Introduction
The Storefront API provides a GraphQL API interface to the information in Litium specific composed to serve public websites, portals or mobile applications. The GraphQL schema is based on the information inside each Litium installation and is automatically updated when changes are done inside Litium.
The API can return both published and un-published information depending on the current user permissions and the requested information.
Roadmap
Check out the Storefront API roadmap for details of future abilities.
Installation
Storefront API need to be installed manually into the Litium solution and can be done together with the template or manual step.
Automatic
Storefront API can automatic be installed with the Litium Mvc Accelrator or Litium Empty Web template, see their installation pages for instructions.
Manual
The Storefront API can manually be installed, add the NuGet package Litium.Storefront.Application to the web project.
Access the Storefront API playground
The Storefront API can be accessed with a graphical tool for inspection of the GraphQL schema.
You can use the https://.../storefront.graphql to access the graphical tool with the schema in your installation. For demo you can use the https://demo.litium.com/storefront.graphql that represents the GraphQL schema for demo-site.
Cross Origin Request Policy (CORS)
When requesting the Storefront API, the browser will use CORS policy to ensure cross domain request if the current domain name and the domain name for the Storefront API is different. Litium has created a CORS policy that allow request from the domain information that is setup below the globalization settings page.
Request Method
The Storefront API supports POST request with the required http header “Content-Type: application/json”, the payload should be included and formatted into JSON string.
Authentication
The Storefront API does not require authentication and will only return information that the everyone can access. To access information that is not accessible for everyone the authentication information needs to be included in the request.
The Storefront API supports:
- Authentication header with a bearer token.
- Litium authentication cookie
If the authentication that is provided is invalid or has expired the request will be treated as anonymous and using everyone’s permission for the authorization.
Field permission
If the provided authentication lacks permission for a field, the field's value will return null during a query.
Http-headers
Contextual information about the user (see authentication), current requested url (see context) or cart (see cart and checkout) is passed into the Storefront API as http-headers. The http-headers are included in the downstream GraphQL fenderation request that make the information available also for the extension.
Context
Context is inforamtion about the current request, it is used to resolve information about the current page, website, channel, country, language and more. The context information is parsed out from the requested URL and should be passed in the GraphQL request as an header with name "x-litium-storefront-context-url".
Example
x-litium-storefront-context-url: "https://demo.litium.com"
Cart
Checkout
|