API
Introduction
Contour API's are a set of interfaces developed by Contour to allow direct communication with Contour Services.
API Specifications
For API specification documents, please contact our support team by raising a support ticket for assistance.
What has changed from 8.0
- There is no structural changes in API. Changes are only in SWIFT related validations in field size. Click here to view those changes.
API Usage Guide
Constructing Endpoints
Endpoints can be found in the API documentation above.
To make API requests, append the endpoint from the documentation to the hostname of the server running the Contour Application.
i.e.
https://<SERVER_NAME>/login
Authentication
Most APIs require authentication, the API authenticates using sessions and cookies.
Therefore, API consumers must first login via the Login Endpoint.
Subsequent requests to the APIs should include the cookies in the header.
Also, for all non-GET method requests (e.g. PUT, POST, DELETE), a CSRF token is needed.
Authentication Example
Login Request
Login with an email address and password:
curl --location --request POST 'https://<SERVER_NAME>/login' \
--header 'Content-Type: application/json' \
--data-raw '{
"username": "<EMAILADDRESS>",
"password": "<PASSWORD>"
}'
Response Headers for Valid Login:
| X-CSRF-TOKEN | 7579be26-d7d6-48f2-b429-0811876e9cca |
| Set-Cookie | SESSION=YjA2Yjc5N2ItN2MwZi00MmVlLWIwNTItMzc5YWMyMTNmNmZk; Path=/; HttpOnly; SameSite=Lax |
Headers for Subsequent Authenticated GET Requests
| cookie | SESSION=YjA2Yjc5N2ItN2MwZi00MmVlLWIwNTItMzc5YWMyMTNmNmZk; Path=/; HttpOnly; SameSite=Lax |
Headers for Subsequent Authenticated POST Requests
| X-CSRF-TOKEN | 7579be26-d7d6-48f2-b429-0811876e9cca |
| cookie | SESSION=YjA2Yjc5N2ItN2MwZi00MmVlLWIwNTItMzc5YWMyMTNmNmZk; Path=/; HttpOnly; SameSite=Lax |