Public REST API Definition

[Pages:6]Public REST API Definition

Use this document to explore REST API definition Contact Info: support@ Document Version: v1.0

All rights reserved

Introduction

The Mintec public API is a REST API that provides programmatic access to allow customers to query and retrieve price series information.

The REST API identifies customers using OAuth; responses are available in JSON.

Authentication and Authorisation

Mintec's implementation is based on the Access Token request flow of the OAuth 2 specification where the application must obtain a bearer token and submit this with every request.

The following information is required to obtain a token as an example:

Property

Value

Description

Authority

Endpoint used to authenticate the user

against the service.

client_id ebcc725e95d89b2bccf89b351471fb28

client_secret ee094a61-8111-4479-bb6f-af61ca27b7ce

grant_type client_credentials

scope

export_api, import_api

Set the scope to use the relevant API

Auth Flow

? An application makes a request to the POST connect/token endpoint based on the Authority to exchange these credentials for a bearer token.

? When accessing the REST API, the application uses the bearer token to authenticate and is authorised to make the request.

? All requests must be made over https, any requests made over plain http will fail.

Content Type header requirement

The post request to retrieve a token must set the Content-Type header to application/x-wwwform-urlencoded, matching the encoding of the body of the request accordingly. Requests will be rejected when obtaining a token if the Content-Type header is not set correctly. When using swagger or tools like postman, the content type is set automatically to match the requested body encoding.

Issuing requests

Step 1: Get Client ID

Step 2: Get Client secret

Step 3: Get access token

This example is using postman.

The screen shot below shows the Content-Type header set by postman, your implementation will need to set the header accordingly. For all other API calls refer to the details in their respective documents.

Step 4: Authenticate API requests with the bearer token

Http Verbs

The following http verbs are used:

? GET - To retrieve a resource or collection of resources ? POST - Used to "post data" back to the web site to retrieve bulk data for multiple series.

Responses

All response bodies are JSON encoded.

A single resource is represented as a JSON object:

{ "field1": "value", "field2": true, "field3": [] } A collection of resources is represented as a JSON array of objects: [ { "field1": "value", "field2": true, "field3": [] }, { "field1": "another value", "field2": false, "field3": [] } ]

Timestamps are in UTC and formatted as ISO8601.

Unset fields will be represented as a null instead of not being present. If the field is an array, it will be represented as an empty array - ie [].

HTTP Status Codes

The Mintec API attempts to return appropriate HTTP status codes for every request

Code 200

Text OK

Success.

Description

400

Bad Request

401

Unauthorized

403

Forbidden

404

429

500, 501, 502 etc

Not Found

Too Many Requests

Internal Server Error

The request was invalid or cannot be otherwise served.

Authentication credentials were missing or incorrect.

The request is understood, but it has been refused or access is not allowed.

The URI requested is invalid or the resource requested.

Returned when a request cannot be served due to the application's rate limit having been exhausted for the resource.

Something is broken. Please contact Mintec Support so the Mintec team can investigate.

Error Messages

When the Mintec API returns error messages, it does so in JSON format. For example, an error might look like this

{ "Message": "Invalid request data.", "Timestamp": "2016-09-02T15:17:36.4764699Z" }

 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download