Rebrand 2023 Learn more 

  • Commerce Cloud/
    API Overview/
    Test with a Postman collection

    Test with a Postman collection

    Use the Postman collection to run and explore Commerce APIs. The collection includes the relevant types of requests for each endpoint, including create, read, update, and delete.


    • Ensure that the Postman client is installed.

    • Ensure that you have downloaded the latest Postman collection and environment from the following links:


    1. In Commerce Manager, go to SYSTEM > Application Keys.

    2. Click Create New to create a new application key. See Creating an Application Key.

      Make a note of the following values:

      • Client ID
      • Client secret
      • API base URL

      The Client secret is only shown to you at this time. Copy and keep it somewhere safe and secure. Do not share it.

    3. Go to Postman client on your system and import the Commerce Postman Collection.

    4. Import the Environment file.

    5. Update the values of the following environment variables with the values copied from Commerce Manager.

      • client_id
      • client_secret
    6. The Postman collection contains the following environment variables. Elastic Path supports multiple regions and each region has a unique hostname and base URL for API requests. Each Commerce store is assigned to a specific region, so all API requests related to the store must be made to the API base URL for its assigned region. You may need to change the Postman collection environment variables depending on your regional URL.

      Environment VariableDescriptionInitial ValueCurrent Value
      baseUrlUsed for most API calls. your store's API Base URL is, replace with
      authUrlUsed for authentication requests.https://useast.api.elasticpath.comIf your store's API Base URL is, replace with
      pcmUrlUsed for Product Experience Manager calls. your store's API Base URL is, replace with
    7. In Postman, open the authentication folder and run the Get client credentials token or the Get implicit token request.

    8. Click Send.

      Authentication for the current session is done, and an access token is returned. You can now test the rest of your API endpoints in your Postman collection. An access token is valid for an hour, you must authenticate the session and get new tokens every time the access token expires. For more information about authentication permissions, see Client credential token and Implicit token.

    Was this helpful?

    Your first API request