Partners API
Kingfisher (Email Service) Endpoints
Last updated
Kingfisher (Email Service) Endpoints
Last updated
Kingfisher APIs uses Bearer Token as the authentication method. Tokens are valid for seven days and can be extended two days after the expiration date.
POST https://kingfisher.kamva.ir/api/auth/register
This API registers the user in kingfisher database, and will not create a Sendinblue account. If there is a trial user with the same email in the database, it will check for passwords match. If passwords match, it will return a 200 OK response. Otherwise, it will return 400 Bad Request response.
| Name | Type | Description |
|---|---|---|
POST https://kingfisher.kamva.ir/api/auth/login
This API checks for a user with given email and password and authenticate it. API returns user authentication token in response.
DELETE https://kingfisher.kamva.ir/api/auth/logout
This API destroys the auth token and add it to the blacklist. Tokens that put in the blacklist won't authenticate. If auth token was invalid, API returns 400 Bad Request response.
POST https://kingfisher.kamva.ir/api/auth/refresh
This API extends the given tokens expiration date. It checks the expiration date and calculates diff from current time. If the diff is less than two days (or token is not expired yet), then token expiration date will be updated to the next seven days. Otherwise, it returns 400 Bad Request response.
There may be other client error responses, for the APIs that checks the auth token before processing the requests.
In the following sections, we will describe these responses, their structures, and their reasons:
This error response returns when the Authorization header is empty.
This error response returns when the Authorization header is invalid. It means that the Authorization header value has not Bearer keyword before the token or token has invalid values.
This error response returns when the provided token has expired.
This error response returns when the provided token has been blacklisted before.
POST https://kingfisher.kamva.ir/api/auth/forgot-password
This API sends the forgot password email to the user to reset her/his password.
POST https://kingfisher.kamva.ir/api/auth/reset-password/:user_id
After clicking on the link in the email, the user's browser going to the reset password page , in that page after inserting the new password by the user, you should call to this API to reset the user's password.
GET https://kingfisher.kamva.ir/api/auth/SSO
return SSO link to login to the mail panel
GET https://kingfisher.kamva.ir/api/plan
List all available plans with their price and info (Exclude custom plans).
GET https://kingfisher.kamva.ir/api/plan/all
List all available plans with all features (full feature)
POST https://kingfisher.kamva.ir/api/plan
Insert new plan
PUT https://kingfisher.kamva.ir/api/plan/:receipt_id
plans that used in subscription, we can not update those.
Another response for not found plan:
DELETE https://kingfisher.kamva.ir/api/plan/:receipt_id
We can not remove plans that are using a subscription
POST https://kingfisher.kamva.ir/api/subscription/subscribe
This API creates a subscription receipt and returns a receipt id for that receipt.
Here we have three state:
User have extended receipt: we update it's receipt's plan and price, then redirect to bank gateway and set callback to https://kingfisher.kamva.ir/receipt/verify.
User already subscribed : we return 403 forbidden response.
User don't have any subscription: we redirect to bank gateway and set callback to https://kingfisher.kamva.ir/verify
kingfisher callback URLs tries to verify payment and redirect the user back to the client. The client verification URL can be customized via PAYMENT_VERIFICATION_URL env variable. Kingfisher also pass some value through query string parameters when redirecting, to specify the status of the payment.
These parameters are:
authority [string]: The payment refer_id to show to the user.
verified [bool]: Determine whether payment verified by payment gateway or not.
status [string]: Determine the status of payment, subscription creation and registration on Sendinblue. It may have one of the following values:
success: everything went well.
failed: payment not verified in kingfisher side or payment gateway side.
cancelled: payment has been cancelled by user.
internal_error: some internal error occurred.
receipt_id: ID of paying receipt. It is not_found if no receipt found related to payment authority.
error_code: when status parameter value is internal_error, an error code will be passed to specify the reason of error.
In some situations, an internal error may occur after verifying payment. It means that payment has been verified successfully – and the money will not return back to the payee account – but some of the operation that will happen after payment verification has been failed. You should find the reason by searching error_code in codes and fix it manually.
Sometime when API returns 200 OK response, sendinblue registration may be failed but successfully queue for retrying.
POST https://kingfisher.kamva.ir/api/subscription/update/:receipt_id
Update subscription receipt, e.g apply discount code, change plan
GET https://kingfisher.kamva.ir/api/subscription/pay/:receipt_id
Get payment link to subscription receipt
All 4xx error responses in /subscription/subscribe API may return here also.
POST https://kingfisher.kamva.ir/api/verify-failed
Check last state of receipt and verify it (if needed)
There may be other responses in some situations:
If payment is unsuccessful:
or
When the subscription is active but the user calls to this API
POST https://kingfisher.kamva.ir/api/subscription/manual
Subscribe a user manually by admin
In addition to the written responses, you need to also check internal error responses.
POST https://kingfisher.kamva.ir/api/subscription/extend
Extend user's subscription manually by admin
Some other 403 Forbidden responses:
POST https://kingfisher.kamva.ir/api/subscription/history/extend
Extend the user subscription history, This API doesn't add the credit, just add expired receipt
Some other 403 Forbidden responses:
POST https://kingfisher.kamva.ir/api/subscription/trial
This API register a user as a trial user.
Note: This API method is deprecated, use /api/subscription/trial-existed-user
If a 200 OK response returns with an empty auth_key field, it means registering user in sendinblue and it has queued for retrying.
POST https://kingfisher.kamva.ir/api/v1/subscription/trial-existed-user
Give trial charge to user
POST https://kingfisher.kamva.ir/api/subscription/sponsorship
If a 200 OK response returns with an empty auth_key field, it means registering user in sendinblue and it has queued for retrying.
POST https://kingfisher.kamva.ir/api/credit/add
POST https://kingfisher.kamva.ir/api/credit/threshold
Add low credit settings for specific user
PUT https://kingfisher.kamva.ir/api/credit/threshold/{threshold_settings_id}
DELETE https://kingfisher.kamva.ir/api/credit/threshold/{threshold_settings_id}
GET https://kingfisher.kamva.ir/api/receipt/{receipt_id}
This API returns information about the receipt with the given ID.
Client should have a page to show the receipt data before redirecting user to payment gateway. This page url should be like https://<domain>/<path>/<receipt_id>. Since this URL is used in expiration reminder emails and SMSs, it is configurable via RECEIPT_BASE_URL. This variable should contains domain and path part of example url above. for example it should be https://kamva.ir/email/receipt.
In this page we have either "Pay" or "Verify Payment" or "Pay Again" button relative to these scenarios :
1. if the receipt is unverified (verified: false) and authority is false (has_authority: false ) , show a simple "pay" button.
2. If the receipt is unverified but has_authority is true , show "Verify payment" button that on clicked on it, send request to /verify-failed route and get result, if have paymentError result (see description of this route) , hide this button and show "pay again" button that have URL same as "Pay" button.
GET https://kingfisher.kamva.ir/api/receipt/unpaid
This API return unpaid extended receipt to you.
POST https://kingfisher.kamva.ir/api/receipt/:receipt_id/update
Update plan of receipt or set you'r discount code for extended receipt.
Other Situations:
If plan id be invalid (404 : Not Found)
GET https://kingfisher.kamva.ir/api/receipt/{receipt_id}/pay
This API generate and return receipt payment url.
After the user paid the subscription receipt, will be redirected to https://kingfisher.kamva.ir/verify. In this URL, kingfisher tries to verify payment and redirect the user back to the client. The client verification URL can be customized via PAYMENT_VERIFICATION_URL env variable. Kingfisher also pass some value through query string parameters when redirecting, to specify status of the payment.
These parameters are exactly like the parameter in subscription section.
GET https://kingfisher.kamva.ir/api/discount/all
POST https://kingfisher.kamva.ir/api/discount
PUT https://kingfisher.kamva.ir/api/discount/:descount_id
POST https://kingfisher.kamva.ir/api/discount/:discount_id/expire
GET https://kingfisher.kamva.ir/api/ip
List all IPs for the Admin
POST https://kingfisher.kamva.ir/api/ip/associate
POST https://kingfisher.kamva.ir/api/ip/dissociate
Dissociate IP form specific user
POST https://kingfisher.kamva.ir/api/sender
GET https://kingfisher.kamva.ir/api/info/malicious-users
Return list of malicious users with their campaigns name. Malicious user is user that send spam mails
GET https://kingfisher.kamva.ir/api/notification/{driver}/settings
Use this API to get notification settings.
POST https://kingfisher.kamva.ir/api/notification/{driver}/settings
Use this API to set API key of your app and also Authorization token (or server_key)
GET https://kingfisher.kamva.ir/api/notification/{driver}/settings
POST https://kingfisher.kamva.ir/api/{driver}/contact/{server_key:string}/
Use this API to upsert (insert or update) your contact token with sendinblue contacts.
GET https://kingfisher.kamva.ir/api/{driver}
Get notification list
POST https://kingfisher.kamva.ir/api/{driver}
Use to create notification
GET https://kingfisher.kamva.ir/api/{driver}/{notification_id}
Get notification by it's id.
PUT https://kingfisher.kamva.ir/api/{driver}/{notification_id}
Update notification.
DELETE https://kingfisher.kamva.ir/api{driver}/{notification_id}
Delete a notification.
GET https://kingfisher.kamva.ir/api/lab/healthcheck
Check healthy of API
GET https://kingfisher.kamva.ir/api/profile
This API returns Information of user account
PATCH https://kingfisher.kamva.ir/api/profile
This API updates user informations.
GET https://kingfisher.kamva.ir/api/report
This API returns sales reports.
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
string
user valid email address
phone
string
user phone number
first_name
string
user first name
last_name
string
user last name
company_name
string
user company name
password
string
a secure strong password, minimum 8 character
string
user email
password
string
user password
Authorization
string
Auth token
Authorization
string
Auth token
string
users's email
user_id
string
The user's ID
sig
string
The signature in link query parameter (don't need to unescaping it)
expires
integer
The expire time (get from link query parameters)
password
string
The new password
Authorization
string
Auth token
string
Authorization
string
Auth token
marketing_automation
boolean
enable marketing automation
transactional_mail
boolean
enable transactional mail
transactional_sms
boolean
enable transactional sms
is_custom
boolean
plan is custom?
credit
number
credit
price
number
Price (in euro)
key
string
key of plan (must be unique)
title
string
Title of plan(must be unique)
ip
string
plan's IP
receipt_id
string
ID of receipt
marketing_automation
string
enable marketing automation
transactional_sms
string
enable transactional SMS
transactional_mail
string
enable transactional mail
is_custom
string
panel is custom?
credit
string
credit value
price
string
price
ip
string
IP
key
string
key
title
string
Title of plan
receipt_id
string
receipt id
Authorization
string
Auth token
Authorization
string
Auth token
plan_id
string
ID of selected plan
Authorization
string
bearer <your jwt token>
Content-Type
string
Application/json
code
string
discount code
plan_id
string
id of plan
Content-Type
string
Application/json
Authorization
string
bearer <your jwt token>
Authorization
string
Auth token
receipt_id
string
ID of receipt
discount_code
string
If you have discount code, insert it here. API accept this discount code just if you don't provide any subscribed_at field.
string
The user's email address
subscribed_at
string
subscription date, if it's before now, we do not add credit to her/his account.
Example format of date: 2006-01-02T15:04:05Z
plan_id
string
The plan ID
discount_code
string
discount code to using on extend plan.
plan_id
string
The plan ID
string
The user's email address
plan_id
string
The plan ID
string
The user's email address
begin_at
string
Date of beginning extension
example format: 2016-02-01T15:03:04Z
Authorization
string
Admin auth token
string
user valid email address
first_name
string
user first name
last_name
string
user last name
company_name
string
user company name
password
string
a secure strong password, minimum 8 character
Authorization
string
your bearer token
Content-Type
string
Application/json
string
user's email that you want to give trial subscription to her/him
Authorization
string
Admin auth token
string
user valid email address
first_name
string
user first name
last_name
string
user last name
company_name
string
user company name
password
string
a secure strong password, minimum 8 character
month
integer
number of sponsorship months
plan_id
string
ID of plan for sponsor
credit
integer
Credit value (e.g 200)
string
The user's email
Authorization
string
you'r bearer token
Content-Type
string
Application/json
threshold
integer
emails credit threshold to send notify user
user_email
string
user's email address
Authorization
string
your bearer token
Content-Type
string
Application/json
threshold
integer
emails credit count to send notification
Authorization
string
your bearer token
Content-Type
string
Application/json
receipt_id
string
ID of receipt
Authorization
string
Auth token
Authorization
string
bearer <your bearer token>
Content-Type
string
Application/json
receipt_id
string
The receipt ID
Authorization
string
Auth token
code
string
Discount code to apply on receipt
plan_id
string
The plan ID
receipt_id
string
ID of receipt to pay
Authorization
string
Auth token
limit
integer
count of items that should retrn (default:50)
skip
integer
how many item should skip? (default : 0)
expire_at
string
expire date of discount (in ISO8601 format)
multi_pass
string
This discount can use by all user's or just specific user?
multi_plan
boolean
This discount is for all plans or just specific plan?
count
integer
How many times can use this discount code?
description
string
Short description about your discount
discount
integer
The discount value (percent)
code
string
discount code (this value should be unique per plans)
user_email
string
If discount is for just single user, pass the
user's email here.
This field is required if multi_user is false .
plan_id
string
ID of the plan that you want to add discount to it.
This field is required if multi_plan field is false
expire_at
string
Expire date of discount (ISO8061 format)
multi_pass
boolean
Set this field to true if all users can use this discount.
multi_plan
boolean
Set this field to true if all plans can use this discount.
count
integer
How many times can use this discount?
Description
string
Short description about the discount.
discount
integer
Percent of discount
code
string
Discount code
user_email
string
Id of user that can use this discount
required if multi_pass is false.
plan_id
string
Id of the plan.
required if multi_plan is false.
string
Cotent-Type
string
Application/json
Authorization
string
bearer <your token>
Content-Type
string
Application/json
Authorization
string
bearer <token>
ip
string
The IP that want to associate to your user
string
The user's email
Authorization
string
bearer <token>
Content-Type
string
Application/json
string
User's email
ip
string
The IP that want to dissociate from user
Authorization
string
bearer <token>
Content-Type
string
Application/json
name
string
Name of the sender
string
The email
ip
string
The IP
domain
string
Domain name
Authorization
string
bearer <token>
Content-Type
string
Application/json
driver
string
driver is notification provider name. possible values: najva
Authorization
string
Authorization token.
driver
string
name of notifaction provider. possible values: najva
Authorization
string
Authorization token
server_key
string
your server key or Authorization token (relative to notification provider settings)
web_api_key
string
your app api key
driver
string
driver is notification provider name. possible values: najva
driver
string
name of notification provider. possible values: najva
device_type
string
user's device type that you get token from it. possible values: "ios", "android", "web"
token
string
notification token
string
user's email
driver
string
name of notification provider. possible values: najva
limit
integer
use to limit pagination items count (defaul:50)
skip
integer
skip paramter for paginaion (defaut:0)
driver
string
name of notification provider. possible values: najva
title
string
Notification title
body
string
Notification body
content
string
If set your "on_click_action" to "open-sms", using this value as sms content.
icon
string
notification icon url
image
string
notification image url
on_click_action
string
what happen on user clicked on the notification?
url
string
URL to use as URL of your click action
device_type
string
send this notification to what type of devices? possible values: ios, android, web, phone, all. If you choose "phone", we send notification to ios and android phones.
notification_id
string
id of notification.
driver
string
name of notification provider. possible values: najva.
notification_id
string
Notification's ID
driver
string
name of notification provider. possible values: najva
title
string
Notification title
body
string
Notification body
content
string
If you set on_click_action to open-sms, using this value as sms content.
icon
string
Notification icon url.
image
string
Notification Image url.
on_click_action
string
what happen if user clicked on the notification?
url
string
url to use as action url on clicked on the notificatino.
device_type
string
send notification to what type of devices? possible values: ios: send notification to ios device. android: send notification to the android device. web: send notification to the web device. phone: send notification to the ios and android device. all: send to all user's devices.
notification _id
string
ID of notification
driver
string
name of notification provider. possible values: najva,pushe
string
Authorization
string
auth token
Authorization
string
auth token
string
user valid email address
phone
string
user phone number
first_name
string
user first name
last_name
string
user last name
company_name
string
user company name
password
string
new password
current_password
string
current password
month_limit
number
number of previous month to count in reports
Authorization
string
Admin auth token