OpenCart API documentation to create, read, query, update, and upsert

The OpenCart API allows your application to access current data within OpenCart through the API, several common operations can be performed. Operations include:

  • create — Creates with the specified parameters.
    For example, you can add products to the cart as given by OpenCart API post request of products or product_id at
    /index.php?route=api/cart/add
  • read — Retrieves information about the specified object.
    For example, you can retrieve the shipping methods with the endpoint: index.php?route=api/shipping/methods
  • query — Retrieves objects that match specified criteria.
  • update — Updates elements of an existing object.
  • upsert — Updates elements of an existing object if it exists. If the object does not exist, one is created using the supplied parameters.

Developers must authenticate with the API before issuing requests.

Some considerations must be taken while performing requests. When performing update requests, only the fields specified in the request are updated, and all others are left unchanged. If a required field is cleared during an update, the request will be declined.

Request Format

All requests:

  • Must use either HTTP GET or POST
  • Must pass credentials in an HTTP Authorization header – or – in the body of a POST request

Authentication and Request Format of OpenCart API:

Authentication requests sent to the OpenCart API URL:

  1. it must be made via SSL encrypted connection
  2. Must use HTTP POST
  3. Must contain usernameand key for the Opencart user account that will be submitting API requests

Login requests that meet these criteria will be granted an api_token id.

You can see the API username and API key at Admin >> System >> Users >> API

Both UserNAME and API key are unique to individual users. API Token ID is valid for 60 minutes. In contrast, user keys are valid indefinitely which you can regenerate as needed.

Request Parameters

ParameterRequiredDescription
usernameXThe API username
keyXThe API keys generated for the API user

CURL login example:

<?php
$curl = curl_init();
curl_setopt_array($curl, array(
    CURLOPT_URL => "https://webocreation.com/nepalbuddha/index.php?route=api%2Flogin",
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_ENCODING => "",
    CURLOPT_MAXREDIRS => 10,
    CURLOPT_TIMEOUT => 30,
    CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
    CURLOPT_CUSTOMREQUEST => "POST",
    CURLOPT_POSTFIELDS => "key=ijLJxZa1kUO8DP4gp0iSHewnDN8zpf7T4c0d8qE3OBZi5sJnkWmi5GQ1UcGR6SttzCtHXv80ImiBGz8saVx5JBrQf5zTmetuSLGjLZNiLDoOWY0zpDQIHWWyh0mr4WATp4HJ3knAiV3G8AE6km0BgY4liu5Uik5w2FKFqkZHldVNOoDaKyOJhp2bCeVqxbDHJpHlv2lECKIBsglLFSZmUmv1e7rpWnyi7HCzyX14Odpq37j4coM5iuspzm3dwloX&username=rupak",
    CURLOPT_HTTPHEADER => array(
        "cache-control: no-cache",
        "content-type: application/x-www-form-urlencoded",
        "postman-token: 60329eeb-62ad-78e6-f564-486a6a1fe051"
    ),
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
    echo "cURL Error #:" . $err;
} else {
    echo $response;
}

If authentication was successful, a 32-character hexadecimal API token will be returned in the following format:

{"success":"Success: API session successfully started!","api_token":"10f6607afd57b954a853f7ce29"}

Example Curl POST Request in OpenCart API:

curl -X POST \
  'https://webocreation.com/nepalbuddha/index.php?route=api%2Flogin' \
  -H 'cache-control: no-cache' \
  -H 'content-type: application/x-www-form-urlencoded' \
  -H 'postman-token: 2ef6e7f4-84d1-28ae-84b0-ae2dcebeab2f' \
  -d 'key=ijLJxZa1kUO8DP4gp0iSHewnDN8zpf7T4c0d8qE3OBZi5sJnkWmi5GQ1UcGR6SttzCtHXv80ImiBGz8saVx5JBrQf5zTmetuSLGjLZNiLDoOWY0zpDQIHWWyh0mr4WATp4HJ3knAiV3G8AE6km0BgY4liu5Uik5w2FKFqkZHldVNOoDaKyOJhp2bCeVqxbDHJpHlv2lECKIBsglLFSZmUmv1e7rpWnyi7HCzyX14Odpq37j4coM5iuspzm3dwloX&username=rupak'

Example curl GET request in Opencart API:

curl -X GET \
'https://webocreation.com/nepalbuddha/index.php?route=api%2Fcart%2Fproducts&api_token=10f6607afd57b954a853f7ce29' \
-H 'cache-control: no-cache' \
-H 'postman-token: 969b0a8f-aa76-5ec5-10f5-a5f768a2868d'

Here api_token=YOUR_TOKEN_VALUE

It will give the following results when there are no products:

{
    "products": [],
    "vouchers": [],
    "totals": [
        {
            "title": "Sub-Total",
            "text": "$0.00"
        },
        {
            "title": "Total",
            "text": "$0.00"
        }
    ]
}

Similarly, you can use the following API end points:

  • index.php?route=api/login
  • index.php?route=api/cart/add
  • index.php?route=api/cart/edit
  • index.php?route=api/cart/remove
  • index.php?route=api/cart/products
  • index.php?route=api/coupon
  • index.php?route=api/currency
  • index.php?route=api/customer
  • index.php?route=api/order/add
  • index.php?route=api/order/edit
  • index.php?route=api/order/delete
  • index.php?route=api/order/info
  • index.php?route=api/order/history
  • index.php?route=api/payment/address
  • index.php?route=api/payment/methods
  • index.php?route=api/payment/method
  • index.php?route=api/reward
  • index.php?route=api/reward/maximum
  • index.php?route=api/reward/available
  • index.php?route=api/shipping/address
  • index.php?route=api/shipping/methods
  • index.php?route=api/shipping/method
  • index.php?route=api/voucher
  • index.php?route=api/voucher/add

Above all, please see this post, how you can get all products through API in OpenCart. Please let us know if you have any questions, suggestions and follow us at twitter @rupaknpl and subscribe to our youtube channel Opencart tutorials where you can see OpenCart tutorials for beginners to advance programmers.

Previous articleOpenCart error FTP needs to be enabled in the settings
Next articleHow to pull products JSON through API in Opencart?

12 COMMENTS

  1. Nice tutorial Sir,
    I did exactly mentioned in tutorial.
    however I am getting this error while trying to authenticate in ( index.php?route=api/login route. )

    Notice : Undefined index: api_token in /home/public_html/catalog/controller/startup/session.php on line 8

    I think, we will get api_token after successful authentication as a respone. How can i pass the value of api_token sir.

  2. Thanks for the point in the right direction. Here’s a summary of what I did —

    First you curl to get a token –
    curl –data ‘username=Your_API_Name&key=Your_API_Key’ http://yourdomain/index.php?route=api/login

    Then take that token and curl it to the API –
    curl –data ‘comment=Your_Comment&order_status_id=Your_Status’ ‘https://yourdomain/index.php?route=api/order/history&api_token=Your_Token&order_id=Your_Order_Number’

    And that allowed me to add history to an order

  3. Hello Rupak, thanks for your good write up. Is that possible to add a new function for customers like “customer_add” that add a new registered customer to the my opencart shop?
    Thanks and regards

  4. Is there a way to get all orders? I can’t find how to get all orders even opencart documentation sucks. Need to get all orders by date probably. Do you know a way?

LEAVE A REPLY

Please enter your comment!
Please enter your name here