All the request paths in this documentation are relative.

Base URL for production is

For sandbox check the relevant page.

Some endpoints accept URL query parameters.

Some POST endpoints accept JSON request body (for these endpoints you’ll need to add header Content-Type: application/json). Any other content type is not accepted.

Please note:

All Requests must be made over HTTPS. Any call made over HTTP will be rejected.


We use the OAuth 2.0 authentication to offer you better security – no one would be able to access your data through API without authenticating themselves first and getting your permission.

To put it simply – this is the same secure authentication process you go through to sign into some website with your Facebook/WeChat account.

To make an authorized request, retrieve an access token and add the following request header:

Authorization: Bearer {access_token}

For the Step-by-step guide on authenticating with Joom, please refer to our Joom APIv2.