Getting started with e-satisfaction API

Before making use of our API, please read the following carefully to get you started.

Authentication

All API calls require authentication. This is essential for the API to identify which user is making the call so that appropriate results will be returned, as well as for security reasons.

Authentication is achieved through the use of an API key. e-satisfaction is using jwt for the API keys.

User tokens can be generated on the application dashboard, visiting the user profile section. Creating a user token will request for a set of scopes so that the token can access the API. You can check the scopes needed in each API call in the present documentation.

It's your responsibility to keep the API tokens safe to prevent any anauthorized access. Once you obtain your API token, you will have to use it in every API call you make.

To include the token in an API call, simply use the Authorization header like this:

Authorization: Bearer [jwt]

Header Example

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyIjoiYXBpYXJ5Iiwic2NvcGUiOiJkb2MifQ.gJM_xMQt_MgfqDIoSIh3qK1V4cfpGsdRmy23LrjG03A

cURL Example

curl --header "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyIjoiYXBpYXJ5Iiwic2NvcGUiOiJkb2MifQ.gJM_xMQt_MgfqDIoSIh3qK1V4cfpGsdRmy23LrjG03A" https://api.e-satisfaction.com/v3.2/q/questionnaire

REST API

e-satisfaction API is designed taking into consideration the REST principles and is trying to get as closer as possible to the specifications.

Request Methods

The API makes use of all http methods
that the REST specification defines based on the operation each time.

For that reason, this document makes use of POST, PATCH, GET and DELETE methods.

Payload Structure

The payload of each request can be provided using two formats:

key-value pairs, either in the url (for GET requests) or on the request body (for POST, PATCH or DELETE methods)

json, on the request body, for all http methods

In the context of this document, and for easier understanding of the parameters, we are going to use the json format, and this is the one we suggest for implementing API calls.

Responses

All API responses include full entities, based on the operation, according to the REST specification.

Response Fields

On each API call, you can use an extra argument called response_fields and define all the response fields that you need the API to return. No value for this parameter means that it will return all the fields of the requested resource.

You can send response_fields as an array of values, the fields you wish the API to return.

HTTP Status Codes

Based on the status of each operation, a response might have one of the following HTTP Status Codes:

Normal operation codes

On a successful operation, one of the following status codes will be returned, based on the operation.

Code	Description	Reason
`200`	`OK`	Successful Operation
`201`	`Created`	Object/Entity created with success
`204`	`No Content`	Successful Operation. No content provided. Usually in `DELETE` operations

On an error, one of the following status codes will be returned, based on the error.

The following codes will be documented on each request explicitily.

Code	Description	Reason
`400`	`Bad Request`	In cases where the input is invalid
`404`	`Not Found`	If the referenced entity/object does not exist
`409`	`Conflict`	If the operation performed is in conflict with another operation or with the object state

Error codes

The following error codes can be thrown on any request and thus there is no need to document them explicitily.

Error codes can be thrown almost on any request and they documented only to define an expected behavior.

Code	Description	Reason
`401`	`Unauthorized`	If the provided jwt is not valid
`403`	`Forbidden`	If no jwt is provided
`500`	`Internal Server Error`	An unexpected error occurred. We are getting notifications about these errors and we should fix it ASAP
`501`	`Not implemented`	In cases where the requested operation is not implemented on the entity/object

Versions - Compatibility

e-satisfaction API is structured in versions. Current version is v3.2.

Versions follow the Semantic Versioning specification, which means that all minor and lower releases will have no breaking changes.

To highlight the specification, given a version number MAJOR.MINOR.PATCH, we increment the:

MAJOR version when we make incompatible API changes,

MINOR version when we add functionality in a backwards-compatible manner, and

PATCH version when we make backwards-compatible bug fixes.

In our API, we are following the MAJOR.MINOR format for our versions, where:

MAJOR versions are for backward incompatible changes (e.g. brand new API)

MINOR versions are for whole new features

All bug fixes and small improvements will be integrated silently into the latest version (starting from the one affected, if bug, and merge up).

Compression

All API responses are compressed using gzip and a response header Content-Encoding: gzip is returned always.

Although all major libraries can handle properly the above compression, keep in mind to uncompress if you are using your own custom library.

Feedback

We are always trying to keep our documentation up-to-date with all the latest changes. However, if you find any issues that might affect your implementation and this documentation should be updated, please let us know by sending a request at support@e-satisfaction.com.

In case of security vulnerabilities, please add a subject line with a prefix of [e-satisfaction API Security Vulnerability] and we will address it immediately.

Introduction

Getting started with e-satisfaction API#

Authentication#

Header Example#

cURL Example#

REST API#

Request Methods#

Payload Structure#

Responses#

Response Fields#

HTTP Status Codes#

Normal operation codes#

Error codes#

Versions - Compatibility#

Compression#

Feedback#