Chame APIs REST e GraphQL do Venddor para ler e escrever dados do seu app.
Todas as chamadas API autenticadas requerem dois headers:
curl -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "X-Tenant-ID: TENANT_UUID" \
https://api.io.venddor.com.br/api/storefront/products| Header | Descrição | Exemplo |
|---|---|---|
| Authorization | Token OAuth Bearer | Bearer eyJhbG... |
| X-Tenant-ID | UUID do tenant alvo | 550e8400-e29b-41d4... |
| Content-Type | Para POST/PUT (JSON) | application/json |
O Venddor oferece 1.250+ endpoints REST organizados por dominio. Aqui estao os mais comuns:
# List products
curl -H "Authorization: Bearer $TOKEN" \
-H "X-Tenant-ID: $TENANT" \
"https://api.io.venddor.com.br/api/storefront/products?page=1&limit=20"
# Get a single product
curl -H "Authorization: Bearer $TOKEN" \
-H "X-Tenant-ID: $TENANT" \
"https://api.io.venddor.com.br/api/storefront/products/PRODUCT_ID"
# Create a product (requires write_products scope)
curl -X POST -H "Authorization: Bearer $TOKEN" \
-H "X-Tenant-ID: $TENANT" \
-H "Content-Type: application/json" \
-d '{
"name": "Camiseta Premium",
"price_cents": 8990,
"description": "100% cotton premium t-shirt",
"status": "active",
"category_id": "CAT_UUID"
}' \
"https://api.io.venddor.com.br/api/admin/products"
# Update a product
curl -X PUT -H "Authorization: Bearer $TOKEN" \
-H "X-Tenant-ID: $TENANT" \
-H "Content-Type: application/json" \
-d '{"price_cents": 7990}' \
"https://api.io.venddor.com.br/api/admin/products/PRODUCT_ID"# List orders
curl -H "Authorization: Bearer $TOKEN" \
-H "X-Tenant-ID: $TENANT" \
"https://api.io.venddor.com.br/api/admin/orders?status=pending&page=1"
# Get order details
curl -H "Authorization: Bearer $TOKEN" \
-H "X-Tenant-ID: $TENANT" \
"https://api.io.venddor.com.br/api/admin/orders/ORDER_ID"
# Update order status (requires write_orders scope)
curl -X PUT -H "Authorization: Bearer $TOKEN" \
-H "X-Tenant-ID: $TENANT" \
-H "Content-Type: application/json" \
-d '{"status": "shipped", "tracking_code": "BR123456789"}' \
"https://api.io.venddor.com.br/api/admin/orders/ORDER_ID/status"# List customers
curl -H "Authorization: Bearer $TOKEN" \
-H "X-Tenant-ID: $TENANT" \
"https://api.io.venddor.com.br/api/admin/users?role=customer&page=1"
# Get customer details
curl -H "Authorization: Bearer $TOKEN" \
-H "X-Tenant-ID: $TENANT" \
"https://api.io.venddor.com.br/api/admin/users/USER_ID"
# Search customers
curl -H "Authorization: Bearer $TOKEN" \
-H "X-Tenant-ID: $TENANT" \
"https://api.io.venddor.com.br/api/admin/users?search=joao&role=customer"O Venddor tambem oferece uma API GraphQL para consultas mais flexiveis. O endpoint e:
POST https://api.io.venddor.com.br/graphqlcurl -X POST \
-H "Authorization: Bearer $TOKEN" \
-H "X-Tenant-ID: $TENANT" \
-H "Content-Type: application/json" \
-d '{
"query": "{ products(limit: 10, status: "active") { id name price_cents category { id name } images { url alt } } }"
}' \
"https://api.io.venddor.com.br/graphql"Resposta:
{
"data": {
"products": [
{
"id": "prod_abc123",
"name": "Camiseta Premium",
"price_cents": 8990,
"category": {
"id": "cat_456",
"name": "Vestuario"
},
"images": [
{ "url": "https://cdn.venddor.com.br/...", "alt": "Camiseta frente" }
]
}
]
}
}Registre webhooks no painel do desenvolvedor para ser notificado quando eventos acontecem na loja do tenant. Webhooks sao enviados via POST com payload JSON.
| Evento | Quando dispara |
|---|---|
order.created | Novo pedido criado |
order.updated | Pedido atualizado (status, tracking, etc.) |
order.cancelled | Pedido cancelado |
product.created | Novo produto criado |
product.updated | Produto atualizado |
product.deleted | Produto removido |
user.registered | Novo usuario registrado |
checkout.completed | Checkout finalizado |
cart.updated | Carrinho modificado |
{
"event": "order.created",
"timestamp": "2026-03-27T14:30:00Z",
"tenant_id": "550e8400-e29b-41d4-a716-446655440000",
"app_id": "your_client_id",
"data": {
"id": "ord_789",
"status": "pending",
"total_cents": 15980,
"currency": "BRL",
"customer": {
"id": "usr_123",
"name": "Joao Silva",
"email": "joao@example.com"
},
"items": [
{
"product_id": "prod_abc",
"name": "Camiseta Premium",
"quantity": 2,
"price_cents": 7990
}
],
"created_at": "2026-03-27T14:30:00Z"
},
"signature": "sha256=abc123..."
}Endpoints de listagem suportam paginacao e filtros via query parameters:
# Pagination
?page=1&limit=20
# Sorting
?sort_by=created_at&sort_order=desc
# Filtering
?status=active&category_id=CAT_UUID
# Search
?search=camiseta
# Date range
?created_after=2026-01-01&created_before=2026-03-31
# Combined example
curl -H "Authorization: Bearer $TOKEN" \
-H "X-Tenant-ID: $TENANT" \
"https://api.io.venddor.com.br/api/admin/products?page=2&limit=10&status=active&sort_by=price_cents&sort_order=asc"A API aplica rate limiting por app por tenant. Os limites sao retornados nos headers de resposta:
| Header | Descrição |
|---|---|
| X-RateLimit-Limit | Maximo de requests por minuto |
| X-RateLimit-Remaining | Requests restantes neste periodo |
| X-RateLimit-Reset | Timestamp Unix quando o limite reseta |
A API retorna erros no formato JSON padronizado:
{
"error": "not_found",
"message": "Product not found",
"status": 404
}| Status HTTP | Significado | O que fazer |
|---|---|---|
| 400 | Bad Request | Verifique o corpo da requisicao |
| 401 | Unauthorized | Token expirado ou invalido — re-autentique |
| 403 | Forbidden | Escopo insuficiente ou modulo desabilitado |
| 404 | Not Found | Recurso nao existe |
| 422 | Unprocessable | Validacao falhou — verifique campos |
| 429 | Rate Limited | Aguarde e tente novamente |
| 500 | Server Error | Problema no servidor — tente novamente |