SYSTEM DESIGN
/
System integration patterns
/
Using Norce Management API
Last updated

Using the Norce Management API

The Norce Management API allows you to work with all configurations and business logic that you would otherwise have to handle manually through the Admin UI.

Common use cases include:

  • Updating product catalogue metadata, such as flags, categories, and parametrics
  • Managing price lists and promotion rules
  • Managing client and application configurations, extracting versions, and comparing or synchronising configurations between environments, applications, or clients.

Check out the API reference documentation here.

You can also find some Postman examples here.

Limits and Restrictions

The Norce Management API is only accessible for Norce Commerce environments.

Most tasks that can be performed in the Admin UI are supported by the Management API unless they are already available through other APIs.

Working with products, for example, is commonly done through the Connect API and is therefore excluded from the Management API scope.

Other exceptions in scope include UI-related features, such as creating reports or dashboards. Payment and delivery methods are also not supported.

Connecting to the API

Authentication

As with our other APIs, the Norce Management API supports OAuth2.

Note: There is a new "resource" row in the Admin section for "Norce Management" that must be checked on the OAuth account.

Order receiver config

Credentials are created in the Admin UI. See Accessing APIs with OAuth2 accounts for more information. All API calls must use HTTPS.

Status Codes

The Norce Management API uses standard HTTP status codes.

REST Standard

The Norce Management API follows REST standards for methods and endpoints, including:

  • GET: Retrieve items or lists of items
  • POST: Insert new items
  • PUT: Update all fields of an item
  • DELETE: Delete the specified item (used only in specific cases)
Missing methods

The Norce Management API does not support PATCH, and DELETE is only used in some specific cases.

Delete is instead mostly implemented by inactivating items. Use PUT and pass in inActive = 0. Many endpoints lets you list "deleted" items by endpoint/[id]/deleted.

So, you can un-delete by update the item to isActive = 1 again.

The $id Field

In the data returned, you might notice a $id field at the start of every element.
This can be ignored. The serializer uses it for reference tracking when results include circular references.

Special Headers

Two headers are required:

  • application-id: Similar to our other APIs, the Management API needs to identify which application it is connecting to. Note that the header format has been modified to comply with common REST API practices.
  • account-id: Additionally, the Management API requires tagging changes to a specific account. Set up a system account for your integration.
Account ID Restrictions

Your account ID must belong to a valid, active account for the application. Preferably, this should be a system account, but a user account can also be utilised.
If the account is deleted or locked, the integration will stop functioning.

Postman Example

Here is the Postman collection with examples for using the Management API.

Previous page
Next page