Client account, back-office and all platform modules work with the database files through the API, and not directly. API controls the access, integrity and correctness of incoming data.
This documentation describes all API methods for the following actions:
The API only accepts requests coming from a limited list of IP addresses (for example, the client's account site or the back-office site).
Any request to the API from an IP address that is not on the allowed list will be rejected.
This is done to prevent DDoS attacks on the API, attempts to falsify requests, and hacking experiments.
The users always access the platform’s public website (client’s account or back-office), and this site itself makes the necessary data request from the platform’s API. Since the IP address of the site is fixed, it will be on the list of allowed ones.
All requests to API are made using the following HTTP methods:
Each API section contains the URL by which a request for the respective data shall be made.
The HTTP request method is given before each URL.
Each request should always contain 4 variables:
If the request is successful, the API always returns two variables:
In case of unsuccessful execution of the request, the API shows the variables:
Each API request must contain a hash variable, which is the digital signature of the request.
hash = md5($json . $time . $salt)