For more details, select a category below.
Welcome to Open API. Developers can use APIs provided by Cafe24 to develop and publish apps on Cafe24 Store.
- Admin API
Retrieve, create, update, and delete data of stores, including product, customer information, and board data.
- Front API
You can retrieve the information of a product added to a store, or use the [Add to cart] feature.
- D.Collection API (Beta)
Develop a service that allows users to boost sales of stores by retrieving store and product data that are part of the D.Collection program.
non-print
Admin API
Introduction
Cafe24 API
Cafe24 Shopping Mall API is an API provided to app store join developers and third-party solution providers to provide services related to shopping malls.
Cafe24 API is a RESTful architecture that provides OAuth 2.0 based authentication system, a standard HTTP request method, a predictable endpoint URL, and an HTTP code based error message.
Request/Response Format
API request and response support JSON format.
For privacy protection purposes, Cafe 24 API only supports HTTPS protocol.
Dates properties are provided in the ISO_8601
format. : YYYY-MM-DDTHH:MM:SS + 09:00
Request Example (search)
Request Example (register/modify)
Right response example
{
"resource": {
"key": "value",
"key": "value"
}
}Error response example
{
"error": {
"code": "error code",
"message": "error message",
"more_info": {
}
}
}Admin API Intro
Admin API
The Admin API is suitable for the shopping mall administrator to query, create, modify, and delete information in the shopping mall. The Admin API can get almost every information of resource and available only after pass Oauth 2.0 authentication.
Example
https://{mallid}.cafe24api.com/api/v2/admin/sampleapiAPI Status Code
| Code | Case | Solutions |
|---|---|---|
| 200 | When GET success, PUT success, DELETE success | |
| 201 | When POST success | |
| 207 | When status is vary as requested multiple objects. | Checks the error status of each object and deal with errors according to its status. |
| 400 | Server does not understand request 1) Wrong Content- 2) Application/ | Check for the "Content- |
| 400 | When not use URL Encoded character in API Request URL | Check whether API request URL has URL encoded character. |
| 401 | 1) When Access Token is missing 2) When Access Token is wrong 3) When Access Token is expired 4) Unrecognizable client | Check whether the Access Token is granted and used via valid process. |
| 401 | client_ | Check whether using valid client_ |
| 403 | 1) Access Token does not include Scope authority 2) Access forbidden for Front API | Check the Scope of API or setting of shopping mall whether you have the authority for request API. |
| 403 | Not a https protocol | Check whether request protocol is https. |
| 403 | Shopping mall has not been upgraded to a 'New product' mall | Shopping mall has to be upgraded to a 'New product' mall in order to use API. |
| 403 | (Admin API) App has been deleted from the shopping mall. | Install again after check whether the App is installed at the shopping mall. |
| 403 | (Front API) App has been deleted from the shopping mall. | Install again after check whether the App is installed at the shopping mall. |
| 404 | 1) When requested wrong API URL 2) When cannot found resource 3) When missing {#id} | Check the API reference for errors in URL. |
| 422 | When requested value is unprocessible with API reference 1) Missing necessary parameter 2) Not same with API reference | Check the API reference for whether omitted necessary parameter or put a wrong value. |
| 429 | When client requested over than Bucket volume | Request later in a while for not exceed maximum request. |
| 500 | Internal server error or unknown error | A temporary error has occurred. Please try again. |
| 503 | Server is unavailable | Please contact to developer center. |
| 503 | Server is unavailable. Cannot use API right now | Please contact to developer center. |
| 504 | Timeout | Response timeout due to a temporary error. Please try again later. |
1. Add search conditions
You can use search conditions by adding parameters to an endpoint.
If you want to use multiple search conditions, separate them with ampersands (&).
You can also specify a date and time if it is supported by the API you are using.
Add search conditions
E.g. When searching for products of which price is KRW 1,000 or higher in a certain brand
GET https://{mallid}.cafe24api.com/api/v2/products?brand_code=B000000A&price_min=1000
E.g. When searching for products by specifying the date range in which they were added
GET https://{mallid}.cafe24api.com/api/v2/products?created_start_date=2018-01-03&created_end_date=2018-02-03
E.g. When searching for products by specifying the date range in which they were edited
GET https://{mallid}.cafe24api.com/api/v2/products?updated_start_date=2018-01-03T14:01:26+09:00&updated_end_date=2018-02-03T14:01:26+09:002. Use commas to search for more than one item
Use commas to search for data for more than one item. (You can search for up to 100 items in one query.)
The search conditions separated by commas are OR conditions; You can view all data corresponding to the conditions.
Use commas to search for more than one item
E.g. When searching for products by specifying their product numbers
GET https://{mallid}.cafe24api.com/api/v2/products?product_no=11,12,13
E.g. When searching for products by specifying their product numbers and product codes
GET https://{mallid}.cafe24api.com/api/v2/products?product_no=11,12,13&product_code=P000000X,P000000W3. View multi-language store information
You can search for the information of a localized store by specifying its multi-language store number.
If you don't, the information of the default store will be shown.
View multi-language store information
E.g. When searching for products in a certain localized store
GET https://{mallid}.cafe24api.com/api/v2/products?shop_no=24. Retrieve single item & details
You can retrieve the details of a resource by specifying its ID.
You can only search for the details of one single product in one query
but you can retrieve more details than when you search for multiple products.
Retrieve single item & details
E.g. When retrieving the details of a product by specifying its product number
GET https://{mallid}.cafe24api.com/api/v2/admin/products/128
E.g. When retrieving the details of one single product by specifying its product number
GET https://{mallid}.cafe24api.com/api/v2/admin/products?product_no=1285. Pagination
If there are too many results, you define the number of details returned in one response with the "limit" parameter.
If you are not able to view all details with the maximum value of the "limit" parameter, you can use the "offset" parameter.
Pagination
E.g. When paging the details of 100 products at a time
GET https://{mallid}.cafe24api.com/api/v2/admin/products?limit=100
E.g. When retrieving details from the 201st to the 300th product
GET https://{mallid}.cafe24api.com/api/v2/admin/products?limit=100&offset=2006. Retrieve specific items
Use the "fields" parameter to view specific details
Retrieve specific items
E.g. When retrieving the product name and product name only
GET https://{mallid}.cafe24api.com/api/v2/admin/products?fields=product_name,product_no7. View sub-resources
If supported by the API you are using, you can search for the data for sub-resources with the "embed" parameter.
View sub-resources
E.g. When searching for the variants and stock of a product
GET https://{mallid}.cafe24api.com/api/v2/admin/products/570?embed=variants,inventoriesAPI Limit
Cafe 24 API works with the "Leaky Bucket" algorithm. The Leaky Bucket algorithm has the effect of limiting the number of API requests that are abnormally high for performance purposes, but also allowing the use of routine API requests without restriction.
Cafe 24 API stacks API requests in the dock. Bucket is limited to API calls when up to "Request Limit" per shopping mall are filled. The Bucket is decreased twice per second and can be recalled as a decrease.
If the app calls the API twice a second, you can continue to use the API calls without restriction.
If more than "Request Limit" calls are generated momentarily within a second, return the 429 error (too many requests).
If more than 10 requests per second are made from the same IP address of an online store, the requests may be considered abnormal or malicious.
You can avoid the 429 error by checking the X-Api-Call-Limit with the header. You can see how many APIs have been ordered from the shopping mall, and how many Buckets are left.
X-Api-Call-Limit : 1/40Versioning
Past Versions are provided in date format to support APIs that are not compatible with Version yyyy-mm-dd
User may define which version to use by setting value in the custom header "X-Cafe24-Api-Version". Without this value set, API version will follow version set in the app setup.
App version can be found in below path.
- Developer Center (sign-in) > Apps > App setup > "Version settings" underneath "App credentials"
A version is valid for 1 year since the release of the latest version.
In case your version get expired, oldest version currently valid will be used instead.
Example (request)
Authentication
Get Authentication Code
When requesting a token to be issued, the code used can not be reused and expires one minute after the code is issued.
{mallid} : Enter the appropriate shopping mall ID.
{client_id} : Enter the client_id of the app created in the developer center.
{state} : The value entered above is returned as a value to prevent modulation.
{redirect_anI} : Enter the Redirect URL for the app created by the developer center.
{script} : You can enter the privileges of the resource server to access the access token.
To receive an access token, you must request a cotton access code. The access code is used if the client is in the form of a Web application.
Example (request)
GET 'https://{mallid}.cafe24api.com/api/v2/oauth/authorize?response_type=code&client_id={client_id}&state={state}&redirect_uri={redirect_uri}&scope={scope}'Example (response)
HTTP/1.1 302 Found
Location: {redirect_uri}?code={authorize_code}&state={state}Get Access Token
You can get a user token to actually call up the API using the issued authentication code.
{mallid} : Enter the corresponding shopping mall ID.
{client_id} : Enter the client_id of the app created in the developer center.
{client_secret} : Enter the client_secret for the app created at the developer center.
{code} : Enter the issued code.
{redirect_anI} : Enter the Redirect URL for the app created by the developer center.
access_token : This is the approach token used by clients to access the resource server.
refresh_token : This token is used to reissue after the approach token expires.
Example (request)
Example (response)
HTTP/1.1 200 OK
{
"access_token": "0iqR5nM5EJIq..........",
"expires_at": "2021-03-01T14:00:00.000",
"refresh_token": "JeTJ7XpnFC0P..........",
"refresh_token_expires_at": "2021-03-15T12:00:00.000",
"client_id": "BrIfqEKoPxeE..........",
"mall_id": "yourmall",
"user_id": "test",
"scopes": [
"mall.read_order",
"mall.read_product",
"mall.read_store",
"...etc...",
],
"issued_at": "2021-03-01T12:00:00.000"
}Get Access Token using refresh token
The approach token is unavilable after two hours after issued. After the approach token has expired, it must be reissued before the resource server can be accessed. If you have already received the approach token, you can re-issue it using refresh_token.
The refresh token is valid for two weeks. If you request it before refresh token is finished, it is returned with the updated access token. You can not use the old refresh token after it has expired.
You can get a user token to actually call up the API using the issued authentication code.
{mallid} : Enter the corresponding shopping mall ID.
{domain} : Enter the domain of the shopping mall.
{Client_id} : Enter the client_id of the app created by the developer center.
{client_secret} : Enter the client_secret of the app created by the developer center.
{refresh_token} : Enter the refresh_token received when the token was issued.
access_token : Used as access token when clients access resource servers.
refresh_token : This token is used to reissue after the approach token expires.
Example (request)
Example (response)
HTTP/1.1 200 OK
{
"access_token": "21EZes0dGSfN..........",
"expires_at": "2021-03-01T15:50:00.000",
"refresh_token": "xLlhWztQHBik............",
"refresh_token_expires_at": "2021-03-15T13:50:00.000",
"client_id": "BrIfqEKoPxeE..........",
"mall_id": "yourmall",
"user_id": "test",
"scopes": [
"mall.read_order",
"mall.read_product",
"mall.read_store",
"...etc...",
],
"issued_at": "2021-03-01T13:50:00.000"
}REST API
Front API
Introduction
Cafe24 API
Cafe24 Shopping Mall API is an API provided to app store join developers and third-party solution providers to provide services related to shopping malls.
Cafe24 API is a RESTful architecture that provides OAuth 2.0 based authentication system, a standard HTTP request method, a predictable endpoint URL, and an HTTP code based error message..
Front API Intro
Front API
Front API is suitable for public information(displayed product information) or for customer to get their own information or write at a board. Front API is limited for some informations compare to Admin API.
Example
https://{mallid}.cafe24api.com/api/v2/sampleapi
Request/Response Format
API request and response support JSON format.
For privacy protection purposes, Cafe 24 API only supports HTTPS protocol.
Dates properties are provided in the ISO_8601
format. : YYYY-MM-DDTHH:MM:SS + 09:00
Request Example (search)
Request Example (register/modify)
Right response example
{
"resource": {
"key": "value",
"key": "value"
}
}Error response example
{
"error": {
"code": "error code",
"message": "error message",
"more_info": {
}
}
}API Status Code
| Code | Case | Solutions |
|---|---|---|
| 200 | When GET success, PUT success, DELETE success | |
| 201 | When POST success | |
| 207 | When status is vary as requested multiple objects. | Checks the error status of each object and deal with errors according to its status. |
| 400 | Server does not understand request 1) Wrong Content- 2) Application/ | Check for the "Content- |
| 400 | When not use URL Encoded character in API Request URL | Check whether API request URL has URL encoded character. |
| 401 | 1) When Access Token is missing 2) When Access Token is wrong 3) When Access Token is expired 4) Unrecognizable client | Check whether the Access Token is granted and used via valid process. |
| 401 | client_ | Check whether using valid client_ |
| 403 | 1) Access Token does not include Scope authority 2) Access forbidden for Front API | Check the Scope of API or setting of shopping mall whether you have the authority for request API. |
| 403 | Not a https protocol | Check whether request protocol is https. |
| 403 | Shopping mall has not been upgraded to a 'New product' mall | Shopping mall has to be upgraded to a 'New product' mall in order to use API. |
| 403 | (Admin API) App has been deleted from the shopping mall. | Install again after check whether the App is installed at the shopping mall. |
| 403 | (Front API) App has been deleted from the shopping mall. | Install again after check whether the App is installed at the shopping mall. |
| 404 | 1) When requested wrong API URL 2) When cannot found resource 3) When missing {#id} | Check the API reference for errors in URL. |
| 422 | When requested value is unprocessible with API reference 1) Missing necessary parameter 2) Not same with API reference | Check the API reference for whether omitted necessary parameter or put a wrong value. |
| 429 | When client requested over than Bucket volume | Request later in a while for not exceed maximum request. |
| 500 | Internal server error or unknown error | A temporary error has occurred. Please try again. |
| 503 | Server is unavailable | Please contact to developer center. |
| 503 | Server is unavailable. Cannot use API right now | Please contact to developer center. |
| 504 | Timeout | Response timeout due to a temporary error. Please try again later. |
1. Add search conditions
You can use search conditions by adding parameters to an endpoint.
If you want to use multiple search conditions, separate them with ampersands (&).
You can also specify a date and time if it is supported by the API you are using.
Add search conditions
E.g. When searching for products of which price is KRW 1,000 or higher in a certain brand
GET https://{mallid}.cafe24api.com/api/v2/products?brand_code=B000000A&price_min=1000
E.g. When searching for products by specifying the date range in which they were added
GET https://{mallid}.cafe24api.com/api/v2/products?created_start_date=2018-01-03&created_end_date=2018-02-03
E.g. When searching for products by specifying the date range in which they were edited
GET https://{mallid}.cafe24api.com/api/v2/products?updated_start_date=2018-01-03T14:01:26+09:00&updated_end_date=2018-02-03T14:01:26+09:002. Use commas to search for more than one item
Use commas to search for data for more than one item. (You can search for up to 100 items in one query.)
The search conditions separated by commas are OR conditions; You can view all data corresponding to the conditions.
Use commas to search for more than one item
E.g. When searching for products by specifying their product numbers
GET https://{mallid}.cafe24api.com/api/v2/products?product_no=11,12,13
E.g. When searching for products by specifying their product numbers and product codes
GET https://{mallid}.cafe24api.com/api/v2/products?product_no=11,12,13&product_code=P000000X,P000000W3. View multi-language store information
You can search for the information of a localized store by specifying its multi-language store number.
If you don't, the information of the default store will be shown.
View multi-language store information
E.g. When searching for products in a certain localized store
GET https://{mallid}.cafe24api.com/api/v2/products?shop_no=24. Retrieve single item & details
You can retrieve the details of a resource by specifying its ID.
You can only search for the details of one single product in one query
but you can retrieve more details than when you search for multiple products.
Retrieve single item & details
E.g. When retrieving the details of a product by specifying its product number
GET https://{mallid}.cafe24api.com/api/v2/admin/products/128
E.g. When retrieving the details of one single product by specifying its product number
GET https://{mallid}.cafe24api.com/api/v2/admin/products?product_no=1285. Pagination
If there are too many results, you define the number of details returned in one response with the "limit" parameter.
If you are not able to view all details with the maximum value of the "limit" parameter, you can use the "offset" parameter.
Pagination
E.g. When paging the details of 100 products at a time
GET https://{mallid}.cafe24api.com/api/v2/admin/products?limit=100
E.g. When retrieving details from the 201st to the 300th product
GET https://{mallid}.cafe24api.com/api/v2/admin/products?limit=100&offset=2006. Retrieve specific items
Use the "fields" parameter to view specific details
Retrieve specific items
E.g. When retrieving the product name and product name only
GET https://{mallid}.cafe24api.com/api/v2/admin/products?fields=product_name,product_no7. View sub-resources
If supported by the API you are using, you can search for the data for sub-resources with the "embed" parameter.
View sub-resources
E.g. When searching for the variants and stock of a product
GET https://{mallid}.cafe24api.com/api/v2/admin/products/570?embed=variants,inventoriesAPI Limit
Cafe 24 API works with the "Leaky Bucket" algorithm. The Leaky Bucket algorithm has the effect of limiting the number of API requests that are abnormally high for performance purposes, but also allowing the use of routine API requests without restriction.
Cafe 24 API stacks API requests in the dock. Bucket is limited to API calls when up to "Request Limit" per shopping mall are filled. The Bucket is decreased twice per second and can be recalled as a decrease.
If the app calls the API twice a second, you can continue to use the API calls without restriction.
If more than "Request Limit" calls are generated momentarily within a second, return the 429 error (too many requests).
If more than 10 requests per second are made from the same IP address of an online store, the requests may be considered abnormal or malicious.
You can avoid the 429 error by checking the X-Api-Call-Limit with the header. You can see how many APIs have been ordered from the shopping mall, and how many Buckets are left.
X-Api-Call-Limit : 1/40Versioning
Past Versions are provided in date format to support APIs that are not compatible with Version yyyy-mm-dd
User may define which version to use by setting value in the custom header "X-Cafe24-Api-Version". Without this value set, API version will follow version set in the app setup.
App version can be found in below path.
- Developer Center (sign-in) > Apps > App setup > "Version settings" underneath "App credentials"
A version is valid for 1 year since the release of the latest version.
In case your version get expired, oldest version currently valid will be used instead.
Example (request)
REST API
D.Collection API (Beta)
Introduction
D.Collection API
D.Collection APIs can only be used by Cafe24-approved partners for developing marketing and ad services to help users increase sales in their Cafe24 store.
Information obtain through the APIs cannot be used for unauthorized purposes.
Cafe24 uses the Basic Auth based authentication system, the standard HTTP request method, easy-to-understand endpoint URLs, and HTTP code-based error messages for its D.Collection APIs.
Request Example (search)
Right response example
{
"resource": {
"key": "value",
"key": "value"
}
}Error response example
{
"error": {
"code": "error code",
"message": "error message",
"more_info": {
}
}
}D.Collection API Intro
D.Collection API
Develop a service that allows users to boost sales of stores by retrieving store and product data that are part of the D.Collection program.
example
Retrieve a store : https://dcollection-api.cafe24.com/api/shops
Retrieve a product : https://dcollection-api.cafe24.com/api/products?dcollection_product_category={dcollection_product_category}API Status Code
| Code | Case | Solutions |
|---|---|---|
| 200 | When GET success | |
| 401 | 1) When you call APIs without an Access Token 2) When an Access Token is invalid 3) If a client who requested for verification has invalid permission | Check whether the request was made with a valid Access Token. |
| 404 | 1) When you call the wrong API URL 2) When the resource cannot be found | Check the API documentation to see if there are any errors in the endpoint URL. |
| 422 | When the retrieve or process request values are not the same as the specifications. 2) Invalid input value in the required field. | Check the API documentation to see if any required parameters are missing or if you input invalid values. |
| 429 | API calls from the client side have exceeded the limit. (40 times per minute.) | Try again later to reset the API request limits. |
| 500 | Internal server error, unknown error | Contact us via Cafe24 Developers. |
| 503 | Currently the server is down | Contact us via Cafe24 Developers. |
| 504 | Request timeout | A temporary error has occurred, causing response delays. Please try again later. |
1. Add search conditions
You can use search conditions by adding parameters to an endpoint.
If you want to use multiple search conditions, separate them with ampersands (&).
You can also specify a date and time if it is supported by the API you are using.
Add search conditions
E.g. Retrieve a store with a specific name
GET https://dcollection-api.cafe24.com/api/shops?shop_name=nelly
E.g. Retrieve a store with a specific name and properties
GET https://dcollection-api.cafe24.com/api/shops?shop_name=nelly&shop_properties=hartebeest
E.g. Retrieve products under a specific category
GET https://dcollection-api.cafe24.com/api/products?dcollection_product_category=C200802
E.g. Retrieve products under a specific category and a store name
GET https://dcollection-api.cafe24.com/api/products?dcollection_product_category=C200802&shop_name=안다르2. Use commas to search for more than one item
Use commas to search for data for more than one item. (You can search for up to 100 items in one query.)
The search conditions separated by commas are OR conditions; You can view all data corresponding to the conditions.
Use commas to search for more than one item
E.g. Retrieve stores with specific names
GET https://dcollection-api.cafe24.com/api/shops?shop_name=nelly,reseda
E.g. Retrieve products under a specific category or specific product names
GET https://dcollection-api.cafe24.com/api/products?dcollection_product_category=C200802&product_name=안다르,에어쿨링3. Pagination
If there are too many results, you define the number of details returned in one response with the "limit" parameter.
If you are not able to view all details with the maximum value of the "limit" parameter, you can use the "offset" parameter.
Pagination
E.g. When paging the details of 100 stores at a time
GET https://dcollection-api.cafe24.com/api/shops?limit=100
E.g. When paging the details of 100 products at a time
GET https://dcollection-api.cafe24.com/api/products?dcollection_product_category=C200802&limit=100
E.g. When retrieving details from the 201st to the 300th store
GET https://dcollection-api.cafe24.com/api/shops?limit=100&offset=200
E.g. When retrieving details from the 201st to the 300th product
GET https://dcollection-api.cafe24.com/api/products?dcollection_product_category=C200802&limit=100&offset=200API Limit
D.Collection APIs use Laravel throttle middleware to limit the API calls to 40 times per minute per IP.
A count will be deducted per request, and if your requests exceeds 40 times within a minute, then you will receive a 429 error (Too Many Requests Error).
Check the X-RateLimit–Limit and the X-RateLimit–Remaining in the Header to avoid 429 errors.
X-Api-Call-Limit : 1/40Authentication
Authentication
You can get a user token to actually call up the API using the issued authentication code.
When authentication is succeed, you can use D.Collection API data right away.
{client_id} : Enter the client_id of the app created in the developer center.
{client_secret} : Enter the client_secret for the app created at the developer center.
access_token : This is the approach token used by clients to access the resource server.
Example (request)
Example (response)
{
"resource": {
"key": "value",
"key": "value"
}
}