API basics
API is based on REST principles. The client makes HTTP requests to Paysera system, providing information about the intended action. HTTP verbs GET, POST, PUT and DELETE are used in this API. In POST and PUT requests content request is usually provided in JSON format by using UTF-8 encoding. If some other format is used, it is specified in the method description.
Paysera system provides JSON encoded response to each request. HTTP status code identifies the status of the request - for successful requests, status code 200 is returned. In case of an error, some information like a code and description is provided to debug the problem more easily, so that the client could try to decode the response even if an error code is returned.
If some elements of returned structure are optional, they can be skipped. That is, null is not returned, the JSON element is entirely skipped. Client should handle these situations and do not assert that the element will definitely exist if it's optional.
Errors and response codes
In case of a success, API returns status code 200. In case of an error, the status code differs from case to case. The client should always check the response status code to know what kind of response is given. In case of an error, response body is the error object. It's structure is provided in the table below.
error
error_description
error_uri
Basic error codes
invalid_request
400
invalid_parameters
400
unauthorized
401
forbidden
403
not_found
404
not_acceptable
406
invalid_state
409
internal_server_error
500
Error response example
HTTP/1.1 403 Forbidden Content-type: application/json;charset=utf-8
{
"error": "forbidden",
"error_description": "This resource is assigned to other project, client has no rights to read it"
}
Authentication
MAC access authentication used in API is based on the OAuth 2.0 Message Authentication Code (MAC) Tokens specification .
project_id is used as a mac_id and project_sign_password is used as mac_secret.