Merchant API calls are made using the following location pattern https://api.cratejoy.com/v1/{endpoint} with Basic Access Authentication.

You'll need to put an encoded version of your API credentials (Client ID and Client Secret Key) in the headers, as you can see in the examples below.

👍

Need API credentials for your store?

Admin users can generate API keys from within the merchant dashboard.

Non-admin users, like Customer Support or Developers, cannot access this panel. If you need access then please contact your primary store admin to generate an API key for you.

API generation is done on the "API" page which is found under "Settings" on the main navigation in the merchant dashboard (Warning: Only Admin users on the account can see & access the API page):

Need help encoding your Client ID and Client Secret Key?

  • You can use the below Python code to encode the Client ID and Client Secret Key in the form of my_user_name:my_password, and use the value it outputs, or code directly in JavaScript if that's what you're using.
Python
import base64

username = 'my_user_name'
password = 'my_password'

print "Basic {}".format(base64.b64encode('{}:{}'.format(username, password))
var client_id = 'AzureDiamond';
var client_secret = 'hunter2';
var auth_string = 'Basic ' + new Buffer(client_id + ':' + client_secret).toString('base64');
$.ajax({
    url: 'https://api.cratejoy.com/v1/shipments/62619521654545/',
    headers: {
        'Authorization': auth,
    },
    method: 'PUT',
    data: {
        shipped_at: "2015-09-01T12:30:00Z",
        adjusted_ordered_at: "2015-08-25 00:00:00Z",
        tracking_number: "1Z9999999999999999",
        status: "shipped"
    },
});

Authorization should be included in all Merchant API requests. For brevity, we've removed it from sample API requests in this documentation, but know that it should be included!