Getting Started

This guide will guide you through the basics of the usage of our API. By the end of reading through this guide you will be equipped by the knowledge of how to implement API requests to any of your endpoints.

Recommended Tools

For development purposes we recommend any tool that supports REST API exploration, here are a few of them:

• Postman

• Insomnia

• Altair

Environments in Driffle API

Driffle API currently provides production , sandbox environment at the moment. Please use the following base URL while making HTTP requests:

Getting Access

You need to generate an API Key to gain access. Driffle APIs uses authorization mechanism with Bearer tokens.

1. Generating an API Key

You can get your credentials from the Driffle dashboard. You will need to go to the seller dashboard and click on the API settings page. On this page, you will be able to create a new API key.

2. Authorization

Once you have generated an API Key, you need to get an access_token . To get it, you will have to use the API Key you got in the "Generating an API Key" step above.

The following describes how you can get an access token for production environment:

POST /token

Creates a token from an API Key. This token is then used to authorize further API calls.

Headers

Body

Response

{
  "message": "string",
  "statusCode": 200,
  "data": {
    "token": "string"
  }
}

{
    "message": "Bad Request. Wrong/Invalid params format.",
    "statusCode": 400 
}

{
    "message": "UnAuthorized request. Invalid/Expired token",
    "statusCode": 401
}

{
    "message": "Forbidden Request. Action not allowed or Rate Limit exhausted.", 
    "statusCode": 403
}

{
    "message": "Internal Server Error",
    "statusCode": 500
}

Example Request

Take a look at the following sample request on how you might call this method using curl , NodeJS and PHP:

curl -X POST https://services.driffle.com/api/seller/legacy/token \
--header 'Content-Type: application/json' \
--data '{
    "apiKey": "226c911a60d9eb4395782456b7488c44.b8e6204d08def735b5084ced36596986512a2578772b42b8998847276d0de9a6"
}'

const axios = require("axios")
const url = "https://services.driffle.com/api/seller/legacy/token"
const response = await axios.post(url, {
    apiKey: "226c911a60d9eb4395782456b7488c44.b8e6204d08def735b5084ced36596986512a2578772b42b8998847276d0de9a6",
})
const data = response.data
console.log(data)

<?php

$curl = curl_init();

curl_setopt_array($curl, array(
  CURLOPT_URL => 'https://services.driffle.com/api/seller/legacy/token',
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => '',
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 0,
  CURLOPT_FOLLOWLOCATION => true,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => 'POST',
  CURLOPT_POSTFIELDS =>'{
    "apiKey": "226c911a60d9eb4395782456b7488c44.b8e6204d08def735b5084ced36596986512a2578772b42b8998847276d0de9a6"
}',
  CURLOPT_HTTPHEADER => array(
    'Content-Type: application/json'
  ),
));

$response = curl_exec($curl);

curl_close($curl);
echo $response;

Example Response

The above request responded with following response:

{
    "statusCode": 200,
    "message": "Successfull generated token",
    "data": {
        "token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOjYzLCJzdG9yZUlkIjoyOSwiYWxsb3dlZEZlYXR1cmVzIjp7InZhdCI6dHJ1ZX0sImlhdCI6MTY5MTEzMTU3MCwiZXhwIjoxNjkxMTMzMzcwfQ.05nxjyq7RtX4cQDTaBpcvM50ZmDQdaM0jMTINbOBaYi251592eAHytBWbE1LhriVAhjeT-S5_hjMMlXYfUtxtA"
    }
}

3. Using the access token

All requests to our REST API must contain a Bearer access token in the Authorization HTTP header. Use the access_token you acquired in #2.-authorization as follows:

Authorization: Bearer <access_token>

Rate Limiting

To protect internal systems, Driffle API implements rate-limiting. There are two types of rate-limiting strategies - global and action.

1. Global Limits

Your IP address is limited to 4000 requests per 10 min.

2. Action Limits

Some actions are protected by specific limits:

Rate Limiting Headers In Response -

RateLimit-Remaining RateLimit-Limit