Corso Shop API
Prerequisites
Before you can use this API to offer shipping protection to your customers, some basic setup should be completed. Your account executive at Corso can help you directly, or put you in touch with the operations team to guide you through any of these steps that you might need assistance with. If you have installed the Corso Green Shipping Protection protection app from the Shopify or Big Commerce app stores, then these setup items will already be complete.
These prerequisites include:
Shop ID Generation
Each merchant is uniquely identified by a shop Identifier, which is used as a path parameter for accessing the shop API. This identifier is in the form of a UUID, and helps uniquely identify each API call as belonging to an individual merchant. You will need this ID in order to access the shop API.
Product and Variant Setup
Corso Green Shipping protection is typically added to an order by including the current product/variant pair on an order. Each merchant will need to be set up with the correct variants in their system to represent the price bands for different levels of shipping protection, and Corso needs the identifiers for those variants as generated by your system.
To perform this setup, your storefront will need to have a set of unique products and/or variants that can be added to a customer cart. Each variant has a price associated with it, and is intended for carts with a value in a certain range.
For example, a cart with a value of $79.95 might fit into a cart value tier where the customer is charged $1.45. To charge that amount to the customer, a product/variant will be put into the customer cart system worth $1.45. That product/variant ID will have been previously provided to Corso, so that the purchased coverage can be recorded when the order is complete and sent to Corso.
When a quote is provided as a response to a request at the /quote endpoint, that quote will contain the store's variant ID that should be included. Because this value is used both at the time of a quote AND at the time that an invoice is generated, these values should be kept up-to-date within the corso systems.
Allowing Domains
To help prevent the wrong shop identifier from being used on the wrong site, Corso may validate the referrer header for any API calls. Because of this, requests from unrecognized domains may be denied. If necessary, any domains that you expect your API to be called from will be added to this list by the Corso team. Note that this domain filtering is only enforced in production environments, and is not required automatically for all API users.
Authentication
The Corso Shop API is unauthenticated.
A connecting client will need to know the shop_id value for the store in question, and use it as a path parameter on all requests. This value can be relayed by the Corso support team. Please reach out to your account representative or email [email protected] to request this information.
Requests are rate-limited, and Corso uses various bot mitigation strategies to prevent abuse. While normal usage should not encounter any of these limitations, please contact us if you see any rate limiting, captchas, or similar issues in your connections.
Corso may implement domain access lists for some stores, and referrer headers may be checked against this access list. This can help prevent certain forms of abuse and help ensure that shop identifiers aren't inadvertently placed onto the wrong site.