Changelog
All notable changes to the Papaya Open API will be documented in this file.
[2.177.0] – 2025-12-02
Added
-
Rate Limiting
-
Implemented global rate limiting for all OpenAPI endpoints (5 requests per second per API key)
-
Added HTTP 429 response with
retryAfterfield when rate limit is exceeded -
Rate limit headers (
X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset) included in all responses -
Rate limiting is scoped per API key to prevent abuse while allowing reasonable burst traffic
-
Changed
None
Fixed
None
Removed
None
[2.160.0] – 2025-10-22
Added
-
Order Data Use Case
-
Added new Order Data use case to send webhooks for all
completeorcancelledorders (POS, API, partner-created). -
Uses thin event payload (
orderId,event,updatedAt) for partners to fetch full details via/orders/:id.
-
Changed
None
Fixed
None
Removed
None
[2.124.1] – 2025-07-17
Added
-
Idempotent Request Support
-
All
POSTendpoints now support idempotency via theidempotency-keyheader -
Prevents duplicate operations by caching request hashes for 24 hours
-
Safe retries return the original response
-
Mismatched payloads with the same key return
409 Conflict -
Header
x-idempotent-replay: trueincluded in replayed responses
-
Changed
None
Fixed
None
Removed
None
[2.91.0] – 2025-06-13
Added
-
Authentication
-
Token-based (Bearer JWT) auth
-
-
Core Endpoints
-
Channel, Menu, Order and Outlet
-
-
Request & Response Formats
-
JSON only, camelCase fields, ISO 8601 timestamps
-
Standard HTTP status codes (
200,201,400,401,404,500)
-
-
Error Handling
-
Uniform error body:
{ code, message[, errors] }
-
-
Webhooks
-
Order status callbacks to your configured
webhookUrl
-
Changed
None
Fixed
None
Removed
None