The FastSpring API and its supported requests, data, endpoints, and rate limits
The FastSpring API is a backend service you can use to communicate with your FastSpring Store programmatically. It requires basic understanding of HTTP communication methods. The primary API communication methods include:
- GET - request data from your store
- POST - send data to your store, such as creating a new product record
- DELETE - remove data from your store
The structure of the JSON data sent and received using the API is very similar to Webhooks. However, using the FastSpring API, you initiate all communication with your FastSpring Store.
If you prefer a client-side method of communicating with your FastSpring Store and generating dynamic webpage content, check out the Store Builder Library.
Access the API
API Credentials and Authentication
FastSpring API credentials consist of a single username and password for your entire Store. The username and password are used for Basic Authentication when making requests to the API.
Obtain Your API Credentials
- Log on to the FastSpring App and navigate to Integrations > API Credentials. Initially, the only option on this page is the Create command.
- Click Create to generate your API Username and Password. The page automatically refreshes, and then your credentials are displayed.
- Make a note of the credentials and store them securely.
The API credentials allow complete access and control over your FastSpring Store. You will not be able to view the password in the FastSpring App after this session. If you forget your API credentials, you can reset them, however any of your stored procedures that rely on API access must be updated immediately with the new credentials. Otherwise, the API requests will fail.
When you make your requests, consider the following:
- Ensure that the HTTP methods for all calls use uppercase letters (“GET,” “POST,” “DELETE”) Lowercase letters may result in a 404 error response.
- FastSpring requires TLS 1.2 (or later) encryption for all calls to the FastSpring API.
- The API requires a User-Agent header in all requests. If your request does not include it, you may receive an 401 error message when attempting to make API requests.
- The API uses basic authentication and does not support URL-encoded authentication. Use Base64 to encode your username and password in the header.
Available API Endpoints
|/accounts||Work with customer accounts and FastSpring-generated account IDs||
|/coupons||Work with promotional coupons and their customer-facing codes Create a coupon||
|/events||Retrieve unprocessed webhook events and mark events processed||
|/orders||Work with order/transaction records||
|/products||Work with product records||
|/returns||Work with returns and refunds||
|/sessions||Create a pre-loaded cart session for a specific customer with a FastSpring-generated account IDs; you can load the session in a Popup Storefront or provide the customer with a link to the session via a Web Storefront||
|/subscriptions||Work with customers' recurring-billing subscription instances Get all subscription instances||
When preparing your database structure for storing values obtained from FastSpring via our JSON payloads, you might assume the following datatypes:
- All "string" columns are VARCHAR 255, accordingly trimmed
- Encoding is UTF-8
- For numeric values (such as price or discount values) 2dp precision is expected ("2.00")
To maintain a responsive user experience, FastSpring may impose request rate limits on API calls originating from individual accounts. If you encounter the rate limit, the response to the API request is an HTTP 404 response code.
If you need to make a large number of API requests in a very short time, such that you may encounter rate limits, consider using batch requests where possible. For example, when retrieving authenticated account management URLs, you can obtain URLs for multiple account IDs in a single request: