Notice: You are browsing the documentation for PrestaShop 9, which is currently in development.

You might want to look at the current version, PrestaShop 8. Read the current version of the documentation

Context of the Admin API

Why a new Admin API?

The new admin API is here to replace and improve the existing Webservice API that has a few drawbacks:

  • Limited permission and security management
  • Performs CRUD operations without much intelligence
  • A bit old compared to the new web standards
  • Legacy code, not tested, hard to maintain, scary to modify
  • Based on ObjectModel which is supposed to disappear one day

The goals of the new Admin API

The modern API is meant to answer these new needs:

  • to bring a more secure API
  • to allow more tracking in actions (know who/what is doing what)
  • to give more intelligence to the API than basic CRUD
  • to be more in tune with the modern standards
  • to be extendable by modules

To reach these goals, we decided an implementation based on:

  • OAuth2 authentication / authorization
  • PHPLeague OAuth 2.0 Server library
  • API Platform framework
  • CQRS commands / queries integration
  • Module extension by default (even for core endpoints)