Spectrum provides a generic API interface to let customers to integrate with their own CRM solutions in order to customize login flow. Here, in this document you will be provided a guideline of integrating your current system with Spectrum's API.
LOGIN FLOW
VERSION 2 (CURRENT VERSION)
By default, all requests receive the v2 version of the REST API. Requests will be made with version number via the Accept header.
Accept: application/vnd.faraday.spectrum.v2+json |
VERSION 1
Accept: application/vnd.faraday.spectrum.v1+json |
SCHEMA
Communication with Spectrum is done in JSON format, every request and response must have Content-Type: application/json;charset=UTF-8 in header.
SECURITY
Spectrum takes some security measures to be sure that responses to API calls belongs to our customers.
Every customer is given two system-wide-unique keys: public and secret keys.
Public key is sent with Spectrum requests. It can be used in customer's service to verify if request is made from Spectrum:
Accept: application/vnd.faraday.spectrum.v2+json Content-Type: application/json;charset=UTF-8 X-Api-Key: fJLFhUWTxF8LdNZnvG23 |
Private key resides in service to be integrated. It's used to verify response is generated by customer.
Spectrum expects to get two headers in response:
• X-Timestamp, UNIX timestamp value.
• X-Auth: Value of following function: SHA-256(<API Secret>-<UNIX Timestamp>)
Example: If your API secret is OeaH2OTRCJa8REtSvKXb then you can use following Java code to generate X-Auth value.
char[] DIGITS = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' }; |
Accept: application/vnd.faraday.spectrum.v2+json |
ENDPOINTS
IsMember
Parameters
API Version | Parameters |
v1 |
|
v2 |
|
IsMember is request is sent from Spectrum to consumer service to check if visitor is a registered member. At least one of email and phone will be sent in request.
Phone number will begin with country code, without leading plus or zeros.
Returns
• HTTP 200 - visitor is already a member
API Version | Content | |
v1 |
No content | |
v2 |
|
• HTTP 404 - member not found.
Example Request
curl -X GET 'http://example.com/api/IsMember?phone=15410000000&custom_attr=202 &birthDate=03212018' \ |
Expected Response
200 |
SERVER RESPONSES:
• 200 OK - the request was successful (some API calls may return 201 instead).
• 201 Created - the request was successful and a resource was created.
• 204 No Content - the request was successful but there is no representation to return (i.e. the response is empty). • 400 Bad Request - the request could not be understood or was missing required parameters.
• 401 Unauthorized - authentication failed or user doesn't have permissions for requested operation.
• 403 Forbidden - access denied.
• 404 Not Found - resource was not found.
• 405 Method Not Allowed - requested method is not supported for resource.
Comments
0 comments
Article is closed for comments.