Storefront REST API
The REST API resources for the storefront are accessible via http://<hostname>/api
, while REST API resources for the back-office is accessible via http://<hostname>/admin/api
. There are also two REST API sandboxes, one for the storefront (http://<hostname>/api/doc
) and another
for the back-office (http://<hostname>/admin/api/doc
).
Note
Please note that the admin prefix is used by default and can be changed via the web_backend_prefix
parameter.
All approaches described in API Developer Guide are applicable to REST API resources for the storefront, but there are several differences:
for configuration files, use
Resources/config/oro/api_frontend.yml
, notResources/config/oro/api.yml
the default value for the
exclusion_policy
option iscustom_fields
, which means that all custom fields (fields withis_extend
=true
andowner
=Custom
inextend
scope in entity configuration) that are not configured explicitly are excludedfor documentation files, use the
Resources/doc/api_frontend
folder, notResources/doc/api
for API processors, use the
frontend
request typefor API routes, use the
Oro\Bundle\FrontendBundle\Controller\FrontendRestApiController
controller instead ofOro\Bundle\ApiBundle\Controller\RestApiController
, use thefrontend_rest_api
group instead ofrest_api
and set thefrontend
option totrue
for CORS requests configuration, use the
oro_frontend / frontend_api / cors
section, notoro_api / cors
for API functional tests, use
Oro\Bundle\FrontendBundle\Tests\Functional\ApiFrontend\FrontendRestJsonApiTestCase
instead ofOro\Bundle\ApiBundle\Tests\Functional\RestJsonApiTestCase
. By default, all API requests are executed by an anonymous user. To execute them by the customer user with administrative permissions, use theOro\Bundle\CustomerBundle\Tests\Functional\ApiFrontend\DataFixtures\LoadAdminCustomerUserData
data fixture and add the$this->loadFixtures([LoadAdminCustomerUserData::class]);
insetUp()
method of your test class. To execute the test by the customer user with buyer permissions, you can use theOro\Bundle\CustomerBundle\Tests\Functional\ApiFrontend\DataFixtures\LoadBuyerCustomerUserData
data fixture.
When Public Storefront API is enabled some API resources can be used by non-authenticated visitors. The list of such resources is configured by developers by oro_customer / frontend_api / non_authenticated_visitors_api_resources
in Resources/config/oro/app.yml, for example:
oro_customer:
frontend_api:
non_authenticated_visitors_api_resources:
- Acme\Bundle\DemoBundle\Entity\SomeEntity
Additional notes:
You can use the SetWebsite processor to assign an entity to the current website.
You can use the SetCurrency processor to set the current currency to an entity.
You can use the SetCustomer processor to assign an entity to the current customer.
You can use the SetCustomerUser processor to assign an entity to the current customer user.
An example of registration of such processors:
services:
oro_customer.api.customer_user.set_website:
class: Oro\Bundle\WebsiteBundle\Api\Processor\SetWebsite
arguments:
- '@oro_api.form_property_accessor'
- '@oro_website.manager'
tags:
- { name: oro.api.processor, action: customize_form_data, event: pre_validate, requestType: frontend, parentAction: create, class: Oro\Bundle\CustomerBundle\Entity\CustomerUser, priority: 20 }
oro_order.api.set_currency_to_order:
class: Oro\Bundle\CurrencyBundle\Api\Processor\SetCurrency
arguments:
- '@oro_api.form_property_accessor'
- '@oro_locale.settings'
tags:
- { name: oro.api.processor, action: customize_form_data, event: pre_validate, requestType: frontend, parentAction: create, class: Oro\Bundle\OrderBundle\Entity\Order, priority: 15 }
oro_customer.api.customer_address.set_customer:
class: Oro\Bundle\CustomerBundle\Api\Processor\SetCustomer
arguments:
- '@oro_api.form_property_accessor'
- '@oro_security.token_accessor'
- 'frontendOwner'
tags:
- { name: oro.api.processor, action: customize_form_data, event: pre_validate, requestType: frontend, parentAction: create, class: Oro\Bundle\CustomerBundle\Entity\CustomerAddress, priority: 10 }
oro_customer.api.customer_user_address.set_customer_user:
class: Oro\Bundle\CustomerBundle\Api\Processor\SetCustomerUser
arguments:
- '@oro_api.form_property_accessor'
- '@oro_security.token_accessor'
- 'frontendOwner'
tags:
- { name: oro.api.processor, action: customize_form_data, event: pre_validate, requestType: frontend, parentAction: create, class: Oro\Bundle\CustomerBundle\Entity\CustomerUserAddress, priority: 10 }