Introduction
This documentation aims to provide all the information you need to work with our API.
<aside>As you scroll, you'll see code examples for working with the API in different programming languages in the dark area to the right (or as part of the content on mobile).
You can switch the language used with the tabs at the top right (or from the nav menu at the top left on mobile).</aside>Authenticating requests
This API is not authenticated.
Acceptances
Goods receiving documents (warehouse inbound). Use these endpoints to list, create, view, update and delete acceptances.
Authentication: Bearer Token (Laravel Sanctum)
Access scope
- Results are automatically scoped to the caller’s
acc_domain_id(their tenant/domain).
List acceptances with advanced filtering
requires authentication
Returns a paginated list of acceptances available to the authenticated user. Supports multiple filters, ranges and sorting.
✅ Multiple exact filters are supported via arrays: field[]=1&field[]=2
Examples:
-
Multiple warehouses + only created status:
/api/acceptances?acc_wh_id[]=1&acc_wh_id[]=3&acc_status[]=1 -
Multiple shops + multiple types:
/api/acceptances?acc_shop_id[]=12&acc_shop_id[]=15&acc_type[]=1&acc_type[]=2 -
By IDs list:
/api/acceptances?acc_id[]=101&acc_id[]=102&acc_id[]=150 -
Search by external id (LIKE):
/api/acceptances?acc_ext_id=ACC- -
Date range by document date:
/api/acceptances?acc_date_from=2026-01-01&acc_date_to=2026-01-31 -
Date range by creation date:
/api/acceptances?created_at_from=2026-02-01&created_at_to=2026-02-25 -
Combined:
/api/acceptances?acc_wh_id[]=3&acc_status[]=1&acc_type[]=2&acc_ext_id=ACME&acc_date_from=2026-02-01&acc_date_to=2026-02-25&sort=-acc_date,acc_id&per_page=50&page=1
Example request:
curl --request GET \
--get "https://localhost/api/acceptances?acc_id%5B%5D=101&acc_status%5B%5D=1&acc_wh_id%5B%5D=3&acc_shop_id%5B%5D=12&acc_type%5B%5D=1&acc_ext_id=ACC-101%0A%0A-----------------------------%0A%F0%9F%94%8E+Ranges%0A-----------------------------&acc_date_from=2026-01-01&acc_date_to=2026-01-31&created_at_from=2026-01-01&created_at_to=2026-01-31%0A%0A-----------------------------%0A%F0%9F%94%8E+Sorting%0A-----------------------------&sort=-acc_date%2Cacc_id%0A%0A-----------------------------%0A%F0%9F%94%8E+Pagination%0A-----------------------------&per_page=20&page=1" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"acc_ext_id\": [
\"b\"
],
\"acc_date_from\": \"2026-06-15T21:25:59\",
\"acc_date_to\": \"2026-06-15T21:25:59\",
\"created_at_from\": \"2026-06-15T21:25:59\",
\"created_at_to\": \"2026-06-15T21:25:59\",
\"sort\": \"architecto\",
\"per_page\": 22,
\"page\": 67,
\"acc_id\": [
16
],
\"acc_status\": [
16
],
\"acc_wh_id\": [
16
],
\"acc_shop_id\": [
16
],
\"acc_type\": [
16
]
}"
const url = new URL(
"https://localhost/api/acceptances"
);
const params = {
"acc_id[]": "101",
"acc_status[]": "1",
"acc_wh_id[]": "3",
"acc_shop_id[]": "12",
"acc_type[]": "1",
"acc_ext_id": "ACC-101
-----------------------------
🔎 Ranges
-----------------------------",
"acc_date_from": "2026-01-01",
"acc_date_to": "2026-01-31",
"created_at_from": "2026-01-01",
"created_at_to": "2026-01-31
-----------------------------
🔎 Sorting
-----------------------------",
"sort": "-acc_date,acc_id
-----------------------------
🔎 Pagination
-----------------------------",
"per_page": "20",
"page": "1",
};
Object.keys(params)
.forEach(key => url.searchParams.append(key, params[key]));
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"acc_ext_id": [
"b"
],
"acc_date_from": "2026-06-15T21:25:59",
"acc_date_to": "2026-06-15T21:25:59",
"created_at_from": "2026-06-15T21:25:59",
"created_at_to": "2026-06-15T21:25:59",
"sort": "architecto",
"per_page": 22,
"page": 67,
"acc_id": [
16
],
"acc_status": [
16
],
"acc_wh_id": [
16
],
"acc_shop_id": [
16
],
"acc_type": [
16
]
};
fetch(url, {
method: "GET",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *
{
"message": "Unauthenticated.",
"error": "AUTH_REQUIRED"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Create acceptance (optionally with lines)
requires authentication
Creates a new acceptance (warehouse inbound) in the caller’s domain.
Server sets initial status to 1 (created) and the acc_date to now.
You may optionally send offers to create/update lines together with the document.
Example request:
curl --request POST \
"https://localhost/api/acceptances" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"acc_wh_id\": 3,
\"acc_shop_id\": 12,
\"acc_type\": 1,
\"acc_ext_id\": 1234,
\"acc_comment\": \"\\\"Inbound from ACME\\\"\",
\"acc_allow_add_offers_during_acceptance\": false,
\"offers\": [
{
\"ao_offer_id\": 77,
\"ao_expected\": 10,
\"ao_price\": 4.99
},
{
\"ao_offer_ext_id\": \"EXT-77\",
\"ao_expected\": 5
}
]
}"
const url = new URL(
"https://localhost/api/acceptances"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"acc_wh_id": 3,
"acc_shop_id": 12,
"acc_type": 1,
"acc_ext_id": 1234,
"acc_comment": "\"Inbound from ACME\"",
"acc_allow_add_offers_during_acceptance": false,
"offers": [
{
"ao_offer_id": 77,
"ao_expected": 10,
"ao_price": 4.99
},
{
"ao_offer_ext_id": "EXT-77",
"ao_expected": 5
}
]
};
fetch(url, {
method: "POST",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Get acceptance by ID
requires authentication
Returns a single acceptance with related entities and line items.
Example request:
curl --request GET \
--get "https://localhost/api/acceptances/101" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/acceptances/101"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *
{
"message": "Unauthenticated.",
"error": "AUTH_REQUIRED"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Update acceptance (and upsert/delete lines in the same request)
requires authentication
Updates editable fields of an existing acceptance in the caller’s domain.
Optional:
offersarray: upsert lines (create when ao_id is absent, update when ao_id is present)offers_deletearray: delete lines by ao_id (scoped to this acceptance)
Example request:
curl --request PUT \
"https://localhost/api/acceptances/101" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"acc_date\": \"\\\"2026-02-15\\\"\",
\"acc_ext_id\": 1234,
\"acc_comment\": \"\\\"Adjusted note\\\"\",
\"acc_allow_add_offers_during_acceptance\": false,
\"offers\": [
{
\"ao_id\": 555,
\"ao_expected\": 12
},
{
\"ao_offer_ext_id\": \"EXT-99\",
\"ao_expected\": 3
}
],
\"offers_delete\": [
111,
112
]
}"
const url = new URL(
"https://localhost/api/acceptances/101"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"acc_date": "\"2026-02-15\"",
"acc_ext_id": 1234,
"acc_comment": "\"Adjusted note\"",
"acc_allow_add_offers_during_acceptance": false,
"offers": [
{
"ao_id": 555,
"ao_expected": 12
},
{
"ao_offer_ext_id": "EXT-99",
"ao_expected": 3
}
],
"offers_delete": [
111,
112
]
};
fetch(url, {
method: "PUT",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Delete acceptance
requires authentication
Deletes an acceptance in the caller’s domain.
Example request:
curl --request DELETE \
"https://localhost/api/acceptances/101" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/acceptances/101"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "DELETE",
headers,
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Acceptances » Lines
Manage line items (offers) inside an acceptance (warehouse inbound document).
Authentication: Bearer Token (Laravel Sanctum)
Access scope
- All operations are restricted to the caller’s domain (
acc_domain_id = user.domain_id). - The acceptance must exist and belong to the caller’s domain.
Barcode note:
- If
ao_barcodeis provided, we also sync it into warehouse items (whc_wh_items.whci_barcode) viaWhCore::saveOffers()(docType=1) without changing accepted quantities (count=0).
List offers (lines) of an acceptance
Example request:
curl --request GET \
--get "https://localhost/api/acceptances/architecto/offers" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"ao_barcode\": \"b\",
\"ao_batch\": \"n\",
\"ao_expiration_from\": \"2026-06-15T21:25:59\",
\"ao_expiration_to\": \"2026-06-15T21:25:59\",
\"sort\": \"architecto\",
\"per_page\": 22,
\"page\": 67,
\"ao_id\": [
66
],
\"ao_offer_id\": [
27
]
}"
const url = new URL(
"https://localhost/api/acceptances/architecto/offers"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"ao_barcode": "b",
"ao_batch": "n",
"ao_expiration_from": "2026-06-15T21:25:59",
"ao_expiration_to": "2026-06-15T21:25:59",
"sort": "architecto",
"per_page": 22,
"page": 67,
"ao_id": [
66
],
"ao_offer_id": [
27
]
};
fetch(url, {
method: "GET",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *
{
"message": "Unauthenticated.",
"error": "AUTH_REQUIRED"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Add offers (lines) to an acceptance
Example request:
curl --request POST \
"https://localhost/api/acceptances/architecto/offers" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/acceptances/architecto/offers"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "POST",
headers,
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Update a line in an acceptance
Example request:
curl --request PUT \
"https://localhost/api/acceptances/architecto/offers/architecto" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"ao_expected\": 27,
\"ao_price\": 4326.41688,
\"ao_batch\": \"m\",
\"ao_production_date\": \"2026-06-15T21:25:59\",
\"ao_expiration_date\": \"2026-06-15T21:25:59\",
\"ao_barcode\": \"i\"
}"
const url = new URL(
"https://localhost/api/acceptances/architecto/offers/architecto"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"ao_expected": 27,
"ao_price": 4326.41688,
"ao_batch": "m",
"ao_production_date": "2026-06-15T21:25:59",
"ao_expiration_date": "2026-06-15T21:25:59",
"ao_barcode": "i"
};
fetch(url, {
method: "PUT",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Delete a line from an acceptance
Example request:
curl --request DELETE \
"https://localhost/api/acceptances/architecto/offers/architecto" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/acceptances/architecto/offers/architecto"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "DELETE",
headers,
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.DataMatrix
Manage DataMatrix codes (rw_datamatrix).
Authentication: This API uses NWMS Sanctum. Send your personal access token in the HTTP header: Authorization: Bearer {token}
Get list of DataMatrix records with advanced filtering
requires authentication
Returns a paginated list of DataMatrix records available to the authenticated user. Supports multiple filters, partial match, sorting and pagination.
✅ Multiple exact filters are supported via arrays: field[]=1&field[]=2
Access scope:
- admin: can see records from any domain
- non-admin: forced to own domain (
dmt_domain_id = user.domain_id)
Examples:
-
Latest records:
/api/datamatrix?per_page=50 -
Filter by warehouse and status:
/api/datamatrix?dmt_wh_id[]=2&dmt_status[]=0 -
Filter by acceptance or order:
/api/datamatrix?dmt_acceptance_id[]=538/api/datamatrix?dmt_order_id[]=105 -
Search by barcode (LIKE):
/api/datamatrix?dmt_barcode=460123 -
Search by datamatrix (LIKE):
/api/datamatrix?dmt_datamatrix=0104601234567890 -
Filter by multiple IDs:
/api/datamatrix?dmt_id[]=1&dmt_id[]=10&dmt_id[]=25 -
Combined + sorting + paging:
/api/datamatrix?dmt_wh_id[]=2&dmt_status[]=0&sort=-dmt_id&per_page=100&page=1
Example request:
curl --request GET \
--get "https://localhost/api/datamatrix?dmt_id%5B%5D=1&dmt_domain_id%5B%5D=10&dmt_status%5B%5D=0&dmt_wh_id%5B%5D=2&dmt_acceptance_id%5B%5D=538&dmt_order_id%5B%5D=105&dmt_accept_place%5B%5D=12345&dmt_order_place%5B%5D=999&dmt_barcode=460123&dmt_datamatrix=010460123456789021ABC%0A%0A-----------------------------%0A%F0%9F%94%8E+Sorting%0A-----------------------------&sort=-dmt_id%2Cdmt_status%0AAllowed+fields%3A+dmt_id%2C+dmt_status%2C+dmt_wh_id%2C+dmt_acceptance_id%2C+dmt_order_id%2C+dmt_created_date%2C+dmt_used_date%2C+created_at%0A%0A-----------------------------%0A%F0%9F%94%8E+Pagination%0A-----------------------------&per_page=250&page=1" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"dmt_barcode\": \"b\",
\"dmt_datamatrix\": \"n\",
\"sort\": \"architecto\",
\"per_page\": 22,
\"page\": 67,
\"dmt_id\": [
66
],
\"dmt_domain_id\": [
27
],
\"dmt_status\": [
\"1\"
],
\"dmt_wh_id\": [
35
],
\"dmt_acceptance_id\": [
43
],
\"dmt_order_id\": [
16
],
\"dmt_accept_place\": [
26
],
\"dmt_order_place\": [
40
]
}"
const url = new URL(
"https://localhost/api/datamatrix"
);
const params = {
"dmt_id[]": "1",
"dmt_domain_id[]": "10",
"dmt_status[]": "0",
"dmt_wh_id[]": "2",
"dmt_acceptance_id[]": "538",
"dmt_order_id[]": "105",
"dmt_accept_place[]": "12345",
"dmt_order_place[]": "999",
"dmt_barcode": "460123",
"dmt_datamatrix": "010460123456789021ABC
-----------------------------
🔎 Sorting
-----------------------------",
"sort": "-dmt_id,dmt_status
Allowed fields: dmt_id, dmt_status, dmt_wh_id, dmt_acceptance_id, dmt_order_id, dmt_created_date, dmt_used_date, created_at
-----------------------------
🔎 Pagination
-----------------------------",
"per_page": "250",
"page": "1",
};
Object.keys(params)
.forEach(key => url.searchParams.append(key, params[key]));
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"dmt_barcode": "b",
"dmt_datamatrix": "n",
"sort": "architecto",
"per_page": 22,
"page": 67,
"dmt_id": [
66
],
"dmt_domain_id": [
27
],
"dmt_status": [
"1"
],
"dmt_wh_id": [
35
],
"dmt_acceptance_id": [
43
],
"dmt_order_id": [
16
],
"dmt_accept_place": [
26
],
"dmt_order_place": [
40
]
};
fetch(url, {
method: "GET",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *
{
"message": "Unauthenticated.",
"error": "AUTH_REQUIRED"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Create DataMatrix records (batch)
requires authentication
Creates new DataMatrix records in batch.
Access scope:
- admin: can insert into any domain only if dmt_domain_id is explicitly allowed by your business rules
- non-admin: domain is forced to user.domain_id
Notes:
dmt_domain_idis ALWAYS enforced (non-admin) and should not be sent.dmt_wh_idmust belong to the same domain (prevents inserting into чужой склад).
Examples:
- Create 2 codes:
POST
/api/datamatrix/batch{ "items": [ {"dmt_wh_id":2,"dmt_barcode":"4601234567890","dmt_short_code":"ABC123","dmt_datamatrix":"010460..."}, {"dmt_wh_id":2,"dmt_status":0,"dmt_acceptance_id":538,"dmt_barcode":"4601234567891","dmt_short_code":"ABC124","dmt_datamatrix":"010460..."} ] }
Example request:
curl --request POST \
"https://localhost/api/datamatrix" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"items\": [
\"architecto\"
]
}"
const url = new URL(
"https://localhost/api/datamatrix"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"items": [
"architecto"
]
};
fetch(url, {
method: "POST",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (201, Created):
{
"created": 2
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Update status for DataMatrix records (batch)
requires authentication
Updates dmt_status to 0/1/2 for multiple records by IDs.
Examples:
- Mark codes as "used" (status=2):
POST
/api/datamatrix/status-batch{"ids":[101,102,103],"dmt_status":2}
Example request:
curl --request PUT \
"https://localhost/api/datamatrix/status" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"ids\": [
101,
102,
103
],
\"dmt_status\": 1
}"
const url = new URL(
"https://localhost/api/datamatrix/status"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"ids": [
101,
102,
103
],
"dmt_status": 1
};
fetch(url, {
method: "PUT",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (200, Updated):
{
"updated": 3,
"dmt_status": 1
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Delete DataMatrix records (batch)
requires authentication
Deletes records by IDs, but only those with dmt_status = 0.
Examples:
- Delete draft/imported codes (status=0):
POST
/api/datamatrix/delete-batch{"ids":[101,102,103]}
Example request:
curl --request DELETE \
"https://localhost/api/datamatrix" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"ids\": [
101,
102,
103
]
}"
const url = new URL(
"https://localhost/api/datamatrix"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"ids": [
101,
102,
103
]
};
fetch(url, {
method: "DELETE",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (200, Deleted):
{
"deleted": 2,
"skipped": 1
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Delivery Calculator (ApiShip)
Прокси-эндпоинты для калькулятора доставки ApiShip.
Источник данных:
- города: локальный справочник, синхронизированный из ApiShip ПВЗ
- ПВЗ: прямой прокси в ApiShip
/lists/points - варианты/стоимость доставки: прямой прокси в ApiShip
/calculator
Все эндпоинты требуют Bearer Token (Laravel Sanctum).
Search cities for delivery calculator
requires authentication
Возвращает города из локального справочника, который наполняется из APIShip. Подходит для autocomplete города получателя и для последующего выбора ПВЗ.
Example request:
curl --request GET \
--get "https://localhost/api/delivery/apiship/cities?query=%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0®ion=%D0%9C%D0%BE%D1%81%D0%BA%D0%BE%D0%B2%D1%81%D0%BA%D0%B0%D1%8F&providerKey=cdek&limit=20" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"query\": \"b\",
\"region\": \"n\",
\"providerKey\": \"g\",
\"limit\": 16
}"
const url = new URL(
"https://localhost/api/delivery/apiship/cities"
);
const params = {
"query": "Москва",
"region": "Московская",
"providerKey": "cdek",
"limit": "20",
};
Object.keys(params)
.forEach(key => url.searchParams.append(key, params[key]));
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"query": "b",
"region": "n",
"providerKey": "g",
"limit": 16
};
fetch(url, {
method: "GET",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (200):
{
"data": [
{
"id": 10,
"name": "Москва",
"type": "г",
"guid": "0c5b2444-70a0-4932-980c-b4dc0d3f02b5",
"region": {
"id": 1,
"name": "Москва",
"type": "г"
},
"pickup_points_count": 1532
}
]
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Get pickup points for city/provider
requires authentication
Возвращает список ПВЗ из локального справочника APIShip. Используется после выбора города или для повторной загрузки ПВЗ по providerKey.
Example request:
curl --request GET \
--get "https://localhost/api/delivery/apiship/pickup-points?cityGuid=0c5b2444-70a0-4932-980c-b4dc0d3f02b5&city=%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0&providerKey=cdek&type[]=1&type[]=2&cod=1&paymentCard=1&limit=100" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"cityGuid\": \"b\",
\"city\": \"n\",
\"providerKey\": \"g\",
\"type\": [
\"1\"
],
\"cod\": \"1\",
\"paymentCard\": \"0\",
\"offset\": 12,
\"stateCheckOff\": false,
\"limit\": 17
}"
const url = new URL(
"https://localhost/api/delivery/apiship/pickup-points"
);
const params = {
"cityGuid": "0c5b2444-70a0-4932-980c-b4dc0d3f02b5",
"city": "Москва",
"providerKey": "cdek",
"type[0]": "1",
"type[1]": "2",
"cod": "1",
"paymentCard": "1",
"limit": "100",
};
Object.keys(params)
.forEach(key => url.searchParams.append(key, params[key]));
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"cityGuid": "b",
"city": "n",
"providerKey": "g",
"type": [
"1"
],
"cod": "1",
"paymentCard": "0",
"offset": 12,
"stateCheckOff": false,
"limit": 17
};
fetch(url, {
method: "GET",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (200):
{
"data": [
{
"id": 16222,
"providerKey": "cdek",
"code": "MSK123",
"name": "ПВЗ Москва",
"type": 1,
"availableOperation": 2,
"address": "Москва, ул. Пример, д. 1",
"city": "Москва",
"cityGuid": "0c5b2444-70a0-4932-980c-b4dc0d3f02b5",
"lat": 55.75,
"lng": 37.61,
"cod": 1,
"paymentCash": 1,
"paymentCard": 1,
"phone": "8800...",
"timetable": "ПН-ПТ 10:00-20:00"
}
]
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Calculate delivery options and price via ApiShip
requires authentication
Возвращает варианты доставки и стоимость из APIShip.
Если from не передан, отправитель собирается автоматически из настроек аккаунта ApiShip текущего домена.
В ответе есть:
raw— оригинальный ответ APIShipvariants— плоский список удобный для фронта
Example request:
curl --request POST \
"https://localhost/api/delivery/apiship/calculate" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"from\": {
\"countryCode\": \"RU\",
\"region\": \"г Москва\",
\"city\": \"Москва\",
\"cityGuid\": \"0c5b2444-70a0-4932-980c-b4dc0d3f02b5\",
\"addressString\": \"Москва, Хлебный пер. 19А\",
\"index\": \"105066\",
\"lat\": 4326.41688,
\"lng\": 4326.41688
},
\"to\": {
\"countryCode\": \"RU\",
\"region\": \"г Москва\",
\"city\": \"Москва\",
\"cityGuid\": \"0c5b2444-70a0-4932-980c-b4dc0d3f02b5\",
\"addressString\": \"Москва, ул. Машкова 21\",
\"index\": \"105066\",
\"lat\": 4326.41688,
\"lng\": 4326.41688
},
\"places\": [
{
\"width\": 20,
\"height\": 45,
\"length\": 30,
\"weight\": 1500
}
],
\"assessedCost\": 1000,
\"codCost\": 0,
\"pickupDate\": \"2026-04-30\",
\"pickupTypes\": [
1,
2
],
\"deliveryTypes\": [
1,
2
],
\"providerKeys\": [
\"cdek\",
\"dpd\"
],
\"tariffIds\": [
19,
54
],
\"pointOutId\": 140803,
\"includeFees\": false,
\"timeout\": 20000
}"
const url = new URL(
"https://localhost/api/delivery/apiship/calculate"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"from": {
"countryCode": "RU",
"region": "г Москва",
"city": "Москва",
"cityGuid": "0c5b2444-70a0-4932-980c-b4dc0d3f02b5",
"addressString": "Москва, Хлебный пер. 19А",
"index": "105066",
"lat": 4326.41688,
"lng": 4326.41688
},
"to": {
"countryCode": "RU",
"region": "г Москва",
"city": "Москва",
"cityGuid": "0c5b2444-70a0-4932-980c-b4dc0d3f02b5",
"addressString": "Москва, ул. Машкова 21",
"index": "105066",
"lat": 4326.41688,
"lng": 4326.41688
},
"places": [
{
"width": 20,
"height": 45,
"length": 30,
"weight": 1500
}
],
"assessedCost": 1000,
"codCost": 0,
"pickupDate": "2026-04-30",
"pickupTypes": [
1,
2
],
"deliveryTypes": [
1,
2
],
"providerKeys": [
"cdek",
"dpd"
],
"tariffIds": [
19,
54
],
"pointOutId": 140803,
"includeFees": false,
"timeout": 20000
};
fetch(url, {
method: "POST",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (200):
{
"ok": true,
"variants": [
{
"channel": "door",
"providerKey": "cdek",
"tariffId": 19,
"tariffProviderId": 11,
"tariffName": "Экспресс лайт склад-дверь",
"deliveryCost": 370,
"deliveryCostOriginal": 420,
"daysMin": 2,
"daysMax": 3,
"pickupTypes": [
2
],
"deliveryTypes": [
1
]
}
],
"raw": {
"deliveryToDoor": [],
"deliveryToPoint": []
}
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Delivery Payments
Endpoints for reading order delivery payment rows (rw_order_delivery_payments).
Authorization
All endpoints require Bearer Token (Laravel Sanctum).
Domain scoping
- Non-admin users are automatically scoped to their
domain_id(odp_domain_id).
Notes
- This API is read-only (no create/update/delete).
Get delivery payments list
requires authentication
Returns a paginated list of delivery payment rows with filtering and sorting.
Pagination
per_pageis capped at 250.
Sorting
- Use
sort_bywith allowed columns. - Use
sort_dirasascordesc. Defaults todesc.
Example request:
curl --request GET \
--get "https://localhost/api/order-delivery-payments?page=1&per_page=50&odp_id=1001&odp_order_id=555&odp_track_id=CDEK-123&odp_status_id=1&odp_payment_order_id=987&odp_etalon_order_id=ETL-777&odp_transaction_id=123456&odp_cod_act_id=222&created_from=2026-01-01&created_to=2026-01-31&sort_by=created_at&sort_dir=desc" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"per_page\": 1,
\"odp_id\": 16,
\"odp_order_id\": 16,
\"odp_track_id\": \"n\",
\"odp_status_id\": 16,
\"odp_payment_order_id\": 16,
\"odp_etalon_order_id\": \"n\",
\"odp_transaction_id\": 16,
\"odp_cod_act_id\": 16,
\"created_from\": \"2026-06-15\",
\"created_to\": \"2026-06-15\",
\"sort_by\": \"architecto\",
\"sort_dir\": \"architecto\"
}"
const url = new URL(
"https://localhost/api/order-delivery-payments"
);
const params = {
"page": "1",
"per_page": "50",
"odp_id": "1001",
"odp_order_id": "555",
"odp_track_id": "CDEK-123",
"odp_status_id": "1",
"odp_payment_order_id": "987",
"odp_etalon_order_id": "ETL-777",
"odp_transaction_id": "123456",
"odp_cod_act_id": "222",
"created_from": "2026-01-01",
"created_to": "2026-01-31",
"sort_by": "created_at",
"sort_dir": "desc",
};
Object.keys(params)
.forEach(key => url.searchParams.append(key, params[key]));
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"per_page": 1,
"odp_id": 16,
"odp_order_id": 16,
"odp_track_id": "n",
"odp_status_id": 16,
"odp_payment_order_id": 16,
"odp_etalon_order_id": "n",
"odp_transaction_id": 16,
"odp_cod_act_id": 16,
"created_from": "2026-06-15",
"created_to": "2026-06-15",
"sort_by": "architecto",
"sort_dir": "architecto"
};
fetch(url, {
method: "GET",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (200, Success (paginated list)):
{
"data": [
{
"odp_id": 1001,
"odp_domain_id": 3,
"odp_order_id": 555,
"odp_track_id": "CDEK-123",
"odp_delivery_sum": 12.5,
"odp_delivery_tax": 2.5,
"odp_cod_sum": 100,
"odp_cod_agent_sum": 3,
"odp_status_id": 1,
"odp_payment_order_id": 987,
"odp_etalon_order_id": "ETL-777",
"odp_transaction_id": 123456,
"odp_cod_act_id": 222,
"created_at": "2026-02-05T12:00:00Z",
"updated_at": "2026-02-05T12:30:00Z"
}
],
"links": {
"first": "https://api.example.com/api/order-delivery-payments?page=1",
"last": "https://api.example.com/api/order-delivery-payments?page=3",
"prev": null,
"next": "https://api.example.com/api/order-delivery-payments?page=2"
},
"meta": {
"current_page": 1,
"from": 1,
"last_page": 3,
"path": "https://api.example.com/api/order-delivery-payments",
"per_page": 50,
"to": 50,
"total": 123
}
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Endpoints
POST api/openclaw/messages
Example request:
curl --request POST \
"https://localhost/api/openclaw/messages" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"chatId\": \"b\",
\"text\": \"n\",
\"threadId\": \"g\",
\"replyToId\": \"z\"
}"
const url = new URL(
"https://localhost/api/openclaw/messages"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"chatId": "b",
"text": "n",
"threadId": "g",
"replyToId": "z"
};
fetch(url, {
method: "POST",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.GET api/user
Example request:
curl --request GET \
--get "https://localhost/api/user" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/user"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *
{
"message": "Unauthenticated.",
"error": "AUTH_REQUIRED"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.POST api/login
Example request:
curl --request POST \
"https://localhost/api/login" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/login"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "POST",
headers,
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.POST api/logout
Example request:
curl --request POST \
"https://localhost/api/logout" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/logout"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "POST",
headers,
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.POST api/accounts/create
Example request:
curl --request POST \
"https://localhost/api/accounts/create" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"language\": \"bngz\",
\"company\": \"m\",
\"FName\": \"i\",
\"LName\": \"y\",
\"email\": \"justina.gaylord@example.org\",
\"password\": \"gxwmi\\/#iw\\/\",
\"massage\": \"architecto\",
\"fst\": 4326.41688,
\"mName\": \"architecto\"
}"
const url = new URL(
"https://localhost/api/accounts/create"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"language": "bngz",
"company": "m",
"FName": "i",
"LName": "y",
"email": "justina.gaylord@example.org",
"password": "gxwmi\/#iw\/",
"massage": "architecto",
"fst": 4326.41688,
"mName": "architecto"
};
fetch(url, {
method: "POST",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.POST api/clients/create
Example request:
curl --request POST \
"https://localhost/api/clients/create" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"language\": \"bngz\",
\"FName\": \"m\",
\"LName\": \"i\",
\"email\": \"okon.justina@example.com\",
\"password\": \"Ygxwmi\\/\",
\"shop_name\": \"c\",
\"warehouse_name\": \"m\",
\"billing_id\": 16
}"
const url = new URL(
"https://localhost/api/clients/create"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"language": "bngz",
"FName": "m",
"LName": "i",
"email": "okon.justina@example.com",
"password": "Ygxwmi\/",
"shop_name": "c",
"warehouse_name": "m",
"billing_id": 16
};
fetch(url, {
method: "POST",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.POST api/client-users/create
Example request:
curl --request POST \
"https://localhost/api/client-users/create" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/client-users/create"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "POST",
headers,
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.GET /api/products/offer
Формат максимально приближен к OrderAdmin.
Example request:
curl --request GET \
--get "https://localhost/api/products/offer" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/products/offer"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *
{
"message": "Unauthenticated.",
"error": "AUTH_REQUIRED"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Loading
List loading/unloading visits visible to the current API user.
Example request:
curl --request GET \
--get "https://localhost/api/loading/visits?lv_status%5B%5D=waiting&lv_type%5B%5D=inbound" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"lv_status\": [
\"architecto\"
],
\"lv_type\": [
\"outbound\"
],
\"per_page\": 22
}"
const url = new URL(
"https://localhost/api/loading/visits"
);
const params = {
"lv_status[]": "waiting",
"lv_type[]": "inbound",
};
Object.keys(params)
.forEach(key => url.searchParams.append(key, params[key]));
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"lv_status": [
"architecto"
],
"lv_type": [
"outbound"
],
"per_page": 22
};
fetch(url, {
method: "GET",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *
{
"message": "Unauthenticated.",
"error": "AUTH_REQUIRED"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Create a loading/unloading request.
Example request:
curl --request POST \
"https://localhost/api/loading/visits" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"lv_wh_id\": 1,
\"lv_type\": \"inbound\",
\"lv_planned_at\": \"2026-05-20 10:00:00\",
\"lv_doc_type\": \"acceptance\",
\"lv_doc_id\": 100,
\"lv_driver_phone\": \"+79990000000\",
\"lv_comment\": \"Delivery by client transport\"
}"
const url = new URL(
"https://localhost/api/loading/visits"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"lv_wh_id": 1,
"lv_type": "inbound",
"lv_planned_at": "2026-05-20 10:00:00",
"lv_doc_type": "acceptance",
"lv_doc_id": 100,
"lv_driver_phone": "+79990000000",
"lv_comment": "Delivery by client transport"
};
fetch(url, {
method: "POST",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Show one loading/unloading request.
Example request:
curl --request GET \
--get "https://localhost/api/loading/visits/architecto" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/loading/visits/architecto"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *
{
"message": "Unauthenticated.",
"error": "AUTH_REQUIRED"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Update a loading/unloading request before planned time.
Example request:
curl --request PUT \
"https://localhost/api/loading/visits/architecto" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/loading/visits/architecto"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "PUT",
headers,
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Cancel a loading/unloading request before planned time.
Example request:
curl --request POST \
"https://localhost/api/loading/visits/architecto/cancel" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/loading/visits/architecto/cancel"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "POST",
headers,
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Orders
Manage warehouse orders and their associated offers.
Each order represents a warehouse document with optional related data:
- recipient contact (
contact) - delivery service data (
ds) - comments (
comments) - product lines (
offers)
The API supports:
- order creation and update
- nested delivery data
- nested comments
- adding / editing / removing order offers
- advanced filtering and sorting for order lists
Authentication: This API uses NWMS Sanctum. Send your personal access token in the HTTP header: Authorization: Bearer {token}
Get list of orders with advanced filtering
requires authentication
Returns a paginated list of orders available to the authenticated user.
Includes nested relations:
offerscontactdscomments
Delivery service data may include:
ods_ds_idods_track_numberods_order_labelods_tariff_codeods_delivery_dateods_delivery_time_startods_delivery_time_end
Supports:
- exact filters by one value or array of values
- partial search by
o_ext_idusingLIKE - numeric/date ranges
- multi-column sorting
- pagination
Examples:
-
Filter by multiple order IDs:
/api/orders?o_id[]=105&o_id[]=106&o_id[]=200 -
Filter by multiple warehouses and statuses:
/api/orders?o_wh_id[]=2&o_wh_id[]=3&o_status_id[]=10&o_status_id[]=105 -
Filter by one external ID fragment:
/api/orders?o_ext_id=ORD-49060 -
Filter by multiple external ID fragments:
/api/orders?o_ext_id[]=ORD-&o_ext_id[]=49060 -
Filter by delivery track number:
/api/orders?ods_track_number=CDEK-123 -
Filter by multiple delivery track number fragments:
/api/orders?ods_track_number[]=CDEK-&ods_track_number[]=123 -
Filter by order sum range:
/api/orders?o_sum_from=100&o_sum_to=1000 -
Filter by order date range:
/api/orders?o_date_from=2026-01-01&o_date_to=2026-01-31 -
Filter by send date range:
/api/orders?o_date_send_from=2026-02-01&o_date_send_to=2026-02-15 -
Filter by creation date range:
/api/orders?created_at_from=2026-02-01&created_at_to=2026-02-25 -
Combined example:
/api/orders?o_wh_id[]=2&o_status_id[]=10&o_type_id[]=2&o_is_cod[]=1&o_sum_from=50&o_sum_to=500&o_date_from=2026-02-01&o_date_to=2026-02-25&sort=-o_date,o_sum&per_page=50&page=1 -
Sort only:
/api/orders?sort=-o_id -
Sort by send date DESC, then by id ASC:
/api/orders?sort=-o_date_send,o_id
Example request:
curl --request GET \
--get "https://localhost/api/orders?o_id%5B%5D[]=105&o_id%5B%5D[]=106&o_id%5B%5D[]=200&o_status_id%5B%5D[]=10&o_status_id%5B%5D[]=105&o_wh_id%5B%5D[]=2&o_wh_id%5B%5D[]=3&o_shop_id%5B%5D[]=1&o_shop_id%5B%5D[]=5&o_type_id%5B%5D[]=1&o_type_id%5B%5D[]=2&o_source_id%5B%5D[]=3&o_source_id%5B%5D[]=4&o_customer_type%5B%5D[]=0&o_customer_type%5B%5D[]=1&o_company_id%5B%5D[]=44&o_company_id%5B%5D[]=45&o_is_cod%5B%5D[]=1&o_ext_id%5B%5D[]=ORD-&o_ext_id%5B%5D[]=49060&ods_track_number=CDEK-123&ods_track_number%5B%5D[]=CDEK-&ods_track_number%5B%5D[]=123&o_sum_from=100&o_sum_to=1000&o_date_from=2026-01-01&o_date_to=2026-01-31&o_date_send_from=2026-02-01&o_date_send_to=2026-02-15&created_at_from=2026-02-01&created_at_to=2026-02-25&sort=-o_date%2Co_sum&per_page=50&page=1" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"o_id\": [
16
],
\"o_status_id\": [
16
],
\"o_wh_id\": [
16
],
\"o_shop_id\": [
16
],
\"o_type_id\": [
16
],
\"o_source_id\": [
16
],
\"o_customer_type\": [
16
],
\"o_company_id\": [
16
],
\"o_is_cod\": [
\"0\"
],
\"o_ext_id\": [
\"n\"
],
\"ods_track_number\": [
\"g\"
],
\"o_sum_from\": 4326.41688,
\"o_sum_to\": 4326.41688,
\"o_date_from\": \"2026-06-15T21:25:59\",
\"o_date_to\": \"2026-06-15T21:25:59\",
\"o_date_send_from\": \"2026-06-15T21:25:59\",
\"o_date_send_to\": \"2026-06-15T21:25:59\",
\"created_at_from\": \"2026-06-15T21:25:59\",
\"created_at_to\": \"2026-06-15T21:25:59\",
\"sort\": \"architecto\",
\"per_page\": 22,
\"page\": 67
}"
const url = new URL(
"https://localhost/api/orders"
);
const params = {
"o_id[][0]": "105",
"o_id[][1]": "106",
"o_id[][2]": "200",
"o_status_id[][0]": "10",
"o_status_id[][1]": "105",
"o_wh_id[][0]": "2",
"o_wh_id[][1]": "3",
"o_shop_id[][0]": "1",
"o_shop_id[][1]": "5",
"o_type_id[][0]": "1",
"o_type_id[][1]": "2",
"o_source_id[][0]": "3",
"o_source_id[][1]": "4",
"o_customer_type[][0]": "0",
"o_customer_type[][1]": "1",
"o_company_id[][0]": "44",
"o_company_id[][1]": "45",
"o_is_cod[][0]": "1",
"o_ext_id[][0]": "ORD-",
"o_ext_id[][1]": "49060",
"ods_track_number": "CDEK-123",
"ods_track_number[][0]": "CDEK-",
"ods_track_number[][1]": "123",
"o_sum_from": "100",
"o_sum_to": "1000",
"o_date_from": "2026-01-01",
"o_date_to": "2026-01-31",
"o_date_send_from": "2026-02-01",
"o_date_send_to": "2026-02-15",
"created_at_from": "2026-02-01",
"created_at_to": "2026-02-25",
"sort": "-o_date,o_sum",
"per_page": "50",
"page": "1",
};
Object.keys(params)
.forEach(key => url.searchParams.append(key, params[key]));
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"o_id": [
16
],
"o_status_id": [
16
],
"o_wh_id": [
16
],
"o_shop_id": [
16
],
"o_type_id": [
16
],
"o_source_id": [
16
],
"o_customer_type": [
16
],
"o_company_id": [
16
],
"o_is_cod": [
"0"
],
"o_ext_id": [
"n"
],
"ods_track_number": [
"g"
],
"o_sum_from": 4326.41688,
"o_sum_to": 4326.41688,
"o_date_from": "2026-06-15T21:25:59",
"o_date_to": "2026-06-15T21:25:59",
"o_date_send_from": "2026-06-15T21:25:59",
"o_date_send_to": "2026-06-15T21:25:59",
"created_at_from": "2026-06-15T21:25:59",
"created_at_to": "2026-06-15T21:25:59",
"sort": "architecto",
"per_page": 22,
"page": 67
};
fetch(url, {
method: "GET",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (200):
{
"data": [
{
"o_id": 49060,
"o_ext_id": "ORD-49060",
"o_wh_id": 106,
"o_shop_id": 85,
"o_status_id": 10,
"contact": {
"oc_first_name": "John",
"oc_phone": "+15551234567"
},
"ds": {
"ods_ds_id": 1,
"ods_track_number": "TRACK-123",
"ods_tariff_code": 136,
"ods_delivery_date": "2026-03-10",
"ods_delivery_time_start": "09:00",
"ods_delivery_time_end": "18:00"
},
"comments": {
"oc_ds_text": "Fragile",
"oc_inner_text": "Call before delivery"
}
}
],
"meta": {
"current_page": 1,
"per_page": 50,
"total": 312
}
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Create a new order
requires authentication
Creates a new order in the current user's domain.
Computed fields (o_sum, o_cod_sum) are prohibited.
If o_ext_id is provided, the pair (o_ext_id, o_wh_id) must be unique.
Supports nested objects:
contact(recipient)ds(delivery service fields)comments(texts for ds + internal)offers(product lines)
Delivery service data may include:
ods_ds_idods_statusods_track_numberods_ds_pp_idods_source_iddelivery integration source, for exampleapiship-12,cdek-15,speedy-3orecont-4. Legacy numeric values are treated as ApiShip.ods_tariff_codedelivery tariff code for direct integrations: CDEK tariff_code or Speedy serviceId.ods_order_labelods_delivery_dateods_delivery_time_startods_delivery_time_end
ds.ods_ds_id is required for ApiShip and for direct integrations without a default delivery service.
For CDEK/Speedy/Econt, if the selected ds.ods_source_id points to an integration with default *_ds_id,
ds.ods_ds_id may be omitted and NWMS will use ca_ds_id.
Examples:
1) Minimal:
POST /api/orders
{
"o_type_id": 1,
"o_shop_id": 85,
"o_wh_id": 106
}
2) With contact + ds + comments + offers: { "o_type_id": 1, "o_ext_id": "ORD-49060", "o_shop_id": 85, "o_wh_id": 106, "o_date_send": "2026-03-05", "contact": { "oc_first_name": "John", "oc_phone": "+15551234567", "oc_full_address": "Sofia, Bulgaria" }, "ds": { "ods_ds_id": 1, "ods_tariff_code": 136, "ods_order_label": "https://www.aaa.ru", "ods_delivery_date": "2026-03-10", "ods_delivery_time_start": "09:00", "ods_delivery_time_end": "18:00" }, "comments": { "oc_ds_text": "Leave at reception", "oc_inner_text": "VIP client" }, "offers": [ { "oo_offer_id": 77, "oo_qty": 2, "oo_price": 39.95, "oo_oc_price": 39.95 }, { "oo_offer_ext_id": "EXT-88", "oo_qty": 1, "oo_price": 9.99 } ] }
Example request:
curl --request POST \
"https://localhost/api/orders" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"o_type_id\": 16,
\"o_ext_id\": \"n\",
\"o_group_id\": 16,
\"o_shop_id\": 16,
\"o_wh_id\": 16,
\"o_date_send\": \"2026-06-15T21:25:59\",
\"o_source_id\": 16,
\"o_status_id\": 16,
\"o_customer_type\": 16,
\"o_weight\": 16,
\"o_dimension_x\": 16,
\"o_dimension_y\": 16,
\"o_dimension_z\": 16,
\"o_is_cod\": false,
\"o_shipping_price\": 4326.41688,
\"o_shipping_cost\": 4326.41688,
\"o_company_id\": 16,
\"contact\": {
\"oc_first_name\": \"n\",
\"oc_middle_name\": \"g\",
\"oc_last_name\": \"z\",
\"oc_phone\": \"m\",
\"oc_email\": \"gulgowski.asia@example.com\",
\"oc_country_id\": 16,
\"oc_city_id\": 16,
\"oc_postcode\": \"ngzmiyvdljnikhwa\",
\"oc_coord_latitude\": 4326.41688,
\"oc_coord_longitude\": 4326.41688,
\"oc_full_address\": \"m\"
},
\"ds\": {
\"ods_ds_id\": 16,
\"ods_status\": 16,
\"ods_track_number\": \"n\",
\"ods_ds_pp_id\": \"g\",
\"ods_tariff_code\": 66,
\"ods_order_label\": \"m\",
\"ods_delivery_date\": \"2026-06-15T21:25:59\",
\"ods_delivery_time_start\": \"21:25\",
\"ods_delivery_time_end\": \"21:25\"
},
\"comments\": {
\"oc_ds_text\": \"architecto\",
\"oc_inner_text\": \"architecto\"
},
\"offers\": [
{
\"oo_offer_id\": 77,
\"oo_qty\": 2,
\"oo_price\": 39.95
}
]
}"
const url = new URL(
"https://localhost/api/orders"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"o_type_id": 16,
"o_ext_id": "n",
"o_group_id": 16,
"o_shop_id": 16,
"o_wh_id": 16,
"o_date_send": "2026-06-15T21:25:59",
"o_source_id": 16,
"o_status_id": 16,
"o_customer_type": 16,
"o_weight": 16,
"o_dimension_x": 16,
"o_dimension_y": 16,
"o_dimension_z": 16,
"o_is_cod": false,
"o_shipping_price": 4326.41688,
"o_shipping_cost": 4326.41688,
"o_company_id": 16,
"contact": {
"oc_first_name": "n",
"oc_middle_name": "g",
"oc_last_name": "z",
"oc_phone": "m",
"oc_email": "gulgowski.asia@example.com",
"oc_country_id": 16,
"oc_city_id": 16,
"oc_postcode": "ngzmiyvdljnikhwa",
"oc_coord_latitude": 4326.41688,
"oc_coord_longitude": 4326.41688,
"oc_full_address": "m"
},
"ds": {
"ods_ds_id": 16,
"ods_status": 16,
"ods_track_number": "n",
"ods_ds_pp_id": "g",
"ods_tariff_code": 66,
"ods_order_label": "m",
"ods_delivery_date": "2026-06-15T21:25:59",
"ods_delivery_time_start": "21:25",
"ods_delivery_time_end": "21:25"
},
"comments": {
"oc_ds_text": "architecto",
"oc_inner_text": "architecto"
},
"offers": [
{
"oo_offer_id": 77,
"oo_qty": 2,
"oo_price": 39.95
}
]
};
fetch(url, {
method: "POST",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (201, Created):
{
"data": {
"o_id": 49060,
"o_ext_id": "ORD-49060",
"o_shop_id": 85,
"o_wh_id": 106,
"contact": {
"oc_first_name": "John"
},
"ds": {
"ods_ds_id": 1,
"ods_tariff_code": 136,
"ods_delivery_date": "2026-03-10",
"ods_delivery_time_start": "09:00",
"ods_delivery_time_end": "18:00"
},
"comments": {
"oc_ds_text": "Leave at reception",
"oc_inner_text": "VIP client"
}
}
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Get a single order by ID
requires authentication
Returns detailed information about a specific order including:
- offers
- contact
- delivery service data (
ds) - comments
Delivery service data may include:
ods_ds_idods_track_numberods_order_labelods_tariff_codeods_delivery_dateods_delivery_time_startods_delivery_time_end
Example:
/api/orders/49060
Example request:
curl --request GET \
--get "https://localhost/api/orders/49060" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/orders/49060"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());Example response (200, Found):
{
"data": {
"o_id": 49060,
"o_ext_id": "49054",
"o_shop_id": 85,
"o_wh_id": 106,
"contact": {
"oc_first_name": "John",
"oc_phone": "+15551234567"
},
"ds": {
"ods_ds_id": 1,
"ods_tariff_code": 136,
"ods_order_label": "https://www.aaa.ru",
"ods_delivery_date": "2026-03-10",
"ods_delivery_time_start": "09:00",
"ods_delivery_time_end": "18:00"
},
"comments": {
"oc_ds_text": "Fragile",
"oc_inner_text": "Internal note"
}
}
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Update an existing order
requires authentication
Partially updates editable fields of an existing order (PATCH semantics).
Supports nested objects:
contact(recipient)ds(delivery service fields)comments(texts for ds + internal)
Delivery service data may include:
ods_ds_idods_statusods_track_numberods_ds_pp_idods_source_iddelivery integration source, for exampleapiship-12,cdek-15,speedy-3orecont-4. Legacy numeric values are treated as ApiShip.ods_tariff_codedelivery tariff code for direct integrations: CDEK tariff_code or Speedy serviceId.ods_order_labelods_delivery_dateods_delivery_time_startods_delivery_time_end
Special DS rule:
If at least one ds.* field is provided AND there is no row in rw_order_ds for this order yet,
then ds.ods_ds_id becomes required unless ds.ods_source_id points to a CDEK/Speedy/Econt integration
with default delivery service ca_ds_id.
Examples:
1) Update ds + comments:
PATCH /api/orders/49060
{
"ds": {
"ods_ds_id": 1,
"ods_tariff_code": 136,
"ods_order_label": "https://www.aaa.ru",
"ods_delivery_date": "2026-03-10",
"ods_delivery_time_start": "09:00",
"ods_delivery_time_end": "18:00"
},
"comments": {
"oc_ds_text": "oc_ds_text - тест!!!",
"oc_inner_text": "oc_inner_text - тест!!!"
}
}
2) Update only contact phone: { "contact": { "oc_phone": "+359888123456" } }
Example request:
curl --request PUT \
"https://localhost/api/orders/49060" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
const url = new URL(
"https://localhost/api/orders/49060"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "PUT",
headers,
}).then(response => response.json());Example response (200, Updated (includes nested objects)):
{
"data": {
"o_id": 49060,
"ds": {
"ods_ds_id": 1,
"ods_tariff_code": 136,
"ods_order_label": "https://www.aaa.ru",
"ods_delivery_date": "2026-03-10",
"ods_delivery_time_start": "09:00",
"ods_delivery_time_end": "18:00"
},
"comments": {
"oc_ds_text": "oc_ds_text - тест!!!",
"oc_inner_text": "oc_inner_text - тест!!!"
}
}
}
Example response (422, DS validation (no ds row yet)):
{
"message": "The given data was invalid.",
"errors": {
"ds.ods_ds_id": [
"The ds.ods_ds_id field is required."
]
}
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Delete an order
requires authentication
Deletes a specific order.
Example request:
curl --request DELETE \
"https://localhost/api/orders/105" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/orders/105"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "DELETE",
headers,
}).then(response => response.json());Example response (200):
{
"message": "Deleted"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Add offers (products) to an order
requires authentication
Adds one or more product lines to an existing order.
Example:
POST /api/orders/49060/offers
[
{"oo_offer_id":77,"oo_qty":2,"oo_price":39.95},
{"oo_offer_id":88,"oo_qty":1,"oo_price":9.99}
]
Example request:
curl --request POST \
"https://localhost/api/orders/49060/offers" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"*\": [
\"architecto\"
]
}"
const url = new URL(
"https://localhost/api/orders/49060/offers"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"*": [
"architecto"
]
};
fetch(url, {
method: "POST",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (201, Added):
[
{
"oo_offer_id": 77,
"oo_qty": 2,
"oo_price": 39.95
},
{
"oo_offer_id": 88,
"oo_qty": 1,
"oo_price": 9.99
}
]
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Update an offer within an order
requires authentication
Updates quantity or price for a specific offer line.
Example:
PATCH /api/orders/49060/offers/123
{ "oo_qty": 5, "oo_price": 45.00 }
Example request:
curl --request PUT \
"https://localhost/api/orders/49060/offers/123" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"oo_qty\": 5,
\"oo_oc_price\": 4326.41688,
\"oo_price\": 45,
\"oo_expiration_date\": \"2026-06-15T21:25:59\",
\"oo_batch\": \"i\",
\"oo_operation_user_id\": 16
}"
const url = new URL(
"https://localhost/api/orders/49060/offers/123"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"oo_qty": 5,
"oo_oc_price": 4326.41688,
"oo_price": 45,
"oo_expiration_date": "2026-06-15T21:25:59",
"oo_batch": "i",
"oo_operation_user_id": 16
};
fetch(url, {
method: "PUT",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (200, Updated):
{
"oo_id": 123,
"oo_offer_id": 77,
"oo_qty": 5,
"oo_price": 45
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Delete an offer from an order
requires authentication
Removes a specific offer line from an existing order.
Example:
DELETE /api/orders/49060/offers/123
Example request:
curl --request DELETE \
"https://localhost/api/orders/49060/offers/123" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/orders/49060/offers/123"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "DELETE",
headers,
}).then(response => response.json());Example response (200):
{
"message": "Offer removed from order"
}
Example response (404):
{
"error": "Offer not found in this order"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Products
Endpoints for managing the product catalog ("offers").
Authorization
All endpoints require Bearer Token (Laravel Sanctum).
Domain & Access Scoping
- Non-admin users are automatically scoped to their
of_domain_id - If the user is not a
warehouse_manager, they can only access products belonging to shops wheresh_user_idis equal to the current user or parent user
Barcodes (rw_barcodes)
You can provide barcodes on create/update:
- Each barcode is stored in
rw_barcodes - If
barcodesis provided and not empty, exactly one item must havebr_main=1 - Barcodes are unique per shop: the same
br_barcodecannot belong to another offer in the samebr_shop_id
Description
You can provide of_description on create/update.
It is stored in the related product description table and returned as of_description.
Get product list
requires authentication
Returns a paginated list of products.
Includes:
- main offer fields
- related description as
of_description - barcodes
- rests by warehouses
Filters
The following filters support:
- a single value, for example:
of_id=435 - an array of values, for example:
of_id[]=435&of_id[]=438
Supported exact-match filters:
of_idof_skuof_ext_idof_shop_idof_statusof_typeof_datamatrixof_priceof_estimated_price
Supported partial-match filters:
of_nameof_articleof_comment
If a partial-match filter is passed as an array, products matching any of the values will be returned.
Sorting
sort_by— field namesort_dir—ascordesc
Pagination
per_page— number of items per page, max250
Example request:
curl --request GET \
--get "https://localhost/api/products?of_id=435&of_id%5B%5D[]=435&of_id%5B%5D[]=438&of_sku=SKU-001&of_sku%5B%5D[]=SKU-001&of_sku%5B%5D[]=SKU-002&of_ext_id=EXT-1001&of_ext_id%5B%5D[]=EXT-1001&of_ext_id%5B%5D[]=EXT-1002&of_shop_id=12&of_shop_id%5B%5D[]=12&of_shop_id%5B%5D[]=15&of_status=1&of_status%5B%5D[]=0&of_status%5B%5D[]=1&of_type=1&of_type%5B%5D[]=1&of_type%5B%5D[]=2&of_datamatrix=1&of_datamatrix%5B%5D[]=0&of_datamatrix%5B%5D[]=1&of_price=19.99&of_price%5B%5D[]=19.99&of_price%5B%5D[]=29.99&of_estimated_price=21.5&of_estimated_price%5B%5D[]=21.5&of_estimated_price%5B%5D[]=31.5&of_name=shirt&of_name%5B%5D[]=shirt&of_name%5B%5D[]=cotton&of_article=ART-01&of_article%5B%5D[]=ART-&of_article%5B%5D[]=01&of_comment=fragile&of_comment%5B%5D[]=fragile&of_comment%5B%5D[]=sale&sort_by=of_id&sort_dir=desc&per_page=20" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/products"
);
const params = {
"of_id": "435",
"of_id[][0]": "435",
"of_id[][1]": "438",
"of_sku": "SKU-001",
"of_sku[][0]": "SKU-001",
"of_sku[][1]": "SKU-002",
"of_ext_id": "EXT-1001",
"of_ext_id[][0]": "EXT-1001",
"of_ext_id[][1]": "EXT-1002",
"of_shop_id": "12",
"of_shop_id[][0]": "12",
"of_shop_id[][1]": "15",
"of_status": "1",
"of_status[][0]": "0",
"of_status[][1]": "1",
"of_type": "1",
"of_type[][0]": "1",
"of_type[][1]": "2",
"of_datamatrix": "1",
"of_datamatrix[][0]": "0",
"of_datamatrix[][1]": "1",
"of_price": "19.99",
"of_price[][0]": "19.99",
"of_price[][1]": "29.99",
"of_estimated_price": "21.5",
"of_estimated_price[][0]": "21.5",
"of_estimated_price[][1]": "31.5",
"of_name": "shirt",
"of_name[][0]": "shirt",
"of_name[][1]": "cotton",
"of_article": "ART-01",
"of_article[][0]": "ART-",
"of_article[][1]": "01",
"of_comment": "fragile",
"of_comment[][0]": "fragile",
"of_comment[][1]": "sale",
"sort_by": "of_id",
"sort_dir": "desc",
"per_page": "20",
};
Object.keys(params)
.forEach(key => url.searchParams.append(key, params[key]));
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());Example response (200):
{
"data": [
{
"of_id": 435,
"of_name": "Cotton T-shirt",
"of_description": "Basic cotton T-shirt"
},
{
"of_id": 438,
"of_name": "Hoodie",
"of_description": "Warm hoodie with zipper"
}
]
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Bulk create products
requires authentication
Creates multiple products in one request.
Payload is a JSON array.
You can also pass:
barcodes— full barcode listof_description— product description
Example: [ { "of_shop_id": 12, "of_name": "Cotton T-shirt", "of_ext_id": "EXT-1001", "of_description": "Basic cotton T-shirt", "barcodes": [ {"br_barcode":"4601234567890","br_main":1}, {"br_barcode":"4601234567891","br_main":0} ] } ]
Example request:
curl --request POST \
"https://localhost/api/products" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "[
\"architecto\"
]"
const url = new URL(
"https://localhost/api/products"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = [
"architecto"
];
fetch(url, {
method: "POST",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (201, Created):
[
{
"data": {
"of_id": 1,
"of_name": "Cotton T-shirt",
"of_description": "Basic cotton T-shirt"
}
}
]
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Bulk update products
requires authentication
Updates multiple products in one request.
Payload is a JSON array.
Identification rules:
- each item must contain either
of_id - or (
of_ext_id+of_shop_id)
You can also update:
barcodes— full replaceof_description— product description
Example: [ { "of_id": 10, "of_name":"Updated name", "of_description":"Updated long description", "barcodes":[{"br_barcode":"4601","br_main":1}] } ]
Example request:
curl --request PUT \
"https://localhost/api/products" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "[
\"architecto\"
]"
const url = new URL(
"https://localhost/api/products"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = [
"architecto"
];
fetch(url, {
method: "PUT",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (200, Updated):
[
{
"data": {
"of_id": 10,
"of_description": "Updated long description"
}
}
]
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Get single product
requires authentication
Returns one product with:
- description
- barcodes
- rests
Example request:
curl --request GET \
--get "https://localhost/api/products/435" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/products/435"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());Example response (200):
{
"data": {
"of_id": 435,
"of_name": "Cotton T-shirt",
"of_description": "Basic cotton T-shirt"
}
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Delete product
requires authentication
Deletes a product if it has no stock movements. Related barcodes are also removed.
Example request:
curl --request DELETE \
"https://localhost/api/products/435" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/products/435"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "DELETE",
headers,
}).then(response => response.json());Example response (200):
{
"message": "Deleted"
}
Example response (404):
{
"message": "Product not found"
}
Example response (422):
{
"message": "Deletion forbidden",
"error": "Product has stock movements and cannot be deleted."
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Shops
Manage shops (rw_shops).
Authentication: This API uses NWMS Sanctum. Send your personal access token in the HTTP header: Authorization: Bearer {token}
Get list of shops with advanced filtering
requires authentication
Returns a paginated list of shops available to the authenticated user. Supports multiple filters, partial match, sorting and pagination.
✅ Multiple exact filters are supported via arrays: field[]=1&field[]=2
Access scope:
- admin: can see shops from any domain
- non-admin: forced to own domain (
sh_domain_id = user.domain_id) - clients (if role exists): only shops owned by user (and/or parent user)
Examples:
-
All shops (admin only):
/api/shops -
Search by name (LIKE):
/api/shops?sh_name=Ozon -
Filter by owner(s):
/api/shops?sh_user_id[]=55&sh_user_id[]=56 -
Filter by specific IDs:
/api/shops?sh_id[]=1&sh_id[]=10&sh_id[]=25 -
Domain filter (admin only; non-admin is ignored by access scope anyway):
/api/shops?sh_domain_id[]=10 -
Combined (name + owners + sorting + paging):
/api/shops?sh_name=Shop&sh_user_id[]=55&sort=-sh_id,sh_name&per_page=50&page=1 -
Sorting only:
/api/shops?sort=sh_name -
Sort DESC by name:
/api/shops?sort=-sh_name
Example request:
curl --request GET \
--get "https://localhost/api/shops?sh_id%5B%5D=1&sh_domain_id%5B%5D=10&sh_user_id%5B%5D=55&sh_name=%22Ozon%22%0A%0A-----------------------------%0A%F0%9F%94%8E+Sorting%0A-----------------------------&sort=-sh_id%2Csh_name%0A%0AAllowed+fields%3A+sh_id%2C+sh_name%2C+sh_user_id%2C+sh_domain_id%2C+created_at%0A%0A-----------------------------%0A%F0%9F%94%8E+Pagination%0A-----------------------------&per_page=250&page=1" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"sh_name\": \"b\",
\"sort\": \"architecto\",
\"per_page\": 22,
\"page\": 67,
\"sh_id\": [
16
],
\"sh_domain_id\": [
16
],
\"sh_user_id\": [
16
]
}"
const url = new URL(
"https://localhost/api/shops"
);
const params = {
"sh_id[]": "1",
"sh_domain_id[]": "10",
"sh_user_id[]": "55",
"sh_name": ""Ozon"
-----------------------------
🔎 Sorting
-----------------------------",
"sort": "-sh_id,sh_name
Allowed fields: sh_id, sh_name, sh_user_id, sh_domain_id, created_at
-----------------------------
🔎 Pagination
-----------------------------",
"per_page": "250",
"page": "1",
};
Object.keys(params)
.forEach(key => url.searchParams.append(key, params[key]));
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"sh_name": "b",
"sort": "architecto",
"per_page": 22,
"page": 67,
"sh_id": [
16
],
"sh_domain_id": [
16
],
"sh_user_id": [
16
]
};
fetch(url, {
method: "GET",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (200, Successful):
{
"data": [
{
"sh_id": 1,
"sh_domain_id": 10,
"sh_user_id": 55,
"sh_name": "Shop #1"
}
],
"meta": {
"current_page": 1,
"per_page": 250,
"total": 1
}
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Get a single shop by ID
requires authentication
Example request:
curl --request GET \
--get "https://localhost/api/shops/1" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/shops/1"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());Example response (200, Found):
{
"sh_id": 1,
"sh_domain_id": 10,
"sh_user_id": 55,
"sh_name": "Shop #1"
}
Example response (404, Not found):
{
"message": "No query results for model ..."
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Create a new shop
requires authentication
Creates a shop in the current user's domain. sh_domain_id is taken from authenticated user and cannot be overridden (unless admin).
Example request:
curl --request POST \
"https://localhost/api/shops" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"sh_name\": \"\\\"Ozon Shop\\\"\",
\"sh_user_id\": 55
}"
const url = new URL(
"https://localhost/api/shops"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"sh_name": "\"Ozon Shop\"",
"sh_user_id": 55
};
fetch(url, {
method: "POST",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (201, Created):
{
"sh_id": 10,
"sh_domain_id": 10,
"sh_user_id": 55,
"sh_name": "Ozon Shop"
}
Example response (422, Validation error):
{
"message": "The given data was invalid.",
"errors": {
"sh_name": [
"The sh_name field is required."
]
}
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Update a shop (no delete)
requires authentication
Updates editable fields of a shop.
Rules:
- sh_domain_id cannot be changed
- non-admin users can update only shops within their domain
- (optional) non-admin can update only shops where sh_user_id is current user (enabled below)
Example request:
curl --request PUT \
"https://localhost/api/shops/10" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"sh_name\": \"\\\"Ozon Shop - updated\\\"\",
\"sh_user_id\": 55
}"
const url = new URL(
"https://localhost/api/shops/10"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"sh_name": "\"Ozon Shop - updated\"",
"sh_user_id": 55
};
fetch(url, {
method: "PUT",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (200, Updated):
{
"sh_id": 10,
"sh_name": "Ozon Shop - updated"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Users
Manage user env JSON fields. Requires separate permissions: users.env.view for reading and users.env.update for replacing env.
Authentication: This API uses NWMS Sanctum. Send your personal access token in the HTTP header: Authorization: Bearer {token}
Get user env fields.
requires authentication
Example request:
curl --request GET \
--get "https://localhost/api/users/42/env" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/users/42/env"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());Example response (200):
{
"user_id": 42,
"env": {
"contractUuid": "00000000-0000-0000-0000-000000000001",
"external_id": "CRM-42",
"limits": {
"daily_orders": 100
}
}
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Replace user env fields.
requires authentication
Existing env JSON is replaced with the request body.
Example request:
curl --request PUT \
"https://localhost/api/users/42/env" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"env\": {
\"contractUuid\": \"00000000-0000-0000-0000-000000000001\",
\"external_id\": \"CRM-42\",
\"limits\": {
\"daily_orders\": 100
}
}
}"
const url = new URL(
"https://localhost/api/users/42/env"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"env": {
"contractUuid": "00000000-0000-0000-0000-000000000001",
"external_id": "CRM-42",
"limits": {
"daily_orders": 100
}
}
};
fetch(url, {
method: "PUT",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (200):
{
"user_id": 42,
"env": {
"contractUuid": "00000000-0000-0000-0000-000000000001",
"external_id": "CRM-42",
"limits": {
"daily_orders": 100
}
}
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Warehouses
Manage warehouses (rw_warehouses).
Rules:
- Access is controlled by warehouses.* module rights; legacy roles are supported.
- Create: admin/warehouse_manager can create warehouses; clients can create only client warehouses (wh_type = 2).
- wh_ff_id is required for client warehouse creation and must reference an existing fulfilment warehouse (wh_type = 1) within the same domain (wh_domain_id).
Authentication: This API uses NWMS Sanctum. Send your personal access token in the HTTP header: Authorization: Bearer {token}
Get list of warehouses with advanced filtering
requires authentication
Returns a paginated list of warehouses available to the authenticated user. Admin and warehouse_manager can view warehouses in their domain. Clients can view their client warehouses and fulfilment warehouses.
✅ Multiple exact filters are supported via arrays: field[]=1&field[]=2
Examples:
-
Multiple warehouse types:
/api/warehouses?wh_type[]=1&wh_type[]=2 -
Multiple fulfilment warehouses + only active:
/api/warehouses?wh_ff_id[]=1&wh_ff_id[]=2&wh_status[]=1 -
Search by name (LIKE) + sort by name:
/api/warehouses?wh_name=Sofia&sort=wh_name -
Search by doc number (LIKE) + sort DESC by id:
/api/warehouses?wh_doc_num=BG-&sort=-wh_id -
Combined:
/api/warehouses?wh_type[]=2&wh_country_id[]=100&wh_company_id[]=44&wh_name=Varna&sort=-wh_id,wh_name&per_page=50
Example request:
curl --request GET \
--get "https://localhost/api/warehouses?wh_id%5B%5D=2&wh_status%5B%5D=1&wh_domain_id%5B%5D=10&wh_user_id%5B%5D=55&wh_country_id%5B%5D=100&wh_ff_id%5B%5D=2&wh_company_id%5B%5D=44&wh_billing_id%5B%5D=7&wh_type%5B%5D=2&wh_currency_id%5B%5D=3&wh_parent_id%5B%5D=1&wh_doc_num=BG-&wh_doc_date=2026-01&wh_name=Sofia%0A%0A-----------------------------%0A%F0%9F%94%8E+Sorting%0A-----------------------------&sort=-wh_id%2Cwh_name%0A%0A-----------------------------%0A%F0%9F%94%8E+Pagination%0A-----------------------------&per_page=250&page=1" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"wh_doc_num\": \"b\",
\"wh_doc_date\": \"n\",
\"wh_name\": \"g\",
\"sort\": \"architecto\",
\"per_page\": 22,
\"page\": 67,
\"wh_id\": [
16
],
\"wh_status\": [
16
],
\"wh_domain_id\": [
16
],
\"wh_user_id\": [
16
],
\"wh_country_id\": [
16
],
\"wh_ff_id\": [
16
],
\"wh_company_id\": [
16
],
\"wh_billing_id\": [
16
],
\"wh_type\": [
16
],
\"wh_currency_id\": [
16
],
\"wh_parent_id\": [
16
]
}"
const url = new URL(
"https://localhost/api/warehouses"
);
const params = {
"wh_id[]": "2",
"wh_status[]": "1",
"wh_domain_id[]": "10",
"wh_user_id[]": "55",
"wh_country_id[]": "100",
"wh_ff_id[]": "2",
"wh_company_id[]": "44",
"wh_billing_id[]": "7",
"wh_type[]": "2",
"wh_currency_id[]": "3",
"wh_parent_id[]": "1",
"wh_doc_num": "BG-",
"wh_doc_date": "2026-01",
"wh_name": "Sofia
-----------------------------
🔎 Sorting
-----------------------------",
"sort": "-wh_id,wh_name
-----------------------------
🔎 Pagination
-----------------------------",
"per_page": "250",
"page": "1",
};
Object.keys(params)
.forEach(key => url.searchParams.append(key, params[key]));
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"wh_doc_num": "b",
"wh_doc_date": "n",
"wh_name": "g",
"sort": "architecto",
"per_page": 22,
"page": 67,
"wh_id": [
16
],
"wh_status": [
16
],
"wh_domain_id": [
16
],
"wh_user_id": [
16
],
"wh_country_id": [
16
],
"wh_ff_id": [
16
],
"wh_company_id": [
16
],
"wh_billing_id": [
16
],
"wh_type": [
16
],
"wh_currency_id": [
16
],
"wh_parent_id": [
16
]
};
fetch(url, {
method: "GET",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (200, Successful):
{
"data": [
{
"wh_id": 2,
"wh_status": 1,
"wh_domain_id": 10,
"wh_user_id": 55,
"wh_type": 2,
"wh_ff_id": 1,
"wh_name": "Client warehouse Sofia",
"wh_country_id": 100,
"wh_currency_id": 3,
"wh_custom_json": {
"pickup": true,
"cutoff": "18:00",
"contractUuid": "CDEK-CONTRACT-0000000001",
"sla": 95,
"officeCode": "MSK-1"
}
}
],
"meta": {
"current_page": 1,
"per_page": 50,
"total": 10
}
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Get a single warehouse by ID
requires authentication
Returns one warehouse available to the authenticated user.
Example request:
curl --request GET \
--get "https://localhost/api/warehouses/2" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/warehouses/2"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());Example response (200, Found):
{
"wh_id": 2,
"wh_status": 1,
"wh_domain_id": 10,
"wh_user_id": 55,
"wh_type": 2,
"wh_ff_id": 1,
"wh_name": "Client warehouse Sofia",
"wh_country_id": 100,
"wh_custom_json": {
"pickup": true,
"cutoff": "18:00",
"contractUuid": "CDEK-CONTRACT-0000000001",
"sla": 95,
"officeCode": "MSK-1"
}
}
Example response (404, Not found):
{
"message": "No query results for model ..."
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Create a new client warehouse (wh_type = 2)
requires authentication
Admin and warehouse_manager can create warehouses in their domain. Clients can create only client warehouses (wh_type=2) for themselves.
Constraints:
- wh_type defaults to 2 (client); clients are always forced to wh_type=2.
- wh_ff_id is required for client warehouses and must reference a fulfilment warehouse (wh_type = 1) with the same wh_domain_id.
- wh_user_id defaults to the authenticated user. Admin/warehouse_manager can pass wh_user_id in the same domain. Clients can pass only their own user id or parent user id.
Example request:
curl --request POST \
"https://localhost/api/warehouses" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"wh_name\": \"\\\"Client warehouse Sofia\\\"\",
\"wh_ff_id\": 1,
\"wh_status\": 1,
\"wh_country_id\": 100,
\"wh_company_id\": 44,
\"wh_billing_id\": 7,
\"wh_doc_num\": \"\\\"BG-001\\\"\",
\"wh_doc_date\": \"\\\"2026-01-14\\\"\",
\"wh_currency_id\": 3,
\"wh_parent_id\": 1,
\"wh_type\": 16,
\"wh_user_id\": 55,
\"wh_set_expiration_date\": 1,
\"wh_set_batch\": 1,
\"wh_set_production_date\": 0,
\"wh_custom_json\": {
\"delivery\": {
\"cdek\": {
\"shipment_point\": \"MSK1\",
\"sender_city\": \"Москва\",
\"sender_address\": \"ул. Ленина 1\",
\"sender_company\": \"ООО Ромашка\",
\"sender_name\": \"Иван Иванов\",
\"sender_phone\": \"+79990000000\",
\"sender_email\": \"sender@example.com\"
}
},
\"contractUuid\": \"CDEK-CONTRACT-0000000001\",
\"sla\": 95,
\"officeCode\": \"MSK-1\"
}
}"
const url = new URL(
"https://localhost/api/warehouses"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"wh_name": "\"Client warehouse Sofia\"",
"wh_ff_id": 1,
"wh_status": 1,
"wh_country_id": 100,
"wh_company_id": 44,
"wh_billing_id": 7,
"wh_doc_num": "\"BG-001\"",
"wh_doc_date": "\"2026-01-14\"",
"wh_currency_id": 3,
"wh_parent_id": 1,
"wh_type": 16,
"wh_user_id": 55,
"wh_set_expiration_date": 1,
"wh_set_batch": 1,
"wh_set_production_date": 0,
"wh_custom_json": {
"delivery": {
"cdek": {
"shipment_point": "MSK1",
"sender_city": "Москва",
"sender_address": "ул. Ленина 1",
"sender_company": "ООО Ромашка",
"sender_name": "Иван Иванов",
"sender_phone": "+79990000000",
"sender_email": "sender@example.com"
}
},
"contractUuid": "CDEK-CONTRACT-0000000001",
"sla": 95,
"officeCode": "MSK-1"
}
};
fetch(url, {
method: "POST",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (201, Created):
{
"wh_id": 10,
"wh_domain_id": 10,
"wh_type": 2,
"wh_ff_id": 1,
"wh_user_id": 55,
"wh_name": "Client warehouse Sofia",
"wh_country_id": 100,
"wh_custom_json": {
"pickup": true,
"cutoff": "18:00",
"contractUuid": "CDEK-CONTRACT-0000000001",
"sla": 95,
"officeCode": "MSK-1"
}
}
Example response (422, Validation error):
{
"message": "The given data was invalid.",
"errors": {
"wh_ff_id": [
"The selected wh_ff_id is invalid."
]
}
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Update warehouse (no delete)
requires authentication
Only admin or warehouse_manager.
Notes:
- wh_type cannot be changed (forced to remain as stored).
- wh_domain_id cannot be changed via API.
- wh_user_id can be changed only by legacy admin/warehouse_manager or by delete-level warehouses access.
- If wh_ff_id is provided, it must reference fulfilment warehouse (wh_type=1) in the same domain.
Example request:
curl --request PUT \
"https://localhost/api/warehouses/2" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"wh_user_id\": 55,
\"wh_name\": \"\\\"Client warehouse Sofia - updated\\\"\",
\"wh_status\": 1,
\"wh_country_id\": 100,
\"wh_company_id\": 44,
\"wh_billing_id\": 7,
\"wh_doc_num\": \"\\\"BG-001\\\"\",
\"wh_doc_date\": \"\\\"2026-01-14\\\"\",
\"wh_currency_id\": 3,
\"wh_parent_id\": 1,
\"wh_ff_id\": 1,
\"wh_set_expiration_date\": 1,
\"wh_set_batch\": 1,
\"wh_set_production_date\": 0,
\"wh_custom_json\": {
\"delivery\": {
\"cdek\": {
\"shipment_point\": \"MSK1\",
\"sender_city\": \"Москва\",
\"sender_address\": \"ул. Ленина 1\",
\"sender_company\": \"ООО Ромашка\",
\"sender_name\": \"Иван Иванов\",
\"sender_phone\": \"+79990000000\",
\"sender_email\": \"sender@example.com\"
}
},
\"contractUuid\": \"CDEK-CONTRACT-0000000001\",
\"sla\": 95,
\"officeCode\": \"MSK-1\"
}
}"
const url = new URL(
"https://localhost/api/warehouses/2"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"wh_user_id": 55,
"wh_name": "\"Client warehouse Sofia - updated\"",
"wh_status": 1,
"wh_country_id": 100,
"wh_company_id": 44,
"wh_billing_id": 7,
"wh_doc_num": "\"BG-001\"",
"wh_doc_date": "\"2026-01-14\"",
"wh_currency_id": 3,
"wh_parent_id": 1,
"wh_ff_id": 1,
"wh_set_expiration_date": 1,
"wh_set_batch": 1,
"wh_set_production_date": 0,
"wh_custom_json": {
"delivery": {
"cdek": {
"shipment_point": "MSK1",
"sender_city": "Москва",
"sender_address": "ул. Ленина 1",
"sender_company": "ООО Ромашка",
"sender_name": "Иван Иванов",
"sender_phone": "+79990000000",
"sender_email": "sender@example.com"
}
},
"contractUuid": "CDEK-CONTRACT-0000000001",
"sla": 95,
"officeCode": "MSK-1"
}
};
fetch(url, {
method: "PUT",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (200, Updated):
{
"wh_id": 2,
"wh_name": "Client warehouse Sofia - updated",
"wh_country_id": 100,
"wh_custom_json": {
"pickup": false,
"contractUuid": "CDEK-CONTRACT-0000000001",
"sla": 95,
"officeCode": "MSK-1"
}
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Get fulfilment warehouse data
requires authentication
Returns the fulfilment warehouse (wh_type = 1) by its ID.
Authentication (Sanctum):
- Requires a valid Sanctum personal access token.
- Send token in header: Authorization: Bearer {token}
Authorization:
- Roles allowed: admin, warehouse_manager
- Domain restriction:
- admin: any domain
- warehouse_manager: only own domain (warehouse.wh_domain_id must match user.domain_id)
Example request:
curl --request GET \
--get "https://localhost/api/warehouses/fulfillment/warehouses/1" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/warehouses/fulfillment/warehouses/1"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());Example response (200, Found):
{
"data": {
"id": 1,
"name": "Fulfilment warehouse Varna",
"domain_id": 10,
"country_id": 100,
"address": null,
"phone": null
}
}
Example response (403, Forbidden):
{
"message": "Forbidden: only admin or warehouse_manager"
}
Example response (403, Domain mismatch):
{
"message": "Forbidden: domain mismatch"
}
Example response (404, Not found):
{
"message": "No query results for model ..."
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Get client warehouses of a fulfilment warehouse
requires authentication
Returns client warehouses (wh_type = 2) linked to the given fulfilment warehouse. Link is done via wh_ff_id (client warehouse points to fulfilment warehouse).
Authentication (Sanctum):
- Requires a valid Sanctum personal access token.
- Send token in header: Authorization: Bearer {token}
Authorization:
- Roles allowed: admin, warehouse_manager
- Domain restriction is validated against the fulfilment warehouse:
- admin: any domain
- warehouse_manager: fulfilment warehouse must be in user's domain
Example request:
curl --request GET \
--get "https://localhost/api/warehouses/fulfillment/warehouses/1/client-warehouses" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/warehouses/fulfillment/warehouses/1/client-warehouses"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());Example response (200, Successful):
{
"data": [
{
"id": 10,
"name": "Client warehouse Sofia",
"domain_id": 10,
"country_id": 100
}
]
}
Example response (403, Forbidden):
{
"message": "Forbidden: only admin or warehouse_manager"
}
Example response (403, Domain mismatch):
{
"message": "Forbidden: domain mismatch"
}
Example response (404, Not found):
{
"message": "No query results for model ..."
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Интеграции CDEK
API для управления подключениями к CDEK API v2.
Доступ совпадает с ЛК: старые роли admin, warehouse_manager, warehouse_worker
и новые права integrations/Orchid route permissions. Видимость записей ограничена
data scope пользователя: global, domain, warehouse, owner.
В ответах ca_client_secret не возвращается. Для заказов используйте source_id
в формате cdek-{ca_id}, он передается в ds.ods_source_id.
Настройки отправителя в интеграции имеют приоритет. Если ca_shipment_point,
ca_sender_city, ca_sender_address или контактные поля отправителя пустые,
отправка берет их из вкладки "Доставки" FF-склада заказа.
Список интеграций CDEK.
requires authentication
Возвращает только интеграции, доступные текущему пользователю.
Example request:
curl --request GET \
--get "https://localhost/api/integrations/cdek?ca_status=1&ca_domain_id=10&ca_user_id=55&ca_name=%D0%9E%D1%81%D0%BD%D0%BE%D0%B2%D0%BD%D0%BE%D0%B9+CDEK&sort=-ca_id&per_page=50" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"ca_status\": 16,
\"ca_domain_id\": 22,
\"ca_user_id\": 67,
\"ca_name\": \"z\",
\"sort\": \"architecto\",
\"per_page\": 22,
\"page\": 67
}"
const url = new URL(
"https://localhost/api/integrations/cdek"
);
const params = {
"ca_status": "1",
"ca_domain_id": "10",
"ca_user_id": "55",
"ca_name": "Основной CDEK",
"sort": "-ca_id",
"per_page": "50",
};
Object.keys(params)
.forEach(key => url.searchParams.append(key, params[key]));
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"ca_status": 16,
"ca_domain_id": 22,
"ca_user_id": 67,
"ca_name": "z",
"sort": "architecto",
"per_page": 22,
"page": 67
};
fetch(url, {
method: "GET",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (200):
{
"data": [
{
"ca_id": 1,
"source_id": "cdek-1",
"ca_status": 1,
"ca_name": "Основной CDEK",
"ca_base_url": "https://api.cdek.ru",
"ca_client_id": "account",
"ca_client_secret_set": true,
"ca_timeout": 20,
"ca_domain_id": 10,
"ca_user_id": null,
"ca_test_mode": false,
"ca_order_type": 1,
"ca_ds_id": 2,
"ca_tariff_code": 136,
"ca_label_format": "A6",
"ca_shipment_point": "MSK1"
}
]
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Создать интеграцию CDEK.
requires authentication
Для global scope можно передать любой ca_domain_id. Для остальных scope домен всегда
фиксируется на домене текущего пользователя. Для owner scope владелец фиксируется на
текущем мастер-пользователе клиента.
Example request:
curl --request POST \
"https://localhost/api/integrations/cdek" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"ca_name\": \"Основной CDEK\",
\"ca_base_url\": \"https:\\/\\/api.cdek.ru\",
\"ca_client_id\": \"account-id\",
\"ca_client_secret\": \"secret\",
\"ca_domain_id\": 10,
\"ca_user_id\": 55,
\"ca_status\": 1,
\"ca_test_mode\": false,
\"ca_order_type\": 1,
\"ca_ds_id\": 2,
\"ca_tariff_code\": 136,
\"ca_label_format\": \"A6\",
\"ca_shipment_point\": \"MSK1\",
\"ca_sender_company\": \"ООО Ромашка\",
\"ca_sender_name\": \"Иван Иванов\",
\"ca_sender_phone\": \"+79990000000\",
\"ca_sender_email\": \"sender@example.com\",
\"ca_sender_city\": \"Москва\",
\"ca_sender_address\": \"ул. Ленина 1\"
}"
const url = new URL(
"https://localhost/api/integrations/cdek"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"ca_name": "Основной CDEK",
"ca_base_url": "https:\/\/api.cdek.ru",
"ca_client_id": "account-id",
"ca_client_secret": "secret",
"ca_domain_id": 10,
"ca_user_id": 55,
"ca_status": 1,
"ca_test_mode": false,
"ca_order_type": 1,
"ca_ds_id": 2,
"ca_tariff_code": 136,
"ca_label_format": "A6",
"ca_shipment_point": "MSK1",
"ca_sender_company": "ООО Ромашка",
"ca_sender_name": "Иван Иванов",
"ca_sender_phone": "+79990000000",
"ca_sender_email": "sender@example.com",
"ca_sender_city": "Москва",
"ca_sender_address": "ул. Ленина 1"
};
fetch(url, {
method: "POST",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (201):
{
"ca_id": 1,
"source_id": "cdek-1",
"ca_name": "Основной CDEK",
"ca_client_secret_set": true,
"ca_ds_id": 2
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Получить интеграцию CDEK.
requires authentication
Example request:
curl --request GET \
--get "https://localhost/api/integrations/cdek/1" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/integrations/cdek/1"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *
{
"message": "Unauthenticated.",
"error": "AUTH_REQUIRED"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Обновить интеграцию CDEK.
requires authentication
Можно передавать только изменяемые поля. Если ca_client_secret не передан или передан пустым,
сохраненный секрет не меняется.
Example request:
curl --request PUT \
"https://localhost/api/integrations/cdek/1" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"ca_name\": \"CDEK склад Москва\",
\"ca_base_url\": \"https:\\/\\/api.edu.cdek.ru\",
\"ca_client_id\": \"account-id\",
\"ca_client_secret\": \"new-secret\",
\"ca_domain_id\": 10,
\"ca_user_id\": 55,
\"ca_status\": 1,
\"ca_test_mode\": true,
\"ca_order_type\": 1,
\"ca_ds_id\": 2,
\"ca_tariff_code\": 136,
\"ca_label_format\": \"A6\",
\"ca_shipment_point\": \"MSK1\"
}"
const url = new URL(
"https://localhost/api/integrations/cdek/1"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"ca_name": "CDEK склад Москва",
"ca_base_url": "https:\/\/api.edu.cdek.ru",
"ca_client_id": "account-id",
"ca_client_secret": "new-secret",
"ca_domain_id": 10,
"ca_user_id": 55,
"ca_status": 1,
"ca_test_mode": true,
"ca_order_type": 1,
"ca_ds_id": 2,
"ca_tariff_code": 136,
"ca_label_format": "A6",
"ca_shipment_point": "MSK1"
};
fetch(url, {
method: "PUT",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Удалить интеграцию CDEK.
requires authentication
Доступно пользователям с правом удаления модуля integrations или старым ролям
admin/warehouse_manager.
Example request:
curl --request DELETE \
"https://localhost/api/integrations/cdek/1" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/integrations/cdek/1"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "DELETE",
headers,
}).then(response => response.json());Example response (200):
{
"deleted": true
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Интеграции Econt
API для управления подключениями к Econt SOAP/JSON API.
В ответах ea_password не возвращается. Для заказов используйте source_id
в формате econt-{ea_id}, он передается в ds.ods_source_id.
GET api/integrations/econt
requires authentication
Example request:
curl --request GET \
--get "https://localhost/api/integrations/econt" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"ea_status\": 16,
\"ea_domain_id\": 22,
\"ea_user_id\": 67,
\"ea_name\": \"z\",
\"sort\": \"architecto\",
\"per_page\": 22,
\"page\": 67
}"
const url = new URL(
"https://localhost/api/integrations/econt"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"ea_status": 16,
"ea_domain_id": 22,
"ea_user_id": 67,
"ea_name": "z",
"sort": "architecto",
"per_page": 22,
"page": 67
};
fetch(url, {
method: "GET",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *
{
"message": "Unauthenticated.",
"error": "AUTH_REQUIRED"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.POST api/integrations/econt
requires authentication
Example request:
curl --request POST \
"https://localhost/api/integrations/econt" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/integrations/econt"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "POST",
headers,
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.GET api/integrations/econt/{id}
requires authentication
Example request:
curl --request GET \
--get "https://localhost/api/integrations/econt/architecto" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/integrations/econt/architecto"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *
{
"message": "Unauthenticated.",
"error": "AUTH_REQUIRED"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.PUT api/integrations/econt/{id}
requires authentication
Example request:
curl --request PUT \
"https://localhost/api/integrations/econt/architecto" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/integrations/econt/architecto"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "PUT",
headers,
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.DELETE api/integrations/econt/{id}
requires authentication
Example request:
curl --request DELETE \
"https://localhost/api/integrations/econt/architecto" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/integrations/econt/architecto"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "DELETE",
headers,
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.Интеграции Speedy
API для управления подключениями к Speedy REST API v1.
В ответах sa_password не возвращается. Для заказов используйте source_id
в формате speedy-{sa_id}, он передается в ds.ods_source_id.
GET api/integrations/speedy
requires authentication
Example request:
curl --request GET \
--get "https://localhost/api/integrations/speedy" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"sa_status\": 16,
\"sa_domain_id\": 22,
\"sa_user_id\": 67,
\"sa_name\": \"z\",
\"sort\": \"architecto\",
\"per_page\": 22,
\"page\": 67
}"
const url = new URL(
"https://localhost/api/integrations/speedy"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"sa_status": 16,
"sa_domain_id": 22,
"sa_user_id": 67,
"sa_name": "z",
"sort": "architecto",
"per_page": 22,
"page": 67
};
fetch(url, {
method: "GET",
headers,
body: JSON.stringify(body),
}).then(response => response.json());Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *
{
"message": "Unauthenticated.",
"error": "AUTH_REQUIRED"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.POST api/integrations/speedy
requires authentication
Example request:
curl --request POST \
"https://localhost/api/integrations/speedy" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/integrations/speedy"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "POST",
headers,
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.GET api/integrations/speedy/{id}
requires authentication
Example request:
curl --request GET \
--get "https://localhost/api/integrations/speedy/architecto" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/integrations/speedy/architecto"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
access-control-allow-origin: *
{
"message": "Unauthenticated.",
"error": "AUTH_REQUIRED"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.PUT api/integrations/speedy/{id}
requires authentication
Example request:
curl --request PUT \
"https://localhost/api/integrations/speedy/architecto" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/integrations/speedy/architecto"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "PUT",
headers,
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.DELETE api/integrations/speedy/{id}
requires authentication
Example request:
curl --request DELETE \
"https://localhost/api/integrations/speedy/architecto" \
--header "Content-Type: application/json" \
--header "Accept: application/json"const url = new URL(
"https://localhost/api/integrations/speedy/architecto"
);
const headers = {
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "DELETE",
headers,
}).then(response => response.json());Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.