Client API intro - RKOrderSoft/server GitHub Wiki

Intro

The API endpoint for OrderSoft is ${server ip}/api. Each request should contain a client identification string (i.e. 'dotnet', 'js'), and each authenticated request should contain a valid session ID.

Each request should contain a client and sessionId header (for authenticated endpoints)

All responses from the server will contain the following:

{
  "ordersoft_version": "x.x.x",
}

When the response code is in the 400-500 range, a "reason" field may be provided.

Authentication flow

Your application should begin by sending a POST request to /api/test. This will return the version of OrderSoft the server is running, and whether not your client is an "accepted client".

Before using any authenticated API functions, you should POST /api/login with a username and password in the body - this will return a session ID and access level. You may store this session ID in your client - by default, they expire 24 hours after being issued.

Now, any authenticated API functions can be accessed by sending your session ID in the request body. More information on these endpoints can be found in the API reference.