Versions Compared

Old Version 3

changes.mady.by.user Michal Sokolovski

Saved on

compared with

New Version 4

changes.mady.by.user Michal Sokolovski

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

UNDER CONSTRUCTION

The Appoxee API allows you to access major parts of Appoxee back-end functionality, both from the Server side and from the Device side.

The This document describes the Service API, which is mainly used mainly used to send Push notifications to devices (see Push Message API).

Other operations are performed through the SDK API (see Android SDK API Usage and iOS SDK API Usage).

Service API Request

All request data must be sent to the API in the JSON format, as an HTTP POST request . The  in the JSON format (the data content type must be set to "applicaiton/json").

Each application has an 'AppSDKKey' and must provide a 'SECRET' key that needs to be requested individually by each Application that uses the API.

These parameters can be found via Appoxee back-end.

Additional security parameter added to ensure that no request is sent twice – the “random” parameter. This parameter added to JSON data, and the developer must ensure that it is random for every request. The Appoxee server checks each request's signature and random parameter, and rejects duplicated requrest.

Request URL

The URL for the Service API is

Note
 Appoxee API variables and parameters consist of case-sensitive keys (alpha-numeric value, starting with a letter) and their length should be under 100 characters.

Request URL

POST

'http://saas.appoxee.com/api/' 

Request URL Arguments

The request must provide the following arguments (this example is given in the PHP format, for server-side usage):

  •  define('AppSDKKey', 'xxxx-xxxx-xxxx-xxxx');
  •  define('SECRET', 'mySecretCode'); // Application Secret
  •  define('URL', 'http://api.appoxee.com/api/');
NameSyntaxDescription
AppSDKKey  
SECRET 'mySecretCode'); // Application Secret 
URL'http://api.appoxee.com/api/' 
Note
 Appoxee API variables and parameters consist of case-sensitive keys (alpha-numeric value, starting with a letter) and their length should be under 100 characters.

 

...

NameSyntaxDescription
???

Request Body

Contains the following arguments:

Body Arguments

...

Parameter DescriptionSyntax
action

The action performed by this API.

  • “alias” –  specify “Alias API” actions
  • “tag” – specify the “Tag API” actions
  • “key-value” – specify “Alias API” actions
  • “attribute” – specify “Attribute API” actions
  • “segment” –  specify “Segmentation API” actions
  • “push” – specify “Push API” actions

signature

Appoxee's API security model ensures that every request has a unique secret signature.

This signature is passed as a parameter inside the “auth” JSON object (along with additional authentication-related information).

Signature parameters:

Parameter

Description

Example

timestamp

the current time in a Unix timestamp in seconds

1330607184

AppSDKKey

Appoxee secret code which is given per App. See it at Appoxee website (Settings->Apps & SDK Keys ->Your App )

xxxxx-xxxxx-xxxxx-xxxxx

SECRET

Appoxee secret code which is given per App to use specifically in API

sadfanbldkjfbslkdfnb

signature

Created by using the MD5 hash function with the concatenation of the above parameters. The order is important

65bd1d345fffc487ab1f15d837e94b38

random

Unique request parameter (can be used uniqid() or “random()”.)

4f5cc37a93463

Signature PHP Example

 

$signature = md5($auth['timestamp'] . SECRET . AppSDKKey . random);

 

The signature is created using the MD5 hash function with the concatenation of the following parameters:
timestamp, AppSDKKey and SECRET (see below).

Note that the parameter order is important!

Signature syntax in PHP format (for server-side usage):

$signature = md5($auth['timestamp'] . SECRET . AppSDKKey . random);

 

timestamp

The current time in seconds, in a Unix timestamp format.

1330607184

 

AppSDKKey

An Appoxee secret code that is unique per-app.
The SDK key is defined on the Appoxee website:
Apps tab> select your app> Application Information page> SDK Key field.

xxxxxxxxxxxxxx.xxxxxxxx

 

SECRET

An Appoxee secret code that is unique per-app, used by the Appoxee API to authenticate the app.
The secret key is defined on the Appoxee website:
Apps tab> select your app> Application Information page> Secret Key field.

 

xxxxxxxxxxxxxx.xxxxxxxx

random

 

A security parameter that is unigue per-request, and ensures that no request is sent twice.
The developer must ensure that this parameter is random for every request.
The Appoxee server checks each request's signature and random parameter, and rejects duplicated requests.

Note: You can either use "random()" or "uniqid()".

4f5cc37a93463

Response

The API response has the following format:

  • If the call succeeded  - HTTP 200 OK with no content
  • If the call was invalid -  HTTP 400 Bad Request

HTTP Response Header

HTTP Header FieldValue
Status Code
  • Upon success – 200 OK 
  • Upon failure  the failure status code (for example: "400 Bad Request")
Location?The URL of the newly created object?

HTTP Response Body

The response body includes a description of the request result in JSON format. A call have  
The API call has one of the following results:

...

Response ResultReturnsExample
SuccessA "Success"

...

Example Success Response

parameter

...

{

    "response": "Success"

}

 

Success with data retrieval
  • A "Success" parameter
  • A "result" parameter containing the result in the specified protocol
    (for example: an array of return values).

{

    "response": "Success",

    "result": [“tag1”, “tag2”]

}

...

Failure
  • An "Error" parameter
  • The error code number ("code": "[number]")
  • A message describing the error ("message": "[description]")

{

    "response": "Error",

    "code": 0,

    "message": "Invalid request"

}

 

Action Definition Parameter

Each request must provide the “action” field, which defines the desired action. The Action field can be one of the following:

  • “alias” –  specify “Alias API” actions
  • “tag” – specify the “Tag API” actions
  • “key-value” – specify “Alias API” actions
  • “attribute” – specify “Attribute API” actions
  • “segment” –  specify “Segmentation API” actions
  • “push” – specify “Push API” actions

...

Example Request

Request URL

POST

???

Request Body

???

HTTP Response Header

200 OK

HTTP Response Body

{

    "response": "Success"

}