Download page Authenticating Max APIs.
Authenticating Max APIs
This page describes the headless Max API service that enables rapid, experience-first commerce development and applications.
The Max API follows a microservice architecture that enables commerce into any part of an application. It is built on a JSON API specification, follows predictable REST URLs, and supports cross-origin resource sharing.
Authenticating for the iChronos APIs requires an API key.
Authenticating for search APIs requires an API key and a bearer token (Salesforce access token).
Max APIs can be exposed to external applications using a Salesforce site or community.
Max APIs use https://max-azprod.apttuscloud.com/ as their base URL.
The Max API ensures backward compatibility by properly versioning any changes to the APIs. Any necessary changes to the API structure will occur within a new version. Older functionality will be preserved.
Requests made to the API must be encoded as JSON and contain the header:
Any request that returns an error follows a standard format. The Max APIs return an array of errors that contains objects containing the status, title, and data with the error details.
|Rate Limit Exceeded|
|500||Something went wrong on our end|