The Sitecore CDP REST API allows developers to retrieve, create, update, and delete data stored in Sitecore Customer Data Platform. It provides access to guest profiles, orders, sessions, and behavioral data through standard HTTP methods. Developers use this API to build integrations that read or write customer data programmatically, enabling use cases such as audience segmentation, data enrichment, and reporting.
openapi: 3.1.0
info:
title: Sitecore CDP REST API
description: >-
The Sitecore CDP REST API provides synchronous access to retrieve, create,
update, and delete data stored in Sitecore Customer Data Platform. It exposes
guest profiles, orders, order items, order contacts, order consumers, and
data extensions through standard HTTP methods. Developers use this API to
build integrations that read or write customer data programmatically, enabling
use cases such as audience segmentation, data enrichment, and reporting.
Authentication uses HTTP Basic Auth with a client key and API token obtained
from the CDP instance settings. Regional server endpoints must be used based
on the CDP instance's geographic deployment.
version: 'v2.1'
contact:
name: Sitecore Support
url: https://www.sitecore.com/support
termsOfService: https://www.sitecore.com/legal/terms-of-service
externalDocs:
description: Sitecore CDP REST API Documentation
url: https://doc.sitecore.com/cdp/en/developers/api/rest-apis.html
servers:
- url: https://api-engage-eu.sitecorecloud.io
description: EU Production Server
- url: https://api-engage-us.sitecorecloud.io
description: US Production Server
- url: https://api-engage-ap.sitecorecloud.io
description: Asia-Pacific Production Server
- url: https://api-engage-jpe.sitecorecloud.io
description: Japan Production Server
tags:
- name: Guest Data Extensions
description: >-
Endpoints for managing custom key-value data extensions attached to guest
profiles. Data extensions allow organizations to store additional structured
information beyond the standard guest fields.
- name: Guests
description: >-
Endpoints for creating, retrieving, updating, and deleting guest profiles
in Sitecore CDP. Guests represent the core customer entity storing
personal, behavioral, and transactional data.
- name: Order Items
description: >-
Endpoints for managing individual line items within guest orders, including
product references, quantities, and pricing information.
- name: Orders
description: >-
Endpoints for creating, retrieving, updating, and deleting order records
associated with guests. Orders capture purchase transactions including
line items, payments, and fulfillment data.
security:
- basicAuth: []
paths:
/v2.1/guests:
get:
operationId: listGuests
summary: List guests
description: >-
Retrieves a paginated list of guest profiles from Sitecore CDP. Returns
up to 100 guests per request. Use the offset and limit parameters to
paginate through results. Supports filtering by email or other identifiers
using query parameters.
tags:
- Guests
parameters:
- name: email
in: query
description: Filter guests by email address
required: false
schema:
type: string
format: email
- name: limit
in: query
description: Maximum number of guests to return (max 100)
required: false
schema:
type: integer
minimum: 1
maximum: 100
default: 10
- name: offset
in: query
description: Number of records to skip for pagination
required: false
schema:
type: integer
minimum: 0
default: 0
responses:
'200':
description: A list of guest profiles
content:
application/json:
schema:
$ref: '#/components/schemas/GuestListResponse'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
post:
operationId: createGuest
summary: Create a guest
description: >-
Creates a new guest profile in Sitecore CDP. The guest record stores
identity and behavioral data used for personalization and segmentation.
An email address or other identifying attributes should be provided to
enable identity resolution.
tags:
- Guests
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/CreateGuestRequest'
responses:
'201':
description: Guest created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/Guest'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
/v2.1/guests/{guestRef}:
get:
operationId: getGuest
summary: Get a guest
description: >-
Retrieves a specific guest profile by its unique reference identifier.
Returns the full guest object including all stored personal and behavioral
attributes.
tags:
- Guests
parameters:
- $ref: '#/components/parameters/guestRef'
responses:
'200':
description: Guest profile details
content:
application/json:
schema:
$ref: '#/components/schemas/Guest'
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
put:
operationId: updateGuest
summary: Update a guest (full)
description: >-
Performs a full replacement update of a guest profile. All fields in the
guest object are replaced with the values provided in the request body.
Fields not included in the request will be cleared.
tags:
- Guests
parameters:
- $ref: '#/components/parameters/guestRef'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/CreateGuestRequest'
responses:
'200':
description: Guest updated successfully
content:
application/json:
schema:
$ref: '#/components/schemas/Guest'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
patch:
operationId: patchGuest
summary: Update a guest (partial)
description: >-
Performs a partial update of a guest profile. Only the fields provided
in the request body are updated; all other fields retain their current
values. Use this operation when updating a subset of guest attributes.
tags:
- Guests
parameters:
- $ref: '#/components/parameters/guestRef'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/CreateGuestRequest'
responses:
'200':
description: Guest partially updated
content:
application/json:
schema:
$ref: '#/components/schemas/Guest'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
delete:
operationId: deleteGuest
summary: Delete a guest
description: >-
Permanently and irreversibly deletes a guest profile and all associated
data from Sitecore CDP. This operation cannot be undone. All orders,
sessions, and data extensions linked to the guest are also removed.
tags:
- Guests
parameters:
- $ref: '#/components/parameters/guestRef'
responses:
'204':
description: Guest deleted successfully
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
/v2.1/guests/{guestRef}/extensions:
get:
operationId: listGuestDataExtensions
summary: List guest data extensions
description: >-
Retrieves all custom data extensions associated with a guest profile.
Data extensions are named sets of key-value pairs that store additional
structured information beyond the standard guest attributes.
tags:
- Guest Data Extensions
parameters:
- $ref: '#/components/parameters/guestRef'
responses:
'200':
description: List of data extensions for the guest
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/DataExtension'
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
post:
operationId: createGuestDataExtension
summary: Create a guest data extension
description: >-
Creates a new named data extension on a guest profile. Each extension
is identified by a unique name and contains a set of key-value pairs.
Only one data extension of each name is supported per guest.
tags:
- Guest Data Extensions
parameters:
- $ref: '#/components/parameters/guestRef'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/DataExtension'
responses:
'201':
description: Data extension created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/DataExtension'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
/v2.1/guests/{guestRef}/extensions/{dataExtensionName}:
get:
operationId: getGuestDataExtension
summary: Get a guest data extension
description: >-
Retrieves a specific named data extension for a guest profile. Returns
all key-value pairs stored within the extension.
tags:
- Guest Data Extensions
parameters:
- $ref: '#/components/parameters/guestRef'
- $ref: '#/components/parameters/dataExtensionName'
responses:
'200':
description: Data extension details
content:
application/json:
schema:
$ref: '#/components/schemas/DataExtension'
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
put:
operationId: updateGuestDataExtension
summary: Update a guest data extension (full)
description: >-
Performs a full replacement of a guest data extension. All existing
key-value pairs are replaced with those provided in the request body.
tags:
- Guest Data Extensions
parameters:
- $ref: '#/components/parameters/guestRef'
- $ref: '#/components/parameters/dataExtensionName'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/DataExtension'
responses:
'200':
description: Data extension updated successfully
content:
application/json:
schema:
$ref: '#/components/schemas/DataExtension'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
patch:
operationId: patchGuestDataExtension
summary: Update a guest data extension (partial)
description: >-
Performs a partial update of a guest data extension. Only the key-value
pairs included in the request are updated; existing pairs not mentioned
are retained.
tags:
- Guest Data Extensions
parameters:
- $ref: '#/components/parameters/guestRef'
- $ref: '#/components/parameters/dataExtensionName'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/DataExtension'
responses:
'200':
description: Data extension partially updated
content:
application/json:
schema:
$ref: '#/components/schemas/DataExtension'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
delete:
operationId: deleteGuestDataExtension
summary: Delete a guest data extension
description: >-
Permanently deletes a named data extension from a guest profile. All
key-value pairs within the extension are removed.
tags:
- Guest Data Extensions
parameters:
- $ref: '#/components/parameters/guestRef'
- $ref: '#/components/parameters/dataExtensionName'
responses:
'204':
description: Data extension deleted successfully
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
/v2.1/guests/{guestRef}/orders:
get:
operationId: listGuestOrders
summary: List guest orders
description: >-
Retrieves all orders associated with a guest profile. Returns order
summaries including order references, totals, status, and creation dates.
tags:
- Orders
parameters:
- $ref: '#/components/parameters/guestRef'
responses:
'200':
description: List of orders for the guest
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/Order'
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
post:
operationId: createOrder
summary: Create an order
description: >-
Creates a new order record associated with a guest profile. Orders capture
purchase transactions and support segmentation and personalization based
on purchasing behavior. The referenceId and orderedAt fields are
immutable after creation.
tags:
- Orders
parameters:
- $ref: '#/components/parameters/guestRef'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/CreateOrderRequest'
responses:
'201':
description: Order created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/Order'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
/v2.1/guests/{guestRef}/orders/{orderRef}:
get:
operationId: getOrder
summary: Get an order
description: >-
Retrieves a specific order by its reference identifier. Returns the full
order object including all line items, contacts, and data extensions.
tags:
- Orders
parameters:
- $ref: '#/components/parameters/guestRef'
- $ref: '#/components/parameters/orderRef'
responses:
'200':
description: Order details
content:
application/json:
schema:
$ref: '#/components/schemas/Order'
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
put:
operationId: updateOrder
summary: Update an order
description: >-
Performs a full replacement update of an order record. Note that the
referenceId and orderedAt fields cannot be changed after the order has
been created.
tags:
- Orders
parameters:
- $ref: '#/components/parameters/guestRef'
- $ref: '#/components/parameters/orderRef'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/CreateOrderRequest'
responses:
'200':
description: Order updated successfully
content:
application/json:
schema:
$ref: '#/components/schemas/Order'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
delete:
operationId: deleteOrder
summary: Delete an order
description: >-
Permanently deletes an order record and all associated items, contacts,
consumers, and data extensions. This operation is irreversible.
tags:
- Orders
parameters:
- $ref: '#/components/parameters/guestRef'
- $ref: '#/components/parameters/orderRef'
responses:
'204':
description: Order deleted successfully
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
/v2.1/guests/{guestRef}/orders/{orderRef}/items:
get:
operationId: listOrderItems
summary: List order items
description: >-
Retrieves all line items within a specific order. Each item represents
a product included in the order with its quantity and pricing.
tags:
- Order Items
parameters:
- $ref: '#/components/parameters/guestRef'
- $ref: '#/components/parameters/orderRef'
responses:
'200':
description: List of order items
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/OrderItem'
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
post:
operationId: createOrderItem
summary: Create an order item
description: >-
Adds a new line item to an existing order. Each item references a product
and includes quantity and pricing information.
tags:
- Order Items
parameters:
- $ref: '#/components/parameters/guestRef'
- $ref: '#/components/parameters/orderRef'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/CreateOrderItemRequest'
responses:
'201':
description: Order item created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/OrderItem'
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
components:
securitySchemes:
basicAuth:
type: http
scheme: basic
description: >-
HTTP Basic authentication using a client key as the username and an API
token as the password. Credentials are obtained from Sitecore CDP
Settings > API access.
parameters:
guestRef:
name: guestRef
in: path
description: The unique reference identifier for the guest profile
required: true
schema:
type: string
orderRef:
name: orderRef
in: path
description: The unique reference identifier for the order
required: true
schema:
type: string
dataExtensionName:
name: dataExtensionName
in: path
description: The name of the data extension
required: true
schema:
type: string
responses:
Unauthorized:
description: Authentication credentials are missing or invalid
content:
application/json:
schema:
$ref: '#/components/schemas/ErrorResponse'
BadRequest:
description: The request body or parameters are invalid
content:
application/json:
schema:
$ref: '#/components/schemas/ErrorResponse'
NotFound:
description: The requested resource was not found
content:
application/json:
schema:
$ref: '#/components/schemas/ErrorResponse'
schemas:
Guest:
type: object
description: >-
The core entity of Sitecore CDP representing a customer with personal,
behavioral, and transactional data used for personalization and segmentation
properties:
guestRef:
type: string
description: The unique reference identifier for the guest
email:
type: string
description: The email address of the guest
format: email
firstName:
type: string
description: The guest's first name
lastName:
type: string
description: The guest's last name
dateOfBirth:
type: string
description: The guest's date of birth in ISO 8601 format
format: date
gender:
type: string
description: The guest's gender
enum:
- Male
- Female
- Other
- Unknown
phoneNumbers:
type: array
description: Phone numbers associated with the guest
items:
type: string
createdAt:
type: string
description: The ISO 8601 timestamp when the guest was created
format: date-time
modifiedAt:
type: string
description: The ISO 8601 timestamp when the guest was last modified
format: date-time
identifiers:
type: array
description: External identifiers linked to this guest for identity resolution
items:
$ref: '#/components/schemas/GuestIdentifier'
GuestIdentifier:
type: object
description: An external identifier that links a guest to an external system
properties:
provider:
type: string
description: The name of the identity provider or source system
id:
type: string
description: The identifier value from the external system
expiryDate:
type: string
description: The expiry date of this identifier
format: date-time
GuestListResponse:
type: object
description: A paginated response containing a list of guest profiles
properties:
items:
type: array
description: The list of guests for the current page
items:
$ref: '#/components/schemas/Guest'
totalCount:
type: integer
description: The total number of guests matching the query
limit:
type: integer
description: The maximum number of items per page
offset:
type: integer
description: The offset used for this page of results
CreateGuestRequest:
type: object
description: Request body for creating or updating a guest profile
properties:
email:
type: string
description: The email address of the guest
format: email
firstName:
type: string
description: The guest's first name
lastName:
type: string
description: The guest's last name
dateOfBirth:
type: string
description: The guest's date of birth in ISO 8601 format
format: date
gender:
type: string
description: The guest's gender
enum:
- Male
- Female
- Other
- Unknown
phoneNumbers:
type: array
description: Phone numbers associated with the guest
items:
type: string
DataExtension:
type: object
description: A named set of custom key-value pairs attached to a guest or order
properties:
name:
type: string
description: The unique name identifying this data extension
key:
type: string
description: The key within the data extension (for single-pair extensions)
value:
type: string
description: The value for the specified key
Order:
type: object
description: A purchase transaction record associated with a guest profile
properties:
orderRef:
type: string
description: The unique reference identifier for the order
referenceId:
type: string
description: >-
An external reference identifier for the order, immutable after creation.
Orders with the same referenceId and orderedAt within two days are grouped.
status:
type: string
description: The current status of the order
enum:
- PENDING
- CONFIRMED
- SHIPPED
- DELIVERED
- CANCELED
currencyCode:
type: string
description: The ISO 4217 currency code for the order
example: USD
totalPrice:
type: number
description: The total price of the order
format: float
orderedAt:
type: string
description: >-
The ISO 8601 timestamp when the order was placed. Immutable after
creation.
format: date-time
createdAt:
type: string
description: The ISO 8601 timestamp when the order record was created in CDP
format: date-time
items:
type: array
description: Line items included in the order
items:
$ref: '#/components/schemas/OrderItem'
CreateOrderRequest:
type: object
description: Request body for creating or updating an order record
required:
- referenceId
- orderedAt
properties:
referenceId:
type: string
description: >-
An external reference identifier for the order. Cannot be changed
after creation.
status:
type: string
description: The current status of the order
enum:
- PENDING
- CONFIRMED
- SHIPPED
- DELIVERED
- CANCELED
currencyCode:
type: string
description: The ISO 4217 currency code for the order
totalPrice:
type: number
description: The total price of the order
format: float
orderedAt:
type: string
description: The ISO 8601 timestamp when the order was placed. Cannot be changed after creation.
format: date-time
OrderItem:
type: object
description: A line item within an order representing a purchased product
properties:
itemRef:
type: string
description: The unique reference identifier for the order item
sku:
type: string
description: The product SKU or identifier
name:
type: string
description: The product name
quantity:
type: integer
description: The quantity of this product purchased
minimum: 1
price:
type: number
description: The unit price of the product
format: float
totalPrice:
type: number
description: The total price for this line item (quantity * price)
format: float
CreateOrderItemRequest:
type: object
description: Request body for adding a line item to an order
required:
- sku
- quantity
properties:
sku:
type: string
description: The product SKU or identifier
name:
type: string
description: The product name
quantity:
type: integer
description: The quantity of this product purchased
minimum: 1
price:
type: number
description: The unit price of the product
format: float
ErrorResponse:
type: object
description: An error response body
properties:
message:
type: string
description: A human-readable error message
statusCode:
type: integer
description: The HTTP status code
errors:
type: array
description: List of detailed error messages
items:
type: string