Developers
API & Cookbook

QUABLE PIM API

Quable PIM API is based on REST principles

This documentation aims to follow the RFC2119 concerning the usage of key words to indicate requirement levels.

You have to be authenticated and call the simple HTTPs request on the URL specified below.
The following documentation covers core resources that are used to manipulate with the main entities. First of all, read basic instructions to start using the API.

Allowed HTTPs requests:

  • POST - To create resource
  • PUT - To update resource
  • GET - Get a resource or list of resources
  • DELETE - To delete resource

Description Of Usual Server Responses:

200 "OK" - the request was successful.

201 "Created" - the request was successful and a resource was created.

204 "No Content" - the request was successful but there is no representation to return (i.e. the response is empty).

400 "Bad Request" - the request could not be understood or was missing required parameters.

401 "Unauthorized" - authentication failed or user doesn't have permissions for requested operation.

403 "Forbidden" - access denied.

404 "Not Found" - resource was not found.

405 "Method Not Allowed" - requested method is not supported for resource.

405 "Request format is not acceptable" - requested format is not supported for resource.

API provide JSON request and response. It's can be set by:

All requests must be send over HTTPS protocol.

Each response contains a "Quable-Digest" header. This header include a checksum of the response.

Login based on API login + Password

POST /sessions

Parameters

  • signin[username] : string
  • signin[password] : string
  • signin[remember] : boolean
  • lang : string (locale valeur)

Response payload

{
"oauth":
{
"access_token": "fd55861aefa86aa3a2cc77575a9e9bfb",
"expires_in": 3600,
"refresh_token": "ec58b427a96aca9e17a9cc376669b3a5"
}
}

Authentification OAuth based on a refresh_token :

GET /sessions

Cookie :

  • quable-remember-me=TOKEN

Response payload

{
"oauth":{
"access_token":"e086490be7030758b3b6d442ce7d548c",
"expires_in":3600,
"refresh_token":"954059611ec1fc133b1b5d9116062de4"
}
}

With the use of the access_token, you can connect using a Bearer token in the request header:

Authorization:Bearer ACCESS_TOKEN