API Access Scopes for Plugin
When developing plugins for WebCommander, it’s essential to understand how to request access to specific store data during the app installation process. This guide focuses on API access scopes, which determine the boundaries and permissions of your plugin within the WebCommander ecosystem.
During installation, you must specify which parts of the system your plugin can access. This helps maintain the security and integrity of WebCommander stores. Below is an example of how to define API access scopes during installation:
{
"apiAccessScopes": [
"discount_profile",
"customer_create",
"customer_orders"
]
}In this example, the plugin developer has requested access to specific scopes: discount_profile, customer_create, and customer_orders. As a result, the plugin can only read and write data related to these modules. Access to product data is not granted because it was not included in the installation scope.
Example Installation Configuration
Here is a complete example of an installation configuration, including WebHooks, Script Tags, and API access scopes:
{
"webhooks": [
{
"sourceUrl": "https://yourapp.com/api/v1/cart/added-to-cart", // The url WebCommander will call when firing this hook
"eventName": "added-to-cart", // A webhook. Check Webhook list to find details
"renderScope": "", // Required for script tags
"accessType": "webhook" // A data access type to define which way your plugin collecting data.
}
],
"scriptTag": [
{
"sourceUrl": "https://yourapp.com/assets/js/script-tag.js", // The JS file URL webcommander will render in the head where you can manipulate its dom/data through JS code. Also possible to customise css.
"eventName": "", // Not required for Script Tags.
"renderScope": "All", //Required for script tags. Values: "All/Specific page url"
"accessType": "scriptTag" // A data access type to define which way your plugin collecting or manipulating data.
}
],
"apiAccessScopes": [
"discount_profile",
"customer_create",
"customer_orders"
]
}API Access Scopes List
| Scope | Access API |
|---|---|
| customer_Registration_Fields | http://yourapp.com/external/app/access/customer-create |
| email_status | http://5289d153.wc-stage.webcommander.com/external/app/access/email-status |
| email_enable_disable | http://5289d153.wc-stage.webcommander.com/external/app/access/email-enable-disable |
| discount_profile | http://5289d153.wc-stage.webcommander.com/external/app/access/discount-profile |
| customers | http://yourapp.com/external/app/access/customers |
| customer_create | http://yourapp.com/external/app/access/customer-create |
| customer_delete | http://yourapp.com/external/app/access/customer-delete |
| customer_payments | http://yourapp.com/external/app/access/customer-payments |
| customer_update | http://yourapp.com/external/app/access/customer-update |
| customer | http://yourapp.com/external/app/access/customer |
| customer_orders | http://yourapp.com/external/app/access/customer-orders |
| update_customer_billing_address | http://yourapp.com/external/app/access/update-customer-billing-address |
| update_customer_shipping_address | http://yourapp.com/external/app/access/update-customer-shipping-address |
| update_customer_store_credit | http://yourapp.com/external/app/access/update-customer-store-credit |
| products | http://yourapp.com/external/app/access/products |
| create_product | http://yourapp.com/external/app/access/create-product |
| product | http://yourapp.com/external/app/access/product |
| update_product | http://yourapp.com/external/app/access/update-product |
| delete_product | http://yourapp.com/external/app/access/delete-product |
| product_stock_update | http://yourapp.com/external/app/access/product-stock-update |
| product_price_update | http://yourapp.com/external/app/access/product-price-update |
| product_image_add | http://yourapp.com/external/app/access/product-image-add |
| product_image_delete | http://yourapp.com/external/app/access/product-image-delete |
| orders | http://yourapp.com/external/app/access/orders |
| order | http://yourapp.com/external/app/access/order |
| order_create | http://yourapp.com/external/app/access/order-create |
| change_order_status | http://yourapp.com/external/app/access/change-order-Status |
| order_comment_add | http://yourapp.com/external/app/access/order-comment-add |
| order_payment_refund | http://yourapp.com/external/app/access/order-payment-refund |
| change_order_payment_status | http://yourapp.com/external/app/access/change-order-payment-status |
| make_order_payment | http://yourapp.com/external/app/access/make-order-payment |
| payment_gateways | http://yourapp.com/external/app/access/payment-gateways |
| update_payment_gateway | http://yourapp.com/external/app/access/update-payment-gateway |
