PharmaOne API — Übersicht
Partner-HTTP-API zur Anbindung externer Systeme an PharmaOne Manager.
Konfigurieren Sie Zugangsdaten in Manager → Org Settings → Integrations (API-Schlüssel und Webhook-Abonnements).
Architektur
sequenceDiagram
participant Partner
participant API as PharmaOne API
participant Backend as PharmaOne Backend
Partner->>API: POST /v2/.../auth/token + apikey
API->>Backend: API-Schlüssel prüfen
Backend->>Partner: JWT (1h, bereichsbezogen)
Partner->>API: GET /v2/.../orders + Bearer JWT
API->>Backend: Token + Bereiche prüfen
Backend->>Partner: JSON-Antwort
Partner->>API: POST /v1/.../order-requests + apikey
API->>Backend: API-Schlüssel prüfen
Backend->>Partner: Bestellanfrage-ID
API-Versionen
| Version |
Auth |
Anwendungsfall |
| v2 |
JWT (nach API-Schlüssel-Tausch) |
Vollständige Lese-/Schreib-Integration mit Bereichen |
| v1 order-requests |
Nur API-Schlüssel |
Einfache Bestelleinreichung ohne JWT |
| ExternalTelemedicineConnector |
API-Schlüssel über Shop-URL |
Telemedizin-Partner — nur Shop-Endpunkt |
Externer Telemedizin-Connector
Für Telemedizin- und E-Rezept-Plattformen erhalten Partner oft Shop-URL + API-Schlüssel, ohne Manager-Routen.
| Methode |
Pfad |
Auth |
POST |
https://{shop-domain}/api/v1/external-order |
Header apikey |
Der Shop setzt org_id und shop_id; der Payload entspricht v1-Bestellanfragen. Vollständiger Leitfaden: Externer Telemedizin-Connector.
Basis-URLs
| Umgebung |
Host |
| Produktion |
https://manager.prod.pharmaone.shop |
| Sandbox |
Wird von Ihrem Apotheken-Kontakt bereitgestellt |
Vollständige Routenübersicht
Authentifizierung
| Methode |
Pfad |
Auth |
Bereich |
POST |
/api/v2/public/orgs/{orgId}/auth/token |
API-Schlüssel |
— |
v2 — JWT-Routen
| Methode |
Pfad |
Bereich |
GET |
/shops |
products.read |
GET |
/products?shop_id= |
products.read |
GET |
/products/{p1Id}?shop_id= |
products.read |
POST |
/products/add-to-inventory |
products.write |
PUT |
/products/{p1Id} |
products.write |
GET |
/inventory |
inventory.read |
POST |
/inventory/adjust |
inventory.write |
GET |
/inventory/{p1Id}/log |
inventory.read |
GET |
/inventory/{p1Id}/history |
inventory.read |
POST |
/shops/attach-product |
products.write |
POST |
/shops/detach-product |
products.write |
POST |
/shops/product-overrides |
products.write |
GET |
/reports/stats |
reports.read |
GET |
/reports/product-performance |
reports.read |
GET |
/reports/product-sales |
reports.read |
GET |
/reports/pharmaone |
reports.read |
GET |
/orders |
orders.read |
GET |
/orders/{orderId} |
orders.read |
POST |
/orders |
orders.write |
PUT |
/orders/{orderId} |
orders.write |
PATCH |
/orders/{orderId}/status |
orders.write |
POST |
/order-requests |
order_requests.write |
GET |
/prescriptions |
prescriptions.read |
GET |
/prescriptions/{id} |
prescriptions.read |
POST |
/prescriptions |
prescriptions.write |
Alle v2-Pfade haben das Präfix /api/v2/public/orgs/{orgId}/.
v1 — Nur API-Schlüssel
| Methode |
Pfad |
POST |
/api/v1/public/orgs/{orgId}/order-requests |
Nächste Schritte