Important

We are updating the images for OroCommerce version 6.1 to align with the latest changes in the back-office design. During this transition, some images may still show older versions. Thank you for your patience as we work to update all visuals to reflect these changes.

Storefront REST API 

The REST API resources for the storefront are accessible via http://<hostname>/api, while REST API resources for the back-office is accessible via http://<hostname>/admin/api. There are also two REST API sandboxes, one for the storefront (http://<hostname>/api/doc) and another for the back-office (http://<hostname>/admin/api/doc).

Note

Please note that the admin prefix is used by default and can be changed via the web_backend_prefix parameter.

All approaches described in API Developer Guide are applicable to REST API resources for the storefront, but there are several differences:

  • for configuration files, use Resources/config/oro/api_frontend.yml, not Resources/config/oro/api.yml

  • the default value for the exclusion_policy option is custom_fields, which means that all custom fields (fields with is_extend = true and owner = Custom in extend scope in entity configuration) that are not configured explicitly are excluded

  • for documentation files, use the Resources/doc/api_frontend folder, not Resources/doc/api

  • for API processors, use the frontend request type

  • for API routes, use the Oro\Bundle\FrontendBundle\Controller\FrontendRestApiController controller instead of Oro\Bundle\ApiBundle\Controller\RestApiController, use the frontend_rest_api group instead of rest_api and set the frontend option to true

  • for CORS requests configuration, use the oro_frontend / frontend_api / cors section, not oro_api / cors

  • for API functional tests, use Oro\Bundle\FrontendBundle\Tests\Functional\ApiFrontend\FrontendRestJsonApiTestCase instead of Oro\Bundle\ApiBundle\Tests\Functional\RestJsonApiTestCase. By default, all API requests are executed by an anonymous user. To execute them by the customer user with administrative permissions, use the Oro\Bundle\CustomerBundle\Tests\Functional\ApiFrontend\DataFixtures\LoadAdminCustomerUserData data fixture and add the $this->loadFixtures([LoadAdminCustomerUserData::class]); in setUp() method of your test class. To execute the test by the customer user with buyer permissions, you can use the Oro\Bundle\CustomerBundle\Tests\Functional\ApiFrontend\DataFixtures\LoadBuyerCustomerUserData data fixture.

When Public Storefront API is enabled some API resources can be used by non-authenticated visitors. The list of such resources is configured by developers by oro_customer / frontend_api / non_authenticated_visitors_api_resources in Resources/config/oro/app.yml, for example:

oro_customer:
    frontend_api:
        non_authenticated_visitors_api_resources:
            - Acme\Bundle\DemoBundle\Entity\SomeEntity

Additional notes:

  • You can use the SetWebsite processor to assign an entity to the current website.

  • You can use the SetCurrency processor to set the current currency to an entity.

  • You can use the SetCustomer processor to assign an entity to the current customer.

  • You can use the SetCustomerUser processor to assign an entity to the current customer user.

An example of registration of such processors:

services:
    oro_customer.api.customer_user.set_website:
        class: Oro\Bundle\WebsiteBundle\Api\Processor\SetWebsite
        arguments:
            - '@oro_api.form_property_accessor'
            - '@oro_website.manager'
        tags:
            - { name: oro.api.processor, action: customize_form_data, event: pre_validate, requestType: frontend, parentAction: create, class: Oro\Bundle\CustomerBundle\Entity\CustomerUser, priority: 20 }

    oro_order.api.set_currency_to_order:
        class: Oro\Bundle\CurrencyBundle\Api\Processor\SetCurrency
        arguments:
            - '@oro_api.form_property_accessor'
            - '@oro_locale.settings'
        tags:
            - { name: oro.api.processor, action: customize_form_data, event: pre_validate, requestType: frontend, parentAction: create, class: Oro\Bundle\OrderBundle\Entity\Order, priority: 15 }

    oro_customer.api.customer_address.set_customer:
        class: Oro\Bundle\CustomerBundle\Api\Processor\SetCustomer
        arguments:
            - '@oro_api.form_property_accessor'
            - '@oro_security.token_accessor'
            - 'frontendOwner'
        tags:
            - { name: oro.api.processor, action: customize_form_data, event: pre_validate, requestType: frontend, parentAction: create, class: Oro\Bundle\CustomerBundle\Entity\CustomerAddress, priority: 10 }

    oro_customer.api.customer_user_address.set_customer_user:
        class: Oro\Bundle\CustomerBundle\Api\Processor\SetCustomerUser
        arguments:
            - '@oro_api.form_property_accessor'
            - '@oro_security.token_accessor'
            - 'frontendOwner'
        tags:
            - { name: oro.api.processor, action: customize_form_data, event: pre_validate, requestType: frontend, parentAction: create, class: Oro\Bundle\CustomerBundle\Entity\CustomerUserAddress, priority: 10 }