Got questions? Leave your message here or Schedule a quick call with our manager now

Security Assurance

API2Cart service takes serious measures to protect our clients personal and store information.

Sensitive data is protected from unauthorized access. We guarantee not to share your personal account data and keep it confidential. Terms of service security and information protection are provided by our Privacy Policy.

Bridge file. To be able to work with some shopping platforms, it is necessary to install the connection bridge to the store’s root folder. The list of all the platforms that require the bridge installing you can find here.

A connection bridge is the most secure method to access store data. The data received will be used only for providing the work of API2Cart API methods. API2Cart doesn't collect and save any data retrieved from the stores. As an exception, we save the credentials needed for making API requests to the stores. Also, we are caching the store configuration (e.g., the list of supported currencies, time zones, etc.) as it helps reduce the number of requests to the stores.

Here, you can find a video tutorial on how to download bridge for bridge platforms easily. A similar tutorial for all the rest platforms can be found here. The bridge can be downloaded automatically with the help of the bridge.download method. More details related to the bridge you can find here.

Technical side of bridge security

IMPORTANT: For each request from API2Cart to the bridge, we form the signature based on request parameters and srore_key. When the request comes to the bridge, the signature is calculated on the bridge and compared with the one sent from API2Cart. If it matches then the request will be performed. Otherwise, the bridge will present an error. That is the way we do the authorization.

FTP credentials are used to upload a bridge in order to specify connection with self-hosted platforms. When adding a store to API2Cart using FTP, credentials are used only for bridge uploading, and they are not stored in our system.

In order to investigate issues and troubleshoot reported problems or install the connection bridge file, API2Cart support technicians may require access to the online store, web server and database.

It is recommended to temporarily change the password of the admin account before providing a technician with access to your online store. Once your issue is resolved, you should change the passwords of all the provided accounts as soon as possible. The technician will make it clear to you what access exactly we need to solve your problem. More details on which accesses API2Cart techs may ask can be found here.

We highly respect API2Cart customers’ privacy. We have adopted all the necessary measures so that you could be confident about how we protect and manage personal information. For more information please get familiar with the Privacy Policy of our company.

Posted in: Security and Privacy