Authentication
The Price2b API uses Laravel Sanctum Bearer tokens for authentication. Each token can be configured with specific scopes to control access to different API areas.
Generating API tokens
You can generate API tokens from your account dashboard:
- Navigate to Account Settings → API Tokens
- Click Create New Token
- Enter a descriptive name for your token
- Select the required scopes
- Click Create and copy your token immediately
Your API token will only be displayed once at creation. Store it securely—if lost, you'll need to generate a new token.
Making authenticated requests
Include your API token in the Authorization header using the Bearer scheme:
Example request
curl https://app.price2b.com/api/v1/inventory/products \
-H "Authorization: Bearer {your_api_token}" \
-H "Accept: application/json" \
-H "Content-Type: application/json"
Required headers
| Header | Value | Required |
|---|---|---|
Authorization | Bearer {token} | Yes |
Accept | application/json | Yes |
Content-Type | application/json | For POST/PUT/PATCH |
Token scopes
Scopes control which API endpoints your token can access. Use the minimum scopes needed for your integration.
Available scopes
- Name
inventory:read- Type
- scope
- Description
Read products, variants, stock levels, and categories.
- Name
inventory:write- Type
- scope
- Description
Create, update, and delete products. Adjust stock levels.
- Name
shipping:read- Type
- scope
- Description
Read shipping quotes, shipments, and tracking information.
- Name
shipping:write- Type
- scope
- Description
Create shipments, purchase labels, and cancel shipments.
- Name
orders:read- Type
- scope
- Description
Read orders from all connected marketplaces.
- Name
orders:write- Type
- scope
- Description
Update order status, fulfill orders, and sync marketplace data.
- Name
customs:read- Type
- scope
- Description
Read DDP calculations, tax rates, and HS code lookups.
- Name
customs:write- Type
- scope
- Description
Submit customs calculations and batch processing requests.
- Name
fulfillment:read- Type
- scope
- Description
Read warehouse information, incoming shipments, and stock.
- Name
fulfillment:write- Type
- scope
- Description
Create incoming alerts, outbound shipments, and receive inventory.
- Name
analytics:read- Type
- scope
- Description
Read profit analysis, DDP comparisons, and pricing reports.
Error responses
Invalid token
{
"success": false,
"message": "Unauthenticated.",
"error_code": "AUTH_001"
}
Insufficient permissions
{
"success": false,
"message": "This action requires the 'shipping:write' scope.",
"error_code": "AUTH_003"
}
Token expired
{
"success": false,
"message": "Your token has expired. Please generate a new one.",
"error_code": "AUTH_001"
}
Best practices
Security recommendations
- Use minimal scopes: Only request the scopes your integration needs
- Rotate tokens regularly: Generate new tokens periodically
- Never expose tokens: Don't commit tokens to version control
- Use environment variables: Store tokens in secure environment variables
- Monitor usage: Review API logs for unusual activity
Token management
- Name tokens descriptively: Use names like "Production App" or "Staging Integration"
- One token per integration: Create separate tokens for different apps
- Revoke unused tokens: Delete tokens that are no longer needed
- Test with read-only: Start development with read-only scopes
SDKs and libraries
While Price2b doesn't provide official SDKs yet, integrating with the API is straightforward using any HTTP client:
HTTP Clients
const price2b = {
token: process.env.PRICE2B_API_TOKEN,
baseUrl: 'https://app.price2b.com/api/v1',
async request(endpoint, options = {}) {
const response = await fetch(`${this.baseUrl}${endpoint}`, {
...options,
headers: {
'Authorization': `Bearer ${this.token}`,
'Accept': 'application/json',
'Content-Type': 'application/json',
...options.headers,
},
})
return response.json()
},
}