API Specification

URL Request Parameters

ServiceName

Identifies the external service that is making the request

OMS

Action

Identifies the remote method to be called on SellerCenter

eg: UpdateItemsStatus

Timestamp

Timestamp of the request, in UTC ISO8601 format. The API implements timestamp verification to avoid replay attacks. Old requests or too far in the future are denied

eg: 2015-11-12T12:32:57+0100

Signature

HMAC SHA256 signature used for authentication. It will be computed using the API Key of the calling Service and all the other parameters in the URL sorted. See code example below

eg: c7efe2562907c010a4e2b2c8ae 203fa8f70b63b2caa5f986d7140dfca1d58e4a

Version

The API version against which this call is to be executed, in major-dot-minor format. Must currently be 1.0

eg: 1.0

Headers

Requests to these endpoints must include the following header: Accept: application/json

URL request example

eg: https://SELLERCENTER-API/oms-api/?Action=UpdateItemsInformation&ServiceName=OMS &Signature=46f752f9b81f5ddb910a1710247d6e4ed8d3a982b8a18ae4e3f50f5b4f486c14 &Timestamp=2016-04-04T10%3A58%3A09%2B0200&Version=1.0

Authentication

Authentication of the calling systems will be guaranteed by:

  • Signature of the query string parameters by using a client specific API Key. Every OMS system will have its own API Key.
  • White list. The calling systems will need to be added to the white list in the System Credentials configuration for the 'OMS' client system.

Signature Calculation example

$parameters = array(
    'Action' => 'UpdateItemsInformation',
    'Timestamp' => (new DateTime())->format(DateTime::ISO8601),
    'ServiceName' => 'OMS',
    'Version' => '1.0'
);
 
function buildQueryString(array $params)
{
    $fields = $params;
    ksort($fields);
    return http_build_query($fields, '', '&', PHP_QUERY_RFC3986);
}
 
$strToSign = buildQueryString($parameters);
$hash = hash_hmac('sha256', $strToSign, $apiKey, false);
$parameters['Signature'] = $hash;
 
$queryString = buildQueryString($parameters);
$fullUrl = "https://SELLERCENTER-API/oms-api/?" . $queryString;