DATA-API Overview

The DATA-API is organized based on REST service. Our API has predictable resource-oriented URLs, returns JSON-encoded responses, and uses standard HTTP response codes, authentication, and verbs.

The DATA-API allows the user to execute the following operations

Verb	Operation	Endpoint
`POST`	Create Record	`/api/:entity_name`
`PUT`	Edit Record	`/api/:entity_name/:id`
`DELETE`	Delete Record	`/api/:entity_name/:id`
`POST`	Search Record	`/api/:entity_name/search`
`POST`	Export Record	`/api/:entity_name/export`

Authentication

The Stack9 Data-API uses API keys to authenticate requests. You can view and manage your API keys in the YOUR_DOMAIN/apps/administration/api_key Stack9 Back office Dashboard.

Your API keys have many privileges, so be sure to keep them safe. Do not share your secret API keys in publicly accessible areas such as GitHub repository, Docker-Hub, client-side code, and so on.

Use your API key by adding it on the Api-Key header in each request.

// NodeJS example
fetch('https://april9.stack9.co/api/customer/search', {
  method: 'POST',
  headers: {
    'Api-Key': '<my_secret_api_key>',
    'Content-Type': 'application/json',
  },
})
  .then(response => response.json())
  .then(data => console.log(data));

// OR

const response = await fetch('https://april9.stack9.co/api/user', {
  headers: {
    'Api-Key': '<my_secret_api_key>',
    'Content-Type': 'application/json',
  },
});
const data = await response.json();
console.log(data);

// OUTPUT
// [
//   {
//     id: 1,
//     email: 'my_email@domain.com.au'
//   },
//   {
//     id: 2,
//     email: 'other_email@domain.com.au'
//   },
// ];

All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.

Status Code	Operation	Response
`200`	Queried successfully
`400`	Bad Request Error	`{ error: {}}`