The keys are suitable for every store based on Shopify API.
To start the OAuth process we should open the OAuth window for a specific store. The URL has the format:
shop: the name of the shop,
scopes: list of the API resources to be accessed,
nonce: can be anything, we can put there the user token of our app as an example (it will be returned to our handler),
access_mode: can be ‘per_user’ for online access, and ‘value’ for offline access.
In our case the OAuth URL will be the following:
After you successfully logged in to your Shopify account you’ll see the page where you should confirm app installation.
After confirming app installation you will be redirected to the URL you specified. As we referenced our back-end endpoint, let’s create one. The payload from Shopify will include the code, which can be exchanged to get access tokens for the listed scopes. Let’s add the method to exchange the code.
We are using Axios as an HTTP client.
The request handler should look like below.
Our query params payload will contain code that will only be used once to obtain an access token. It’s better to save a token to some cache storage and send a redirect as the response.
After you get the token you can use the endpoints of Shopify API. For example, let’s add a method to get products of the shop:
At this step, the installation process is over, and you are good to go with applied API integration tools, that will enable your online store to fully functioning.
Applying Woocommerce API
WooCommerce is an open-source eCommerce plugin for WordPress. It is designed for small and large-sized online merchants using WordPress. It simplifies the process of setting up and running an online store by providing respectable levels of flexibility and a number of essential features such as inventory and tax administration, secure payment processing, and shipping integration.
The WordPress REST API is strongly embedded with the WooCommerce API. This enables requests in JSON format, WordPress REST API Authentication methods, and regular HTTP verbs to be used to create, read, update, and delete its contents.
To start API integration, you should prepare for the 4 main steps: Authorization, Import, Export, and Webhooks. Let’s begin with Authorization.
We use a consumer key, consumer secret, and host (WooCommerce shop name) for all requests to the WooCommerce API.
So to get the consumer key and secret you need to create an account on WooCommerce, then login to the admin page and press “Woocommerce”-> “Settings”-> “Advanced”-> “REST API”. On this page you should click “Add key” and here you can choose the level of access for this REST API key, which can be Read access, Write access or Read/Write access.
After you’ve completed these steps, click the “Generate API Key” button, and the WooCommerce API will create REST API keys for the user you specified. You can see these credentials only one time when you generate them, so you should save them. API keys are not transferred to other users, it means one user – one consumer secret and key.
Now our app has three integrations with Shopify, Woocommerce, and Magento, so we use the Factory method to initialize new integration services.
To find the products which are necessary, we employ pagination. Woocommerce REST API offers a lot of different parameters for pagination such as offset, search, per_page, order, orderby. For every request, you should add a consumer key and secret to the parameters.
The first-order position in every endpoint should be the host (your shop name). The current version of the WP REST API integration is v3, which takes a second-order position, and the product ID is the last part of the URL. So, the request should look like this:
Please note: The total number of resources and pages are always included in the X-WP-Total and X-WP-TotalPages HTTP headers.
Export is not as easy as an import. We need some more requests and steps to create the products at WooCommerce. There are three parts: setting data for synchronization, creating, and updating. When we talk about synchronization it is a good practice to have the table at DB (ProductsSources at our app) where already imported or exported products will be stored. We filter the products which do not exist at WooCommerce by using our ProductsSources and then create them there.
Send a POST request to Woocommerce API to create a product:
Please note: If you want to get all products from WooCommerce you need to use an iterator because requests that return multiple items (products in our case) will be paginated to 10 items by default.
When non-existing products are already created, we need to update the other products which we have at ProductSources. We look for a similar product in our app and update it at WooCommerce with our data. The update request looks like the one for creation, but you need to add a product ID at the end of the URL.
WooCommerce products IDs are stored at ProductsSources. The example of a PUT request to update a product is shown below.
Our integration needs to create, update and delete webhook functionality. So we have three routes (delivery_url) for each webhook.
When we talk about WooCommerce authorization, you can see the function ‘createWebhook’. So we get all webhooks from WooCommerce and check if any webhook with the same topics and delivery URL doesn’t exist. We use an iterator to get all of them. Pay attention to the notes above, because they will be helpful for an iterator function either.
So the data for this request looks like this:
name: the name which the user can see on the Admin page
topic: which type of webhook you want to create
delivery_url: the URL where the payload is delivered
secret: the secret key that helps to build an HMAC-SHA256 hash of the request body for enabling webhook’s validity.
This request helps you to create a webhook:
Please note: Woocommerce supports only HTTPS redirect URLs. So, for local testing, you will need to set up ngrok.
Also, you can see “verifyWooCommerceWebhook” middleware on each of these three routes. The main functionality is to create “generatedHmac” from request body using secret, which we added to Webhook POST request. If this value is equal to x-wc-webhook-signature which will be included in request headers, it means the request came from WooCommerce REST API. Also, you can check if the topic is correct by getting it from the x-wc-webhook-topic header.
Please note: You might find it useful to add this middleware to your delivery URLs. If there isn’t a verifying function, anyone who wants to throttle your API can send a request to these URLs.
That is the whole process of API integration for WooCommerce. After fulfilling all four steps we described, your online store should be ready for the production stage.
The ECommerce API integration can help you enhance your business processes, increase engagement, connect your customers with goods they want, and far more. No matter if you choose to implement WooCommerce API or Shopify API, either way by deploying API integration tools the e-commerce shipping and order fulfillment of your online store will be much easier.
Thus, to make your existing or future online store benefit from the eCommerce API integration, you should consider deploying one of the well-known eCommerce solutions. To help you with that, we are more than pleased to provide you with the full support of our team on behalf just API Integration or building an online store from scratch. Just fill in the contact form, and wait for the idea to realize.