CartRover API Documentation
If you have questions about the API, head over to CartRover Answers.
Check out the official CartRover PHP Client. Just include it directly in your project, we've done all the work for you!
Additional unofficial CartRover Libraries:
- Ruby Client by sifourteen
Authentication can be done in one of two ways.
Pass your API User and Key using the Basic Access Authentication standard.
- Concatenate the API user and key and place a colon in between: api_user:api_key
- Base 64 encode this string
- Pass it as a header in the following format: Authorization: Basic BASE64ENCODEDSTRING
Your credentials can be passed in the URL with each request. These credentials are secure in transit as the request is being made over SSL which encrypts the URL.
The GET Authentication parameters are:
POST ORDERS: https://api.cartrover.com/v1/cart/orders/cartrover?api_user=SOMEUSER&api_key=SOMEKEYGET ORDER XYZ: https://api.cartrover.com/v1/cart/orders/XYZ?api_user=SOMEUSER&api_key=SOMEKEY
All endpoints will return errors in the following format.
|success_code||boolean||Always FALSE for an error|
Invalid - Invalid/Missing data submitted
Failure - Hard error like: Duplicate order
RateLimit - Over API Limit
|status_message||String||Specific Error Message|
The CartRover API uses a Leaky Bucket algorithm to manage API access. The bucket size is 100 calls, and they refill at rate of 1 call every 0.6 seconds. Currently the New Order API endpoint is NOT rate limited. If we see abuse of the API, all endpoints will be rate limited.
All endpoints that are rate limited will return the following header with each request. It contains the remaining number of API calls you can currently burst to:
If you go over your rate limit, the API will return a standard error with the following code and message:
status_message: "Over API Limit. Please slow down requests."
Timestamp fields should be submitted to the API in ISO 8601 format in order to specify the timezone.
Timestamp fields returned by the API will be formatted in ISO 8601 and always be in the UTC timezone.
If you are passing a timestamp as a GET parameter, YOU MUST encode the plus symbol (+) as %2B
The CartRover API has three levels. Each level has access to different functionality and has a separate set of credentials. Here we list each API level and which endpoints it has access to.
Each endpoint will list its type (eg. GET, POST). Note that proper REST guidelines are not followed and most endpoints are GET. A future API version may change these endpoint types, but support for these API calls will remain for this version.
Webhooks are also available.
To learn about subscribing to Webhooks in the CartRover API, check out the Webhooks documentation page.
Is the CartRover API Down? Check our Status Page