Webhooks & API

PremiumCDKeys provides webhooks and API endpoints for advanced integrations and automation.

Webhooks

Webhooks notify your systems when events occur in PremiumCDKeys.

Available Webhooks

Setting Up Webhooks

1. Go to Settings → Webhooks
2. Click Add Webhook
3. Configure:
   • URL: Your endpoint
   • Events: Select events to receive
   • Secret: For signature verification

Webhook Payload

Example order.fulfilled payload:

{
  "event": "order.fulfilled",
  "timestamp": "2024-01-15T10:30:00Z",
  "data": {
    "order_id": "12345",
    "store_order_id": "WC-9876",
    "product": {
      "id": "prod_123",
      "name": "FIFA 24 PC Key"
    },
    "supplier": "codeswholesale",
    "cost": 20.00,
    "currency": "EUR",
    "key": {
      "delivered": true,
      "delivery_method": "email"
    }
  }
}

Verifying Webhooks

Verify webhook authenticity using HMAC:

$payload = file_get_contents('php://input');
$signature = $_SERVER['HTTP_X_PCDKEYS_SIGNATURE'];
$secret = 'your_webhook_secret';

$expected = hash_hmac('sha256', $payload, $secret);

if (hash_equals($expected, $signature)) {
    // Webhook is valid
}

Retry Policy

Failed webhooks are retried:

• 1st retry: 1 minute
• 2nd retry: 5 minutes
• 3rd retry: 30 minutes
• 4th retry: 2 hours
• 5th retry: 24 hours

After 5 failures, webhook is paused.

Incoming Webhooks

PremiumCDKeys receives webhooks from:

WooCommerce

POST /api/webhook/woocommerce/{shop_id}

Events received:

• order.created
• order.updated

Shopify

POST /api/webhook/shopify/{shop_id}

Events received:

• orders/create
• orders/paid

Suppliers

Various suppliers send:

• Order completion
• Key availability
• Stock updates

API Authentication

API Keys

Generate API keys:

1. Go to Settings → API
2. Click Generate Key
3. Copy and store securely

Using API Keys

Include in request headers:

Authorization: Bearer your_api_key

Or as query parameter:

?api_key=your_api_key

API Endpoints

Orders

List Orders

GET /api/v1/orders

Parameters:

• status - Filter by status
• from - Start date
• to - End date
• limit - Results per page

Response:

{
  "data": [
    {
      "id": "12345",
      "status": "delivered",
      "product": "FIFA 24",
      "created_at": "2024-01-15T10:00:00Z"
    }
  ],
  "meta": {
    "total": 150,
    "page": 1
  }
}

Get Order

GET /api/v1/orders/{id}

Process Order

POST /api/v1/orders/{id}/process

Products

List Products

GET /api/v1/products

Get Product Stock

GET /api/v1/products/{id}/stock

Suppliers

List Suppliers

GET /api/v1/suppliers

Check Supplier Stock

GET /api/v1/suppliers/{supplier}/products/{product_id}/stock

Rate Limits

API rate limits:

Rate limit headers:

X-RateLimit-Limit: 60
X-RateLimit-Remaining: 45
X-RateLimit-Reset: 1642252800

Error Handling

Error Response Format

{
  "error": {
    "code": "ORDER_NOT_FOUND",
    "message": "The requested order does not exist",
    "details": {}
  }
}

Common Error Codes

SDKs

PHP SDK

use PremiumCDKeys\Client;

$client = new Client('your_api_key');
$orders = $client->orders()->list(['status' => 'pending']);

JavaScript SDK

import { PremiumCDKeys } from '@premiumcdkeys/sdk';

const client = new PremiumCDKeys('your_api_key');
const orders = await client.orders.list({ status: 'pending' });

Testing

Sandbox Mode

Use sandbox for testing:

• No real purchases
• Test webhooks
• Validate integration

Enable in Settings → API → Sandbox Mode

Webhook Testing

Test webhook delivery:

1. Go to Webhooks → Test
2. Select event type
3. Click Send Test

Best Practices

1. Store secrets securely - Never expose API keys
2. Verify webhooks - Always validate signatures
3. Handle errors gracefully - Implement retry logic
4. Respect rate limits - Implement backoff
5. Use HTTPS - All endpoints require SSL
6. Log requests - For debugging

Support

For API support:

• Email: api-support@premiumcdkeys.com
• Documentation: This page
• Status: status.premiumcdkeys.com