Skip to main content

Documentation Index

Fetch the complete documentation index at: https://dev.puppetvendors.com/llms.txt

Use this file to discover all available pages before exploring further.

V2 Preview — The V2 API is actively being developed. We aim for stability but breaking changes may occasionally occur.

Overview

The PuppetVendors V2 Vendor API gives vendors direct, secure access to their own data — orders, products, fulfillments, payouts, and more — without going through the merchant. Vendor-scoped tokens are automatically restricted to the authenticated vendor’s data. There is no way for a vendor token to access another vendor’s resources. Base URL: https://staging-api.puppetvendors.com
For AI agents and tooling: OpenAPI 3.1 spec | Postman Collection

Getting Started

  1. Get your vendor API key — Create one in the vendor portal or ask your merchant for a key (prefixed vk_)
  2. Authenticate — Exchange your key for a JWT token via POST /authenticate
  3. Make requests — Pass the token in the x-access-token header
See the Authentication guide and API Keys & Scopes for details.

Vendor Resources

Orders

View, export, and track your orders

Products

Create, update, and manage your products

Fulfillments

Create, update, and track fulfillments

Documents

Generate invoices, packing slips, and shipping labels

Payouts

Track payouts, transactions, and pending balances

Shipping

Get rates, purchase labels, manage dimensions

Customers

View customers who purchased your products

Discounts

Manage your discount codes

Integrations

Connect Shippo, ShipStation, PayPal, and Stripe

Profile & Settings

Update your profile, address, and account settings

Unscoped Endpoints

Some endpoints work with any valid vendor token — no specific scope required on your API key: Discounts, Profile, Settings (account, shipping, team), Integrations (Shippo, ShipStation, PayPal, Stripe), and Documents (invoices, packing slips, shipping labels). See API Keys & Scopes for the full breakdown.

Rate Limits

The API is rate-limited to 100 requests per minute per IP address. The limit is per IP, not per API key — if your agent runs in a shared environment (Lambda, Vercel, CI), all consumers on that IP share the 100/min budget. The API returns standard RateLimit-* headers on every response. On HTTP 429, implement exponential backoff before retrying.

Need Help?

Contact support@puppetvendors.com for API access or questions.