HTTP(S)

Stockeo can fetch product feeds from any HTTP endpoint — a supplier's REST API, a SOAP service, or a plain feed URL. You provide the URL, choose a request method, and optionally configure authentication and custom headers.

Request Settings

Sample configuration screen showing HTTP feed source settings with a product feed URL

Method

Choose GET or POST. Most APIs and feed URLs use GET. Select POST when the endpoint expects a request body (for example, a SOAP service or a JSON API that requires query parameters in the body).

URL

The endpoint Stockeo will call to retrieve a product feed. The URL can contain variables enclosed in double curly braces — these are replaced with actual values before the request is made.

Pagination — If your supplier's API returns results across multiple pages, include the {{ page }} variable in the URL. Stockeo will start at page 1, increment the page number after each request, and keep fetching until the response stops changing or 100 pages are reached.

The {{ page }} variable supports Liquid filters. For example, if the API uses zero-based page numbering, use {{ page | minus: 1 }}.

Body (POST only)

When the method is set to POST, a Body field appears where you can enter the request payload. This is typically JSON or XML, depending on what the endpoint expects.

Headers

You can add custom HTTP headers to the request. Each header consists of a key and a value. Click Add header to add more. Headers are useful for setting content types, API keys, or any other custom values required by the endpoint.

Authentication

Stockeo supports four authentication methods:

No Auth

No authentication is sent with the request. Use this for public endpoints or when authentication is handled in another way — for example, through a custom header or an API key passed directly in the URL as a query parameter (e.g. https://supplier.com/api/inventory?api_key=YOUR_KEY).

Basic Auth

Standard HTTP basic authentication. Enter a username and password, and Stockeo will send them as an Authorization: Basic ... header with each request.

Bearer Token

Token-based authentication. Enter the token value, and Stockeo will include it as an Authorization: Bearer ... header.

Digest

A more secure alternative to Basic authentication. Enter a username and password, and Stockeo will handle the challenge–response flow required by the server. Credentials are not sent in plain text; instead, a hash-based response is computed using the username, password, and server-provided parameters (such as nonce and realm), and included in the Authorization: Digest ... header.

Request

Use this when the API requires a separate authentication step before the main request — for example, when you need to call a login endpoint first to obtain a temporary token.

Configure the authentication request:

Choose the Method (GET or POST).
Enter the Auth URL — the endpoint that returns the authentication token.
For POST requests, select the Content Type and enter the Body (e.g. JSON with your API credentials).

After saving, Stockeo will first call the Auth URL, then use the response in the main request. Reference the authentication response in the main request URL or headers using the {{ auth }} variable. If the authentication response is JSON, you can reference specific fields — for example, {{ auth.token }} or {{ auth.access_token }}.

OAuth2 (Request method)

OAuth 2.0 is a standard for delegated authorization that allows applications to obtain limited access to an API on behalf of a user or system.

In Stockeo, OAuth2 is handled as a special case of the Request authentication method, because it requires an initial request to retrieve an access token before calling the main endpoint.

In a typical setup:

A POST request is sent to the token endpoint (Auth URL)
The request includes credentials (e.g. client_id, client_secret)
The response contains an access token

This token is then used in the main request, typically in the Authorization header.

Example (Client Credentials flow)

Auth request:

POST https://api.supplier.com/oauth2/token
Content-Type: application/x-www-form-urlencoded
Authorization: Basic Q0xJRU5UX0lEOkNMSUVOVF9TRUNSRVQ=

Body:
grant_type=client_credentials&client_id=CLIENT_ID&client_secret=CLIENT_SECRET

Response:

{
  "access_token": "eyJhbGciOiJIUzI1NiIs...",
  "token_type": "Bearer",
  "expires_in": 3600
}

Authorization header used in the main request:

Authorization: Bearer {{ auth.access_token }}

Setup:

Configuration screen showing OAuth2 authentication settings in Stockeo

Depending on the specific API, this flow may vary slightly (e.g. different parameters, request format, or authentication method). Always refer to the API documentation for the exact implementation details.

Testing

Click the Test button to send a test request and see the response. This helps verify that the URL, authentication, and headers are configured correctly before saving. The response status code and body are displayed below the button.

Interface showing a test HTTP request and its response in Stockeo

PreviousFeed Source NextFTP(S)

Last updated 15 days ago

hashtagRequest Settings

hashtagMethod

hashtagURL

hashtagBody (POST only)

hashtagHeaders

hashtagAuthentication

hashtagNo Auth

hashtagBasic Auth

hashtagBearer Token

hashtagDigest

hashtagRequest

hashtagTesting