Prerequisite
How to access e-com api for development (pre-prod) env
There are three ways you can access api, frist using mobile apps, second using web app, third using postman/ similar product.
Note
If you are going for first and second option to test api using these two options you will need to have respective source code to modify the api requests. So if you're just a backend developer Postman is ideal option for you.
1. Using App
Using app if you just want to inspect what requests app is making you can follow this guide.
Using app if you want to test some custom api end point/ updated endpoint/ updated configs, you need to connect with app developer.
2. Using Web
TODO: Front end developer will add.
3. Using Postman
Whatever end point you're testing it has to be in endpoints.php or api.php, you can get the list of available endpoints from the same.
To test api you need to have
- VPN Access
- Bearer token in the headers of all the requests you make. More info here.
- Requird info for the endpoint you're testing like request parameters, body, et cetera.
How to get a bearer token
You need to make a request to respective end point with below configuration
REQ ENDPOINT For NL: https://apis.dev.nl.toolstation.dev/oauth2/v1/accesstoken?grant_type=client_credentials
REQUEST ENDPOINT For FR: https://apis.dev.fr.toolstation.dev/oauth2/v1/accesstoken?grant_type=client_credentials
REQUEST ENDPOINT For BE: https://apis.dev.be.toolstation.dev/oauth2/v1/accesstoken?grant_type=client_credentials
Adding bearer token in requests
- Enter the end-point for which you wanna make a request
- Go to Authorization section > Select Type Bearer token > Add the bearer token.
Important Note: Bearer Token
Please ensure that the bearer token is included in the authorization header for all API requests. The bearer token is crucial for authentication and must be passed through all endpoints to secure access and maintain session integrity. Omitting the token or providing an invalid token will result in access denial or errors. Always verify that the token is up-to-date and correctly included in your requests.
Generation Of Bearer Token:
- Route:
Post ../oauth2/v1/accesstoken?grant_type=client_credentials - Method:
Post - Description: Endpoint to retrieve the Bearer Token.
Request Parameters for :
- Aurthorization :-Basic AUTH
Request Type: POST
Auth Type: BASIC
Username: Added in team credentials
Password: Added in team credentials - Header :-
X-Toolstation-Customer-ID:TokenAurthoriza:TokenAccept-Language:en-UK, en
Response:-
Status: 200 OK
{
"refresh_token_expires_in": "0",
"api_product_list": "[ecom-api-non-prod]",
"api_product_list_json": ["ecom-api-non-prod"],
"organization_name": "toolstation-eu",
"developer.email": "XXXXXX.apigee.io",
"token_type": "BearerToken",
"issued_at": "XXXXXX37378",
"client_id": "XXXXXXXXXMmhdSA",
"access_token": "XXXXXXXX2SUXXXXXCGSuYFA3",
"application_name": "XXXXX02f954522",
"scope": "",
"expires_in": "XX",
"refresh_count": "0",
"status": "approved"
}
Generation Of Toolstation Token:
- Route:
Post ../ecom/v1/customers/auth/login - Method:
Post - Description: Endpoint to get the toolstation Token.
Request Parameters for :
- Aurthorization :-
Bearer Token:TOKEN
Request Type: POST
Auth Type: Bearer Token - Header :-
X-Toolstation-Customer-ID:TokenAurthoriza:TokenAccept-Language:en-UK, en - Body :-
Username: :Username IdPassword: :Users Password
Response:-
Status: 200 OK
{
"data": {
"id": "XXXXXXXX818",
"title": "Mr",
"first_name": "XXX",
"last_name": "XXXXX",
"username": "XXXXX@XXXX.com",
"email": "XXXXX@XXXX.com",
"telephone": "",
"mobile": "XXXXXX4644",
"card_number": "",
"company": "XXXXXXXt",
"vat_number": null,
"account_type": null,
"account_number": null,
"loyalty_club_member": false,
"loyalty_club_member_since": null,
"credit_limit": null,
"remaining_balance": null,
"primary_address": {
"id": "DXX02XXXXXX",
"type": 1,
"line_1": "address1",
"line_2": "address2",
"line_3": "address3",
"town": "DELHI",
"county": "",
"postcode": "110037",
"country_id": 1,
"formatted": [
"address1",
"address2",
"address3",
"DELHI",
"110037",
"United Kingdom"
]
},
"contact_preferences": {
"mail_catalogues": false,
"order_query": {
"email": false,
"telephone": false,
"mobile": false,
"sms": false,
"push": false
},
"order_progress": {
"email": false,
"sms": false,
"push": false
},
"offers_info": {
"post": false,
"email": false,
"mobile": false,
"sms": false,
"push": false,
"promo_centre": true
}
},
"default_branch": null,
"favourite_branches": [],
"spend_stats": {
"last_month_spend": "0.00",
"this_month_spend": "0.00",
"estimated_savings_last_month": "0.00",
"estimated_savings_this_month": "0.00",
"spend_requirements": null
},
"token": "eyJ0eXAiOiJKV1QXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.UdiALonx2TnnFmtaorWnciosKyAjyc4rbCt9wDpqQ_I",
"one_time_qr_code": null,
"one_time_qr_code_base64": null
}
}
Generation Of Toolstation Token:
This ping endpoint is available to test connectivity to the customer auth endpoints.
GET: orders/_ping
- Method:
GET - Controller:
PingController - Description: Endpoint to check if the authentication is valid and running successfully.
Response:-
Status: 200 OK
"data": {
"msg": "OK"
}