/
API user management

API user management

The API User Management page lets you create and manage users specifically for external systems or OneStock applications to interact with the platform via APIs.

💡 Note: API users are not meant for human usage. If you need API access for a human user, it's best to assign API rights to a standard user from the Backoffice. Learn more about generating API tokens.

Where to Find It

Go to:
Users > Applications (tab)

Creating a New API User

  1. Click Create.

  2. Choose the type of user:

    • External → For third-party systems (e.g., ERP, WMS)

    • Application → For OneStock applications like Self-Service Returns or Reserve & Collect

  3. Select the appropriate role (see API Roles below).

  4. Click Next.

  5. Copy the autogenerated password and save it somewhere safe. It will be shown only once.

  6. (Recommended) Add IP restrictions to limit access to trusted servers only.

DIY API 2.png

API Roles

API roles define what endpoints each user can access.

Role Name

ID

Meant for

Access Level

Role Name

ID

Meant for

Access Level

API User

api_user

External systems (full access to public API)

🟢 Full (All apis in the developer portal)

Custom Role

your_custom_role

External systems (custom route access)

🔵 Limited. Learn more here

Self Service Return

ssr_front

OneStock Self-Service Returns app

🔵 Limited

Reserve & Collect

e_resa_front

OneStock Reserve & Collect app

🔵 Limited

POS Alerter

pos_alerter

POS alerter (v2.0 and above)

🔵 Limited

POS Alerter (old)

pos_notifier

POS alerter (before v2.0)

🔵 Limited

🟢 = Full access | 🔵 = Limited access to selected endpoints

Best Practices

  • Always restrict by IP when possible for added security.

  • Prefer custom roles when exposing limited API routes to third-party systems.

  • Store credentials securely—passwords are not retrievable after creation.