Throughout previous chapters, we learned how to use some of the backend components so that storeowners can manage and manipulate the data such as customers, products, categories, orders, and so on. Sometimes this is not enough, like when we are pulling data in or out from third-party systems. In cases like these, the Magento Web API framework makes it easy to call Magento services through REST or SOAP.
In this chapter, we will cover the following topics:
User types
Authentication methods
REST versus SOAP
Hands-on with token-based authentication
Hands-on with OAuth-based authentication
OAuth-based Web API calls
Hands-on with session-based authentication
Creating custom Web APIs
Search Criteria Interface for list filtering
Before we can start making Web API calls, we must authenticate our identity and have the necessary permissions (authorization) to access the API resource. Authentication allows Magento to identify the caller's user type. Based on the user's (administrator, integration...