Learn the Whiplash API with Postman

M Montroy
M Montroy
  • Updated

Also, see Authentication for the V2 API  and V2 API Oauth2 Examples if you want to Auth without Postman.

We've made a Postman collection that demonstrates many of the actions you can perform in the Whiplash v2 API. Using this guide, you'll be able to quickly navigate the Whiplash OAuth scheme for authorization and see the results of real calls.

  1. Requesting access
  2. Installation
  3. Importing Whiplash V2 Collection
  4. Setting Environment Variables
  5. Oauth request for Authorization
  6. Oauth request for Tokens
  7. Test Endpoints

1. Request access

The V2 API is available by request only. The Whiplash V2 API Access Request Form is available at https://help.whiplash.com/hc/en-us/articles/4416896728219-API-Access-Request-Form. Once filled out, our Tech team will be notified and provided with this information. Once ready, you will receive a reply with the credentials.

2. Install Postman

Postman is available as a free download. If you don't have it already, download Postman.

3. Import the Collection

The Whiplash V2 Collection is available at https://www.getpostman.com/collections/20e445836b8ed7098418

Import the Collection into Postman

"Import From Link" Page

Whiplash V2 Collection after Import

4. Set your environment variables

A.) You can use the existing environmental variables for the sandbox environment or set up your own environment in step B below:

B.) You'll need to set a few variables in Postman that are specific to your application. Create a new environment, e.g. Whiplash Development or Whiplash Production, and set the following variables:

  1. OAUTH_REDIRECT_URI. This is where you'll receive an authorization token, and should be the same address you gave us in Step 1.

  2. CLIENT_ID. You'll have received this from us in Step 1.

There are additional variables that can optionally be used if your application has multiple customers per-user or multiple webstores:


  2. SHOP_ID

Environmental variables are accessed in the upper right side of Postman:

 Setting the environment variables

5. OAuth Request for Authorization

Your first request via Postman will require web authentication. Click the authentication tab, then click the link on the right:

You should see:

6. OAuth Request for Token

Select get new access token:

Here will we be using the variables we set up in step 4. You will get a browser window pop-up. Login to Whiplash Sandbox using your Sandbox credentials.

After you login, you will see the access token screen.

Make sure you select Use Token and Update on this page.

 The token flow can be found under the top-level collection > edit:

Note: Your Access Token expires every two hours. Use the Refresh OAuth Token endpoint to get a new token, which Postman will automatically use in your requests.

7. Test the endpoints

You'll now be able to perform most actions in the API. Get Items is a good starting point, as well as Get Orders, Create Item, and Create Order

Happy coding!