Making API requests

Common rules and conventions for our APIs

Basics

Our APIs are available through HTTPS, exposing invokable operations with the common HTTP verbs with their corresponding expected behavior, i.e.:

  • GET to fetch resources.
  • POST to create resources.
  • PUT to update resources.
  • DELETE to delete resources.

Base Endpoint

The base URL of the API is https://api.olxgroup.com. Only HTTPS requests are supported.

Authentication

All requests require an API Key Header. You can find your API Key on your application page in App Manager. This key is used to identify your Application and serves as a first level Authorisation method. Additionally, some API calls might require OAuth2 Authorization Bearer or Basic Authorisation.

Check the next section in this guide to learn more about the authentication and authorization process.

Requests

Any POST or PUT requests must have its content-type set to application/json and the payload must be sent in the body of the request.

Here's an example of a generic cURL invocation, with the payload contained in payload.json:

curl --location --request <OPERATION> 'https://<API_URL>/<API>/<VERSION>/<RESOURCE>'\
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'X-API-KEY: <YOUR API KEY>' \
--header 'Authorization: Bearer <ACCESS TOKEN>' \
--header "User-Agent: <YOUR CRM NAME>"
--data-raw @advert.json \

Responses

Responses, when present, are sent in JSON format (content type application/json).

Besides the response itself, the HTTP Status Code also provides relevant information. Unless otherwise stated, the following codes can be expected:

Success Status Codes

CodeNameDescription
200OKFor most successful operations
201CreatedSuccessful operation that creates data
202AcceptedRequest has been accepted for processing but processing hasn't completed yet
204No ContentSuccessful operations that do not return any content (DELETE, for example)

Error Status Codes

CodeNameDescription
400Bad RequestMalformed request (e.g. size too large)
401UnauthorizedThe client is not authorized (e.g. missing API Key header)
403ForbiddenThe client is forbidden (e.g. invalid API Key)
404Not FoundThe requested resource could not be found
409ConflictYour request conflicts with existing data (e.g. trying to update an ad that wasn't created yet)
500Internal Server ErrorServer error during processing (e.g. service not available, or other abnormal conditions)

See more

Now that you know the basics of how to interact with our APIs, you just need to learn how to let your CRM users authorizing your application