Skip to main content

Get started with the E-Commerce API

This guide will walk you through making your first API call to the E-Commerce API. You’ll register a new user account and receive a JWT token that you can use to access protected endpoints.
1

Set up your environment

Ensure you have the API running locally or have access to a deployed instance. The default base URL is:
http://localhost:5000/api
You’ll need an API key to make requests. Check your .env file for the API_KEY value, or contact your API administrator.
2

Register a new user

Create a new user account by sending a POST request to the /register endpoint. This endpoint requires three fields: name, email, and password.
curl -X POST http://localhost:5000/api/register \
  -H "Content-Type: application/json" \
  -H "x-api-key: your-api-key-here" \
  -d '{
    "name": "John Doe",
    "email": "[email protected]",
    "password": "securePassword123"
  }'
All requests must include the x-api-key header. Requests without a valid API key will be rejected with a 403 error.
3

Receive your JWT token

If registration is successful, you’ll receive a response with a JWT token that expires in 8 hours:
{
  "status": "success",
  "message": "User Registered",
  "data": {
    "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
  }
}
Save this token securely. You’ll need it to access protected endpoints like user profile, cart, and orders.
If the email is already registered, you’ll receive an error:
{
  "status": "error",
  "message": "Email is already registered"
}
4

Make an authenticated request

Now that you have a JWT token, you can access protected endpoints. Let’s retrieve your user profile:
curl -X GET http://localhost:5000/api/user \
  -H "x-api-key: your-api-key-here" \
  -H "Authorization: Bearer your-jwt-token-here"
Expected response:
{
  "status": "success",
  "message": "Success fetching user data",
  "data": {
    "id": 1,
    "name": "John Doe",
    "email": "[email protected]",
    "profile_photo": null,
    "created_at": "2026-03-03T10:30:00.000Z",
    "updated_at": "2026-03-03T10:30:00.000Z"
  }
}
Protected endpoints require both the x-api-key header AND the Authorization header with your JWT token.
5

Explore products

Try browsing the product catalog. This endpoint only requires an API key (no JWT token needed):
curl
curl -X GET "http://localhost:5000/api/product?page=1&limit=10" \
  -H "x-api-key: your-api-key-here"
The response includes paginated products with metadata:
{
  "status": "success",
  "message": "Success fetching products data",
  "data": [
    {
      "id": 1,
      "name": "Product Name",
      "slug": "product-name",
      "description": "Product description",
      "price": 99.99,
      "stock": 50,
      "variant": [{"size": "M"}, {"size": "L"}],
      "img_urls": ["uploads/image1.jpg"],
      "category_name": "Electronics"
    }
  ],
  "metadata": {
    "currentPage": 1,
    "totalPages": 5,
    "totalItems": 47,
    "itemsPerPage": 10
  }
}

What’s next?

Now that you’ve made your first API calls, explore more features:

Authentication guide

Learn more about API keys, JWT tokens, and security best practices

API reference

Explore all available endpoints including cart, orders, and reviews

Common errors

This error occurs when the x-api-key header is missing or incorrect.Solution: Ensure you’re sending the correct API key in the x-api-key header with every request.
This error occurs when accessing protected endpoints without a valid JWT token.Solution: Include your JWT token in the Authorization header as Bearer <token>.
This error occurs when required fields are missing from your request body.Solution: Check the endpoint documentation and ensure all required fields are included in your request.
This error occurs when trying to register with an email that already exists.Solution: Use the /login endpoint instead, or register with a different email address.

Build docs developers (and LLMs) love

Get started for freeTalk to us