Alright, letβs zoom in specifically on PrestaShop Webservice (the built-in API) and keep it simple + practical π
What is PrestaShop Webservice?
PrestaShop Webservice is the native API system that lets external systems interact with your store using HTTP.
Think of it as:
π a secure door to read / create / update / delete store data programmatically.
It works without installing any extra module.
What You Can Control via Webservice
Using /api/ endpoints, you can manage:
- π Products
- π Categories
- π€ Customers
- π§Ύ Orders
- π Carts
- π¦ Stock (stock_availables)
- π Carriers
- π³ Order states
- π Languages, currencies
- π¨βπΌ Employees (limited)
Enable PrestaShop Webservice (Step-by-Step)
- Back Office β Advanced Parameters
- Click Webservice
- Enable PrestaShop Webservice
- Click Add new webservice key
- Generate key π
- Select permissions:
- GET (read)
- POST (create)
- PUT (update)
- DELETE (remove)
- Save
β οΈ No permission = no access, even with correct key.
Base Webservice URL
https://yourstore.com/api/
Example resource:
/api/products
That endpoint lists products or allows product creation (depending on HTTP method).
Authentication Method
PrestaShop uses HTTP Basic Auth
- Username β API KEY
- Password β empty
Example:
Authorization: Basic base64(API_KEY:)
Browser test:
https://API_KEY@yourstore.com/api/products
Request Types (Very Important)
| Method | Purpose |
|---|---|
| GET | Fetch data |
| POST | Create new data |
| PUT | Update existing data |
| DELETE | Remove data |
Example: Get Products (CURL)
curl -X GET "https://yourstore.com/api/products" \
-u API_KEY:
XML vs JSON
- XML β Default & safest (recommended)
- JSON β Supported in newer versions (1.7.8+)
Headers for JSON:
Accept: application/json
Content-Type: application/json
β οΈ For POST / PUT, XML is still more reliable.
Create Product Flow (Important Concept)
- GET blank schema
/api/products?schema=blank
- Fill required fields
- POST back to:
/api/products
Skipping required fields = β 500 error.
Common Webservice Errors
| Error | Reason |
|---|---|
| 401 | Wrong API key |
| 403 | Permission not granted |
| 404 | Invalid endpoint |
| 500 | Invalid XML structure |
| 406 | Missing required field |
Best Practices
β Always fetch schema=blank
β Validate XML before POST
β Limit API key permissions
β Disable API if not used
β Use HTTPS only
Typical Real-World Uses
- ERP integration
- Mobile app backend
- Auto product upload
- Stock sync
- Order sync with accounting software
- Marketplace connectors (Amazon, Flipkart, etc.)
Β