API · v1
Developers
Integrate ChinaLogisticHub with your ERP, TMS or BI tools via a signed REST API and HMAC-verified webhooks.
https://api.chinalogistichub.com/api/v1/api/v1REST
OpenAPI-described JSON endpoints.
Webhooks
HMAC-SHA256 signed event delivery.
Rate-aware
60 rpm default, enterprise raises it.
01
Authentication
Mint an API key from your company dashboard. Send it in either of these headers:
The full secret is shown only once at creation time. Revoke immediately if leaked.
Authorization: Bearer clh_live_<prefix>_<secret> # or X-API-Key: clh_live_<prefix>_<secret>
02
Quick Start
curl -H "Authorization: Bearer $CLH_KEY" \
https://api.chinalogistichub.com/api/v1/api/v1/public/ping03
OpenAPI Spec
Machine-readable contract suitable for code generation (openapi-generator, orval, etc.).
/api/v1/requestsCreate a freight request/api/v1/requests/{id}/quotesList quotes for a request/api/v1/quotes/{id}/awardAward a winning carrier quote/api/v1/shipments/{id}Get shipment + tracking events/api/v1/shipments/{id}/documentsList shipment documents/api/v1/developers/webhooksSubscribe to event webhooks04
Webhooks
Subscribe to events via POST /api/v1/developers/webhooks . Each delivery carries an HMAC-SHA256 signature in X-CLH-Signature.
Retry policy
6 delivery attempts with exponential backoff starting at 30 seconds. Requests that never return 2xx land in the dead-letter log, viewable via GET /developers/webhooks/:id/deliveries
X-CLH-Signature: t=1713398400,v1=<hex>
const base = `${t}.${rawBody}`;
const expected = crypto.createHmac('sha256', secret)
.update(base).digest('hex');
// Compare with timingSafeEqual, reject if |now - t| > 300sSupported events
- request.created
- request.status_changed
- shipment.created
- shipment.status_changed
- shipment.delivered
- quote.received
- quote.awarded
- quote.selected_confirmed
- invoice.paid
- document.uploaded
- document.expiring
05
Rate Limits
Default: 60 requests / minute / API key. Enterprise plans raise limits.