API Overview

Litekart provides a comprehensive REST API that allows you to interact programmatically with your ecommerce store. This guide covers the fundamentals of using the Litekart API.

API Base URL

https://your-store-domain.com/api/

Authentication

API Key Authentication

Include your API key in the request headers:

curl -H "Authorization: Bearer YOUR_API_KEY" \
     https://your-store.com/api/products

JWT Token Authentication

For user-specific operations:

curl -H "Authorization: Bearer JWT_TOKEN" \
     https://your-store.com/api/orders

Request/Response Format

Request Format

All API requests use JSON format:

{
  "name": "Sample Product",
  "price": 29.99,
  "description": "A sample product description"
}

Response Format

Successful responses follow this structure:

{
  "success": true,
  "data": {
    // Response data
  },
  "message": "Operation completed successfully"
}

Error responses:

{
  "success": false,
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Invalid input data",
    "details": {
      "field": "email",
      "issue": "Email format is invalid"
    }
  }
}

HTTP Status Codes

Code	Description
200	Success
201	Created
204	No Content
400	Bad Request
401	Unauthorized
403	Forbidden
404	Not Found
422	Unprocessable Entity
429	Too Many Requests
500	Internal Server Error

Rate Limiting

API requests are limited to prevent abuse:

• Authenticated requests: 1000 requests per hour
• Unauthenticated requests: 100 requests per hour

Rate limit headers are included in responses:

X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 999
X-RateLimit-Reset: 1640995200

Pagination

List endpoints support pagination:

GET /api/products?page=1&limit=20

Response includes pagination metadata:

{
  "success": true,
  "data": [...],
  "pagination": {
    "page": 1,
    "limit": 20,
    "total": 150,
    "totalPages": 8,
    "hasNext": true,
    "hasPrev": false
  }
}

Filtering and Sorting

Filtering

Use query parameters to filter results:

GET /api/products?category=electronics&price_min=10&price_max=100
GET /api/orders?status=completed&created_after=2024-01-01

Sorting

Sort results using the sort parameter:

GET /api/products?sort=price:asc,name:desc
GET /api/orders?sort=created_at:desc

Field Selection

Select specific fields to reduce response size:

GET /api/products?fields=id,name,price
GET /api/products?fields=id,name,variants(id,price)

API Resources

Core Resources

• Products - Manage product catalog
• Orders - Handle order lifecycle
• Customers - Customer management
• Carts - Shopping cart operations
• Users - Admin and vendor users

Store Management

• Categories - Product categorization
• Brands - Brand management
• Coupons - Discount codes
• Settings - Store settings
• Payments - Payment processing

Content Management

• Pages - Static pages
• Blogs - Blog posts
• Media - File uploads

SDKs and Libraries

JavaScript/TypeScript SDK

npm install @litekart/js-sdk

import { Litekart } from '@litekart/js-sdk'

const client = new Litekart({
  apiKey: 'your-api-key',
  baseURL: 'https://your-store.com'
})

// Use the SDK
const products = await client.products.list()

Python SDK

pip install litekart-python

from litekart import Litekart

client = Litekart(
    api_key='your-api-key',
    base_url='https://your-store.com'
)

# Use the SDK
products = client.products.list()

Webhooks

Receive real-time notifications via webhooks:

{
  "event": "order.placed",
  "data": {
    "orderId": "ord_123456",
    "customerId": "cus_789012",
    "total": 99.99
  },
  "timestamp": "2024-01-15T10:30:00Z"
}

Supported Events

• order.placed - New order created
• order.updated - Order status changed
• order.cancelled - Order cancelled
• product.created - New product added
• product.updated - Product modified
• customer.registered - New customer signup
• payment.completed - Payment successful
• inventory.low - Stock running low

Webhook Security

Webhooks include an X-Litekart-Signature header for verification:

import crypto from 'crypto'

function verifyWebhook(payload: string, signature: string, secret: string): boolean {
  const expectedSignature = crypto
    .createHmac('sha256', secret)
    .update(payload)
    .digest('hex')

  return crypto.timingSafeEqual(
    Buffer.from(signature),
    Buffer.from(expectedSignature)
  )
}

Error Handling

Common Error Codes

Error Code	Description
VALIDATION_ERROR	Invalid input data
AUTHENTICATION_ERROR	Invalid credentials
AUTHORIZATION_ERROR	Insufficient permissions
NOT_FOUND	Resource not found
CONFLICT	Resource conflict
RATE_LIMITED	Too many requests

Error Response Structure

{
  "success": false,
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Validation failed",
    "details": [
      {
        "field": "email",
        "message": "Email is required"
      },
      {
        "field": "password",
        "message": "Password must be at least 8 characters"
      }
    ]
  }
}

Best Practices

API Usage

1. Use appropriate HTTP methods - GET for reads, POST for creates, etc.
2. Handle rate limits gracefully - Implement exponential backoff
3. Cache responses when appropriate
4. Use field selection to reduce payload size
5. Validate input data before sending requests

Security

1. Store API keys securely - Never expose in client-side code
2. Use HTTPS for all API requests
3. Validate webhook signatures to prevent spoofing
4. Implement proper error handling without exposing sensitive data
5. Rotate API keys regularly for security

Performance

1. Use pagination for large datasets
2. Implement caching for frequently accessed data
3. Batch operations when possible
4. Monitor API usage and optimize bottlenecks
5. Use gzip compression for large responses

Support

Need help with the API?

• Interactive API Documentation
• Community Forum
• GitHub Issues
• Developer Support