Partners API
Kingfisher (Email Service) Endpoints
Authentications
Kingfisher APIs uses Bearer Token as the authentication method. Tokens are valid for seven days and can be extended two days after the expiration date.
Register User
POST
https://kingfisher.kamva.ir/api/auth/register
This API registers the user in kingfisher database, and will not create a Sendinblue account. If there is a trial user with the same email in the database, it will check for passwords match. If passwords match, it will return a 200 OK response. Otherwise, it will return 400 Bad Request response.
Request Body
Login
POST
https://kingfisher.kamva.ir/api/auth/login
This API checks for a user with given email and password and authenticate it. API returns user authentication token in response.
Request Body
Logout
DELETE
https://kingfisher.kamva.ir/api/auth/logout
This API destroys the auth token and add it to the blacklist. Tokens that put in the blacklist won't authenticate. If auth token was invalid, API returns 400 Bad Request response.
Headers
Refresh auth token
POST
https://kingfisher.kamva.ir/api/auth/refresh
This API extends the given tokens expiration date. It checks the expiration date and calculates diff from current time. If the diff is less than two days (or token is not expired yet), then token expiration date will be updated to the next seven days. Otherwise, it returns 400 Bad Request response.
Headers
Global Authentication Responses
There may be other client error responses, for the APIs that checks the auth token before processing the requests.
In the following sections, we will describe these responses, their structures, and their reasons:
Authentication token is not provided
This error response returns when the Authorization header is empty.
Invalid token provided
This error response returns when the Authorization header is invalid. It means that the Authorization header value has not Bearer keyword before the token or token has invalid values.
Token is expired
This error response returns when the provided token has expired.
Token is blacklisted
This error response returns when the provided token has been blacklisted before.
Forgot Password
POST
https://kingfisher.kamva.ir/api/auth/forgot-password
This API sends the forgot password email to the user to reset her/his password.
Request Body
Reset password
POST
https://kingfisher.kamva.ir/api/auth/reset-password/:user_id
After clicking on the link in the email, the user's browser going to the reset password page , in that page after inserting the new password by the user, you should call to this API to reset the user's password.
Path Parameters
Request Body
SSO Link
GET
https://kingfisher.kamva.ir/api/auth/SSO
return SSO link to login to the mail panel
Headers
Plan
List available plans
GET
https://kingfisher.kamva.ir/api/plan
List all available plans with their price and info (Exclude custom plans).
(Admin only) List available plans (Include custom plans)
GET
https://kingfisher.kamva.ir/api/plan/all
List all available plans with all features (full feature)
Path Parameters
Create new plan(Admin)
POST
https://kingfisher.kamva.ir/api/plan
Insert new plan
Headers
Request Body
update plan (Admin)
PUT
https://kingfisher.kamva.ir/api/plan/:receipt_id
plans that used in subscription, we can not update those.
Path Parameters
Request Body
Another response for not found plan:
Delete plan (Admin)
DELETE
https://kingfisher.kamva.ir/api/plan/:receipt_id
We can not remove plans that are using a subscription
Path Parameters
Headers
Subscription
Subscribe
POST
https://kingfisher.kamva.ir/api/subscription/subscribe
This API creates a subscription receipt and returns a receipt id for that receipt.
Headers
Request Body
Here we have three state:
User have extended receipt: we update it's receipt's plan and price, then redirect to bank gateway and set callback to
https://kingfisher.kamva.ir/receipt/verify
.User already subscribed : we return 403 forbidden response.
User don't have any subscription: we redirect to bank gateway and set callback to
https://kingfisher.kamva.ir/verify
kingfisher callback URLs tries to verify payment and redirect the user back to the client. The client verification URL can be customized via PAYMENT_VERIFICATION_URL
env variable. Kingfisher also pass some value through query string parameters when redirecting, to specify the status of the payment.
These parameters are:
authority [string]: The payment refer_id to show to the user.
verified [bool]: Determine whether payment verified by payment gateway or not.
status [string]: Determine the status of payment, subscription creation and registration on Sendinblue. It may have one of the following values:
success: everything went well.
failed: payment not verified in kingfisher side or payment gateway side.
cancelled: payment has been cancelled by user.
internal_error: some internal error occurred.
receipt_id: ID of paying receipt. It is
not_found
if no receipt found related to payment authority.error_code: when status parameter value is
internal_error
, an error code will be passed to specify the reason of error.
In some situations, an internal error may occur after verifying payment. It means that payment has been verified successfully – and the money will not return back to the payee account – but some of the operation that will happen after payment verification has been failed. You should find the reason by searching error_code in codes and fix it manually.
Sometime when API returns 200 OK response, sendinblue registration may be failed but successfully queue for retrying.
update subscription receipt
POST
https://kingfisher.kamva.ir/api/subscription/update/:receipt_id
Update subscription receipt, e.g apply discount code, change plan
Headers
Request Body
Get payment link to subscription receipt
GET
https://kingfisher.kamva.ir/api/subscription/pay/:receipt_id
Get payment link to subscription receipt
Headers
All 4xx
error responses in /subscription/subscribe
API may return here also.
Verify Failed payment
POST
https://kingfisher.kamva.ir/api/verify-failed
Check last state of receipt and verify it (if needed)
Headers
Request Body
There may be other responses in some situations:
If payment is unsuccessful:
or
When the subscription is active but the user calls to this API
[Admin Only] subscribe user manually
POST
https://kingfisher.kamva.ir/api/subscription/manual
Subscribe a user manually by admin
Request Body
In addition to the written responses, you need to also check internal error responses.
(Admin only) Extend user's subscription manually
POST
https://kingfisher.kamva.ir/api/subscription/extend
Extend user's subscription manually by admin
Request Body
Some other 403 Forbidden
responses:
(Admin Only) Extend user's extension history
POST
https://kingfisher.kamva.ir/api/subscription/history/extend
Extend the user subscription history, This API doesn't add the credit, just add expired receipt
Request Body
Some other 403 Forbidden
responses:
[Admin Only] Add Trial User (Deprecated)
POST
https://kingfisher.kamva.ir/api/subscription/trial
This API register a user as a trial user.
Note: This API method is deprecated, use /api/subscription/trial-existed-user
Headers
Request Body
If a 200 OK response returns with an empty auth_key field, it means registering user in sendinblue and it has queued for retrying.
Give Trial subscription to user (Admin Only)
POST
https://kingfisher.kamva.ir/api/v1/subscription/trial-existed-user
Give trial charge to user
Headers
Request Body
[Admin Only] Add Sponsorship Account
POST
https://kingfisher.kamva.ir/api/subscription/sponsorship
Headers
Request Body
If a 200 OK response returns with an empty auth_key
field, it means registering user in sendinblue and it has queued for retrying.
Credit
(Admin Only) Add credit to user
POST
https://kingfisher.kamva.ir/api/credit/add
Request Body
Low Credit Reminder Settings
Add low credit threshold settings (Admin Only)
POST
https://kingfisher.kamva.ir/api/credit/threshold
Add low credit settings for specific user
Headers
Request Body
Update Low Credit Threshold Settings
PUT
https://kingfisher.kamva.ir/api/credit/threshold/{threshold_settings_id}
Headers
Request Body
Delete low credit threshold settings (Admin Only)
DELETE
https://kingfisher.kamva.ir/api/credit/threshold/{threshold_settings_id}
Headers
Receipt
Get Receipt Info
GET
https://kingfisher.kamva.ir/api/receipt/{receipt_id}
This API returns information about the receipt with the given ID.
Path Parameters
Headers
Client should have a page to show the receipt data before redirecting user to payment gateway. This page url should be like https://<domain>/<path>/<receipt_id>
. Since this URL is used in expiration reminder emails and SMSs, it is configurable via RECEIPT_BASE_URL
. This variable should contains domain
and path
part of example url above. for example it should be https://kamva.ir/email/receipt
.
In this page we have either "Pay" or "Verify Payment" or "Pay Again" button relative to these scenarios :
1. if the receipt is unverified (verified: false
) and authority is false (has_authority: false
) , show a simple "pay" button.
2. If the receipt is unverified but has_authority
is true
, show "Verify payment" button that on clicked on it, send request to /verify-failed
route and get result, if have paymentError
result (see description of this route) , hide this button and show "pay again" button that have URL same as "Pay" button.
Get unpaid receipt
GET
https://kingfisher.kamva.ir/api/receipt/unpaid
This API return unpaid extended receipt to you.
Headers
Update extension receipt (Upgrade receipt)
POST
https://kingfisher.kamva.ir/api/receipt/:receipt_id/update
Update plan of receipt or set you'r discount code for extended receipt.
Path Parameters
Headers
Request Body
Other Situations:
If plan id be invalid (404 : Not Found)
Pay Receipt
GET
https://kingfisher.kamva.ir/api/receipt/{receipt_id}/pay
This API generate and return receipt payment url.
Path Parameters
Headers
After the user paid the subscription receipt, will be redirected to https://kingfisher.kamva.ir/verify
. In this URL, kingfisher tries to verify payment and redirect the user back to the client. The client verification URL can be customized via PAYMENT_VERIFICATION_URL
env variable. Kingfisher also pass some value through query string parameters when redirecting, to specify status of the payment.
These parameters are exactly like the parameter in subscription section.
Discount
List all discounts (Admin only)
GET
https://kingfisher.kamva.ir/api/discount/all
Path Parameters
Create New Discount (Admin only)
POST
https://kingfisher.kamva.ir/api/discount
Request Body
Edit discount (Admin only)
PUT
https://kingfisher.kamva.ir/api/discount/:descount_id
Request Body
Expire Discount (Admin only)
POST
https://kingfisher.kamva.ir/api/discount/:discount_id/expire
Path Parameters
IP
List IPs (Admin Only)
GET
https://kingfisher.kamva.ir/api/ip
List all IPs for the Admin
Headers
Associate IP to user
POST
https://kingfisher.kamva.ir/api/ip/associate
Headers
Request Body
Dissociate IP (Admin Only)
POST
https://kingfisher.kamva.ir/api/ip/dissociate
Dissociate IP form specific user
Headers
Request Body
Sender
Create Sender (Admin Only)
POST
https://kingfisher.kamva.ir/api/sender
Headers
Request Body
Info
Get Malicious users list (Admin Only)
GET
https://kingfisher.kamva.ir/api/info/malicious-users
Return list of malicious users with their campaigns name. Malicious user is user that send spam mails
Headers
Notification
Get Notification settings
GET
https://kingfisher.kamva.ir/api/notification/{driver}/settings
Use this API to get notification settings.
Path Parameters
Headers
Set Notification Settings
POST
https://kingfisher.kamva.ir/api/notification/{driver}/settings
Use this API to set API key of your app and also Authorization token (or server_key)
Path Parameters
Request Body
GET
https://kingfisher.kamva.ir/api/notification/{driver}/settings
Path Parameters
Insert (update if exists) Contact
POST
https://kingfisher.kamva.ir/api/{driver}/contact/{server_key:string}/
Use this API to upsert (insert or update) your contact token with sendinblue contacts.
Path Parameters
Request Body
Get notification list
GET
https://kingfisher.kamva.ir/api/{driver}
Get notification list
Path Parameters
Query Parameters
Create Notification
POST
https://kingfisher.kamva.ir/api/{driver}
Use to create notification
Path Parameters
Request Body
Get Notification Info
GET
https://kingfisher.kamva.ir/api/{driver}/{notification_id}
Get notification by it's id.
Path Parameters
Update notification
PUT
https://kingfisher.kamva.ir/api/{driver}/{notification_id}
Update notification.
Path Parameters
Request Body
Delete Notification
DELETE
https://kingfisher.kamva.ir/api{driver}/{notification_id}
Delete a notification.
Path Parameters
Health check
GET
https://kingfisher.kamva.ir/api/lab/healthcheck
Check healthy of API
Path Parameters
Profile
Get Profile Info
GET
https://kingfisher.kamva.ir/api/profile
This API returns Information of user account
Headers
Update User Info
PATCH
https://kingfisher.kamva.ir/api/profile
This API updates user informations.
Headers
Request Body
Reports
[Admin Only] Sales Report
GET
https://kingfisher.kamva.ir/api/report
This API returns sales reports.
Query Parameters
Headers
Last updated