Guidelines and Conventions

Before you start using the API, we recommend you review these guidelines.

Protocol support

The Yotpo App Developer API supports both HTTP and HTTPS requests.

UTF-8 Support

The Yotpo API calls support special characters according to the UTF-8 coding.

Data Format

Data must be in JSON format. As such, the HTTP header content-type must be set to: application/json


Use the following parameters to paginate results in API requests which support pagination:
page - The number of pages to return
count - The number of results to return per page

Rate limiting

To improve the experience for all our users, we impose a limit of 5 requests/second on API requests. This limit applies per store. You’ll receive a 429 Too Many Requests error message if you reach this limit.

  • You can check how many requests you have left using the RateLimit-Remaining header. This header is sent in response to your API request.
  • If you reach the rate limit, you can check how many seconds you need to wait before sending the next request by using the RateLimit-Reset header.
  • Some endpoints may have their own rate limit. In this case, the rate limit will be specified in the endpoint itself.

To avoid rate limit errors, we recommend you follow these best practices:

  • Optimize your code to only get the data that your app requires.
  • Use caching for data that your app uses often.
  • Regulate the rate of your requests for smoother distribution.
  • Include code that catches errors. If you ignore these errors and keep trying to make requests, then your app won’t be able to gracefully recover.
  • Use metadata about your app’s API usage, included with all API responses, to manage your app’s behavior dynamically.
  • Your code should stop making additional API requests until enough time has passed to retry. The recommended backoff time is 1 second.


Email and URL parameters you send in the calls must be in the correct format.

Status Codes

Yotpo API uses standard HTTP response codes to indicate the success of failure status of an API endpoint.

Response CodeStatus
200Successful Response
401Unauthorized Request
500Internal Server Error e.g. Timeout