Getting Started

This guide will guide you through the basics of the usage of our API. By the end of reading through this guide you will be equipped by the knowledge of how to implement API requests to any of your endpoints.

Recommended Tools

For development purposes we recommend any tool that supports REST API exploration, here are a few of them:

Environments in Driffle API

Driffle API currently provides production , sandbox environment at the moment. Please use the following base URL while making HTTP requests:

https://services.driffle.com/api/seller/legacy

We will discontinue sandbox support starting 1st June 2023. We will have a dummy product to test your integration. The dummy product will not be visible to the users & is private to you only.

Please Note that this API documentation is actively managed and supported indefinitely.

Getting Access

You need to generate an API Key to gain access. Driffle APIs uses authorization mechanism with Bearer tokens.

1. Generating an API Key

You can get your credentials from the Driffle dashboard. You will need to go to the seller dashboard and click on the API settings page. On this page, you will be able to create a new API key.

2. Authorization

Once you have generated an API Key, you need to get an access_token . To get it, you will have to use the API Key you got in the "Generating an API Key" step above.

The following describes how you can get an access token for production environment:

POST /token

Creates a token from an API Key. This token is then used to authorize further API calls.

Headers

Name

Value

Body

Name

Type

Description

Required

Response

{
  "message": "string",
  "statusCode": 200,
  "data": {
    "token": "string"
  }
}

{
    "message": "Bad Request. Wrong/Invalid params format.",
    "statusCode": 400 
}

{
    "message": "UnAuthorized request. Invalid/Expired token",
    "statusCode": 401
}

{
    "message": "Forbidden Request. Action not allowed or Rate Limit exhausted.", 
    "statusCode": 403
}

{
    "message": "Internal Server Error",
    "statusCode": 500
}

Example Request

Take a look at the following sample request on how you might call this method using curl , NodeJS and PHP:

curl -X POST https://services.driffle.com/api/seller/legacy/token \
--header 'Content-Type: application/json' \
--data '{
    "apiKey": "226c911a60d9eb4395782456b7488c44.b8e6204d08def735b5084ced36596986512a2578772b42b8998847276d0de9a6"
}'

const axios = require("axios")
const url = "https://services.driffle.com/api/seller/legacy/token"
const response = await axios.post(url, {
    apiKey: "226c911a60d9eb4395782456b7488c44.b8e6204d08def735b5084ced36596986512a2578772b42b8998847276d0de9a6",
})
const data = response.data
console.log(data)

<?php

$curl = curl_init();

curl_setopt_array($curl, array(
  CURLOPT_URL => 'https://services.driffle.com/api/seller/legacy/token',
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => '',
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 0,
  CURLOPT_FOLLOWLOCATION => true,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => 'POST',
  CURLOPT_POSTFIELDS =>'{
    "apiKey": "226c911a60d9eb4395782456b7488c44.b8e6204d08def735b5084ced36596986512a2578772b42b8998847276d0de9a6"
}',
  CURLOPT_HTTPHEADER => array(
    'Content-Type: application/json'
  ),
));

$response = curl_exec($curl);

curl_close($curl);
echo $response;

Example Response

The above request responded with following response:

{
    "statusCode": 200,
    "message": "Successfull generated token",
    "data": {
        "token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOjYzLCJzdG9yZUlkIjoyOSwiYWxsb3dlZEZlYXR1cmVzIjp7InZhdCI6dHJ1ZX0sImlhdCI6MTY5MTEzMTU3MCwiZXhwIjoxNjkxMTMzMzcwfQ.05nxjyq7RtX4cQDTaBpcvM50ZmDQdaM0jMTINbOBaYi251592eAHytBWbE1LhriVAhjeT-S5_hjMMlXYfUtxtA"
    }
}

3. Using the access token

All requests to our REST API must contain a Bearer access token in the Authorization HTTP header. Use the access_token you acquired in #2.-authorization as follows:

Authorization: Bearer <access_token>

The acquired access_token is temporary and will expire after 30 minutes. You will need to regenerate the access_token as mentioned in #2.-authorization to keep the API implementation secure.

Rate Limiting

To protect internal systems, Driffle API implements rate-limiting. There are two types of rate-limiting strategies - global and action.

1. Global Limits

Your IP address is limited to 4000 requests per 10 min.

2. Action Limits

Some actions are protected by specific limits:

Action

Endpoint

Rate limit

Rate Limiting Headers In Response -

RateLimit-Remaining RateLimit-Limit

PreviousGuide NextMonitoring Your Competition

Last updated 9 days ago