This online publication is intellectual property of Apptus Technologies. Its contents can be duplicated in part or whole, provided that a copyright label is visibly located on each copy and the copy is used in conjunction with the product described within this document.
All information found in these documents has been compiled with utmost attention to detail. However, this does not guarantee complete accuracy. Neither Apptus Technologies nor the authors shall be held liable for possible errors or the consequences thereof.
Software and hardware descriptions cited in these documents might be registered trademarks. All trade names are subject to copyright restrictions and may be registered trademarks. Apptus Technologies essentially adheres to the manufacturer’s spelling. Names of products and trademarks appearing in this document, with or without specific notation, are likewise subject to trademark and trade protection laws and may thus fall under copyright restrictions.CLOSE
Web API v1¶
The Apptus eSales Enterprise Web API makes it easy to integrate eSales into a site by enabling both client and server side integration. It consists of two main components:
The Web API also includes methods for GDPR Data Management for eSales Enterprise data.
Web API availability
The Apptus eSales Enterprise Web API is only available for Apptus Cloud customers.
Web API v2
A new version of the Apptus eSales Enterprise Web API, the Web API v2, is available.
The Web API is built to support major browsers such as Mozilla Firefox, Google Chrome, Safari, and Microsoft Internet Explorer (10 and newer).
Apptus Cloud environment configuration is a part of the customer onboarding process. This configuration is performed by Apptus, but for it to be completed some information regarding origin host settings and selected client side payment strategy are needed from the customer.
With this provided to Apptus the initial set-up for the Web API will be performed, and the following information is returned to the customer.
- A private key - used for visitor sign in and dynamic pages
- Cluster ID - used when requesting data from the Apptus Cloud
- Cluster credentials - used when importing data to eSales
- Apptus eSales Apps and Manager access rights
When the cloud configuration is completed, customers can contact Apptus Support if there are any questions about the current security settings used for their eSales cluster, or if the security settings must be changed.
The origin host is part of the security settings for a cluster. It specifies what domain Ajax requests to the cluster is allowed to originate from.
The following information is needed from the customer to configure the origin host.
- Protocols (HTTP/HTTPS)
- Domains (subdomains)
- Ports (80, 443)
Client side payments¶
Client side payment strategy is part of the security settings for a cluster. There are three different strategies for handling payment notifications with the eSales Web API.
- Do not allow payment notifications - This strategy should be used when payment notifications are always sent server side. Recommended for production clusters.
- Allow limited payments - Ignore suspicious payments e.g. payment notification that seem to be machine generated.
- Allow all payment notifications - Most useful at an early stage of the integration.
The RESTful API handles the communication with the Apptus eSales Cluster. Load balancing and failover are both handled automatically.
For more details of the RESTful API, see the RESTful API documentation pages.
Sessions and notifications¶
Sessions and notifications are used to keep track of information about visitor interaction that is sent to eSales via the Web API. This information is used to enable personalisation and to improve recommendations and more.
For more details about Notifications, see the Sessions and Notifications page.
Recommendations and best practice¶
- Always instantiate an
esalesobject as a variable with a url to a cluster and market that exists.
- A general rule of thumb is to never cache eSales generated results. Static data such as descriptions and images can be cached.
- When notifying payments, the recommended notification method to use is Secure Payment Notification.