search

Introduction

The Zotlo API allows you to manage subscriptions, payments, checkout links, and customer data programmatically. All endpoints follow a RESTful structure and return JSON responses.

This page provides the essential concepts you need before using any endpoint.

hashtag
Environments

Zotlo provides two environments:

Environment
Base URL

Sandbox

https://api-sandbox.zotlo.com

Live

https://api.zotlo.com

Use Sandbox while building & testing your integration. Use Live only after your account is approved and activated.

hashtag
Authentication

Each API request must include your project’s credentials:

AccessKey: YOUR_ACCESS_KEY
AccessSecret: YOUR_ACCESS_SECRET
ApplicationId: YOUR_APP_ID   (optional)
Language: en

  • You can find these in Dashboard → Developer Tools → API Keys

  • Never expose AccessKey or AccessSecret in client-side code

  • ApplicationId is optional and used for analytics tagging

All API requests must be sent over HTTPS.

hashtag
Request & Response Format

  • Requests: JSON payloads for POST/PUT, query parameters for GET

  • Responses: All successes return HTTP 200

  • Errors return HTTP 400 or 500 with the following structure:

hashtag
Error Response Format

hashtag
Error Fields

Field
Description

requestId

Unique ID for debugging

httpStatus

400 or 500 for errors

errorMessage

Human-readable message (in the Language header you send)

errorCode

Zotlo-specific error code (400008, 400009, etc.).

result

Empty or error-specific content.

hashtag
Rate Limits

Zotlo API uses standard rate limiting to ensure platform stability. If the limit is exceeded, the API returns HTTP 429 – Too Many Requests.

Recommended: add retry logic with exponential backoff.

hashtag
Sandbox vs Live Behavior

  • Sandbox simulates full subscription & payment flow

  • No real charges occur

  • Webhooks work normally for integration testing

  • Live mode requires Agreement approval + Business verification

PreviousAPI ReferenceNextError Handling

Last updated