Developer API Resources

By utilizing the API, you are agreeing to the Pinogy Terms of Service.  If you would also like your application listed in Pinogy’s App Store, you will also need to agree to the Application Developer and API Agreement.

Please use the following documentation as a guide for your integration.

Developer Assistance

If you find yourself getting stuck at any point while trying to implement the API, email us at

Pinogy API

The first step to using Pinogy’s API is to be able to log in.  Sample implementations are available for:




In addition, you will need to obtain the API host, access key, secret key, and password for each client.

Common Parameters

Almost all resources can be called with the following parameters:

  • order_by: (ex: order_by="product_id desc" or order_by="product_id asc")

    • This will return the results sorted by the column you specify.

  • limit: (ex: limit=100)

    • Limit the number of results. If you do not send a limit parameter the default limit is 100 records. The max limit is 1000 records (if you put limit=1001 or more, it will still return 1000 records so this is discouraged).

  • offset: (ex: offset=0)

    • Get more results. You can send the offset parameter to start at a set record count. If you do not send an offset parameter the default is 0 for the first record.

  • columns: (ex: columns="product_id, category, cheapest_supplier")

    • Return only the columns listed from resultant data set


The list of available resources and parameters is available below

Please be aware that based on your access level, specific permissions, and agreements, access to certain resources may not be available.

Limits on API Usage

Currently, there are two usage-based restrictions imposed while using the API.  Normal use of the API should not hit either of these, but they are listed below to make sure you are aware of them.

  • Files in our system get a unique ID.  If the file is ever changed, then a new ID is created, and if appropriate, the old file and referenced ID are deleted.  Because of this, files (which include images) should only be pulled once, and then cached locally within your site, server, or application.

  • The number of sessions allowed on one device or login is limited.  Sessions should be reused, instead of having a new session created for every request.  The only time a new session needs to be created is if you receive a 409 response from the API.  In that scenario, the old session has expired or has been terminated.  A new session should be created (programmatically) , and then the request should be resubmitted.

Error Responses

Error HTTP code of an error response could be one of the following:





Bad request

Any other handled exception



Access token / credentials are missing or incorrect



Permission denied


Not found

Resource doesn’t exist


Not Acceptable

Login is incorrect or the application is not accessible



Request is correct, but can’t be applied because of the server state constraints


Validation Error

There is an error in the values passed in


Internal server error

Unhandled exception happens on server side