Storefront API (RC5)

Release candidate is the first pre-release stage that is recommended to use and officially supported.

Read more about prerelease stages


Release candidate version content

Some functional areas have reached rc stage, whole some are in beta or planned for coming releases.

Read more on the stages of different functional areas



The Storefront API provides a GraphQL API interface to the information in Litium specific composed to serve public websites, portals or mobile applications. The GraphQL schema is based on the information inside each Litium installation and is automatically updated when changes are done inside Litium.

The API can return both published and un-published information depending on the current user permissions and the requested information.


Storefront API need to be installed manually into the Litium solution and can be done together with the template or manual step.


Installation with dotnet template the “--storefront-api” parameter need to be added, example to install the Storefront API with Litium Mvc Accelerator:

dotnet new litmvcacc --storefront-api


The Storefront API can manually be installed, add the NuGet package Litium.Storefront.Application to the web project.

Access the Storefront API playground

The Storefront API can be accessed with a graphical tool for inspection of the GraphQL schema.

You can use the https://.../storefront.graphql to access the graphical tool with the schema in your installation. For demo you can use the that represents the GraphQL schema for demo-site.

Cross Origin Request Policy (CORS)

When requesting the Storefront API, the browser will use CORS policy to ensure cross domain request if the current domain name and the domain name for the Storefront API is different. Litium has created a CORS policy that allow request from the domain information that is setup below the globalization settings page.

Request Method

The Storefront API supports POST request with the required http header “Content-Type: application/json”, the payload should be included and formatted into JSON string.


The Storefront API does not require authentication and will only return information that the everyone can access. To access information that is not accessible for everyone the authentication information needs to be included in the request.

The Storefront API supports:

  1. authentication header with a bearer token.
  2. Litium authentication cookie

If authentication that is provided is invalid or has expired the request will be treated as anonymous and using everyone’s permission for the authorization.


Contextual information about the user (see authentication), current requested url (see context) or cart (see cart and checkout) is passed into the Storefront API as http-headers. The http-headers are included in the downstream GraphQL fenderation request that make the information available also for the extension.


Context is inforamtion about the current request, it is used to resolve information about the current page, website, channel, country, language and more. The context information is parsed out from the requested URL and should be passed in the GraphQL request as an header with name "x-litium-storefront-context-url".


x-litium-storefront-context-url: ""