WaveOrder LogoWaveOrder
REST API v1

WaveOrder API

Build powerful integrations with your POS, mobile apps, and third-party services using our comprehensive REST API.

Requires Business Plan Subscription
Get Business PlanRead Documentation

RESTful Design

Clean, predictable URLs and standard HTTP methods. Easy to understand and integrate.

Secure

API key authentication with granular scopes. All requests over HTTPS.

Rate Limited

60 requests per minute per key. Fair usage ensures reliability for all.

Quick Start

Get started in minutes with our simple REST API.

1

Generate an API Key

Go to your admin dashboard → API Access → Create Key

2

Make Your First Request

# For Restaurants/Retail:
curl -X GET "https://waveorder.app/api/v1/products" \
  -H "Authorization: Bearer wo_live_YOUR_API_KEY"

# For Salons:
curl -X GET "https://waveorder.app/api/v1/services" \
  -H "Authorization: Bearer wo_live_YOUR_API_KEY"
3

Get JSON Response

# Restaurants/Retail Response:
{
  "products": [
    {
      "id": "507f1f77bcf86cd799439011",
      "name": "Margherita Pizza",
      "price": 12.99,
      "stock": 50,
      "isActive": true
    }
  ],
  "pagination": {
    "page": 1,
    "limit": 50,
    "total": 125,
    "pages": 3
  }
}

# Salons Response:
{
  "services": [
    {
      "id": "507f1f77bcf86cd799439011",
      "name": "Classic Haircut",
      "price": 20.00,
      "serviceDuration": 30,
      "requiresAppointment": true,
      "isActive": true
    }
  ],
  "pagination": {
    "page": 1,
    "limit": 50,
    "total": 25,
    "pages": 1
  }
}

Authentication

All API requests require authentication using an API key. Include your key in the Authorization header:

Authorization: Bearer wo_live_YOUR_API_KEY

Alternatively, use the X-API-Key header:

X-API-Key: wo_live_YOUR_API_KEY

Keep Your Keys Secure

Never expose API keys in client-side code or public repositories. Keys should only be used server-side.

API Endpoints

Base URL: https://waveorder.app/api/v1

Products (Restaurants & Retail)

Note: These endpoints are for RESTAURANT and RETAIL businesses. For salons, use the Services endpoints instead.

GET/productsList all products (paginated)products:read
GET/products/:idGet single productproducts:read
POST/productsCreate new productproducts:write
PUT/products/:idUpdate productproducts:write
DELETE/products/:idDelete productproducts:write
Query Parameters: page, limit (max 100), categoryId, brandId, search, isActive

Orders (Restaurants & Retail)

Note: These endpoints are for RESTAURANT and RETAIL businesses. For salons, use the Appointments endpoints instead.

GET/ordersList all orders (paginated)orders:read
GET/orders/:idGet single orderorders:read
Query Parameters: page, limit (max 100), status, type (DELIVERY/PICKUP/DINE_IN), from, to

Services (Salons Only)

Note: These endpoints are only available for SALON businesses. For restaurants and retail stores, use the Products endpoints instead.

GET/servicesList all services (paginated)services:read
GET/services/:idGet single serviceservices:read
POST/servicesCreate new serviceservices:write
PUT/services/:idUpdate serviceservices:write
DELETE/services/:idDelete serviceservices:write
Query Parameters: page, limit (max 100), categoryId, search, isActive

Appointments (Salons Only)

Note: These endpoints are only available for SALON businesses. For restaurants and retail stores, use the Orders endpoints instead.

GET/appointmentsList all appointments (paginated)appointments:read
GET/appointments/:idGet single appointmentappointments:read
POST/appointmentsCreate new appointmentappointments:write
PUT/appointments/:idUpdate appointmentappointments:write
Query Parameters: page, limit (max 100), status, from, to

Categories

GET/categoriesList all categoriescategories:read
GET/categories/:idGet single categorycategories:read
POST/categoriesCreate new categorycategories:write
PUT/categories/:idUpdate categorycategories:write
DELETE/categories/:idDelete categorycategories:write
Query Parameters: includeProducts (boolean)

Account

GET/meGet authenticated business infoany

Rate Limiting

API requests are limited to 60 requests per minute per API key.

HeaderDescription
X-RateLimit-LimitMaximum requests per window (60)
X-RateLimit-RemainingRemaining requests in current window
X-RateLimit-ResetSeconds until rate limit resets
Retry-AfterSeconds to wait (only on 429 response)

Error Handling

The API returns standard HTTP status codes and JSON error responses.

CodeMeaning
200Success
201Created (for POST requests)
400Bad Request — Invalid parameters
401Unauthorized — Missing or invalid API key
403Forbidden — Missing required scope or Business plan
404Not Found — Resource doesn't exist
429Too Many Requests — Rate limit exceeded
500Internal Server Error

Example error response:

{
  "error": "Missing required scope: products:write"
}

Ready to Build?

Upgrade to Business plan to unlock API access and start integrating today.

View Pricing