🛍️ BuildMyOnlineStore API

Developer documentation for third-party checkout integrations

Overview Authentication Storefronts API Product Feeds Checkout Integration Code Examples Custom Buttons

📖 Overview

The BuildMyOnlineStore API enables third-party applications to integrate with merchant storefronts for checkout processing. This API is designed for separating consumer checkout experiences from merchant shopping carts.

Base URL

https://app.buildmyonlinestore.com

Use Cases

Architecture

⚠️ Important: BuildMyOnlineStore does NOT handle payments or Stripe. All payment processing is managed by secure.checkout.best. BuildMyOnlineStore is purely a storefront builder/CMS.

🔐 Authentication

All API requests require authentication using GFAVIP SSO tokens.

Token Format

Authorization: Bearer gfavip-session-{token}

How to Obtain Tokens

  1. Merchants authenticate via GFAVIP SSO
  2. Token is provided in the SSO callback
  3. Token must be validated with GET /api/auth/validate
  4. Use the token in API requests
GET /api/auth/validate

Validate GFAVIP SSO token and retrieve user data

Headers: Authorization: Bearer gfavip-session-{token} Required
Response: 
{
  "valid": true,
  "user": {
    "id": "7ee04dbe-17f1-45ca-b8b5-a6e34098b074",
    "email": "[email protected]",
    "username": "merchant123",
    "tier": "paid",
    "credits": 150
  }
}

🏪 Storefronts API

Access merchant storefronts and configuration data.

GET /api/storefronts

List all storefronts for the authenticated merchant

GFAVIP Mini-App Compatible: This endpoint accepts GFAVIP SSO tokens from mini-apps like DropShipSiteToday.
Headers: Authorization: Bearer gfavip-session-{token} Required
Response: 
{
  "storefronts": [
    {
      "id": "uuid",
      "store_name": "My Store",
      "catalog_id": "catalog-uuid",
      "product_id": "SKU-123",
      "storefront_type": "multi_product",
      "theme": "modern",
      "color_code": "#667eea",
      "status": "active",
      "checkout_best_store_id": "checkout-uuid",
      "created_at": "2025-11-24T10:00:00Z",
      "updated_at": "2025-11-24T12:00:00Z"
    }
  ]
}
GET /api/storefronts/{id}

Get detailed information about a specific storefront

URL Parameters: id (storefront UUID) Required
Headers: Authorization: Bearer gfavip-session-{token} Required
Response: Same structure as above, single object
POST /api/storefronts

Create a new storefront for the authenticated merchant

Headers: Authorization: Bearer gfavip-session-{token} Required
Body:
  • catalog_id - UUID of the product catalog Required
  • product_id - SKU or product ID Required
  • store_name - Name for the storefront Required
  • storefront_type - "ai_single_product" or "buy_now_buttons" Optional
  • theme - "modern", "minimal", "bold", or "elegant" Optional
  • color_code - Hex color for branding (e.g., "#667eea") Optional
  • use_stripe - Enable Stripe payments (default: true) Optional
Request Example: 
{
  "catalog_id": "abc123-uuid",
  "product_id": "SKU-001",
  "store_name": "My Awesome Store",
  "storefront_type": "ai_single_product",
  "theme": "modern",
  "color_code": "#667eea"
}
Response: 
{
  "id": "new-storefront-uuid",
  "checkout_best_store_id": "checkout-store-uuid"
}
Tier Limits: Free tier: 1 storefront max. Paid tiers: 50 storefronts max.

📦 Product Feed API

OpenAI Agentic Commerce Protocol (ACP) compatible product feeds.

GET /agentic-commerce/feeds/{storefront_id}

Get OpenAI-compliant product feed for a storefront

URL Parameters: storefront_id (UUID) Required
Response (OpenAI ACP Format): 
{
  "merchant_id": "merchant-uuid",
  "storefront_id": "storefront-uuid",
  "products": [
    {
      "id": "SKU-123",
      "name": "Premium Wireless Speaker",
      "description": "High-quality bluetooth speaker...",
      "price": 79.99,
      "currency": "USD",
      "image_url": "https://example.com/image.jpg",
      "availability": "in_stock"
    }
  ],
  "checkout_enabled": true
}
GET /api/products/{product_id}

Get detailed product information from db.51exports.com

URL Parameters: product_id (SKU) Required
Headers: Authorization: Bearer gfavip-session-{token} Required
Response: 
{
  "id": "SKU-123",
  "title": "Premium Wireless Speaker",
  "description": "High-quality bluetooth speaker...",
  "price": 79.99,
  "image": "https://example.com/image.jpg",
  "category": "Electronics",
  "in_stock": true
}

💳 Checkout Integration

BuildMyOnlineStore uses secure.checkout.best for ALL checkout processing.

Storefronts automatically include the checkout.best JavaScript widget. No API calls needed from your application.

How It Works

  1. When a storefront is created, BuildMyOnlineStore provisions a dedicated checkout.best store
  2. Exported static HTML includes the widget script with the store ID
  3. The widget handles cart, checkout, and payment processing
  4. Order confirmations are sent via webhook (for display purposes only)

Widget Integration (Automatic)

<script src="https://secure.checkout.best/widget.js" 
        data-store="STORE_ID"></script>

<button class="checkout-best-btn" 
        data-sku="PROD-001" 
        data-name="Product Name" 
        data-price="19.99">
    Buy Now
</button>

Webhook Endpoint

POST /api/webhooks/checkout-best

Internal endpoint that receives order.paid events from checkout.best (not for external use)

GET /agentic-commerce/status

Check ACP availability and regional support

Query Parameters: country (ISO code, default: US) Optional
Response: 
{
  "acp_enabled": true,
  "message": "ChatGPT commerce integration available",
  "regions_supported": ["US"]
}

💻 Code Examples

JavaScript/Node.js

// Get merchant's storefronts
async function getMerchantStorefronts(ssoToken) {
  const response = await fetch('https://app.buildmyonlinestore.com/api/storefronts', {
    headers: {
      'Authorization': `Bearer ${ssoToken}`,
      'Content-Type': 'application/json'
    }
  });
  
  return await response.json();
}

// Get product feed
async function getProductFeed(storefrontId) {
  const response = await fetch(
    `https://app.buildmyonlinestore.com/agentic-commerce/feeds/${storefrontId}`
  );
  
  return await response.json();
}

// Initiate checkout
async function initiateCheckout(productId, storefrontId, quantity = 1) {
  const response = await fetch(
    'https://app.buildmyonlinestore.com/agentic-commerce/checkout',
    {
      method: 'POST',
      headers: { 'Content-Type': 'application/json' },
      body: JSON.stringify({
        product_id: productId,
        storefront_id: storefrontId,
        quantity: quantity
      })
    }
  );
  
  const data = await response.json();
  
  if (data.checkout_url) {
    window.location.href = data.checkout_url;
  }
  
  return data;
}

Python

import requests

def get_merchant_storefronts(sso_token):
    """Get all storefronts for authenticated merchant"""
    headers = {
        'Authorization': f'Bearer {sso_token}',
        'Content-Type': 'application/json'
    }
    
    response = requests.get(
        'https://app.buildmyonlinestore.com/api/storefronts',
        headers=headers
    )
    
    return response.json()

def get_product_feed(storefront_id):
    """Get OpenAI ACP-compliant product feed"""
    response = requests.get(
        f'https://app.buildmyonlinestore.com/agentic-commerce/feeds/{storefront_id}'
    )
    
    return response.json()

def initiate_checkout(product_id, storefront_id, quantity=1):
    """Initiate checkout process"""
    data = {
        'product_id': product_id,
        'storefront_id': storefront_id,
        'quantity': quantity
    }
    
    response = requests.post(
        'https://app.buildmyonlinestore.com/agentic-commerce/checkout',
        json=data
    )
    
    return response.json()

cURL

# Get storefronts (authenticated)
curl -X GET "https://app.buildmyonlinestore.com/api/storefronts" \
  -H "Authorization: Bearer gfavip-session-abc123" \
  -H "Content-Type: application/json"

# Get product feed (public)
curl -X GET "https://app.buildmyonlinestore.com/agentic-commerce/feeds/{storefront_id}"

# Initiate checkout
curl -X POST "https://app.buildmyonlinestore.com/agentic-commerce/checkout" \
  -H "Content-Type: application/json" \
  -d '{
    "product_id": "SKU-123",
    "storefront_id": "uuid",
    "quantity": 1
  }'

🔒 Internal Service-to-Service API

For authorized GFAVIP mini-apps (e.g., dropshipsitetoday) to provision storefronts on behalf of users.

Authentication: These endpoints require a shared service secret in the X-Service-Secret header. Contact GFAVIP to obtain your service secret.
POST /api/internal/provision-storefront

Create a storefront on behalf of a GFAVIP user

Headers:
  • X-Service-Secret - Shared service secret Required
  • Content-Type: application/json
Body:
  • gfavip_user_id - User's GFAVIP ID Required
  • gfavip_email - User's email for account linking Required
  • store_name - Name for the storefront Required
  • source_app - Your app identifier (e.g., "dropshipsitetoday") Required
  • catalog_id - 51Exports catalog UUID Optional
  • storefront_type - Default: "multi_product" Optional
  • theme - Default: "modern" Optional
  • color_code - Default: "#667eea" Optional
Success Response (201 Created): 
{
  "success": true,
  "storefront": {
    "id": "new-storefront-uuid",
    "store_name": "My Store",
    "checkout_best_store_id": "checkout-store-uuid",
    "status": "active",
    "created_at": "2025-12-18T10:00:00Z"
  }
}
Error Response (409 Conflict - Limit Reached): 
{
  "success": false,
  "error": "STOREFRONT_LIMIT_REACHED",
  "message": "User has reached maximum storefront limit for their tier",
  "current_count": 1,
  "max_allowed": 1,
  "tier": "free"
}
GET /api/internal/storefronts

List storefronts for a GFAVIP user

Headers: X-Service-Secret: {service-secret} Required
Query Parameters: gfavip_user_id Required
Response: 
{
  "success": true,
  "storefronts": [
    {
      "id": "storefront-uuid",
      "store_name": "My Store",
      "storefront_type": "multi_product",
      "status": "active",
      "checkout_best_store_id": "checkout-uuid",
      "created_at": "2025-12-18T10:00:00Z"
    }
  ]
}

🚀 Integration Workflow

  1. Merchant Authentication: Merchant logs in via GFAVIP SSO and authorizes your app
  2. Get Storefronts: Use merchant's SSO token to fetch their storefronts
  3. Display Products: Access product feeds (product data from db.51exports.com)
  4. Process Checkout: When customer clicks "Buy", call checkout API
  5. Secure Payment: API redirects customer to secure.checkout.best for payment processing
  6. Complete Order: secure.checkout.best handles payment and order fulfillment

System Architecture

Data Flow:

  1. Product data: db.51exports.com → BuildMyOnlineStore API → Your App
  2. Checkout request: Your App → BuildMyOnlineStore API → secure.checkout.best
  3. Payment: Customer → secure.checkout.best (secure payment processing)

📊 Response Codes

Code Status Description
200OKRequest successful
201CreatedResource created successfully
400Bad RequestInvalid request parameters
401UnauthorizedInvalid or missing authentication
403ForbiddenInsufficient permissions
404Not FoundResource not found
500Server ErrorInternal server error

⚠️ Rate Limits

Currently, there are no enforced rate limits. However, please be respectful:

🔗 Additional Resources

💬 Support

For API support and questions:

© 2025 BuildMyOnlineStore | Part of the GFAVIP Ecosystem

← Back to Dashboard