openapi: 3.0.0 info: version: 1.0.0 title: Medusa Storefront API description: > API reference for Medusa's Storefront endpoints. All endpoints are prefixed with `/store`. ## Authentication To send requests as an authenticated customer, you must use the Cookie Session ID. ## Expanding Fields In many endpoints you'll find an `expand` query parameter that can be passed to the endpoint. You can use the `expand` query parameter to unpack an entity's relations and return them in the response. For example, when you list customers you can also retrieve their groups by passing to the `expand` query parameter the value `groups`. You can expand more than one relation by separating the relations in the `expand` query parameter with a comma. For example, to retrieve both the orders and the groups of a customer, pass to the `expand` query parameter the value `groups,orders`. Please note that the parameters you pass to `expand` replace any relations that are expanded by default. ## Selecting Fields In many endpoints you'll find a `fields` query parameter that can be passed to the endpoint. You can use the `fields` query parameter to specify which fields in the entity should be returned in the response. You can pass more than one field by seperating the field names in the `fields` query parameter with a comma. Only the fields you pass to `field` will be retrieved and returned in the response. Any fields that are returned by default will not be returned in this case. This does not affect relations. For example, to only select the `title` and `description` fields of a product, pass to the `fields` query parameter the value `title,description`. ## Pagination ### Query Parameters In listing endpoints, such as list customers or list products, you can control the pagination using the query parameters `limit` and `offset`. `limit` is used to specify the maximum number of items that can be return in the response. `offset` is used to specify how many items to skip before returning the resulting entities. You can use the `offset` query parameter to change between pages. For example, if the limit is 50, at page 1 the offset should be 0; at page 2 the offset should be 50, and so on. ### Response Fields In listing fields, aside from the entities retrieved, there are three pagination-related fields returned: `count`, `limit`, and `offset`. Similarly to the query parameters, `limit` is the maximum number of items that can be returned in the response, and `field` is the number of items that were skipped before the entities in the result. `count` is the total number of available items of this entity. It can be used to determine how many pages are there. For example, if the `count` is 100 and the `limit` is 50, you can divide the `count` by the `limit` to get the number of pages: `100/50 = 2 pages`. license: name: MIT url: https://github.com/medusajs/medusa/blob/master/LICENSE tags: - name: Auth description: >- Auth endpoints that allow authorization of customers and manages their sessions. - name: Cart description: Cart endpoints that allow handling carts in Medusa. x-resourceId: cart - name: Collection description: Collection endpoints that allow handling collections in Medusa. x-resourceId: product_collection - name: Customer description: Customer endpoints that allow handling customers in Medusa. x-resourceId: customer - name: Gift Card description: Gift Card endpoints that allow handling gift cards in Medusa. x-resourceId: gift_card - name: Order description: Order endpoints that allow handling orders in Medusa. x-resourceId: order - name: Product description: Product endpoints that allow handling products in Medusa. x-resourceId: product - name: Product Variant description: Product Variant endpoints that allow handling product variants in Medusa. x-resourceId: product_variant - name: Region description: Region endpoints that allow handling regions in Medusa. x-resourceId: region - name: Return Reason description: Return Reason endpoints that allow handling return reasons in Medusa. x-resourceId: return_reason - name: Return description: Return endpoints that allow handling returns in Medusa. x-resourceId: return - name: Shipping Option description: Shipping Option endpoints that allow handling shipping options in Medusa. x-resourceId: shipping_option - name: Swap description: Swap endpoints that allow handling swaps in Medusa. x-resourceId: swap servers: - url: https://api.medusa-commerce.com/store paths: /auth: $ref: paths/auth.yaml /auth/{email}: $ref: paths/auth_{email}.yaml /collections/{id}: $ref: paths/collections_{id}.yaml /collections: $ref: paths/collections.yaml /carts/{id}/shipping-methods: $ref: paths/carts_{id}_shipping-methods.yaml /carts/{id}/taxes: $ref: paths/carts_{id}_taxes.yaml /carts/{id}/complete: $ref: paths/carts_{id}_complete.yaml /carts: $ref: paths/carts.yaml /carts/{id}/payment-sessions: $ref: paths/carts_{id}_payment-sessions.yaml /carts/{id}/discounts/{code}: $ref: paths/carts_{id}_discounts_{code}.yaml /carts/{id}/line-items/{line_id}: $ref: paths/carts_{id}_line-items_{line_id}.yaml /carts/{id}/payment-sessions/{provider_id}: $ref: paths/carts_{id}_payment-sessions_{provider_id}.yaml /carts/{id}: $ref: paths/carts_{id}.yaml /carts/{id}/payment-sessions/{provider_id}/refresh: $ref: paths/carts_{id}_payment-sessions_{provider_id}_refresh.yaml /carts/{id}/payment-session: $ref: paths/carts_{id}_payment-session.yaml /gift-cards/{code}: $ref: paths/gift-cards_{code}.yaml /customers/me/addresses: $ref: paths/customers_me_addresses.yaml /customers: $ref: paths/customers.yaml /customers/me/addresses/{address_id}: $ref: paths/customers_me_addresses_{address_id}.yaml /customers/me: $ref: paths/customers_me.yaml /customers/me/payment-methods: $ref: paths/customers_me_payment-methods.yaml /customers/me/orders: $ref: paths/customers_me_orders.yaml /customers/password-token: $ref: paths/customers_password-token.yaml /customers/password-reset: $ref: paths/customers_password-reset.yaml /payment-collections/{id}/sessions/batch/authorize: $ref: paths/payment-collections_{id}_sessions_batch_authorize.yaml /payment-collections/{id}/sessions/{session_id}/authorize: $ref: paths/payment-collections_{id}_sessions_{session_id}_authorize.yaml /payment-collections/{id}: $ref: paths/payment-collections_{id}.yaml /payment-collections/{id}/sessions/batch: $ref: paths/payment-collections_{id}_sessions_batch.yaml /payment-collections/{id}/sessions: $ref: paths/payment-collections_{id}_sessions.yaml /payment-collections/{id}/sessions/{session_id}: $ref: paths/payment-collections_{id}_sessions_{session_id}.yaml /orders/customer/confirm: $ref: paths/orders_customer_confirm.yaml /orders/cart/{cart_id}: $ref: paths/orders_cart_{cart_id}.yaml /orders/{id}: $ref: paths/orders_{id}.yaml /orders: $ref: paths/orders.yaml /orders/batch/customer/token: $ref: paths/orders_batch_customer_token.yaml /order-edits/{id}/complete: $ref: paths/order-edits_{id}_complete.yaml /order-edits/{id}/decline: $ref: paths/order-edits_{id}_decline.yaml /order-edits/{id}: $ref: paths/order-edits_{id}.yaml /product-types: $ref: paths/product-types.yaml /products/{id}: $ref: paths/products_{id}.yaml /products: $ref: paths/products.yaml /products/search: $ref: paths/products_search.yaml /regions/{id}: $ref: paths/regions_{id}.yaml /regions: $ref: paths/regions.yaml /return-reasons/{id}: $ref: paths/return-reasons_{id}.yaml /return-reasons: $ref: paths/return-reasons.yaml /returns: $ref: paths/returns.yaml /shipping-options: $ref: paths/shipping-options.yaml /shipping-options/{cart_id}: $ref: paths/shipping-options_{cart_id}.yaml /swaps: $ref: paths/swaps.yaml /swaps/{cart_id}: $ref: paths/swaps_{cart_id}.yaml /variants/{variant_id}: $ref: paths/variants_{variant_id}.yaml /variants: $ref: paths/variants.yaml /carts/{id}/line-items: $ref: paths/carts_{id}_line-items.yaml components: securitySchemes: cookie_auth: type: apiKey x-displayName: Cookie Session ID in: cookie name: connect.sid description: > Use a cookie session to send authenticated requests. ### How to Obtain the Cookie Session If you're sending requests through a browser, using JS Client, or using tools like Postman, the cookie session should be automatically set when the customer is logged in. If you're sending requests using cURL, you must set the Session ID in the cookie manually. To do that, send a request to [authenticate the customer](#tag/Auth/operation/PostAuth) and pass the cURL option `-v`: ```bash curl -v --location --request POST 'https://medusa-url.com/store/auth' \ --header 'Content-Type: application/json' \ --data-raw '{ "email": "user@example.com", "password": "supersecret" }' ``` The headers will be logged in the terminal as well as the response. You should find in the headers a Cookie header similar to this: ```bash Set-Cookie: connect.sid=s%3A2Bu8BkaP9JUfHu9rG59G16Ma0QZf6Gj1.WT549XqX37PN8n0OecqnMCq798eLjZC5IT7yiDCBHPM; ``` Copy the value after `connect.sid` (without the `;` at the end) and pass it as a cookie in subsequent requests as the following: ```bash curl --location --request GET 'https://medusa-url.com/store/customers/me/orders' \ --header 'Cookie: connect.sid={sid}' ``` Where `{sid}` is the value of `connect.sid` that you copied.