🔤 FL3XX API Basics
All FL3XX API services are based on the REST architectural style and they are all stateless.
Access and API Permissions
Permissions
Each API token / API connection has a set of particular access rights that restrict which operations are allowed to be called.
Operator Access
FL3XX releases one token for each Operator-to-ThirdParty (TP) connection. Since every API Token is generated based on an Operator account, calling the API with a specific Token will get/update/post/delete information related to a specific Operator instance. If the application needs to handle data for multiple operators, it needs to handle multiple API Token/Connections.
Application Specificity
If different kinds of applications are implemented, each application should be able to use separate API connections.
Call Frequency
Kindly observe our Fair Use Policy, which restricts frequent API requests to one every 10 minutes. Sporadic, on-demand requests are permitted. This policy is subject to periodic review and may be adjusted based on individual circumstances.
JSON Input and Output format
The API documentation pages have information about the JSON format returned by all the available API operations and also the JSON format expected by any POST and PUT operation.
HTTP Request Headers
API Token
This required header is a unique token identifying the calling application.
The value for the API token should not be editable by the users of the application.
Key Format:
- X-Auth-Token
X-Auth-Token: FY_8quA0T-oWMejjCjM3hpqapRnbfoha
A screenshot from Postman
Content-Type
All request body data in any POST or PUT call should be sent in JSON format.
Content-Type example
Content-Type: application/json
Time formatting
HTTP Status Codes
Conventional HTTP response codes indicate the success or failure of each API call. In general, codes in the 2xx range indicate success, codes in the 4xx range indicate an error that resulted from the provided information (e.g. a required parameter was missing, an authorization failed, etc.), and codes in the 5xx range indicate an API server error.
| Code | Title | Description |
|---|---|---|
| 200 | OK | The request has succeeded |
| 201 | Created | The request has been fulfilled and has resulted in one or more new resources being created |
| 400 | Bad Request | The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax) |
| 401 | Unauthorized | The request has not been applied because it lacks valid authentication credentials for the target resource |
| 403 | Forbidden | The server understood the request but refuses to authorize it, e.g. no permissions, rate limit exceeded, etc |
| 404 | Not Found | The application requested a resource that does not exist |
| 422 | Unprocessable Entity | Validation failure, relationship failure, or state failure. |
| 500 | Internal Server Error | Internal failure |
| 503 | Service Unavailable | Service too busy |
| 504 | Gateway Timeout | Service temporary unavailable. |
Updated about 2 months ago