API Reference

📘

Swagger (OpenAPI)

You can find API docs in openapi format here

To get started just sign in to your Kosmo account and go to the "Developers" section. You can switch between Sandbox and production environments and get your API keys there. If you don't have a Kosmo account, you can create one here: https://app.kosmo.delivery/login/

You can also sign up to our Slack Workspace to chat directly with our developers. Join here.

API Environments

📘API Environments

Kosmo APIs use the same endpoint https://api.kosmo.delivery/ for both the Sandbox and production environment
All API requests are identified and routed to the relevant environment using your account's API keys.
You can generate your keys directly in the platform for each environment.

Sandbox

Use our Sandbox environment to build and fine-tune your integration.
Our Sandbox is the exact replication of our production environment. You can test all the endpoints and features in the same way your application will do in the real-world - except that we mimic data from 3rd parties and allow you to update the status of the on-going test orders.

To activate the Sandbox environment, navigate to the Developers page and activate the Test mode. Once enabled, you will be able to create your Sandbox API keys, starting with sk_test and to configure your development webhooks.

Consume the Sandbox using Kosmo API URL: https://api.kosmo.delivery/ and your Sandbox API key.

Production

Once your integration is complete in the Sandbox environment and you are good to go, you will be ready to switch to the Production environment and start placing actual orders.

At this point, you will need to:

  • Replace your Sandbox API keys by your Production API keys in your code, starting with sk_live
  • Configure your production webhooks directly in the platform.

API Authentication

The Kosmo API authentication process follows the OAuth2 pattern meaning every request must contain an Authorization header with a valid token (see Authentication).
Requests to the Kosmo API must be authenticated otherwise they will fail with Unauthorized 401 error response.

Obtain API Key

📘

📘Getting your key

To get started, get your key from the "Developers" section in our platform.

Usage

To authenticate your requests, you must add the Authorization header with Bearer + your API key as the value.

❗️

Security

Your secret key is extremely sensitive, be sure to safely store it and to never share it with anyone outside your tech team. If you acknowledge a breach, make sure to immediately delete the key from your account and to create a new one.

Here is an example of a request to test your key:

/users/profile

curl --location --request GET 'http://api.kosmo.delivery/users/org/all' \ --header 'Authorization: Bearer {api_key}'