Using the API

There is no test environment.
For testing etc. the api does provide headers that perform several functions. The headers for debugging and development are never mandatory.
Special headers are available for application level 'plugins', as can be seen in the table to the right.
This so-called 'appmode' is registered as such in the system and cannot be 'hijacked' or obtained in any other way than to request this at pakketmail!

Available endpoints

Even though all possible endpoints are listed in this documentation, they are not available by default for your plugin!
When an api application key is assigned, it is also determined what endpoints and actions this application is allowed to use.
We will ofcourse provide a list of these settings.
A call to an endpoint that the plugin does not have access to will always fail in an error 405: method not allowed.

No exports.

There are no exports available in the API that list personal data, nor will they ever be made available on request.
This is to prevent any means of stealing personal information that is stored.
Ofcourse, shipment information will be send, but also not the full list. Shipments will only be available for a certain amount of time before it will not be listed anymore through the api.

This does mean you will have to store personal data in your own application or plugin as needed, you cannot use the API as your datasource to this end. You can ofcourse query which carriers and other options available in general for your registered key.

Types of plugins

This API recognizes 2 types of plugins: standard plugins and so-called appmode plugins. The difference is that a standard plugin can only use the API as a set client and user, which is identified by the keys used.
An 'appmode' plugin however is allowed to do requests on behalf of another client and/or user. This type of plugin is rarely used (or needed) and is therefore rare that this sort of plugin request is allowed and set up.
Such a plugin handles encryption and keys different, which will ofcourse be explained in detail to whomever will create the plugin.

HTTPS://enviosecommerceapi.ctt.pt/v3/

Request headers

The API has mandatory and optional headers you can use. These headers have to be sent with every request.

Header Mandatory Description

X-APPID Yes This is the application key, it identifies your application/plugin.

X_SIMULATE No Set this header to 1 for the API to simulate what would be done. Nothing is actually stored and all id's etc. are simulated.

X_FORCLIENTID Yes (in appmode) Set the client for which the request is performed.

X_FORUSERID Yes (in appmode) Set the user for which the request is performed.

Header	Mandatory	Description
X-APPID	Yes	This is the application key, it identifies your application/plugin.
X_SIMULATE	No	Set this header to 1 for the API to simulate what would be done. Nothing is actually stored and all id's etc. are simulated.
X_FORCLIENTID	Yes (in appmode)	Set the client for which the request is performed.
X_FORUSERID	Yes (in appmode)	Set the user for which the request is performed.