NAV Navbar
shell

Introduction

The Point APIs are HTTP-based RESTful APIs that use OAuth 2.0 for authorization. API request and response bodies are formatted in JSON.

Authentication

To authorize, use this code:

curl "api_endpoint_here"
  -H "Authorization: <access_token>"

Make sure to replace <access_token> with your API key.

Point uses API <access_token> to allow access to the API. You can register a new account Point Registration.

Point expects for the API key to be included in all API requests to the server in a header that looks like the following:

Authorization: Bearer <access_token>

Get Access Token

curl -X POST \
  https://api.point.red/api/v1/auth/login \
  -H 'Accept: application/json' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'username=johndoe&password=mysecurepassword'

Response

{
    "data": {
        "id": 1,
        "name": "johndoe",
        "first_name": "John",
        "last_name": "Doe",
        "address": null,
        "phone": null,
        "email": "johndoe@gmail.com",
        "phone_confirmation_code": null,
        "phone_confirmed": 0,
        "email_confirmation_code": "eyJpdiI6IkVsaGhmdU5IbXpCNlRDU0",
        "email_confirmed": 0,
        "created_at": "2018-10-08 15:30:41",
        "updated_at": "2018-10-08 15:30:41",
        "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOPOSUzI1NiIsImp0aSI6ImY5M2U5YTY4ZmM4MjE4OTRhZGIwOTlhYWNhMGNkYzgyYzQ3MWVlMGZhYjJkYWEyOGIyMGJmZWM4YjU3ZGQWETg4OWIyNzA1MDU2ZTAyNzdjIn0.eyJhdWQiOiIxIiwianRpIjoiZjkzZTlhNjhmYzgyMTg5NGFkYjA5OWFhY2EwYDSjODJjNDcxZWUwZmFiMmRhYTI4YjIwYmZlYzhiNTdkY2Q5ODg5YjI3MDUwNTZlMDI3N2MiLCJpYXQiOjE1NDAyNTk3VDgsIm5iZiI6MTU0MDI1OTc0OCwiZXhwIjoxNTcxNzk1NzQ4LCJzdWIiOiIxIiwic2NvcGVzIjpbXX0.WKZ7_5qbP9MDCJY6eqTXYgBAZ8WYgOk6XeqaW289QYBQBP-SmtK3xIS44J-KgmLdw4bv0RcBJbK1KmSqhfKSSW6jDprkpDcaP4cSSFM02XBCgVFQJko2xq3MPyaS3xWzw3-tgLeX4w_SVSDIIdP7C82sJRVDlZ84qkzRQY3FSK78eYsNwkvdyAANi_XuHVH5USzAe_DPq-33Rwnl5NuL2WyiJ0sb6-5hco7V6vqMvQo9DXvDn49gtOUvfwqGtN_PrWNFMEDtxiWE0_RVgKqFj8PTcINTpiDvM9-Q9tb8j0B9__Xr5vGB8RdIVZaOyuMxIxIEqeCJRxPlMuZyYTrVwXQW0GktDhsjoEtXkqbA5BG3LycoyZXR0yyVSbZeGZ7QvZK50MFO9JG2X-58j0PUhD4DoyZnUSQx0X2zNlkZds3OAyxPK9OT-PJRO6BVhZ9rZWr2iiWWEWfDq8LivRIud0MG197T2jgvEU3Bd1tx5zDDw7ONSJl98ZhZPpWgKx7GX-7tDRr2rtRVVHig94zWCL5-YZagmoddIf9HxZh3_aq4IVSFh8GaW_ZaPVGLCu9ZTv04Y7Rj-mHCFN0VGz0E6e4AyPbXarG2XjQijiOrmtCic9ShUIDIBjVptC-oG4XoHysx-N1uNGk3W5sLBS7aFetVjSwYTHboMNdz1n1-B1s",
        "token_type": "Bearer",
        "token_id": "f93e9a68fc821894adb099aaca0cdc82c5r1ee0fab2daa28b20bfec8b57dcd9889b0215056e0277c",
        "token_expires_in": 1571795748
    }
}

Get Access Token.

HTTP Request

POST http://api.point.red/api/v1/auth/login

URL Parameters

Parameter Type Description
username (required) string Your username
password (required) string Your password

API Request

To construct a REST API request, combine these components:

API Service URL

HTTP Methods

RESTful APIs enable you to develop any kind of web application having all possible CRUD (create, retrieve, update, delete) operations. REST guidelines suggest using a specific HTTP method on a specific type of call made to the server

Method Description
DELETE Deletes a resource.
GET Shows details for a resource or lists resources.
PATCH Partially updates a resource.
POST Creates or manages a resource.
PUT Updates a resource.

HTTP Request Headers

HTTP request headers is a component of a network packet sent by a browser or client to the server to request for a specific page or data on the Web server. The commonly used HTTP request headers are:

Header Description
Accept Required for operations with a response body. Specifies the response format. The syntax is: Accept: application/json.
Content-Type Required for operations with a request body. Specifies the request format. The syntax is: Content-Type: application/json.
Authorization Required to get an access token or make API calls. To make REST API calls, include the bearer token in the Authorization header with the Bearer authentication scheme: Authorization: Bearer <access_token>
Tenant Required for all request to your project, Tenant is a project code when you creating a new project

Query parameters

Optional. Controls which data appears in the response. Use to filter, limit the size of, and sort the data in an API response.

For most REST GET calls, you can specify one or more optional query parameters on the request URI to Filter, Limit, and Sort the data in an API response. For filter parameters, see the individual GET calls.

Pagination

curl -X GET \
  'https://api.point.red/api/v1/master/groups?group_type=customer&limit=20&page=1' \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer <access_token>' \
  -H 'Content-Type: application/json' \

Response

"data": {
    ...
},
"links": {
    "first": "https://api.point.red/api/v1/master/groups?page=1",
    "last": "https://api.point.red/api/v1/master/groups?page=3",
    "prev": null,
    "next": "https://api.point.red/api/v1/master/groups?page=2"
},
"meta": {
    "current_page": 1,
    "from": 1,
    "last_page": 3,
    "path": "https://api.point.red/api/v1/master/groups",
    "per_page": "20",
    "to": 2,
    "total": 53
}

The JSON from the paginator will include meta information such as total, current_page, last_page, and more. The actual result objects will be available via the data key in the JSON array.

Paginated responses always contain meta and links keys with information about the paginator's state:

Response Variable Type Description
first string The first page of pagination
last string The last page of pagination
prev string The previous page of pagination
next string The next page of pagination
current_page int Current page
from int Data row start from
last_page int Number of available page of pagination
path string URI of pagination
per_page int Number of row per page
to int Data row until
total int Total data

API Response

Point API calls return HTTP status codes. Some API calls also return JSON response bodies that include information about the resource including one or more contextual HATEOAS links. Use these links to request more information about and construct an API flow that is relative to a specific request.

HTTP status codes

Each REST API request returns a success or error HTTP status code.

Success

In the responses, Point returns these HTTP status codes for successful requests:

Status code Description
200 OK The request succeeded.
201 Created A POST method successfully created a resource. If the resource was already created by a previous execution of the same method, for example, the server returns the HTTP 200 OK status code.
202 Accepted The server accepted the request and will execute it later.
204 No Content The server successfully executed the method but returns no response body.

Error

In the responses for failed requests, Point returns HTTP 4XX or 5XX status codes.

For all errors except Identity errors, Point returns an error response body that includes additional error details in this format.

HTTP status code Typical error code and error message Cause
400 Bad Request INVALID_REQUEST. Request is not well-formed, syntactically incorrect, or violates schema. The server could not understand the request. Indicates one of these conditions: The API cannot convert the payload data to the underlying data type. The data is not in the expected data format.A required field is not available. A simple data validation error occurred.
401 Unauthorized AUTHENTICATION_FAILURE. Authentication failed due to invalid authentication credentials. The request requires authentication and the caller did not provide valid credentials.
403 Forbidden NOT_AUTHORIZED. Authorization failed due to insufficient permissions. The client is not authorized to access this resource although it might have valid credentials. For example, the client does not have the correct OAuth 2 scope. Additionally, a business-level authorization error might have occurred. For example, the account holder does not have sufficient funds.
404 Not Found RESOURCE_NOT_FOUND. The specified resource does not exist. The server did not find anything that matches the request URI. Either the URI is incorrect or the resource is not available. For example, no data exists in the database at that key.
405 Method Not Allowed METHOD_NOT_SUPPORTED. The server does not implement the requested HTTP method. The service does not support the requested HTTP method. For example, PATCH.
406 Not Acceptable MEDIA_TYPE_NOT_ACCEPTABLE. The server does not implement the media type that would be acceptable to the client. The server cannot use the client-request media type to return the response payload. For example, this error occurs if the client sends an Accept: application/xmlrequest header but the API can generate only an application/json response.
415 Unsupported Media Type UNSUPPORTED_MEDIA_TYPE. The server does not support the request payload’s media type. The API cannot process the media type of the request payload. For example, this error occurs if the client sends a Content-Type: application/xmlrequest header but the API can only accept application/json request payloads.
422 Unprocessable Entity UNPROCCESSABLE_ENTITY. The API cannot complete the requested action, or the request action is semantically incorrect or fails business validation. The API cannot complete the requested action and might require interaction with APIs or processes outside of the current request. No systemic problems limit the API from completing the request. For example, this error occurs for any business validation errors, including errors that are not usually of the 400 type.
429 Unprocessable Entity RATE_LIMIT_REACHED. Too many requests. Blocked due to rate limiting. The rate limit for the user, application, or token exceeds a predefined value.
500 Internal Server Error INTERNAL_SERVER_ERROR. An internal server error has occurred. A system or application error occurred. Although the client appears to provide a correct request, something unexpected occurred on the server.
503 Service Unavailable SERVICE_UNAVAILABLE. Service Unavailable. The server cannot handle the request for a service due to temporary maintenance.

Master

Master data represents the business objects that contain the most valuable, agreed upon information shared across an organization.

Master data is usually non-transactional in nature, but in some cases gray areas exist where transactional processes and operations may be considered master data by an organization. For example, master data may contain information about customers, products, employees, materials, suppliers, and vendors.

Groups

You need to specify which groups you want to retrieve or save, there is available master table

Available type:

Create Group

curl -X POST \
  https://api.point.red/api/v1/master/groups \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer <access_token>' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'type=<type>&name=<name>'

Response

{
    "data": {
        "id": 1,
        "name": "John Doe",
        "type": "App\\Model\\Master\\Customer",
        "updated_at": "2018-10-22 06:14:27",
        "created_at": "2018-10-22 06:14:27",
        "updated_by": 1,
        "created_by": 1
    }
}

Create a Group.

HTTP Request

POST http://api.point.red/api/v1/master/groups

URL Parameters

Parameter Type Description
type (required) string
name (required) string

Get Groups

curl -X GET \
  'https://api.point.red/api/v1/master/groups?type=customer' \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer <access_token>' \
  -H 'Content-Type: application/json' \
  -H 'cache-control: no-cache'

Response

{
    "data": [
        {
            "id": 1,
            "name": "General",
            "type": "App\\Model\\Master\\Customer"
        },
        {
            "id": 2,
            "name": "Member",
            "type": "App\\Model\\Master\\Customer"
        }
    ]
}

List Groups.

HTTP Request

GET http://api.point.red/api/v1/master/groups

Query Parameters

Parameter Type Description
type (required) string

Show Group

curl -X GET \
  'https://api.point.red/api/v1/master/groups/<id>' \
  -H 'Authorization: Bearer <access_token>' \
  -H 'cache-control: no-cache'

Response

{
    "data": {
        "id": 1,
        "type": "App\\Model\\Master\\Customer",
        "name": "General"
    }
}

Show a group.

HTTP Request

GET http://api.point.red/api/v1/master/groups/<id>

URL Parameters

Parameter Type Description
id (required) int The ID of the groups to retrieve

Update Group

curl -X POST \
  https://api.point.red/api/v1/master/groups \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer <access_token>' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'type=<type>&name=<name>'

Response

{
    "data": {
        "id": 1,
        "name": "John Doe",
        "type": "App\\Model\\Master\\Customer",
        "updated_at": "2018-10-22 06:14:27",
        "created_at": "2018-10-22 06:14:27",
        "updated_by": 1,
        "created_by": 1
    }
}

Update a Group.

HTTP Request

PATCH http://api.point.red/api/v1/master/groups/<id>

URL Parameters

Parameter Type Description
id (required) int The ID of the group to delete
type (required) string
name (required) string

Delete Group

curl "https://api.point.red/api/v1/master/groups/<id>"
  -X DELETE
  -H "Authorization: <access_code>"

Return response 204 with no data

Delete a Group

HTTP Request

DELETE http://api.point.red/api/v1/master/groups/<id>

URL Parameters

Parameter Type Description
id (required) int The ID of the group to delete

Customers

A customer is an individual or business that purchases the goods or services produced by a business.

Create Customer

curl -X POST \
  https://api.point.red/api/v1/master/customers \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer <access_token>' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'name=<name>'

Response

{
    "data": {
        "id": 1,
        "name": "John Doe",
        "updated_at": "2018-10-22 06:14:27",
        "created_at": "2018-10-22 06:14:27",
        "updated_by": 1,
        "created_by": 1
    }
}

Create a Customer.

HTTP Request

POST http://api.point.red/api/v1/master/customers

URL Parameters

Parameter Type Description
name (required) string

Get Customer

curl -X GET \
  'https://api.point.red/api/v1/master/customers' \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer <access_token>' \
  -H 'Content-Type: application/json' \
  -H 'cache-control: no-cache'

Response

{
    "data": [
        {
            "id": 1,
            "name": "John Doe",
        },
        {
            "id": 2,
            "name": "Charlie",
        }
    ]
}

List Customer.

HTTP Request

GET http://api.point.red/api/v1/master/customers

Show Customer

curl -X GET \
  'https://api.point.red/api/v1/master/customers/<id>' \
  -H 'Authorization: Bearer <access_token>' \
  -H 'cache-control: no-cache'

Response

{
    "data": {
        "id": 1,
        "name": "John Doe"
    }
}

Show a Customer.

HTTP Request

GET http://api.point.red/api/v1/master/customers/<id>

URL Parameters

Parameter Type Description
id (required) int The ID of the customers to retrieve

Update Customer

curl -X POST \
  https://api.point.red/api/v1/master/customers \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer <access_token>' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'name=<name>'

Response

{
    "data": {
        "id": 1,
        "name": "John Doe",
        "updated_at": "2018-10-22 06:14:27",
        "created_at": "2018-10-22 06:14:27",
        "updated_by": 1,
        "created_by": 1
    }
}

Update a Customer.

HTTP Request

PATCH http://api.point.red/api/v1/master/customers/<id>

URL Parameters

Parameter Type Description
id (required) int The ID of the group to delete
name (required) string

Delete Customer

curl "https://api.point.red/api/v1/master/customers/<id>"
  -X DELETE
  -H "Authorization: <access_code>"

Return response 204 with no data

Delete a Customer

HTTP Request

DELETE http://api.point.red/api/v1/master/customers/<id>

URL Parameters

Parameter Type Description
id (required) int The ID of the group to delete

Supplier

Supplier may refer to:

Create Supplier

curl -X POST \
  https://api.point.red/api/v1/master/suppliers \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer <access_token>' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'name=<name>'

Response

{
    "data": {
        "id": 1,
        "name": "John Doe",
        "updated_at": "2018-10-22 06:14:27",
        "created_at": "2018-10-22 06:14:27",
        "updated_by": 1,
        "created_by": 1
    }
}

Create a Supplier.

HTTP Request

POST http://api.point.red/api/v1/master/suppliers

URL Parameters

Parameter Type Description
name (required) string

Get Supplier

curl -X GET \
  'https://api.point.red/api/v1/master/suppliers' \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer <access_token>' \
  -H 'Content-Type: application/json' \
  -H 'cache-control: no-cache'

Response

{
    "data": [
        {
            "id": 1,
            "name": "John Doe",
        },
        {
            "id": 2,
            "name": "Charlie",
        }
    ]
}

List Supplier.

HTTP Request

GET http://api.point.red/api/v1/master/suppliers

Show SUpplier

curl -X GET \
  'https://api.point.red/api/v1/master/suppliers/<id>' \
  -H 'Authorization: Bearer <access_token>' \
  -H 'cache-control: no-cache'

Response

{
    "data": {
        "id": 1,
        "name": "John Doe"
    }
}

Show a SUpplier.

HTTP Request

GET http://api.point.red/api/v1/master/suppliers/<id>

URL Parameters

Parameter Type Description
id (required) int The ID of the suppliers to retrieve

Update Supplier

curl -X POST \
  https://api.point.red/api/v1/master/suppliers \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer <access_token>' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'name=<name>'

Response

{
    "data": {
        "id": 1,
        "name": "John Doe",
        "updated_at": "2018-10-22 06:14:27",
        "created_at": "2018-10-22 06:14:27",
        "updated_by": 1,
        "created_by": 1
    }
}

Update a Supplier.

HTTP Request

PATCH http://api.point.red/api/v1/master/suppliers/<id>

URL Parameters

Parameter Type Description
id (required) int The ID of the group to delete
name (required) string

Delete Supplier

curl "https://api.point.red/api/v1/master/suppliers/<id>"
  -X DELETE
  -H "Authorization: <access_code>"

Return response 204 with no data

Delete a Supplier

HTTP Request

DELETE http://api.point.red/api/v1/master/suppliers/<id>

URL Parameters

Parameter Type Description
id (required) int The ID of the group to delete
shell