At Correos, we manage your deliveries so you can focus on your business.
To integrate with Correos APIs, please sign a transport contract.
Steps to access the Developer Portal
In order to access the Developer Portal, where you can start using the Correos APIs, you are required to complete the following steps:
1. In order to access the Developer Portal, please register with CorreosID. Here is the registration manual to help you in the process.
2. Access the Developer Portal and request access to the APIs you wish to manage. Here is the API access manual to help you in the process.
3. As supporting documentation, you can also download the Event Matrix.
What is API integration?
API integration enables complete delivery management and speeds up logistics, warehouse management and Customer Services. This is especially recommended for clients with large daily delivery volumes, those that already use this integration with other suppliers and those whose logistics management is highly automated.
This service is available for many of our products:
National parcel delivery:
International parcel delivery:
You will also have a wide range of features at your disposal:
Less time spent on delivery management with our delivery service. Correos deals with everything so you can focus on your business.
If you are not yet a customer, contact our Customer Service Department on 915 197 197 to find out how to sign up.
How to use OAuth 2.0 to access Correos APIs
Basic steps:
1. Get OAuth 2.0 credentials from CorreosID
2. Get an access token from the Correos authorisation server
3. Send the access token to an API
4. Update the access token if necessary.
Note: The use of the OAuth 2.0 Mail implementation is governed by the OAuth 2.0 Policies.
Your client application then requests an access token from the Correos authorisation server, extracts a token from the response and sends it to the Correos API you wish to access.
1. Get OAuth 2.0 credentials from CorreosID
Once you have completed the CorreosID registration process you will get OAuth 2.0 client credentials (client_id and client_secret).
2. Get an access token from the Correos authorisation server
Before your application can access private data with a Correos API, it must obtain an access token that grants it access to that API. A single access token can grant different degrees of access to several APIs. A variable parameter called scope controls the set of resources and operations that an access token allows. During the access token request, your application sends one or more values in the scope parameter.
If at least one permission is granted, the Correos authorisation server sends your application an access token.
3. Send the access token to an API
After an application obtains an access token, it sends it to a Correos API in a HTTP authorisation request header. It is possible to send tokens as URI query string parameters, but we do not recommend it, as URI parameters may end up in log files that are not completely secure. In addition, it is good REST practice to avoid creating unnecessary URI parameter names.
Access tokens are only valid for the set of operations and resources described in the scope of the token request. For example, issuing an access token for the Preregister API does not grant access to the Requests API. However, you can send that access token to the Preregister API multiple times to perform similar operations.
Once you complete the API access request in the Developer Portal you will get API client_id and client_secret, which you will need to include in the request in addition to the access token.
4. Update the access token if necessary.
Access tokens have a limited lifetime. If your application needs to access a Correos API beyond the lifecycle of an access token, you can obtain a new access token.