Skip to content
/
Headers
Last updated

Sales Layer REST APIs use HTTP headers to authenticate requests and, in some cases, control how request and response content is interpreted.

At minimum, every API request must include the X-API-KEY header.

Header summary

HeaderRequiredUsed for
X-API-KEYYesAuthenticates the request with the API key assigned to the Sales Layer account.
Accept-LanguageOptionalRequests localized content for supported Catalog API fields.
Content-TypeRequired when sending a bodyTells the API the format of the request body. Use application/json for JSON requests.
AcceptOptionalIndicates the preferred response format. Use application/json when you want JSON responses explicitly.

X-API-KEY

X-API-KEY is mandatory for all Sales Layer REST API requests.

X-API-KEY: YOUR_API_KEY

Replace YOUR_API_KEY with the key provided for your Sales Layer account.

Do not expose API keys in frontend code, public repositories, screenshots, or logs. See Authentication for API key access and security recommendations.

Accept-Language

Accept-Language can be used to request localized content when an API supports localized fields.

Accept-Language: en-us

If omitted, the API may return content using the default language configured for the Sales Layer account.

This header is especially relevant for Catalog API resources that include multilanguage fields. For example, a catalog integration may use it to request product, variant, category, or custom entity values in a specific language.

Examples:

Accept-Language: en
Accept-Language: en-us
Accept-Language: es

Use the exact language or locale values supported by the account and the API operation.

Note: Q-factor weighting (for example, en-US;q=0.9) and the wildcard (*) are not supported. Use exact language or locale codes only.

Content-Type

Use Content-Type when sending a request body.

For JSON request bodies:

Content-Type: application/json

This is relevant for operations such as creating or updating DAM images, products, variants, categories, or custom entity items.

Requests without the expected Content-Type may be rejected or parsed incorrectly.

Accept

Use Accept when the client wants to explicitly request a response format.

For JSON responses:

Accept: application/json

Most API clients can omit this header when JSON is the default response format, but including it can make integrations easier to inspect and debug.

Example GET request

curl -X GET 'https://api2.saleslayer.com/catalog/rest/Catalog/Products?$top=10' \
  -H 'X-API-KEY: YOUR_API_KEY' \
  -H 'Accept-Language: en-us' \
  -H 'Accept: application/json'

Common mistakes

Avoid these common header issues:

  • Sending the API key in a query parameter instead of the X-API-KEY header.
  • Misspelling X-API-KEY.
  • Sending an empty API key value.
  • Forgetting Content-Type: application/json when sending a JSON body.
  • Assuming Accept-Language changes all fields; it only affects localized content supported by the API operation.
  • Logging full request headers in production without masking the API key.

Support

For technical support, API questions, or help getting access to an API key, contact Sales Layer support or your account representative.

Base URL

Rate limiting