Partners API
Kingfisher (Email Service) Endpoints
Authentications
Kingfisher APIs uses Bearer Token as the authentication method. Tokens are valid for seven days and can be extended two days after the expiration date.
Register User
POST
https://kingfisher.kamva.ir/api/auth/register
This API registers the user in kingfisher database, and will not create a Sendinblue account. If there is a trial user with the same email in the database, it will check for passwords match. If passwords match, it will return a 200 OK response. Otherwise, it will return 400 Bad Request response.
Request Body
Name | Type | Description |
---|---|---|
string | user valid email address | |
phone | string | user phone number |
first_name | string | user first name |
last_name | string | user last name |
company_name | string | user company name |
password | string | a secure strong password, minimum 8 character |
Login
POST
https://kingfisher.kamva.ir/api/auth/login
This API checks for a user with given email and password and authenticate it. API returns user authentication token in response.
Request Body
Name | Type | Description |
---|---|---|
string | user email | |
password | string | user password |
Logout
DELETE
https://kingfisher.kamva.ir/api/auth/logout
This API destroys the auth token and add it to the blacklist. Tokens that put in the blacklist won't authenticate. If auth token was invalid, API returns 400 Bad Request response.
Headers
Name | Type | Description |
---|---|---|
Authorization | string | Auth token |
Refresh auth token
POST
https://kingfisher.kamva.ir/api/auth/refresh
This API extends the given tokens expiration date. It checks the expiration date and calculates diff from current time. If the diff is less than two days (or token is not expired yet), then token expiration date will be updated to the next seven days. Otherwise, it returns 400 Bad Request response.
Headers
Name | Type | Description |
---|---|---|
Authorization | string | Auth token |
Global Authentication Responses
There may be other client error responses, for the APIs that checks the auth token before processing the requests.
In the following sections, we will describe these responses, their structures, and their reasons:
Authentication token is not provided
This error response returns when the Authorization header is empty.
Invalid token provided
This error response returns when the Authorization header is invalid. It means that the Authorization header value has not Bearer keyword before the token or token has invalid values.
Token is expired
This error response returns when the provided token has expired.
Token is blacklisted
This error response returns when the provided token has been blacklisted before.
Forgot Password
POST
https://kingfisher.kamva.ir/api/auth/forgot-password
This API sends the forgot password email to the user to reset her/his password.
Request Body
Name | Type | Description |
---|---|---|
string | users's email |
Reset password
POST
https://kingfisher.kamva.ir/api/auth/reset-password/:user_id
After clicking on the link in the email, the user's browser going to the reset password page , in that page after inserting the new password by the user, you should call to this API to reset the user's password.
Path Parameters
Name | Type | Description |
---|---|---|
user_id | string | The user's ID |
Request Body
Name | Type | Description |
---|---|---|
sig | string | The signature in link query parameter (don't need to |
expires | integer | The expire time (get from link query parameters) |
password | string | The new password |
SSO Link
GET
https://kingfisher.kamva.ir/api/auth/SSO
return SSO link to login to the mail panel
Headers
Name | Type | Description |
---|---|---|
Authorization | string | Auth token |
Plan
List available plans
GET
https://kingfisher.kamva.ir/api/plan
List all available plans with their price and info (Exclude custom plans).
(Admin only) List available plans (Include custom plans)
GET
https://kingfisher.kamva.ir/api/plan/all
List all available plans with all features (full feature)
Path Parameters
Name | Type | Description |
---|---|---|
string |
Create new plan(Admin)
POST
https://kingfisher.kamva.ir/api/plan
Insert new plan
Headers
Name | Type | Description |
---|---|---|
Authorization | string | Auth token |
Request Body
Name | Type | Description |
---|---|---|
marketing_automation | boolean | enable marketing automation |
transactional_mail | boolean | enable transactional mail |
transactional_sms | boolean | enable transactional sms |
is_custom | boolean | plan is custom? |
credit | number | credit |
price | number | Price (in euro) |
key | string | key of plan (must be unique) |
title | string | Title of plan(must be unique) |
ip | string | plan's IP |
update plan (Admin)
PUT
https://kingfisher.kamva.ir/api/plan/:receipt_id
plans that used in subscription, we can not update those.
Path Parameters
Name | Type | Description |
---|---|---|
receipt_id | string | ID of receipt |
Request Body
Name | Type | Description |
---|---|---|
marketing_automation | string | enable marketing automation |
transactional_sms | string | enable transactional SMS |
transactional_mail | string | enable transactional mail |
is_custom | string | panel is custom? |
credit | string | credit value |
price | string | price |
ip | string | IP |
key | string | key |
title | string | Title of plan |
Another response for not found plan:
Delete plan (Admin)
DELETE
https://kingfisher.kamva.ir/api/plan/:receipt_id
We can not remove plans that are using a subscription
Path Parameters
Name | Type | Description |
---|---|---|
receipt_id | string | receipt id |
Headers
Name | Type | Description |
---|---|---|
Authorization | string | Auth token |
Subscription
Subscribe
POST
https://kingfisher.kamva.ir/api/subscription/subscribe
This API creates a subscription receipt and returns a receipt id for that receipt.
Headers
Name | Type | Description |
---|---|---|
Authorization | string | Auth token |
Request Body
Name | Type | Description |
---|---|---|
plan_id | string | ID of selected plan |
Here we have three state:
User have extended receipt: we update it's receipt's plan and price, then redirect to bank gateway and set callback to
https://kingfisher.kamva.ir/receipt/verify
.User already subscribed : we return 403 forbidden response.
User don't have any subscription: we redirect to bank gateway and set callback to
https://kingfisher.kamva.ir/verify
kingfisher callback URLs tries to verify payment and redirect the user back to the client. The client verification URL can be customized via PAYMENT_VERIFICATION_URL
env variable. Kingfisher also pass some value through query string parameters when redirecting, to specify the status of the payment.
These parameters are:
authority [string]: The payment refer_id to show to the user.
verified [bool]: Determine whether payment verified by payment gateway or not.
status [string]: Determine the status of payment, subscription creation and registration on Sendinblue. It may have one of the following values:
success: everything went well.
failed: payment not verified in kingfisher side or payment gateway side.
cancelled: payment has been cancelled by user.
internal_error: some internal error occurred.
receipt_id: ID of paying receipt. It is
not_found
if no receipt found related to payment authority.error_code: when status parameter value is
internal_error
, an error code will be passed to specify the reason of error.
In some situations, an internal error may occur after verifying payment. It means that payment has been verified successfully – and the money will not return back to the payee account – but some of the operation that will happen after payment verification has been failed. You should find the reason by searching error_code in codes and fix it manually.
Sometime when API returns 200 OK response, sendinblue registration may be failed but successfully queue for retrying.
update subscription receipt
POST
https://kingfisher.kamva.ir/api/subscription/update/:receipt_id
Update subscription receipt, e.g apply discount code, change plan
Headers
Name | Type | Description |
---|---|---|
Authorization | string | bearer <your jwt token> |
Content-Type | string | Application/json |
Request Body
Name | Type | Description |
---|---|---|
code | string | discount code |
plan_id | string | id of plan |
Get payment link to subscription receipt
GET
https://kingfisher.kamva.ir/api/subscription/pay/:receipt_id
Get payment link to subscription receipt
Headers
Name | Type | Description |
---|---|---|
Content-Type | string | Application/json |
Authorization | string | bearer <your jwt token> |
All 4xx
error responses in /subscription/subscribe
API may return here also.
Verify Failed payment
POST
https://kingfisher.kamva.ir/api/verify-failed
Check last state of receipt and verify it (if needed)
Headers
Name | Type | Description |
---|---|---|
Authorization | string | Auth token |
Request Body
Name | Type | Description |
---|---|---|
receipt_id | string | ID of receipt |
There may be other responses in some situations:
If payment is unsuccessful:
or
When the subscription is active but the user calls to this API
[Admin Only] subscribe user manually
POST
https://kingfisher.kamva.ir/api/subscription/manual
Subscribe a user manually by admin
Request Body
Name | Type | Description |
---|---|---|
discount_code | string | If you have discount code, insert it here. API accept this discount code just if you don't provide any |
string | The user's email address | |
subscribed_at | string | subscription date, if it's before |
plan_id | string | The plan ID |
In addition to the written responses, you need to also check internal error responses.
(Admin only) Extend user's subscription manually
POST
https://kingfisher.kamva.ir/api/subscription/extend
Extend user's subscription manually by admin
Request Body
Name | Type | Description |
---|---|---|
discount_code | string | discount code to using on extend plan. |
plan_id | string | The plan ID |
string | The user's email address |
Some other 403 Forbidden
responses:
(Admin Only) Extend user's extension history
POST
https://kingfisher.kamva.ir/api/subscription/history/extend
Extend the user subscription history, This API doesn't add the credit, just add expired receipt
Request Body
Name | Type | Description |
---|---|---|
plan_id | string | The plan ID |
string | The user's email address | |
begin_at | string | Date of beginning extension
example format: |
Some other 403 Forbidden
responses:
[Admin Only] Add Trial User (Deprecated)
POST
https://kingfisher.kamva.ir/api/subscription/trial
This API register a user as a trial user.
Note: This API method is deprecated, use /api/subscription/trial-existed-user
Headers
Name | Type | Description |
---|---|---|
Authorization | string | Admin auth token |
Request Body
Name | Type | Description |
---|---|---|
string | user valid email address | |
first_name | string | user first name |
last_name | string | user last name |
company_name | string | user company name |
password | string | a secure strong password, minimum 8 character |
If a 200 OK response returns with an empty auth_key field, it means registering user in sendinblue and it has queued for retrying.
Give Trial subscription to user (Admin Only)
POST
https://kingfisher.kamva.ir/api/v1/subscription/trial-existed-user
Give trial charge to user
Headers
Name | Type | Description |
---|---|---|
Authorization | string | your bearer token |
Content-Type | string | Application/json |
Request Body
Name | Type | Description |
---|---|---|
string | user's email that you want to give trial subscription to her/him |
[Admin Only] Add Sponsorship Account
POST
https://kingfisher.kamva.ir/api/subscription/sponsorship
Headers
Name | Type | Description |
---|---|---|
Authorization | string | Admin auth token |
Request Body
Name | Type | Description |
---|---|---|
string | user valid email address | |
first_name | string | user first name |
last_name | string | user last name |
company_name | string | user company name |
password | string | a secure strong password, minimum 8 character |
month | integer | number of sponsorship months |
plan_id | string | ID of plan for sponsor |
If a 200 OK response returns with an empty auth_key
field, it means registering user in sendinblue and it has queued for retrying.
Credit
(Admin Only) Add credit to user
POST
https://kingfisher.kamva.ir/api/credit/add
Request Body
Name | Type | Description |
---|---|---|
credit | integer | Credit value (e.g 200) |
string | The user's email |
Low Credit Reminder Settings
Add low credit threshold settings (Admin Only)
POST
https://kingfisher.kamva.ir/api/credit/threshold
Add low credit settings for specific user
Headers
Name | Type | Description |
---|---|---|
Authorization | string | you'r bearer token |
Content-Type | string | Application/json |
Request Body
Name | Type | Description |
---|---|---|
threshold | integer | emails credit threshold to send notify user |
user_email | string | user's email address |
Update Low Credit Threshold Settings
PUT
https://kingfisher.kamva.ir/api/credit/threshold/{threshold_settings_id}
Headers
Name | Type | Description |
---|---|---|
Authorization | string | your bearer token |
Content-Type | string | Application/json |
Request Body
Name | Type | Description |
---|---|---|
threshold | integer | emails credit count to send notification |
Delete low credit threshold settings (Admin Only)
DELETE
https://kingfisher.kamva.ir/api/credit/threshold/{threshold_settings_id}
Headers
Name | Type | Description |
---|---|---|
Authorization | string | your bearer token |
Content-Type | string | Application/json |
Receipt
Get Receipt Info
GET
https://kingfisher.kamva.ir/api/receipt/{receipt_id}
This API returns information about the receipt with the given ID.
Path Parameters
Name | Type | Description |
---|---|---|
receipt_id | string | ID of receipt |
Headers
Name | Type | Description |
---|---|---|
Authorization | string | Auth token |
Client should have a page to show the receipt data before redirecting user to payment gateway. This page url should be like https://<domain>/<path>/<receipt_id>
. Since this URL is used in expiration reminder emails and SMSs, it is configurable via RECEIPT_BASE_URL
. This variable should contains domain
and path
part of example url above. for example it should be https://kamva.ir/email/receipt
.
In this page we have either "Pay" or "Verify Payment" or "Pay Again" button relative to these scenarios :
1. if the receipt is unverified (verified: false
) and authority is false (has_authority: false
) , show a simple "pay" button.
2. If the receipt is unverified but has_authority
is true
, show "Verify payment" button that on clicked on it, send request to /verify-failed
route and get result, if have paymentError
result (see description of this route) , hide this button and show "pay again" button that have URL same as "Pay" button.
Get unpaid receipt
GET
https://kingfisher.kamva.ir/api/receipt/unpaid
This API return unpaid extended receipt to you.
Headers
Name | Type | Description |
---|---|---|
Authorization | string | bearer <your bearer token> |
Content-Type | string | Application/json |
Update extension receipt (Upgrade receipt)
POST
https://kingfisher.kamva.ir/api/receipt/:receipt_id/update
Update plan of receipt or set you'r discount code for extended receipt.
Path Parameters
Name | Type | Description |
---|---|---|
receipt_id | string | The receipt ID |
Headers
Name | Type | Description |
---|---|---|
Authorization | string | Auth token |
Request Body
Name | Type | Description |
---|---|---|
code | string | Discount code to apply on receipt |
plan_id | string | The plan ID |
Other Situations:
If plan id be invalid (404 : Not Found)
Pay Receipt
GET
https://kingfisher.kamva.ir/api/receipt/{receipt_id}/pay
This API generate and return receipt payment url.
Path Parameters
Name | Type | Description |
---|---|---|
receipt_id | string | ID of receipt to pay |
Headers
Name | Type | Description |
---|---|---|
Authorization | string | Auth token |
After the user paid the subscription receipt, will be redirected to https://kingfisher.kamva.ir/verify
. In this URL, kingfisher tries to verify payment and redirect the user back to the client. The client verification URL can be customized via PAYMENT_VERIFICATION_URL
env variable. Kingfisher also pass some value through query string parameters when redirecting, to specify status of the payment.
These parameters are exactly like the parameter in subscription section.
Discount
List all discounts (Admin only)
GET
https://kingfisher.kamva.ir/api/discount/all
Path Parameters
Name | Type | Description |
---|---|---|
limit | integer | count of items that should retrn (default:50) |
skip | integer | how many item should skip? (default : 0) |
Create New Discount (Admin only)
POST
https://kingfisher.kamva.ir/api/discount
Request Body
Name | Type | Description |
---|---|---|
expire_at | string | expire date of discount (in ISO8601 format) |
multi_pass | string | This discount can use by all user's or just specific user? |
multi_plan | boolean | This discount is for all plans or just specific plan? |
count | integer | How many times can use this discount code? |
description | string | Short description about your discount |
discount | integer | The discount value (percent) |
code | string | discount code (this value should be unique per plans) |
user_email | string | If discount is for just single user, pass the
user's email here.
This field is required if |
plan_id | string | ID of the plan that you want to add discount to it.
This field is required if |
Edit discount (Admin only)
PUT
https://kingfisher.kamva.ir/api/discount/:descount_id
Request Body
Name | Type | Description |
---|---|---|
expire_at | string | Expire date of discount (ISO8061 format) |
multi_pass | boolean | Set this field to |
multi_plan | boolean | Set this field to |
count | integer | How many times can use this discount? |
Description | string | Short description about the discount. |
discount | integer | Percent of discount |
code | string | Discount code |
user_email | string | Id of user that can use this discount
required if |
plan_id | string | Id of the plan.
required if |
Expire Discount (Admin only)
POST
https://kingfisher.kamva.ir/api/discount/:discount_id/expire
Path Parameters
Name | Type | Description |
---|---|---|
string |
IP
List IPs (Admin Only)
GET
https://kingfisher.kamva.ir/api/ip
List all IPs for the Admin
Headers
Name | Type | Description |
---|---|---|
Cotent-Type | string | Application/json |
Authorization | string | bearer <your token> |
Associate IP to user
POST
https://kingfisher.kamva.ir/api/ip/associate