1. Help Center
  2. API
  3. Generic Suppliers API

Generic Suppliers API - Ordering

Discover how to automatically receive orders from Apicbase to your system

Apicbase uses a webhook to almost instantly forward a purchase order to your system. We only require you to implement the product catalogue part as a first step (see here to get started).

After you completed the product catalogue part, the only thing you need to do is set an HTTP/S endpoint and share the URL with .

Purchase order data schema

Your endpoint should expect data in the following schema:

"id": string, -> Apicbase internal Purchase Order ID
"order_number": string,
  "status": "ORDERED", -> fixed value
  "ordered_on": datetime,
"owned_by": {"username": string} | null,
"order_remarks": string | null,
  "packages": [
      "stock_item": {
      "name": string
      "supplier_package": {
      "supplier_article_number": string,
      "theoretical_price_per_package": string
    "quantity_ordered": integer,
    "total_theoretical_price": string
  "expected_delivery_date": datetime | null,
"theoretical_price": string,
"supplier_customer_number": string

An important note about security

For every request we'll send a value for the X-APIC-WEBHOOK-SIGNATURE header key. We strongly advise that you use this value to verify if the payload you are receiving is indeed being sent by Apicbase. To do so you have to use your client secret and the payload received to generate a HMAC-SHA256 Hexdigest value.

The client secret default value is the one you use to generate new tokens, but if you want to use another one, specific for this event, this is also possible.
Here's a dummy snippet in python. If you need help to port this code to another language please let us know.
import json
from hmac import HMAC

def endpoint(request):
    signature = request.headers["X-APIC-WEBHOOK-SIGNATURE"]
    result = HMAC(
    if signature != result:
        return Response("Incorrect signature", status_code=403)