LoyaltyLion

<a href="#why-does-loyaltylion-need-access-to-my-magento-stores-rest-api">Why does LoyaltyLion need access to my Magento store's REST API?</a>

<a href="#can-loyaltylion-provide-a-static-ip-address-that-i-can-whitelist">Can LoyaltyLion provide a static IP address that I can whitelist?</a>

<a href="#how-to-disable-basic-auth-for-api-routes">How to disable basic auth for API routes</a>

- <a href="#why-does-loyaltylion-need-access-to-my-magento-stores-rest-api">Why does LoyaltyLion need access to my Magento store's REST API?</a>
- <a href="#can-loyaltylion-provide-a-static-ip-address-that-i-can-whitelist">Can LoyaltyLion provide a static IP address that I can whitelist?</a>
- <a href="#how-to-disable-basic-auth-for-api-routes">How to disable basic auth for API routes</a>

Why does LoyaltyLion need access to my Magento store's REST API?

LoyaltyLion uses your REST API to provide core program functionality, including:

Configuring price rules within your store

- Most rewards are implemented as single use vouchers; we create vouchers and price rules on the fly when a customer claims a reward, and/or up-front when a reward is set up for the first time

- Customers and orders are "pushed" to LoyaltyLion when they are created or updated, but networks are never 100% reliable. In order to ensure that the LoyaltyLion platform stays completely in sync with your store, we periodically use the REST API to re-synchronise and pick up any changes that may have been dropped due to network conditions

- As part of the install process and in response to support queries, we identify configurations that can affect the running loyalty program, including the websites and store views configured and the modules and versions installed.

- Your Magento store is the source of truth for most loyalty data including customer accounts and orders. In the event of a bug or other issue, we use the REST API to manually compare our records vs the true state of the data.

- Configuring price rules within your store
  - Most rewards are implemented as single use vouchers; we create vouchers and price rules on the fly when a customer claims a reward, and/or up-front when a reward is set up for the first time
- Retrieving order and customer data
  - Customers and orders are "pushed" to LoyaltyLion when they are created or updated, but networks are never 100% reliable. In order to ensure that the LoyaltyLion platform stays completely in sync with your store, we periodically use the REST API to re-synchronise and pick up any changes that may have been dropped due to network conditions
- Syncing store configuration
  - As part of the install process and in response to support queries, we identify configurations that can affect the running loyalty program, including the websites and store views configured and the modules and versions installed.
- Debugging and diagnostics
  - Your Magento store is the source of truth for most loyalty data including customer accounts and orders. In the event of a bug or other issue, we use the REST API to manually compare our records vs the true state of the data.

Can LoyaltyLion provide a static IP address that I can whitelist?

To find more information, please find our API documentation here: <a href="https://developers.loyaltylion.com/api/" rel="nofollow noopener noreferrer" target="_blank">https://developers.loyaltylion.com/api/</a>

Magento's REST API comes with its own built in authentication scheme, so it's always safe to remove extra authentication layers entirely over API routes (beginning with /api/rest in Magento 1, or /rest in Magento 2)

It's quite common to control access to your store with HTTP Basic Auth during development. If you have done this, you'll need to remove this extra authentication on your API routes.

# set an environment variable "noauth" if the request starts with "/api/rest" # Magento 1.x SetEnvIf Request_URI ^/api/rest noauth=1 # Magento 2 SetEnvIf Request_URI ^/rest noauth=1 SetEnvIf Request_URI ^/oauth noauth=1 # the auth block AuthName "Please login." AuthGroupFile /dev/null AuthType Basic AuthUserFile /xxx/.htpasswd # Here is where we allow/deny Order Deny,Allow Satisfy any Deny from all Require valid-user Allow from env=noauth

Remote Access on Magento

Create a custom design with text, images, and links

Request a demo

Help Center home

API Docs

Pricing

See LoyaltyLion reviews on G2

Integrations

Case studies

Shopify App Store reviews

Get started

Resources

Developers

LoyaltyLion Website

Developer Portal

Find answers and get help from Intercom Support and Community Experts

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.