Introduction

The Ordermentum API allows developers to integrate with our platform for managing orders, products, purchasers, and more. To interact with the API, you need to authenticate your application by obtaining a token.

Tokens - Recent Authentication Changes

We're enhancing our authentication process to protect your applications better. Starting July 2026, all access requests will require an x-api-key sent as a header. This change will provide stronger protection against unauthorised access or misuse of credentials.

You can apply for or generate a token via settings -> integrations on the supplier platform.

While backwards compatible, we also recommend migrating to api.ordermentum.com as the base URL.

Reach out to us at [email protected] if you have any questions or need further support.

Using the API token

Once you have generated a token, you can send it in the header of your request as x-api-key: {key}

curl --location 'https://api.ordermentum.com/v2/orders?supplierId=SupplierId' \
		 --header 'x-api-key: om_api*******'

Obtaining an API Token (Deprecated)

To start making requests to the Ordermentum API, authenticate your application and obtain an access token.

• The access token is valid for 24 hours.
• After expiration, refresh it using the OAuth2 token refresh flow.

Example POST request to obtain a token:

curl -X POST "https://app.ordermentum.com/v1/auth" \
     -H "Content-Type: application/json" \
     --data '{"username":"[email protected]","password":"hunter2"}'

Response: A JSON object containing the API token, e.g.,

{
  "access_token": "YOUR_API_TOKEN",
  "token_type": "Bearer"
}

Using the API Token (Deprecated)

Once obtained, include the API token in every request's Authorization header.

Example GET request with the API token:

curl -X GET "https://api.ordermentum.com/v2/orders" \
     -H "Authorization: Bearer YOUR_API_TOKEN"