All the basics
Endpoints
The API is accessed by making HTTPS requests a specific endpoint URL, in which GET, POST, PUT, PATCH, and DELETE methods dictate how your interact with the information available. Every endpoint is accessed only via the SSL-enabled HTTPS (port 443) protocol.
An example of an endpoint:
https://api.wuxus.com/public/orders
Requests
Requests must be sent over HTTPS with any payload formatted in JSON. All requests must include the APIkey header to authenticate.
Authentication
In order to use the API you need an API key for authentication. This is sent along in the headers as APIkey. If you have an account, you can find your API key in Upload orders within your Dropboy account.
Find the API key here
Missing API key
If you try to send a request to our API without an API key, you will receive this error:
{
"success": false,
"errors": [
"Missing API key"
],
"error": "Missing API key",
"result": null
}
Invalid API key
If you try to send a request to our API with an invalid API key, you will receive this error:
{
"success": false,
"errors": [
"Invalid API key"
],
"error": "Invalid API key",
"result": null
}
Content-types & mimetypes
Make sure to use the correct content types and mimetypes when making a request. The correct content types and mimetypes can be found in each endpoint reference.
Pagination
Depending on your request, the results returned may be limited. You can page through the returned results with the following query parameters.
| Key | Description |
|---|---|
| take | Defines how many results to take. If the number is 200, it will respond with max 200 results. Usually this number is constant |
| skip | Defines how many results to skip. Usually this number changes. To get page one, start with 0, and then add the value of take on the last skip, to get the next page. If take is 50, skip will act this way: Page 1: 0 Page 2: 50 Page 3: 100 Page 4: 150 |
Rate Limiting
Currently there is no rate limiting, however, you are requested to only poll our API with reasonable frequency. Note that Rate limiting will be implemented within the foreseeable future.
Unsure what reasonable is?
Please contact us, and tell us what you want to do. Then we can find out if it's reasonable, or find a solution for your use case.
Responses
Each response from the API will be a JSON object. The response object will contain following:
| Key | Description |
|---|---|
| success | A boolean that is true if the request was a success |
| errors | An array containing all the error messages regarding the request. Is empty if there was no errors |
| result | Is an object or an array depending the result, but will contain the result of the request |
| info | An object that contains information about the request, example the query parameters. |
Information about the result
All date returning from the API, will be in UTC ISO-8601 format containing milliseconds, forexample:
2017-12-24T16:31:25.860Z
Example of a success response
{
"success": true,
"errors": null,
"result": {
"batchFileId": "58a014865b09850011050000"
}
}
Example of an error response
{
"success": false,
"errors": [
"File upload failed"
],
"error": "File upload failed",
"result": null
}
HTTP Content-Type
The response format can be determined from the HTTP Content-Type header. Most API responses are JSON (Content-Type: application/json).
| Content-Type | Description |
|---|---|
| application/json | Response is a JSON object |
| text/plain | Response is a textual item |
| application/x-yaml | Response is a YAML object |
| application/octet-stream | Response is raw data (reserved for later use) |
HTTP response codes
The status of a response can be determined from the HTTP status code.
| Code | Status | Description |
|---|---|---|
| 200 | OK | Request successful |
| 304 | Not modified | |
| 400 | Bad Request | Request was invalid |
| 401 | Unauthorized | User does not have permission |
| 403 | Forbidden | Request not authenticated |
| 429 | Too many requests | Client is rate limited |
| 405 | Method Not Allowed | Incorrect HTTP method provided |
| 415 | Unsupported Media Type | Response is not valid JSON |
Identifiers
The API provides access to the data stored in documents. Each document is uniquely identified with an Object ID that will be saved in the data in various ways. You can almost always use this ID to interact with a given data document (fx an order).
How to get an Order ID
Nearly every resource in the API may be uniquely identified by a 32-byte string of hex characters ([a-f0-9]). Identifier values are usually captured during resource creation (POST requests) or when fetching entire collections (GET requests) of resources. Typically they appear as an id field in the JSON resource.
{
"result": {
"id":"2d4d028de3015345da9420df5514dad0",
"type":"example"
}
}
You can always find the IDs for API resources by making a GET request to its corresponding collection endpoint. For example, to list all Order objects, a GET request may be sent to https://api.wuxus.com/public/orders. All objects listed in the result array will contain an id field; this is also known as an orderId.
The SSL certificate for Wuxus domains are changing automatically about every 6 months