Due to PCI compliant reasons we're going to turn off support for TLS v1.0 on all of our servers.
Please check/update you API implementations to support TLS v1.2 until 29.06.2018

REST API Overview

From XING Events Developer Documentation
Jump to: navigation, search

Basics

All REST URLs have the following format:

POST /api/<object>/create

Creates a new object. The data should be form encoded.

GET /api/<object>/<id>

Reads an object. You can specify the format you would like to get.

POST /api/<object>/<id>

Updates properties of an object.

DELETE /api/<object>/<id>

Deletes an object.

GET /api/<object>/find

Searches for objects. A list of ids will be returned.

You can specify the format you would like to have returned by appending a parameter to the URL:

format=json (default)
to get the result in the JSON format
format=xml
to get the result as an XML document

All requests are versioned and the version must be given to the server using the version parameter:

version=1
to use the first version of the API

Authentication

When you create your API key you will get a secret key (50-digit) which will be used to authorize your requests.

This key has to be given to the server for each call:

apikey=<key>

See How to get your API key if you do not have an api key yet.

Examples

POST /api/user/create?apikey=H0cGsBYt7h265UM3LMbNMH9WRTUgIaUWDokypHNbJSJcZwXebB&version=1&format=json

will create a new user. The values for the user have to be provided as well (see below).

GET /api/user/254804312?apikey=H0cGsBYt7h265UM3LMbNMH9WRTUgIaUWDokypHNbJSJcZwXebB&version=1&format=json

will query for the user with the id 254804312

DELETE /api/user/254804312?apikey=H0cGsBYt7h265UM3LMbNMH9WRTUgIaUWDokypHNbJSJcZwXebB&version=1&format=json

will delete for the user with the id 254804312

HTTP Status Codes

The REST API uses the standard HTTP status codes:

200 OK for a successfull GET or update request
201 CREATED for a newly created object
400 BAD REQUEST if your query was malformed (see below)
403 FORBIDDEN if you tried to access an object without the permission to do so
404 NOT FOUND if you used an invalid url or the object is not known
405 METHOD NOT ALLOWED if you requested a function that is not supported for that object
500 INTERNAL SERVER ERROR if an error occurred on our server

See Errorcodes for detailed error handling.

Standard JSON Response

Regardless of the http status code you will always get a JSON object in return which has at least the "success" field set.

If "success" is true, the request has been successfully performed. Additional information is always available depending on the type of your request.

Example

{"id":254804312,"success":true}

if "success" is false, an "errors" array will always be present describing the errors.

Example:

{"errors":  ["com.amiando.User.LanguageRequired",
             "com.amiando.User.PasswordRequired",
             "com.amiando.User.EmailRequired"],
 "success":  false}

See Errorcodes for detailed information.

POST Parameters

The parameters for POST requests have to be specified in the request body. In the request header, Content-Type has to be set to application/x-www-form-urlencoded.

REST API Contents
Getting Started Get your API key Overview Formats Errors
Data Types Event Participant Payment Ticket
Ticket Categories ProductDefinition Products CodeDefinition
TicketShop Addresses Ticket Types Payment Types
BankAccount UserDataDefinition UserData User
Partner ApiKey
Data Synchronization Sync Interface