Skip to main content
The Synq REST API gives you programmatic access to every resource on the platform — products, orders, inventory, channels, integrations, and more. All communication happens over HTTPS using JSON. Before making your first request, read the Authentication page to learn how to obtain and attach your credentials.

Base URL

Every API request targets the following base URL: 
https://api.synq.io
All resource endpoints are prefixed with /api/v1/. Webhook endpoints delivered by Synq to your infrastructure use the /unified/ prefix instead.

Request Format

Send all request bodies as JSON and include the Content-Type header on any request that carries a body: 
Content-Type: application/json
Requests with a body larger than 10 MB are rejected with 413 Content Too Large.

Response Format

Every response body is JSON. Successful responses contain the requested or mutated resource. Error responses follow a consistent shape: 
{
  "error": "A human-readable description of what went wrong."
}

Authentication

Every protected endpoint requires a valid Bearer token in the Authorization header. The token encodes your identity, tenant, and organization so that each request is automatically scoped to your data. See the Authentication guide for the full details.

API Resources

Products

Create and manage your product catalog, variants, and attributes.

Orders

Place, track, fulfill, and return orders across all your channels.

Inventory

Query stock levels, reserve units, and adjust inventory in real time.

Channels

Configure the sales channels that feed orders into Synq.

Integrations

Connect third-party platforms and manage OAuth callbacks.

Organization

Manage your organization profile, members, and roles.

Settings

Read and update tenant-level configuration and preferences.

Audit

Query the immutable audit log for all actions taken in your tenant.

HTTP Status Codes

Synq uses standard HTTP status codes. The table below covers every code you may encounter.
CodeMeaningWhen you see it
200 OKRequest succeededThe resource was retrieved or updated successfully.
201 CreatedResource createdA new resource was persisted. The response body contains the created object.
202 AcceptedRequest queuedThe request was accepted for asynchronous processing (for example, a bulk import). Poll the relevant status endpoint for the result.
400 Bad RequestInvalid requestThe request body is malformed, a required field is missing, or a value fails validation. Inspect the error field for details.
401 UnauthorizedMissing or invalid tokenThe Authorization header is absent or the Bearer token has expired or is invalid. Refresh your token and retry.
403 ForbiddenInsufficient permissionsYour token is valid but your role does not permit this action, or a required claim is missing from your token.
404 Not FoundResource missingThe requested resource does not exist or is not visible to your tenant.
429 Too Many RequestsRate limit exceededYou have sent too many requests in a short window. Wait for the number of seconds in the Retry-After response header before retrying.
500 Internal Server ErrorServer errorAn unexpected error occurred on Synq’s side. Retry the request using exponential backoff. If the problem persists, contact support.

Rate Limiting

The API enforces a sliding-window rate limit of 100 requests per minute per IP address. Every response includes the following headers so you can track your usage:
HeaderDescription
X-RateLimit-LimitThe maximum number of requests allowed in the current window.
X-RateLimit-RemainingThe number of requests you have left in the current window.
Retry-AfterSeconds to wait before retrying (only present on 429 responses).
When you exceed the limit, the API returns 429 Too Many Requests. Wait for the number of seconds indicated in the Retry-After header before sending your next request.