HMAC Bridge — Integration

Overview

Expose products, categories, collections, search and files to websites and partner portals through a secure HMAC-bridged API.

Capabilities

• Signed requests with client ID/secret and timestamp windows

• Actions: list, detail, create, update, delete, productsByCategory/Collection, files

• Server-side recording of requests for audit and analytics

• Rate-limit and replay-attack protection

• SDK-ready JSON payloads usable by Next.js, WordPress, Webflow, or custom apps

1. 1

   Step 1

   In ProductCatalog, open **Connections → New** and choose **HMAC Bridge**.

   Back to top
2. 2

   Step 2

   Generate a client ID and secret; restrict IPs and set rate limits.

   Back to top
3. 3

   Step 3

   Copy the example request from **Connections → Usage** and run a signed curl to `/bridge/{clientId}/list`.

   Back to top
4. 4

   Step 4

   Wire your website to call `list`/`detail` endpoints and render PDP/PLP pages.

   Back to top
5. 5

   Step 5

   Enable **server-side recording** to view bridge health and traffic analytics.

   Back to top

Limitations

• Public endpoints must validate HMAC and timestamp; skew beyond the allowed window is rejected.

• Large media should be fetched from file endpoints or a CDN; JSON responses do not inline binaries.

• Write actions (create/update/delete) are restricted to admin-scoped clients.

FAQs

Pricing