The Delivery Zone API is a JSON endpoint. Call it from fetch or axios in Node.js — in an Express route, a Next.js API route, a Netlify function, or any server-side JavaScript runtime.
Call the API inside your server-side route handler — not in React/Vue components or client-side scripts. The API key must stay on the server.
NEXT_PUBLIC_ prefix, for example, would expose it — do not do that.
// Server-side only — never expose your API key in browser code
const res = await fetch('https://api.deliveryzone.fi/v1/check', {
method: 'POST',
headers: {
'X-Api-Key': process.env.DZ_KEY,
'Content-Type': 'application/json',
},
body: JSON.stringify({ destinationPostcode: postcode, basketValueCents: basket }),
});
const data = await res.json();
if (!data.canDeliver) {
showError(data.reason); // e.g. "OUT_OF_ZONE"
} else {
setShippingFee(data.priceCents);
}
When canDeliver is false, the response includes a reason field. Display this to the customer:
OUT_OF_ZONE — postcode is valid but outside all defined zonesUNKNOWN_POSTCODE — postcode is not recognisedMIN_BASKET — basket value is below the zone minimumAlways handle HTTP errors (5xx, timeout) gracefully. If the API is unreachable, fail safe — either reject the order or allow manual review.
.env as DZ_KEY — never prefix it with NEXT_PUBLIC_Create a free account and get your sandbox API key in minutes.