Getting Started with Flipdish API

API Reference

Create your Flipdish App


What is a Flipdish App

We use the term "Flipdish App" for any integration, module or application built on top of the Flipdish API.
Some code samples may use the term "client" instead of "Flipdish App"

To interact with Flipdish API you will need a Flipdish account. You can create a Flipdish account for free at

Click on your avatar and then on **Developer tools".


Click on OAuth apps and then on the red Add New button.


Give your app a name and press Create


Get your API Access Token

Flipdish uses OAuth2 to manage authentication. If you aren't familiar with OAuth2, that's fine. We'll walk you though the basics.

Every Flipdish App uses Hybrid Flow, which allow to request a combination of identity token, access token and code via the front channel using either a fragment encoded redirect (native and JS based clients) or a form post (server-based web applications).

Through the Flipdish Developers Portal you can get access tokens, which allows you to access your stores, orders, vouchers and many resources via the API.


Click the Request token button to generate a token.


To request access tokens programmatically you need your App's ID and Secret Key.



For security reason secret key is hidden on Flipdish Developer Portal by default.

Please use the "REVEAL SECRET KEY" button to get your key and keep it in a safe place.

Request a token using IdentityModel and C#.

TokenClient client = new TokenClient(

string accessToken = client.RequestClientCredentialsAsync("api").Result.AccessToken;



Token Types

Secret Key: a token accessed only by you (the App owner) and Flipdish. This should not be exposed to customers or 3rd parties.

Access Token (also know as a Bearer Token): a token which is used when making calls to the Flipdish API.

Authenticate by including the header Authentication with your OAuth Bearer token (AKA access token).

curl --request GET \
  --url \
  --header 'Authentication: Bearer <your Access Token>'


Always use HTTPS

Calls made over plain HTTP will fail. API requests without authentication will also fail.

Get started

Visit the API Reference Docs to see a list of available endpoints and test out the API.

Please remember to set your user-agent when making API requests.