Authentication
Note: The public REST API is in private preview as of v0.4 (May 2026). This page documents the intended shape; concrete endpoints land in v0.5.
Token types
| Type | Audience | Scope |
|---|---|---|
| Developer API token | Your dev account | Across all sandbox tenants you own |
| Tenant API token | One specific tenant | Read + write on that tenant's data only |
| OAuth app token | Third-party app authorized by a tenant's owner | Granular scopes (read_orders, write_products, etc.) — chosen at install time |
Issuing tokens
- Developer token: Generate from your developer dashboard. Lasts 1 year, rotatable.
- Tenant token: Each tenant owner generates one from
/admin/api-tokens(Coming Soon). They give it to you for one-tenant integrations. - OAuth tokens: Auto-issued at install. Expire after 30 days; refresh via standard OAuth 2.0 refresh-token flow.
Sending the token
GET /api/v1/orders HTTP/1.1
Host: shop.eyalla.com
Authorization: Bearer eyalla_token_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Accept: application/json
Send as Authorization: Bearer .... We don't accept tokens via query string — too easy to leak into server logs.
Rate limits
| Token type | Limit |
|---|---|
| Developer | 100 req/min/token, 10k req/day |
| Tenant | 60 req/min/token, 5k req/day |
| OAuth | 60 req/min/app, 5k req/day |
Exceeding returns 429 with Retry-After header in seconds. Hits don't carry over.
Scopes
When OAuth ships, request only the minimum scopes you need. Tenants will deny apps that ask for write_* when they only need read_*.
Available scopes (planned):
read_orders/write_ordersread_products/write_productsread_customers/write_customersread_inventory/write_inventoryread_analytics(reports)manage_webhooks
Errors
{
"error": {
"code": "invalid_token",
"message": "Token has been revoked.",
"documentation_url": "https://developers.eyalla.net/errors/invalid_token"
}
}
| HTTP | code | Meaning |
|---|---|---|
| 401 | invalid_token |
Token unknown / revoked |
| 401 | expired_token |
OAuth token past its TTL; refresh |
| 403 | insufficient_scope |
Token valid but lacks the required scope |
| 429 | rate_limited |
Too many requests; see Retry-After |