Creating Access to Back Office
You first need to create an access to the web service.
Go in the PrestaShop back-office, open the "Web service" page under the "Advanced Parameters", and then choose "Yes" for the "Enable PrestaShop Webservice".
In previous versions of PrestaShop, you had to create a
.htaccess file (or edit the existing one) in order to make your web service work.
This is no longer the case in PrestaShop 1.5: the
.htaccess will automatically be generated, while keeping your custom rules.
Open the "Web service" page under the "Advanced Parameters", and then click the "Add New" button to access the account configuration section. A long form appears:
- Key. Click the "Generate" button to generate an authentication key. You can also create your own (which must be 32 characters long), but using a generated key prevents wrong-doers from guessing your key.
Using this key, you and other selected users will be able to access the web service.
- Key description. The description is not public, but make sure to put all the keywords pertaining to the use, so that you can find they key more quickly.
- Status. You can disable any key at any time.
- Permissions. This section is very important, as it enables you to assign rights for each resource you want to make available for this key. Indeed, you might want a user to have read and write access on some resources, but only read access on others – and no access to the more important ones.
In the list of permissions, the left button allows you to define all the rights for a given resource. Select the resources you need to manipulate from your application; in our case check the first check box in the "customers" row and then press "Save".
- Shop association. This only appears in multistore mode.
If you define your own passkey, make sure it is very secure and that its rights are limited.