Documentation for Vendors

Authorization

All <api_url_b2b> endpoints are secured with an API key, which is a special token that the client needs to provide when making API calls. The key is sent in the request header:

x-api-key: qwerty_1234

Warning

API key secures sensitive data, so it MUST be kept secret!

Get user subs

In Wicket, each user has a unique global ID: fan_sub. Additionally, user has multiple application IDs: application_user_sub, one for every Vendor and/or Integrator.

To acquire fan_sub and Vendor's application_user_sub, Vendor sends the following request:

URL:

POST <api_url>/b2b/vendor/user-subs/get

Headers

Content-Type: application/json

X-API-Key: <api-key>

Body

Info

application_id is required and is the same as fan_application_sub, e.g. "serwis-www". Only one of the remaining fields are required: either application_user_sub or email.

{
    "application_id": "<application_id>",
    "application_user_sub": "<application_user_sub>",
    "email": "<email>"
}

Response

{
    "status": 200,
    "data": {
        "fan_sub": "<fan_sub>",
        "application_user_sub": "<application_user_sub>"
    }
}

Status 404:

{
    "status": 404,
    "error_fields": "VENDOR_NOT_FOUND"
}

Description: application_id passed in body does not exist.

Status 400:

{
    "status": 400,
    "error_fields": "MISSING_PARAMETERS"
}

Description: API key does not match application_id.

Status 401:

{
    "status": 401,
    "error_fields": "UNAUTHORIZED"
}

Description: application_user_sub or email is missing in body.

or

Description: application_id is missing in body.

Status 404:

{
    "status": 404,
    "error_fields": "USER_NOT_FOUND"
}

Description: application_user_sub passed in body does not exist.

Status 404:

{
    "status": 404,
    "error_fields": "EMAIL_NOT_FOUND"
}

Description: email passed in body does not exist.

Status 406:

{
    "status": 406,
    "error_fields": "INCORRECT_EMAIL"
}

Description: Invalid email passed in body.

Get user data

To get the user data, send an HTTP POST request to b2b/user-data/read with application_user_sub in body.

URL

POST <api_url>/b2b/user-data/read

Headers

Content-Type: application/json

x-api-key: <api_key>

Body

{
  "application_user_sub": "684ca71a503170c61cdd2f975e633d20228bd842767498b307"
}

Response:

{
    "application_user_sub": "684ca71a503170c61cdd2f975e633d20228bd842767498b307",
    "user_data": {
        "last_name": "Bohynskyi",
        "document_number": "SF111222",
        "email": "bohynskyi.sf.test.1@yopmail.com",
        "birthday": "1976-04-18T20:00:00.000Z",
        "salesforce_id": "0035E00001ef8gKQAQ",
        "first_name": "UpdateDmytro",
        "street": "Wicketowa",
        "building_number": "5",
        "flat_number": "c",
        "post_code": "99-999",
        "city": "Równe",
        "country": "UA",
        "phone": "+38000000000"
    },
    "user_agreements": [
        {
            "fk_agreement_id": 174,
            "fk_agreement_version_id": 71,
            "created_at": "2021-08-10 10:12:54.737154",
            "is_given": false
        },
        {
            "fk_agreement_id": 175,
            "fk_agreement_version_id": 72,
            "created_at": "2021-08-10 10:12:54.708688",
            "is_given": true
        }
    ]
}

Description: success

Status 400:

{
    "status": 400,
    "message": "BAD_REQUEST"
}

Description: Malformed request

Status 404:

{
  "status": 404,
  "error_fields": "USER_NOT_FOUND"
}

Description: application_user_sub not correct

Status 403:

{
  "message": "Forbidden"
}

Description: Incorrect or missing API key

Status 400:

{
  "status": 400,
  "error_fields": "string"
}

Description: Error

Update user data

To update the user data, send an HTTP POST request to b2b/user-data/update with application_user_sub in body.

URL: <api_url>/b2b/user-data/update

Method: POST

Headers:

Content-Type: application/json

x-api-key: api_key

Body:

{
    "application_user_sub": "47d2cd93b1dc9898244988abc54621c0ad49045176ed1af373",
    "user_data": {
        "email_office": "example_email@email.com",
        "phone": "123123",
        "phone2": "123123",
        "first_name": "test",
        "last_name": "test"
    }
}

Status 200:

{
    "status": 200
}

Description: success

Status 400:

{
    "status": 400,
    "message": "BAD_REQUEST"
}

Description: Malformed request

Status 404:

{
  "status": 404,
  "error_fields": "USER_NOT_FOUND"
}

Description: application_user_sub not correct

Status 403:

{
    "message": "Forbidden"
}

Description: Incorrect or missing API key

Status 400:

{
    "status": 400,
  "error_fields": "string"
}

Description: Error

Get user consents

To get all user consents, send an HTTP GET request to <api_url_b2b>/user/{application_user_sub}/agreements.

To get the latest version of a single user consent, add an optional *fk_agreement_id* path parameter.

To get a specific version of a single user agreement, add an optional *fk_agreement_version_id* path parameter.

URLs:

<api_url>/b2b/user/{application_user_sub}/agreements

<api_url>/b2b/user/{application_user_sub}/agreements/{fk_agreement_id}

<api_url>/b2b/user/{application_user_sub}/agreements/{fk_agreement_id}/{fk_agreement_version_id}

Method: GET

Headers:

Content-Type: application/json

x-api-key: api_key

Status 200:

{
    "status": 200,
  "application_user_sub": "47d2cd93b1dc9898244988abc54621c0ad49045176ed1af373",
    "data":[
        {
            "fk_agreement_id": 174, 
            "fk_agreement_version_id": 71, 
            "created_at": "2021-05-20 07:29:07.383209", 
            "is_given": true
        },
        {
            "fk_agreement_id": 202, 
            "fk_agreement_version_id": 72, 
            "created_at": "2021-05-20 07:29:07.383209", 
            "is_given": false
        }
    ]
}

Description: Success

Status 400:

{
    "status": 400,
    "message": "BAD_REQUEST"
}

Description: Malformed request

Status 403:

{
    "message": "Forbidden"
}

Description: Incorrect or missing API key

Status 404:

{
  "status": 404,
    "error_fields": "USER_NOT_FOUND"
}

Description: application_user_sub not correct

Status 404:

{
  "status": 404,
  "message": "AGREEMENT_ID_NOT_FOUND"
}

Description: Specified fk_agreement_id does not exist

To update a single user consent, send an HTTP PUT request to <api_url_b2b>/user/{application_user_sub}/agreements with "is_given": true|false in request body.

To update the latest version of the consent, specify fk_agreement_id. To update a specific version, specify fk_agreement_version_id instead of fk_agreement_id.

URL: <api_url>/b2b/user/{application_user_sub}/agreements/

Method: PUT

Headers:

Content-Type: application/json

x-api-key: api_key

Body:

{
    "fk_agreement_id": 175,
    "is_given": true
}

or

{
    "fk_agreement_version_id": 100,
    "is_given": true
}

Status 200:

    "OK"

Description: Success

Status 400:

{
    "status": 400,
    "message": "BAD_REQUEST"
}

Description: Malformed request

Status 403:

{
    "message": "Forbidden"
}

Description: Incorrect or missing API key

Status 404:

{
  "status": 404,
  "message": "USER_AGREEMENTS_NOT_FOUND"
}

Description: Specified fk_agreement_id or fk_agreement_version_id does not exist

Status 400:

{
    "status": 400,
    "message": "BAD_REQUEST"
}

Description: Malformed request

Status 404:

{
  "status": 404,
  "error_fields": "USER_NOT_FOUND"
}

Description: application_user_sub not correct

Status 403:

{
    "message": "Forbidden"
}

Description: Incorrect or missing API key

Status 400:

{
    "status": 400,
  "error_fields": "string"
}

Description: Error

Documentation for Vendors

Authorization

Get user subs

Get user data

Update user data

Get user consents

Update user consent