Toster API
REST API to read orders, customers, analytics, and more — or push data back into Toster from any external system. Everything uses standard JSON over HTTPS.
https://api.toster.co/apiOverview
All API endpoints are REST and return JSON. Authentication uses a Bearer token sent in the Authorization header. Each API key carries a set of scopes that controls exactly which endpoints it can reach.
Grant only the permissions your integration needs.
Per-key rate limit with standard 429 response.
Push events to your endpoint instead of polling.
Authentication
Generate an API key in Settings → API Keys inside your Toster dashboard. Keys look like 966_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
Pass the key as a Bearer token on every request:
curl https://api.toster.co/api/orders \
-H "Authorization: Bearer 966_YOUR_API_KEY" \
-H "Accept: application/json"const res = await fetch('https://api.toster.co/api/orders', {
headers: {
Authorization: 'Bearer 966_YOUR_API_KEY',
Accept: 'application/json',
},
});
const { items, total } = await res.json();Scopes
Each key is issued with a set of scopes. Calling an endpoint without the required scope returns 403 Forbidden.
| Scope | Description |
|---|---|
orders:read | Read orders and order history |
orders:write | Create and update orders |
customers:read | Access customer profiles and segments |
customers:write | Update customer data and tags |
products:read | Read menu items and categories |
kitchen:read | Monitor kitchen queue and status |
couriers:read | View courier assignments and GPS |
analytics:read | Access revenue and performance data |
loyalty:read | Read loyalty balances and history |
loyalty:write | Award and redeem loyalty bonuses |
reviews:read | Read customer reviews and ratings |
webhooks:write | Subscribe to real-time event hooks |
Pagination & Errors
List endpoints support ?page=1&limit=20 (max 100). The response envelope is always:
{
"items": [...],
"total": 1842,
"page": 1,
"pages": 93
}Errors follow a consistent shape:
{
"error": "Order not found",
"details": { "id": "ord_abc123" }
}| Status | Meaning |
|---|---|
200 OK | Success |
201 Created | Resource created successfully |
400 Bad Request | Invalid parameters or missing required fields |
401 Unauthorized | Missing or invalid API key |
403 Forbidden | Key lacks the required scope |
404 Not Found | Resource does not exist in your org |
429 Too Many Requests | Rate limit exceeded — back off and retry |
500 Internal Server Error | Something went wrong on our side |
Orders
Create, read, and manage the full order lifecycle from placement to delivery.
/ordersList orders with pagination and filters
/orders/:idGet a single order with full details
/ordersCreate a new order
/orders/:id/statusAdvance order status through the delivery pipeline
/orders/:id/trackGet real-time courier GPS and ETA for an order
Customers
Access and manage customer profiles, tags, segments, and purchase history.
/customersSearch and list customers
/customers/:idGet customer profile with order history
/customers/:idUpdate tags, notes, or contact info
/customers/:id/ordersPaginated order history for a customer
Menu & Products
Read your full menu catalogue including categories, modifiers, and pricing.
/productsList all products with categories
/products/:idGet a single product with all modifiers
/products/categoriesList all menu categories
Kitchen
Monitor the live kitchen queue and cooking status for each station.
/kitchen/queueCurrent kitchen queue ordered by priority
/kitchen/statsAverage prep time and throughput metrics
Couriers
Track courier locations, assignments, and shift performance in real time.
/couriersList all couriers with current status
/couriers/:idGet courier profile and active assignment
/couriers/:id/locationLatest GPS coordinates and route
Analytics
Pull revenue, order volume, and funnel data for any date range.
/analytics/revenueRevenue totals broken down by day or hour
/analytics/ordersOrder count, AOV, and conversion rate
/analytics/top-productsBest-selling items by quantity and revenue
Loyalty
Read and manage loyalty balances, award bonuses, and process redemptions.
/loyalty/:customer_idGet loyalty balance and tier
/loyalty/:customer_id/historyBonus earn and spend history
/loyalty/awardAward bonus points to a customer
Webhook Events
Instead of polling, subscribe to events and Toster will POST a JSON payload to your URL within seconds of the event firing.
order.createdorder.confirmedorder.cookingorder.packedorder.dispatchedorder.deliveredorder.cancelledcustomer.createdreview.submittedloyalty.awardedExample order.created payload:
{
"event": "order.created",
"created_at": "2026-04-28T14:22:00Z",
"data": {
"id": "clx7...",
"number": 4821,
"status": "NEW",
"total": 1250,
"customer": {
"id": "clx8...",
"name": "Anna K.",
"phone": "+380671234567"
},
"items": [
{ "name": "Philadelphia Roll", "qty": 2, "price": 340 }
]
}
}Verify the request is from Toster using the X-Toster-Signature header — an HMAC-SHA256 of the raw body signed with your webhook secret.
import { createHmac } from 'crypto';
function verifySignature(rawBody, signature, secret) {
const expected = createHmac('sha256', secret)
.update(rawBody)
.digest('hex');
return `sha256=${expected}` === signature;
}Ready to integrate?
Generate your first API key from the Toster dashboard in under a minute.