Skip to content
Last updated

Calling Norce Commerce Management API

This page provides a comprehensive guide to integrating with the Norce Commerce Management API. The API enables programmatic access to configuration and business logic that is otherwise managed through the Norce Admin UI.

Overview

The Norce Management API is designed for system integration scenarios where automation or synchronization of configuration and business logic is required. It supports most tasks available in the Admin UI, except those already covered by other APIs or those that are UI-specific.

Common Use Cases

  • Update product catalogue metadata (flags, categories, parametrics)
  • Manage price lists and promotion rules
  • Manage client and application configurations
  • Extract, compare, or synchronize configurations between environments, applications, or clients

API Reference:

Scope, Limits, and Restrictions

The Management API is available only for Norce Commerce environments. Most Admin UI tasks are supported unless they are already available through other APIs.

Not in Scope:

  • Product data management (handled by the Connect API)
  • UI-related features (e.g., reports, dashboards)
  • Payment and delivery methods

Note: Product management is performed via the Connect API, not the Management API.

Authentication and Security

The Management API uses OAuth2 for authentication. Credentials are created in the Admin UI.

  • Resource Access: Ensure the "Norce Management" resource is enabled for your OAuth account in the Admin section.
  • HTTPS Required: All API calls must use HTTPS.

Figure description:
The following image shows the required resource selection in the Admin UI:

Order receiver config Image: OAuth resource selection for Management API access in Norce Admin UI

For more details, see Accessing APIs with OAuth2 accounts.

HTTP Status Codes

The API uses standard HTTP status codes to indicate request outcomes.

REST API Standards

The Management API follows REST conventions for endpoints and HTTP methods:

  • GET: Retrieve items or lists
  • POST: Insert new items
  • PUT: Update all fields of an item
  • DELETE: Remove an item (used only in specific cases)

Important:

  • PATCH is not supported.
  • DELETE is rarely used; most deletions are handled by setting isActive = 0 via PUT.
  • To "undelete," update the item with isActive = 1.

Data Structure Notes

The $id Field

Each returned data element may include a $id field. This is used internally for reference tracking and can be ignored by integrators.

Required HTTP Headers

To ensure correct processing and traceability, the following headers must be included in all requests:

  • application-id: Identifies the application context. The format follows REST API conventions.
  • account-id: Tags changes to a specific account. This should be a valid, active system account (preferred) or user account.

Account ID Restrictions:
The account ID must belong to an active account for the application. If the account is deleted or locked, integration will fail.

How to create a system account:
Create and manage system accounts in the Admin UI under System Settings.

Example: Using Postman

A Postman collection with example requests is available to help you get started with the Management API.