wOow Global

Authentication

API authentication and security for wOow Global API

Authentication

All API requests require authentication using Bearer tokens in the Authorization header.

API Key Authentication

Header Format

Authorization: Bearer YOUR_API_KEY

Example Request

curl -X GET "https://api.woowbd.com/categories" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json"

Security Best Practices

1. Keep Your API Key Secure

  • Never expose API keys in client-side code
  • Use environment variables to store keys
  • Rotate keys regularly for enhanced security
  • Use different keys for different environments

2. Environment Variables

Node.js:

const API_KEY = process.env.WOOW_API_KEY;

Python:

import os
api_key = os.environ.get('WOOW_API_KEY')

PHP:

$api_key = $_ENV['WOOW_API_KEY'];

3. HTTPS Only

  • Always use HTTPS for production requests
  • Never send API keys over HTTP
  • Validate SSL certificates in production

Error Responses

Invalid API Key

{
  "status": false,
  "message": "Invalid API key",
  "data": [],
  "errors": ["Authentication failed"],
  "response_code": "401"
}

Missing API Key

{
  "status": false,
  "message": "Authorization header is required",
  "data": [],
  "errors": ["Missing authentication token"],
  "response_code": "401"
}

Rate Limiting

API keys are subject to rate limiting:

  • Sandbox: 100 requests per minute
  • Production: 1,000 requests per minute

Rate limit headers are included in all responses:

X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 999
X-RateLimit-Reset: 1642234567

API Key Management

Creating API Keys

  1. Log in to your Developer Dashboard
  2. Navigate to API Keys section
  3. Click "Create New API Key"
  4. Choose permissions and environment
  5. Copy the generated key

Revoking API Keys

  1. Go to API Keys section in dashboard
  2. Find the key you want to revoke
  3. Click "Revoke" button
  4. Confirm the action

Note: Revoked keys cannot be recovered. Create a new key before revoking the old one.

Code Examples

JavaScript

const API_KEY = process.env.WOOW_API_KEY;

const response = await fetch('https://api.woowbd.com/categories', {
  method: 'GET',
  headers: {
    'Authorization': `Bearer ${API_KEY}`,
    'Content-Type': 'application/json'
  }
});

const data = await response.json();

Python

import os
import requests

api_key = os.environ.get('WOOW_API_KEY')

headers = {
    'Authorization': f'Bearer {api_key}',
    'Content-Type': 'application/json'
}

response = requests.get(
    'https://api.woowbd.com/categories',
    headers=headers
)

data = response.json()

PHP

$api_key = $_ENV['WOOW_API_KEY'];

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://api.woowbd.com/categories');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    'Authorization: Bearer ' . $api_key,
    'Content-Type: application/json'
]);

$response = curl_exec($ch);
curl_close($ch);

$data = json_decode($response, true);

API Documentation

Complete API documentation for wOow Global shipping and logistics platform

List Categories

Get all product categories