To use the Miva JSON API you must be using Miva 10.00.00 or greater.
Every store has its own unique API endpoint tied on the domain name. The format will be as follow:
Note: Some stores use an alternate folder name other than “/mm5” such as “Merchant2” or /store/”. You can see what folder structure is being used under Domain Settings -> Site Configuration.
Access to the API is determined an API Access Token. This token is generated in the Miva admin under Users - > API Tokens
It has an IP address restriction as well as user level access control. This determines the functions the API Token can run based on the user it is tied to.
Each access token is restricted to a list of IP addresses you want to have access to make API calls. It accepts a comma separated list of IPs.
The API Access token needs to be passed with each API request as a http parameter with the following name:
The Miva JSON API takes name/value pairs for request data and will always return JSON as its output.
Both GET and POST actions will work for the API calls, however it is recommend you always use POST to prevent the API_Token from getting saved in the access logs.
Then depending on the function you’re running, it will have its own required parameters you must pass to get the correct data out or to push the correct data in. See the API Function Reference Guide for details on all available functions.
Some functions perform operations on list of products. This means you’ll be passing name/value pairs as multi-value lists.
These lists can be passed in 1 of 2 ways
All response to the JSON API whether it was successful or an error is returned will be formatted valid JSON.
If the request was successful executed the response will typically look like this:
Some success response will contain additional data as well. For example when OrderItem_Update the success response looks like this:
If a request is not successful, an error response will be returned. Anytime an error is returned the success value will always return a 0. The error code and error message will change based on the error being returned. There are two types of error responses.
This is returned with one of the required fields for a function is not passed or the value is invalid.
There is no throttling we enforce on API requests. To the server it will appear just like any other http request. Miva will process the request and then return the results back to the client. This does mean that the burden is placed on the developer doing any integration to prevent API requests inadvertently causing a Denial Of Service attack because a client made too many API requests.
The API uses the same timeouts defined the the Miva’s stores mivavm.conf file. These are the global timeouts used across any Miva page for each site. If you need adjust timeouts, it would need to be adjusted for the entire site, not just the API requests. Default timeout in most Miva stores is 60 seconds.
API requests are not logged separately against regular requests. The server's access logs can be used to help troubleshoot any API related issues.