Getting Started with Extend's API
In this section we'll review what steps we need to take to get started with our API integration.
Overview
This guide walks through the essentials you need to call the Extend API for the first time—environments, authentication, required headers and versioning, and where to go next in the docs.
Before you begin
- You must have an active Extend account with a signed agreement to offer product or shipping protection.
- You must have at least one Extend store (demo and/or production) created in the Extend Merchant Portal.
- You must have access to Merchant Portal to acquire your Store ID and a way to generate API access tokens via the Integrations page in the Merchant Portal.
If you don’t have these yet, contact your Extend representative
What you'll need
Environments & Base URLs
Extend provides separate environments for testing and production:
- Demo (Sandbox) – For development and integration testing
- Base URL: https://api-demo.helloextend.com
- Production – For live traffic
- Base URL: https://api.helloextend.com
Use demo for all development and QA, and switch to production only after your integration has been tested end‑to‑end.
All API requests must be made over HTTPS. Certain endpoints require authentication.
API Versioning
Extend uses header-based versioning. The API version is passed in the Accept header:
Example: For version 2022-02-01
Accept: application/json;version=2022-02-01
Key points:
Some legacy endpoints, such as Products, still use 2021-04-01. Always confirm the required version in the endpoint’s API Reference page.
When in doubt, open the endpoint in the API Reference and copy the Accept header shown in the example request.
Authentication
Extend APIs are secured with short‑lived access tokens, passed in the X-Extend-Access-Token header on most requests. Refer to https://docs.extend.com/reference/authentication, for specific instructions on how to acquire the token.
Headers
For most requests, you’ll use at least these headers:
Accept– Specifies JSON and the API version
Example:application/json;version=2022-02-01Content-Type– Payload format for POST/PUT/PATCH
application/jsonX-Extend-Access-Token– Your access token
X-Extend-Access-Token: YOUR_ACCESS_TOKEN
For idempotent create/update calls (for example, creating orders), Extend requires an additional header:
- X-Idempotency-Key – A unique key per logical operation to prevent duplicate processing if you retry a request.
- Example:
X-Idempotency-Key: 550e8400-e29b-41d4-a716-446655440000
- Example:
Making your first API Call
The example below shows a GET Products call in the demo environment:
curl --request GET \
--url "https://api-demo.helloextend.com/stores/{{YOUR_STORE_ID}}/products" \
--header "Accept: application/json;version=2022-02-01" \
--header "Content-Type: application/json" \
--header "X-Extend-Access-Token: {{YOUR_ACCESS_TOKEN}}"- If your store is new, the response will be 200 OK with an empty list (no products yet).
- Once products are created, the same call will return your product list.
Updated about 7 hours ago