Skip to content

API

Introduction

Contour API's are a set of interfaces developed by Contour to allow direct communication with Contour Services.

API Specifications

Read our Swagger definitions for 7.0

API Usage Guide

Constructing Endpoints

Endpoints can be found in the API documentation above.

To make API requests, append the endpoint from the documentation to the hostname of the server running the Contour Application.

i.e. https://<SERVER_NAME>/login

Authentication

Most APIs require authentication, the API authenticates using sessions and cookies.

Therefore, API consumers must first login via the Login Endpoint.

Subsequent requests to the APIs should include the cookies in the header.

Also, for all non-GET method requests (e.g. PUT, POST, DELETE), a CSRF token is needed.

Authentication Example

Login Request

Login with a username and password:

curl --location --request POST 'https://<SERVER_NAME>/login' \
--header 'Content-Type: application/json' \
--data-raw '{
    "username": "<USERNAME>",
    "password": "<PASSWORD>"
}'

Response Headers for Valid Login:

X-CSRF-TOKEN 7579be26-d7d6-48f2-b429-0811876e9cca
Set-Cookie SESSION=YjA2Yjc5N2ItN2MwZi00MmVlLWIwNTItMzc5YWMyMTNmNmZk; Path=/; HttpOnly; SameSite=Lax

Headers for Subsequent Authenticated GET Requests

cookie SESSION=YjA2Yjc5N2ItN2MwZi00MmVlLWIwNTItMzc5YWMyMTNmNmZk; Path=/; HttpOnly; SameSite=Lax

Headers for Subsequent Authenticated POST Requests

X-CSRF-TOKEN 7579be26-d7d6-48f2-b429-0811876e9cca
cookie SESSION=YjA2Yjc5N2ItN2MwZi00MmVlLWIwNTItMzc5YWMyMTNmNmZk; Path=/; HttpOnly; SameSite=Lax