Shoplazza offers a suite of APIs that allow developers to extend the platform’s built-in features. These APIs allow partners to read and write merchant data, interoperate with other systems and platforms, and add new functionality to Shoplazza.
Requirements for Using Shoplazza APIs
- All APIs are subject to the Shoplazza API License and Terms of Use
- Authentication is required for all API usage.
- The Admin API supports REST API.
- This is a versioned API. Updates are released every half year.
- Apps must explicitly request the relevant access scopes from merchants during installation.
- Apps must authenticate to interact with the Admin API.
- The Admin API enforces rate limits on all requests. Note that there are rate-limiting REST API. All apps and services connecting to the Admin API are subject to Shoplazza's API Terms of Service.
Shoplazza Admin APIs
The Admin API is used to read and write data about merchant stores, products, orders, and more. You can use the Admin API to build apps that add features to the Shoplazza admin, the store management interface used by merchants. The Admin API is accessible using REST.
Shoplazza API Rate Limits
To ensure our platform remains stable and fair for everyone, all Shoplazza APIs are rate-limited. Developers are encouraged to use industry-standard techniques for limiting calls, caching results, and retrying requests responsibly.
Compare Rate Limits by API
| API | Rate-limiting method | Standard limit |
|---|---|---|
| Admin API (REST) | Request-based limit | 2 requests/second |
The Leaky Bucket Algorithm
All Shoplazza APIs use a leaky bucket algorithm to manage requests. This algorithm lets your app make an unlimited amount of requests in infrequent bursts over time.
The main points to understand about the leaky bucket metaphor are as follows:
- Each app has access to a “bucket” that can hold, for example, 60 “marbles”.
- Every second, one marble is removed from the bucket, ensuring space is consistently available.
- Each API request requires you to toss a marble in the bucket.
- If the bucket gets full, you get an error and have to wait for room to become available in the bucket.
Rate Limiting Methods
Request-Based Limits
Apps can make a maximum number of requests per minute. For instance, you can make 40 API requests within 60 seconds, and each request is counted equally, regardless of the amount of data returned.
This method is used by the REST Admin API.
REST Admin API rate limits
The REST Admin API enforces rate limits based on two dimensions: app/store and store. This ensures that a call from one app does not impact the rate limit of another app, even within the same store. Similarly, a call to one store does not influence the rate limit of another store, regardless of whether the call originates from the same app.
Limits are calculated using the leaky bucket algorithm. All requests that are made after rate limits have been exceeded are throttled and an HTTP 429 Too Many Requests error is returned. Requests succeed again after enough requests have emptied out of the bucket. You can see the current state of the throttle for a store by using the rate limits header.
The bucket size and leak rate properties determine the API’s burst behavior and request rate.
The default Settings for the app/Store dimension are as follows:
- Bucket size: 40 requests per app/store
- Leak rate: 2 requests per second
The default Settings for the store dimension are as follows:
- Bucket size: 80 requests per store
- Leak rate: 20 requests per second
Rate Limits Header
You can check how many requests you’ve already made using the Shoplazza X-Shoplazza-Shop-Api-Call-Limit header that was sent in response to your API request. This header lists how many requests you’ve made for a particular store. For example:
X-Shoplazza-Shop-Api-Call-Limit: 32/40
- 32: The current request count.
- 40: The maximum bucket size.
As requests are made, the count decreases according to the leak rate. For instance, if the header initially displays 39/40, after waiting ten seconds, the header may display 19/40.
Retry-After header
When a request goes over a rate limit, a 429 Too Many Requests error and a Retry-After header are returned. T. This header specifies the number of seconds you must wait before resubmitting the request. Any requests made during this period will be throttled.
X-Shoplazza-Shop-Api-Call-Limit: 40/40
Retry-After: 2.0