This page provides a comprehensive guide to integrating with the Norce Commerce Management API. The API enables programmatic access to configuration and business logic that is otherwise managed through the Norce Admin UI.
The Norce Management API is designed for system integration scenarios where automation or synchronization of configuration and business logic is required. It supports most tasks available in the Admin UI, except those already covered by other APIs or those that are UI-specific.
- Update product catalogue metadata (flags, categories, parametrics)
- Manage price lists and promotion rules
- Manage client and application configurations
- Extract, compare, or synchronize configurations between environments, applications, or clients
API Reference:
The Management API is available only for Norce Commerce environments. Most Admin UI tasks are supported unless they are already available through other APIs.
Not in Scope:
- Product data management (handled by the Connect API)
- UI-related features (e.g., reports, dashboards)
- Payment and delivery methods
Note: Product management is performed via the Connect API, not the Management API.
The Management API uses OAuth2 for authentication. Credentials are created in the Admin UI.
- Resource Access: Ensure the "Norce Management" resource is enabled for your OAuth account in the Admin section.
- HTTPS Required: All API calls must use HTTPS.
Figure description:
The following image shows the required resource selection in the Admin UI:
Image: OAuth resource selection for Management API access in Norce Admin UI
For more details, see Accessing APIs with OAuth2 accounts.
The API uses standard HTTP status codes to indicate request outcomes.
The Management API follows REST conventions for endpoints and HTTP methods:
GET: Retrieve items or listsPOST: Insert new itemsPUT: Update all fields of an itemDELETE: Remove an item (used only in specific cases)
Important:
PATCHis not supported.DELETEis rarely used; most deletions are handled by settingisActive = 0viaPUT.- To "undelete," update the item with
isActive = 1.
Each returned data element may include a $id field. This is used internally for reference tracking and can be ignored by integrators.
To ensure correct processing and traceability, the following headers must be included in all requests:
application-id: Identifies the application context. The format follows REST API conventions.account-id: Tags changes to a specific account. This should be a valid, active system account (preferred) or user account.
Account ID Restrictions:
The account ID must belong to an active account for the application. If the account is deleted or locked, integration will fail.
How to create a system account:
Create and manage system accounts in the Admin UI under System Settings.
A Postman collection with example requests is available to help you get started with the Management API.