Introduction to the CoffeeCup API
This document aims to provide an overview of a fully-capable JSON API with a REST pattern for objects. This API provides the user with a number of useful features that allow for easy access and modification of all data. Additionally, users can access analytics feeds for aggregated data, making it a valuable tool for those looking to gain insight into their data.
One alternative to this API is Zapier, a popular platform that allows users to automate tasks between web applications. While Zapier is a great tool in its own right, it does not provide the same level of flexibility and customization as the JSON API. For those looking for a more robust solution, the JSON API is the way to go.
Resources
The current system provides two main documentation features for the API. One of them is the automated swagger documentation, which covers every endpoint available. However, it is important to mention that not all URL parameters are exposed for all objects.
On the other hand, the other documentation feature is the API documentation repository, which provides additional context for commonly used models.
Permission
When developing against the CoffeeCup API, it's important to recognize that all interaction with the API is restricted to normal user credentials. This means that users can only take actions and retrieve data for which they are authorized. While this might seem limiting, the upside is that API developers can develop against the API without needing universal permissions.
For maximum flexibility, it is recommended to use an admin account to ensure that all data can be accessed. However, if an additional CoffeeCup user is created, the audit log can be kept separate between an API user and a normal user associated with the account. This can be particularly useful in cases where multiple parties are involved in the development and maintenance of the API, as it provides a clear separation of duties and responsibilities.
How to use Swagger
First of all push the green “Authentication” button.
IMPORTANT NOTE: If the form does not look like this, refresh the page and try again.
We use a slightly modified form of OAuth which requires additional parameters to be sent to identify the specific account being used.
If everything worked fine and you are authorized, the “Lock” icon is closed.
Making a sample request from the Swagger:
First of all expand the Client section, and click the button "Try it out".
By clicking on the “Execute” button a JSON representation of all clients in the CoffeeCup system will be returned.
How to Authorize
The CoffeeCup API, which is designed to help developers integrate with our platform, uses a slightly modified form of OAuth that requires an additional parameter to differentiate users across accounts. This is an important feature that ensures a smooth and secure user experience. To make sure that our users have easy access to all the information they need, we have provided full documentation of the API on Github.
IMPORTANT: The clientid and secretid are not necessary to access the API. But you can optionally use "companyname-api-dev" or similar as clientid.
Here is a sample via curl:
curl --location --request POST 'http://INSERT_URL_HERE/oauth2/token' \
--header 'companyurl: COMPANY_DOMAIN.coffeecup.app' \
--header 'Content: application/x-www-form-urlencoded' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'username=USERNAME' \
--data-urlencode 'password=PASSWORD' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'client_id=test-api' \
--data-urlencode 'client_secret=anything'
Replace uppercase words with your data:
Important keys here:
Header companyurl
Header Content and Content-Type
Your credentials with grant_type = password
client_secret and client_id could be anything