easyPoints

# Overview

# Api Access

First, you will need to make sure you have access to the EasyPoints API, which is a premium feature. If your subscription does not include API access (some plans include API access), you can purchase this premium feature in the Settings page of the EasyPoints app.

  1. Find the app subscription section in your settings page and click "Change" API Subscription Section

  2. Toggle the API usage premium feature or upgrade to a plan which includes this feature and accept the new subscription. API Usage Premium Feature

# Api Credentials

# Authentication

After ensuring you have included the EasyPoints API premium feature in your subscription, you can find the section to create your API credentials in the Settings page of the EasyPoints app.

API Credentials Section

# Basic Auth

EasyPoints API uses Basic Authorization given the credentials found in the Settings page of the EasyPoints app.

Due to the nature of Basic Authorization (opens new window), you must always use HTTPS when sending requests to the EasyPoints API.

It is strongly recommended that you use the Authorization header rather than including the credentials in the URL for security reasons. Please see here (opens new window) for more information.

# Example

The following is an example usage of Basic Auth in JavaScript.

WARNING

Be sure not to include your API credentials directly in a client-side application. They should be stored in a location accessible only to those with proper authorization, such as the secret configuration of a server-side application.

const authValue = btoa(`${apiPublicKey}:${apiSecretKey}`);

fetch(url, {
    headers: {
      'Content-Type': 'application/json'
      'Authorization': `Basic ${authValue}`,
    }
  });

# Authorization

Currently all available API credential sets have full authorization for their respective merchant's EasyPoints app. This includes the following privileges:

Privilege Definition
read_point_balances Read customer point balances
write_point_balances Update customer point balances (such as with point allotments)
read_point_history Read point history (such as order point information)

# Security

WARNING

Please understand that enabling the EasyPoints API comes with risk. Your API credentials must be kept private and secure to avoid a malicious party from distributing points, revoking points, accessing EasyPoints information about your customers, etc.

Use with care; granting or revoking an erroneous number of points from your customers could negatively impact your profits or their shopping experience.

# Deleting API Credentials

If you feel your API credentials have been compromised or, for any other reason, you wish to delete your API credentials, you can do so in the Settings page of the EasyPoints app. New credentials can also be created immediately if desired.

Delete Credentials

# Rate Limiting

Our API is subject to rate limits to ensure fair usage and maintain system stability.

Each Store using our API is restricted to a maximum of 25 API calls within a 5-second window. Exceeding this limit will result in 429 responses for subsequent requests until the limit resets.

Point Balances