General (general)

The Wildberries API provides sellers with tools to manage their store and obtain real-time and statistical information via the HTTP REST API protocol.

The main advantage of the API is the ability to automate processes through integration with the seller's information systems, such as ERP, WMS, OMS, CRM. With the WB API, sellers can manage their store without manually using the website interface.

Using the API to operate a store on Wildberries is a great way to:

• automate routine processes
• access up-to-date information
• optimize inventory management

The API documentation is provided in the Swagger OpenAPI format and can be used for import into other tools, such as Postman, or for generating client code in various programming languages using Swagger CodeGen.

For manual API testing you can use:

• For Windows — PostMan
• For Linux — curl

1. Register in the seller's personal account.
2. Go to the store settings and create an API token. The token will allow you to access the WB API. The token system lets you control who interacts with your data through the API and how.
3. Develop an integration with the API using your own developers or outsource specialists. You can also connect partner services from our business solutions catalog.

Practical tips:

• Use the documentation.
  Official WB API documentation will help you understand the functionality and capabilities of the API. It includes examples of possible requests and responses, a list of potential errors, rate limits, security rules, and more.
• Regularly check the integration.
  Ensure that you are transmitting data correctly and note the responses you receive to timely update the integration. Remember the restrictions and take into account the request limits.
• Keep the API token secure.
  Do not share it with third parties unnecessarily. Use only trusted services. If you detect suspicious activity, immediately delete and replace the token.
• Contact technical support if needed.
• Stay updated on WB API news and changes in:
  • release notes
  • Telegram channel
  • Wildberries news feed

Technical support is conducted through dialogues in the seller's personal account. When creating a new support request, use the API category.

Main response status codes for requests in the WB API:

Example of an error:

{
  "title": "path not found",
  "detail": "Please consult the https://dev.wildberries.ru/openapi/api-information",
  ...
  "status": 404,
  "statusText": "Not Found",
  "timestamp": "2025-04-24T07:25:28Z"
}

The WB API has request rate limits. To evenly distribute the load, the token bucket algorithm is used. Limits for specific API methods are specified in the documentation.

For example:

This means that you can send 300 requests per minute. These requests should be evenly distributed over time, meaning the interval between requests should be 60 seconds/300 requests = 0.2 seconds.

The API allows for request bursts, where you can perform several requests simultaneously. The allowable burst is returned in the response header X-Ratelimit-Remaining. It appears in all response statuses except for error 429.

X-Ratelimit-Remaining is the number of requests you can currently make without adding delays. After each request, the X-Ratelimit-Remaining value decreases by one. If X-Ratelimit-Remaining is 0 and you make the next request without delay, you will receive a 429 error in response. The X-Ratelimit-Remaining value replenishes over time.

If you exceed the request rate limit, you will receive a 429 error. In this case, you need to wait a short period before making the next request. To determine how long you need to wait, use the headers from the 429 response:

• X-Ratelimit-Retry — the number of seconds after which you can retry the request. If you attempt it earlier, you will continue to receive a 429 error.
• X-Ratelimit-Limit — the maximum allowable burst of requests, which will be replenished after X-Ratelimit-Reset seconds.
• X-Ratelimit-Reset — the number of seconds after which the allowable burst of requests will be restored to the maximum value specified in X-Ratelimit-Limit.

Response example:

HTTP/1.1 429 Too Many Requests
...
X-Ratelimit-Reset: 29
X-Ratelimit-Retry: 2
...
X-Ratelimit-Limit: 10

You need API token to authenticate requests. It is valid for 180 days after creation. Add the token to the Authorization request header.

1. Go to your seller account, click the profile name and select Settings → Access to API.
2. If necessary, select the option:
   • Test scope (Sandbox): the token can only be used in a test scope (sandbox).
   • Read only: You can't change any data using this token, it's only for reading. The token can be used with real data and in the test scope (sandbox).
3. Choose the API categories for this token.

4. Click Create a token.
5. Copy and save the token in some safe place. Later you can't view it in your seller account. If you lost your token, create a new one.

The token is a JWT according to RFC 7519. To check if your token is valid and which categories of API methods are available with it, you can decode it.

Public token fields

Fields that are not in the table are service fields and can be deleted.

s field

The s field is a bitmask, an integer, each bit of which means the presence or absence of some option.

Learn more about bitmask

Bit values

Token decoding will allow to check if the token is valid and which categories of API methods are available. You can decode the token on the separate page.