Kingfisher API
Kingfisher (Email Service) Endpoints
Authentications
Kingfisher APIs uses Bearer Token as the authentication method. Tokens are valid for seven days and can be extended two days after the expiration date.
Register User
POST
https://kingfisher.kamva.ir/api/auth/register
This API registers the user in kingfisher database, and will not create a Sendinblue account. If there is a trial user with the same email in the database, it will check for passwords match. If passwords match, it will return a 200 OK response. Otherwise, it will return 400 Bad Request response.
Request Body
Login
POST
https://kingfisher.kamva.ir/api/auth/login
This API checks for a user with given email and password and authenticate it. API returns user authentication token in response.
Request Body
Logout
DELETE
https://kingfisher.kamva.ir/api/auth/logout
This API destroys the auth token and add it to the blacklist. Tokens that put in the blacklist won't authenticate. If auth token was invalid, API returns 400 Bad Request response.
Headers
Refresh auth token
POST
https://kingfisher.kamva.ir/api/auth/refresh
This API extends the given tokens expiration date. It checks the expiration date and calculates diff from current time. If the diff is less than two days (or token is not expired yet), then token expiration date will be updated to the next seven days. Otherwise, it returns 400 Bad Request response.
Headers
Global Authentication Responses
There may be other client error responses, for the APIs that checks the auth token before processing the requests.
In the following sections, we will describe these responses, their structures, and their reasons:
Authentication token is not provided
This error response returns when the Authorization header is empty.
Invalid token provided
This error response returns when the Authorization header is invalid. It means that the Authorization header value has not Bearer keyword before the token or token has invalid values.
Token is expired
This error response returns when the provided token has expired.
Token is blacklisted
This error response returns when the provided token has been blacklisted before.
Plan
List available plans
GET
https://kingfisher.kamva.ir/api/plan
List all available plans with their price and info.
Subscription
Subscribe
POST
https://kingfisher.kamva.ir/api/subscription/subscribe
This API creates a subscription receipt and returns a payment url for that receipt.
Headers
Request Body
After the user paid the subscription receipt, will be redirected to https://kingfisher.kamva.ir/verify
. In this URL, kingfisher tries to verify payment and redirect the user back to the client. The client verification URL can be customized via PAYMENT_VERIFICATION_URL
env variable. Kingfisher also pass some value through query string parameters when redirecting, to specify status of the payment.
These parameters are:
authority [string]: The payment refer_id to show to the user.
verified [bool]: Determine whether payment verified by payment gateway or not.
status [string]: Determine the status of payment, subscription creation and registration on Sendinblue. It may have one of the following values:
success: everything went well.
failed: payment not verified in kingfisher side or payment gateway side.
cancelled: payment has been cancelled by user.
internal_error: some internal error occurred.
receipt_id: ID of paying receipt. It is
not_found
if no receipt found related to payment authority.error_code: when status parameter value is
internal_error
, an error code will be passed to specify the reason of error.
In some situations, an internal error may occur after verifying payment. It means that payment has been verified successfully – and the money will not return back to the payee account – but some of the operation that will happen after payment verification has been failed. You should find the reason by searching error_code in codes and fix it manually.
Sometime when API returns 200 OK response, sendinblue registration may be failed but successfully queue for retrying.
[Admin Only] Add Trial User
POST
https://kingfisher.kamva.ir/api/subscription/trial
This API register a user as a trial user.
Headers
Request Body
If a 200 OK response returns with an empty auth_key field, it means registering user in sendinblue and it has queued for retrying.
[Admin Only] Add Sponsorship Account
POST
https://kingfisher.kamva.ir/api/subscription/sponsorship
Headers
Request Body
If a 200 OK response returns with an empty auth_key
field, it means registering user in sendinblue and it has queued for retrying.
Receipt
Get Receipt Info
GET
https://kingfisher.kamva.ir/api/receipt/{receipt_id}
This API returns information about the receipt with the given ID.
Path Parameters
Headers
Client should have a page to show the receipt data before redirecting user to payment gateway. This page url should be like https://<domain>/<path>/<receipt_id>
. Since this URL is used in expiration reminder emails and SMSs, it is configurable via RECEIPT_BASE_URL
. This variable should contains domain
and path
part of example url above. for example it should be https://kamva.ir/email/receipt
.
Pay Receipt
GET
https://kingfisher.kamva.ir/api/receipt/{receipt_id}/pay
This API generate and return receipt payment url.
Path Parameters
Headers
After the user paid the subscription receipt, will be redirected to https://kingfisher.kamva.ir/verify
. In this URL, kingfisher tries to verify payment and redirect the user back to the client. The client verification URL can be customized via PAYMENT_VERIFICATION_URL
env variable. Kingfisher also pass some value through query string parameters when redirecting, to specify status of the payment.
These parameters are exactly like the parameter in subscription section.
Profile
Get Profile Info
GET
https://kingfisher.kamva.ir/api/profile
This API returns Information of user account
Headers
Update User Info
PATCH
https://kingfisher.kamva.ir/api/profile
This API updates user informations.
Headers
Request Body
Reports
[Admin Only] Sales Report
GET
https://kingfisher.kamva.ir/api/report
This API returns sales reports.
Query Parameters
Headers
Last updated