← Back to Documentation

Partner API

Integrate with Eyekiosk

Build integrations for inventory sync, order management, and more using OAuth 2.1 authentication and REST APIs.

Authentication

Eyekiosk uses OAuth 2.1 with PKCE for secure partner authentication

1

Register as OAuth Client

Contact Eyekiosk to register your application. You will receive a client_id and client_secret.

2

Redirect to Authorization

Send users to the authorization endpoint with your client_id, redirect_uri, and requested scopes.

3

User Grants Consent

Users see the Eyekiosk consent page and approve access to their practice data.

4

Exchange Code for Token

Your server exchanges the authorization code for access and refresh tokens.

5

Call Partner API

Include the access token in the Authorization header: Bearer <token>

Available Scopes

Identity Scopes

openid

Verify user identity

email

Access user email address

profile

Access user profile information

API Scopes

orders:read

Read order data for the authorized practice

orders:full

Read and update order status

frames:read

Read frame catalog and inventory availability

prescriptions:read

Read prescription details for orders

inventory:write

Sync inventory quantities and pricing

webhooks:read

View webhook subscriptions and delivery status

webhooks:write

Create, update, or delete webhook subscriptions

API Endpoints

All endpoints require a valid OAuth access token

GET/api/v1/partner/orders

List Orders

Fetch orders for the authorized practice. Supports pagination and filtering by status or date.

Query Parameters

limitoffsetstatussince

Required Scopes

orders:read
GET/api/v1/partner/orders/{orderId}

Get Order Details

Fetch full details for a specific order including frame info, prescription, and payment details.

Required Scopes

orders:read
PATCH/api/v1/partner/orders/{orderId}

Update Order Status

Update order status for fulfillment tracking. Valid statuses: pending, in_progress, completed, shipped, cancelled.

Required Scopes

orders:full
GET/api/v1/partner/frames

List Frames

Retrieve frame inventory with stock levels. Filter by brand, availability, or update date.

Query Parameters

limitoffsetbrandin_stockupdated_since

Required Scopes

frames:read
GET/api/v1/partner/prescriptions

List Prescriptions

Fetch prescription data from orders. Includes full Rx (OD/OS), PD measurements, and segment heights.

Query Parameters

limitoffsetorder_idsince

Required Scopes

prescriptions:read
POST/api/v1/partner/inventory

Sync Inventory

Update stock quantities and prices for multiple frames. Batch up to 100 updates per request.

Required Scopes

inventory:write
GET/api/v1/partner/webhooks

List Webhooks

List your webhook subscriptions and their delivery status.

Required Scopes

webhooks:read
POST/api/v1/partner/webhooks

Create Webhook

Create a new webhook subscription. Returns a secret for HMAC signature verification (shown once).

Required Scopes

webhooks:write
PATCH/api/v1/partner/webhooks/{webhookId}

Update Webhook

Update webhook URL, events, or enabled status.

Required Scopes

webhooks:write
DELETE/api/v1/partner/webhooks/{webhookId}

Delete Webhook

Delete a webhook subscription.

Required Scopes

webhooks:write

Webhooks

Receive real-time notifications when events occur

order.created

Fired when a new order is placed

order.status_changed

Fired when order status changes

order.completed

Fired when order is marked complete

inventory.updated

Fired when frame inventory changes

Webhook Security

  • All webhooks are sent over HTTPS only
  • Each payload is signed with HMAC-SHA256 using your webhook secret
  • Verify the X-Webhook-Signature header matches your computed signature
  • Use the X-Webhook-Id header for idempotency

Example Request

curl -X GET "https://eyekiosk.online/api/v1/partner/orders?limit=10" \
  -H "Authorization: Bearer <access_token>" \
  -H "Content-Type: application/json"

Ready to integrate?

Contact us to register your application and receive OAuth credentials.

Contact UsView Core API