Magento 2 API
Feb 21, 2020 by Pawan Gajbhiye


The Magento web API is an application programming interface.
The Magento API use web services to communicate with the Magento system.
API can be called as a middle gateway between a programmer and an application.
When the programmer calls for a request via the middle gateway, if the request gets approved, then the right data will be getting as response.

An API is a set of routines, protocols and other tools to design software applications.
Thus, API is act as a service to connect among the data for any program or service from other websites.

Magento supports 2 types of API:

A) REST (Representational State Transfer)

B) SOAP (Simple Object Access Protocol)

There are three types of authentication that we can use in API:

1) Token-based authentication
In this type of authentication, username and password is provided during initial connection and receive the token to be used for requests that follow, until token expires.

2) Session-based authentication
Session based authentication is simple among all of three. It uses session in order to authorize access to the requested resource.

3) OAuth-based authentication
This type of authentication is service based, that allows access to resources to third party.

Also, there are three user types that have access to API in Magento and those are:

1) Guest user
also This type of users has access to resources with anonymous permission.

2) Admin User
This type of users has access to resources for which are authorized by configuration.

3) Customer
This type of users has access to resources with self or anonymous permission.

How to get started Magento 2 web API:

Need to register a web service on Magento Admin. Below are the steps that need to be follow to enable web services:

Step 1: Create a web services user on Magento Admin
If the authentication that you are using is token-based, selecting System -> Permission -> All Users -> Add New User. With the two remaining authentications, creating the new user in the Admin is not needed.

Step 2: Create a new integration on Magento Admin
In order to create an integration, go to System -> Extensions -> Integration -> Add New Integration. Please make sure that the resources which the integration can access are restricted.

Step 3: Configure authentication
A REST or SOAP client can be used to configure authentication.

Magento 2 web APIs can be used for:

  1. Shopping cart application.
  2. CRM (Customer Relationship Management) or ERP (Enterprise Resource Planning) like Salesforce or Xero.
  3. Integrate with a CMS.

Most of the times users need to create custom Rest API in the custom module to perform some action based on response. There are default API features like Product API, Order API, Customer data API, etc. These all the APIs have multiple methods like GET, PUT, POST etc.

Simple code to create REST API:

File: etc/webapi.xml

<?xml version="1.0" ?>
	<routes xmlns:xsi="" xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Webapi:etc/webapi.xsd">
		<route method="GET" url="/V1/symphisys-test/post">
			<service class="Symphisys\Test\Api\PostManagementInterface" method="getPost"/>
			<resource ref="anonymous"/>

File: etc/di.xml

<?xml version="1.0" ?>
		<config xmlns:xsi="" xsi:noNamespaceSchemaLocation="urn:magento:framework:ObjectManager/etc/config.xsd">
		<preference for="Symphisys \Test\Api\PostManagementInterface" type="Symphisys\Test\Model\PostManagement"/>

File: Model/PostManagement.php

    namespace Symphisys\Test\Model; 				
        class PostManagement { 
			    * {@inheritdoc} 
			public function getPost($param) 
			return 'api GET return the $param ' . $param; 

File: Api/PostManagementInterface.php

     namespace Symphisys\Test\Api; 				
      interface PostManagementInterface {
			* GET for Post api 
			* @param string $param 
			* @return string 
			public function getPost($param); 

Pawan Gajbhiye
Sr. Software Developer
Feb 21, 2020