Is the API meant to be used entirely on the frontend over SSL, or is there another server-side authentication mechanism required?
The same authentication mechanism can be user on the server side. One advantage of doing it client side is that you can store the authentication token on the user's browser so you don't need any server side database etc. set up. If you will have one anyway then you can still use the token to post/retrieve information on the server similar to how you would in a client-based setup.
Are any of these API endpoints meant to be used for admins only vs end users?
The endpoints provided in the documentation are for end users; we have a separate API for admin users.
How are the items, their details & pricing, and any extras populated on the checkout flow?
These are returned as part of the
GET /v1/settings request. See the
products arrays which are all returned (depending on settings configured in the admin portal).
The settings object also includes information such as the
How does Stripe checkout integrate with this checkout flow?
Is the GET valet order API endpoint the one that is used to display the confirmation screen?
When the valet order is created via the
POST /v1/valet/orders endpoint it will return the created valet order which can be used to show confirmation. You can also use the
GET endpoint to retrieve it at a later time.
include section of
GET /v1/auth/userinfo is also very useful, allowing you to retrieve the user main info, upcoming orders and storage items in one call.
Does Storeganise handle all confirmation emails on their end?
Yes, these are automatically sent out by the Storeganise system and can be customised.