Internal API
From ITR Wiki
Revision as of 09:28, 29 March 2019 by WordpressAdmin69 (talk | contribs)
Internal API
The internal API is for usage by the website of the ITR. It cannot be used from external websites, unless the flag ENABLE_CORS in the file instance/application.cfg is set to 'Y'. It is strongly discouraged to set this flag to 'Y' for anything else but developmnet systems.
The following API calls are available for the following roles (in case of doubt check the source code in the application.py file on github):
| Endpoint | Role | Description | Headers | Response codes | Supported operations |
|---|---|---|---|---|---|
| test | All | Standard test page | |||
| copyright | All | Return the copyright information for this ITR installation | 200 OK | Get | |
| companyname | All | Return the company name for this ITR installation | 200 OK | Get | |
| login | All | Login endpoint | UserID, Password, CompanyID (optional) | 200 OK or 401 user not found in case user is unknown or user id/password combination is not correct | Get |
| sendresetpassword | All | Send a reset password link via mail. The mail contains a URL with a token which is valid for 5 minutes. | UserID | 200 OK or 404 user not found | Post |
| resetpassword | All | Reset the password. In case the account is registered with multiple companies then all these passwords will be reset | UserID, Password, SessionID | 200 OK or 404 user not found or token invalid | Post |
| checktoken | All | Checks if the token is valid | UserID, Password, SessionID | 200 OK or 404 token invalid | Post |
| logout | All | Checks if the token is valid | SessionID | 200 OK or 404 token invalid | Post |
| audittrail | regular_office_user | returns audit trial | SessionID, CompanyID, StartPage, PageSize, Sort (optional), IncludeMaster, IncludeClient, SearchField (optional), TimeZoneOffset, Filter (optional) | 200 OK or 404 token invalid | Get |
