REST API v1

WaveOrder API

Build powerful integrations with your POS, mobile apps, and third-party services using our comprehensive REST API.

Available on the Scale plan

RESTful Design

Clean, predictable URLs and standard HTTP methods. Easy to understand and integrate.

Secure

API key authentication with granular scopes. All requests over HTTPS.

Rate Limited

60 requests per minute per key. Fair usage ensures reliability for all.

Quick Start

Get started in minutes with our simple REST API.

1

Generate an API Key

Go to your admin dashboard → API Access → Create Key

2

Make Your First Request

# For Restaurants/Retail:
curl -X GET "https://waveorder.app/api/v1/products" \
  -H "Authorization: Bearer wo_live_YOUR_API_KEY"

# For Salons:
curl -X GET "https://waveorder.app/api/v1/services" \
  -H "Authorization: Bearer wo_live_YOUR_API_KEY"
3

Get JSON Response

# Restaurants/Retail Response:
{
  "products": [
    {
      "id": "507f1f77bcf86cd799439011",
      "name": "Margherita Pizza",
      "price": 12.99,
      "stock": 50,
      "isActive": true
    }
  ],
  "pagination": {
    "page": 1,
    "limit": 50,
    "total": 125,
    "pages": 3
  }
}

# Salons Response:
{
  "services": [
    {
      "id": "507f1f77bcf86cd799439011",
      "name": "Classic Haircut",
      "price": 20.00,
      "serviceDuration": 30,
      "requiresAppointment": true,
      "isActive": true
    }
  ],
  "pagination": {
    "page": 1,
    "limit": 50,
    "total": 25,
    "pages": 1
  }
}

Authentication

All API requests require authentication using an API key. Include your key in the Authorization header:

Authorization: Bearer wo_live_YOUR_API_KEY

Alternatively, use the X-API-Key header:

X-API-Key: wo_live_YOUR_API_KEY

API Endpoints

Base URL: https://waveorder.app/api/v1

Products (Restaurants & Retail)

  • GET/productsList all products (paginated)products:read
  • GET/products/:idGet single productproducts:read
  • POST/productsCreate new productproducts:write
  • PUT/products/:idUpdate productproducts:write
  • DELETE/products/:idDelete productproducts:write

Query Parameters: page, limit (max 100), categoryId, brandId, search, isActive

Orders (Restaurants & Retail)

  • GET/ordersList all orders (paginated)orders:read
  • GET/orders/:idGet single orderorders:read

Query Parameters: page, limit (max 100), status, type (DELIVERY/PICKUP/DINE_IN), from, to

Services (Salons Only)

  • GET/servicesList all services (paginated)services:read
  • GET/services/:idGet single serviceservices:read
  • POST/servicesCreate new serviceservices:write
  • PUT/services/:idUpdate serviceservices:write
  • DELETE/services/:idDelete serviceservices:write

Query Parameters: page, limit (max 100), categoryId, search, isActive

Appointments (Salons Only)

  • GET/appointmentsList all appointments (paginated)appointments:read
  • GET/appointments/:idGet single appointmentappointments:read
  • POST/appointmentsCreate new appointmentappointments:write
  • PUT/appointments/:idUpdate appointmentappointments:write

Query Parameters: page, limit (max 100), status, from, to

Categories

  • GET/categoriesList all categoriescategories:read
  • GET/categories/:idGet single categorycategories:read
  • POST/categoriesCreate new categorycategories:write
  • PUT/categories/:idUpdate categorycategories:write
  • DELETE/categories/:idDelete categorycategories:write

Query Parameters: includeProducts (boolean)

Account

  • GET/meGet authenticated business infoany

Rate Limiting

API requests are limited to 60 requests per minute per API key.

HeaderDescription
X-RateLimit-LimitMaximum requests per window (60)
X-RateLimit-RemainingRemaining requests in current window
X-RateLimit-ResetSeconds until rate limit resets
Retry-AfterSeconds to wait (only on 429 response)

Error Handling

The API returns standard HTTP status codes and JSON error responses.

CodeMeaning
200Success
201Created (for POST requests)
400Bad Request — Invalid parameters
401Unauthorized — Missing or invalid API key
403Forbidden — Missing required scope or Scale plan
404Not Found — Resource doesn't exist
429Too Many Requests — Rate limit exceeded
500Internal Server Error

Example error response:

{
  "error": "Missing required scope: products:write"
}
API Documentation | WaveOrder