Dropcolis API Reference

Documentation

Complete API reference with all endpoints, request/response schemas, and examples.

Swagger UI

Interactive API explorer to test endpoints directly from your browser.

OpenAPI Specification

Download the complete OpenAPI specification in JSON format for tooling integration.

Quick Start

Get Started in 3 Steps:

Get Credentials: Contact Dropcolis to receive your public_key and secret_key
Generate Signature: Use HMAC-SHA256 to sign your requests (see examples below)
Make Requests: Include required headers: X-Api-Key, X-Timestamp, X-Signature

Available Endpoints

Partner API (Authentication Required)

GET /v1/health

Check API health status

POST /v1/orders

Create a new delivery order

GET /v1/orders

List all orders with filtering and pagination

GET /v1/orders/{order_id}

Get order details by ID

POST /v1/orders/{order_id}/cancel

Cancel an order

POST /v1/rates/quote

Get delivery rate quote

POST /v1/webhooks/test

Send test webhook to your endpoint

Public Tracking (No Authentication)

GET /track/{order_id}

Track order status (JSON response)

GET /track/{order_id}/html

Track order status (HTML page)

Authentication

All partner API endpoints require HMAC-SHA256 authentication:

Required Headers:

X-Api-Key - Your public API key
X-Timestamp - Current Unix timestamp
X-Signature - HMAC-SHA256 signature (v1=hex)
Idempotency-Key - UUID for POST requests

Signature Generation:

string_to_sign = timestamp + "\n" + method + "\n" + path + "\n" + body
signature = HMAC_SHA256(secret_key, string_to_sign)
X-Signature = "v1=" + hex(signature)

Additional Resources

Base URL (Sandbox): https://sandbox.api.dropcolis.ca/v1
Base URL (Production): https://api.dropcolis.ca/v1
Rate Limit: 300 requests per minute
Request Timeout: 30 seconds
Max Body Size: 1 MB

Code Examples

See the ReDoc documentation for complete code examples in multiple languages including:

Python
JavaScript/Node.js
PHP
Java
cURL

Dropcolis Partner API