API Description
Using this API, you can receive the following information:
The ExpoPlatform Public API is a web based API that allows direct access to data stored within the platform and is shipped as part of the web frontend. The API returns data in JSON format and takes input as form-data. More information about the protocol and JSON can be found in the JSON-RPC 2.0 specification and the JSON format homepage.
The API adheres to the following rules:
All requests are accepted via https only (not via http).
Parameter order does not matter
The API consists of getters (getObject), setters (setObject) and destructors (removeObject)
Strings are always trimmed on processing, removing leading and trailing space characters
The parameter id always refers to an internal ExpoPlatform unique identifier for that object which is always automatically created.
The parameter email always refers to the email of a person-type user, and is also the username and a unique identifier for a person type.
The parameter external_id always refers to an external identifier that may be used by third-party APIs to more easily identify objects, and can only be set through the API.
Getter methods always return a JSON object specific to the type of object of the request
Setter methods always return a standard object:
{id, status, errors[]}, where id - is the id of the
created or updated object; status - is either CREATE or UPDATE;
and errors[] - is an array of errorObject's of any non-fatal
errors encountered during execution. One error object is added
for each error encountered during execution.
Many objects can be retrieved by either id, external id, or email (for person-type objects only). The order of importance of these fields for retrieval is id > external_id > email. The search happens only by the most senior field type.
For setter methods, all other fields are updated if the field that was searched by is id and a match was not found, an error should be thrown. If the field is external_id or email, a new object with such data should be created.
Example 1 (setter request):
If all three, id external_id and email are submitted, then the search is done by only by the id field. If the object with that id is not found, an error is thrown. If the object is found, then external_id and email are both updated for this object.
Example 2 (setter request):
If external_id and email are sent for a person-type object, then the object search happens by external_id only, and email is updated (though verified for uniqueness and validity). If the object with the matching external_id is found, the email field is updated. Otherwise, an error is thrown.
Example 3 (setter request):
If only the email is included, then the object is searched only by the email field. If the object is found, data is updated.
For getter methods, only one searchable field type should be allowed. For example, attempting to search by exeternal_id and by email in the same request should throw an error.
There are two possible scenarios for all setter methods (aside from fatal error termination):
UPDATE scenario is triggered if:
CREATE scenario is triggered if:
The API built on the CRUD (create\update\delete) scheme. Each of the methods performs one specific task. For example, the create method belongs to the host API and is used to create new data in local DB.
The CRUD schema assumes that data retreived using the API will be recorded in customer's own database.
Once the frontend is set up, remote HTTP requests can be used to call the API. The API can be queried by sending HTTP requests to the platfrom backend:
https://{{ CLIENT }}.expoplatform.com/To protect user data, the API uses basic access authentication. In order to access any data inside of platform through the API you will need to insert your API KEY in the header section.
Header Example:
Authorization: Basic tf4Si1LydYpTAPyHXUgjig72jlrd5HpIJL5oigmcYou will receive your API KEY in an email once an instance of the platform has been launched for your organisationIf authentication is successful, the API will return information in the structure described in the following sections
To log into profile send POST request to
https://{{ CLIENT }}.expoplatform.com/oauth/authorize?api=true&redirect_uri=token&response_type=code POSTwith data:
| Param name | Description |
|---|---|
| username | Your username in platform |
| password | Your password in platform |
| eid | Event ID (integer) |
Optional parameters to receive admin access token. You will need to pass admin username and password in this case:
| Param name | Value |
|---|---|
| appcheckin | true |
Response example:
{
"token": "cd1340e032ab057d0a79f1565d0eb9e0",
"id": "1752"
}| Error code | Description |
|---|---|
| 400 | Bad Request |
| 401 | Unauthorized |
In order to access the check-in API an authentication using admin credetials should be done at the following URL:
POST https://{{ CLIENT }}.expoplatform.com/oauth/authorize?api=true&redirect_uri=token&response_type=code&appcheckin=truewith data:
| Param name | Description |
|---|---|
| username | Your admin username |
| password | Your admin password |
Response example:
{
"token": "cd1340e032ab057d0a79f1565d0eb9e0",
"id": "1752"
}| Error code | Description |
|---|---|
| 400 | Bad Request |
| 401 | Unauthorized |