External API
From ITR Wiki
External API
The external API is for usage by other servers who want to perform activities in the ITR.
An external API call ALWAYS requires the headers CompanyID, UserID, ExternalAPIToken. The ExternalAPIToken can be created on the user within the company. All values are GUIDs. NEVER share the ExternalAPIToken with anybody else or put it in javascript or on a website. The ExternalAPIToken is a SECRET with which you can login to the ITR as this user.
The following API calls are available (in case of doubt check the source code in the application.py file on github):
Overview functions and login functions
| Endpoint | Description | Headers | Response codes | Supported operations |
|---|---|---|---|---|
| GetURLForPublicTest | Return a URL to the caller that can be used in a web browser to show the test taking, for example in an iframe. Set the function ITREndTestFunction in the iframe to be notified when the last test in the session is done, or listen to the window.parent.postMessage("ITREndTestFunction") which is executed at that point in time. The call can be executed multiple times to add differest tests to the same session. You, as a caller, need to generate a ReferenceID, which is a guid/uuid4, which you use as a session reference. You may set a session description. The ITR will generate and register a test taking access token which is valid for one minute. Once the test session is started the token will be refreshed by the browser. All IDs like TestID can be found in the URLs of the ITR. The NormIDs cannot be viewed. Download the test definition and open that in an editor to get the right NormIDs. | CompanyID, UserID, ExternalAPIToken, TestID, ReferenceID, NormID1, NormID2, NormID3, Description | 200 OK, 204 OK but session already done, 403 invalid external api token | Get |
| GetURLForViewingResults | Return a URL to the caller that can be used in a web browser to view the session results, for example in an iframe. Pass the generated ReferenceID. The ITR will generate and register a USER access token which is valid for one minute. Once the ITR session is started the token will be refreshed by the browser. | CompanyID, UserID, ExternalAPIToken, ReferenceID, Path (if not set Session is used which will lead to the session screen. Others paths can be used to jump to other ITR functions this user has access to) | 200 OK, 403 invalid external api token | Get |
