=api/sale/orders.shortDocumentaton"
}

Using the Token

Once you have obtained the apitoken, include it in your subsequent requests to access other endpoints. The token can be sent either as a POST field or as an HTTP header with the following format:

  • Field Name: apitoken

  • Field Value: yourtoken

Example:

POST /admin/index.php?route=api/sale/orders HTTP/1.1
Host: yourdomain.com
apitoken: 2de7aa9da219d86366a7265b32

Ensure you replace yourtoken with the actual token you received.


 


 

API Documentation: List Orders

Endpoint:
POST or GET request to:


example.com/cp-admin/index.php?route=api/sale/orders

example.com/cp-admin/index.php?route=api/sale/orders.info

example.com/cp-admin/index.php?route=api/sale/orders.history

example.com/cp-admin/index.php?route=api/sale/orders.createInvoiceNo

example.com/cp-admin/index.php?route=api/sale/orders.addReward

example.com/cp-admin/index.php?route=api/sale/orders.removeReward

example.com/cp-admin/index.php?route=api/sale/orders.addCommission

example.com/cp-admin/index.php?route=api/sale/orders.removeCommission

http://ventocart.lan/cp-natsos/index.php?route=api/sale/orders.addHisstory&order_id=2&override=1&notify=1&comment=Your order has been shipped&order_status_id=4


 

Authentication:

  • apitoken:

    • Must be provided in either the request header or as a POST parameter.

    • Example: apitoken=xxxxxx.


Available Filters:
(All filters are optional unless stated otherwise.)

Parameter

Type

Default Value

Description

filter_order_id

Integer

''

Filter by specific Order ID.

filter_customer_id

String

''

Filter by specific Customer ID.

filter_customer

String

''

Filter by Customer name or partial name.

filter_store_id

Integer

''

Filter by specific Store ID.

filter_order_status

String

''

Filter by Order Status (name or partial name).

filter_order_status_id

Integer

''

Filter by specific Order Status ID.

filter_total

String

''

Filter by Order Total (exact or range).

filter_date_from

String

''

Filter by starting date (YYYY-MM-DD format).

filter_date_to

String

''

Filter by ending date (YYYY-MM-DD format).

sort

String

o.order_id

Sort field. Default is Order ID.

order

String

DESC

Sort direction: ASC for ascending, DESC for descending.

page

Integer

1

Pagination: Page number to retrieve.


Response Format:

  • The API returns a paginated list of orders matching the filters.

  • Pagination info and links are included in the response.

Response:

{

"list": {

"orders": [

{

"order_id": "2",

"store_name": "Your Store",

"customer": "Nick Burger",

"order_status": "Complete",

"total": "$15.35",

"date_added": "25/11/2024",

"date_modified": "26/11/2024",

"shipping_method": {

"code": "zoneshipping.1",

"name": "Free Shipping",

"cost": "0",

"tax_class_id": 0,

"text": "$0.00"

},

"view": "api/sale/orders.info&order_id=2"

},

{

"order_id": "1",

"store_name": "Your Store",

"customer": "akisw natsos",

"order_status": "Complete",

"total": "$84.00",

"date_added": "25/11/2024",

"date_modified": "25/11/2024",

"shipping_method": {

"code": "zoneshipping.1",

"name": "Free Shipping",

"cost": "0",

"tax_class_id": 0,

"text": "$0.00"

},

"view": "api/sale/orders.info&order_id=1"

}

],

"pagination": "",

"results": "Showing 1 to 2 of 2 (1 Pages)",

"sort": "o.order_id",

"order": "DESC"

},

"stores": [

{

"store_id": 0,

"name": "Default"

}

],

"filter_order_id": "",

"filter_customer_id": "",

"filter_customer": "",

"filter_store_id": "",

"filter_order_status": "",

"filter_order_status_id": "",

"filter_total": "",

"filter_date_from": "",

"filter_date_to": ""

}