Developers
API & integrations
API keys
Use these keys to authenticate requests to the Qaf Xpress last-mile API.
Scopes for the new key
Copy this key now — for security we only store a hashed version and you will NOT be able to see it again.
—
| Key | Scopes | Created | Last used | Status | Action |
|---|---|---|---|---|---|
| Loading… | |||||
Webhooks
Get notified at your endpoint when order events happen.
| URL | Events | Status | Action |
|---|---|---|---|
| Loading… | |||
We POST a JSON event to your URL with an X-QX-Signature header = HMAC-SHA256(body, your secret). Verify it on your side.
Notification preferences
Choose which events notify you, and on which channel.
| Event | SMS |
|---|
API documentation
Reference for the Qaf Xpress last-mile API.
Base URL
https://bkzrqhrlkrwvptwvolzd.supabase.co/functions/v1/lastmile-api
Authentication
Send your key in the X-API-Key header (or Authorization: Bearer <key>).
| Method | Path | Description |
|---|---|---|
| POST | /quote | body {governorate, area, weight, express, sameday} → {ok, price_kwd} |
| POST | /orders | single order body, or a batch {orders:[ … ]}. Each order: {payment_mode:'wallet'|'credit'|'cash', service_type, reference, recipient:{name,phone}, address:{line,governorate,area,block,street,building,floor,apt}, cod_amount, weight_kg} → {ok, count, results:[{ok, job_id, tracking_number, price_kwd, service_model, status}]}. Orders follow your account service model: bulk → recorded as received and compiled for the next pickup run; express → dispatched direct to the nearest driver immediately. Idempotent on reference. |
| GET | /orders/{id} | → {ok, order} |
| GET | /track/{tracking} | No key required. → {ok, tracking} |
| GET | /wallet | → {ok, wallet:{balance_kwd,...}} |
| POST | /shopify?key=<key> | Shopify order webhook auto-creates a delivery. |
Example — create an order