REST and authentication
Â
The API services use a RESTful architecture and require HTTP authentication.
All POST and PUT requests expect a data payload to be sent as the HTTP body, together with specific header values. The request payload is always JSON format (which must be specified using the Content-Type header). JSON does not enforce element order within messages and any client implementation must not assume an order within elements.
HTTP header
Here is an example of a complete list of required headers:
Content-Type: application/json
Accept: application/json
accountId: 123456
Ocp-Apim-Subscription-Key: a2ad7ce1c5814593bddcb9d2a3ec8f91
The Content-Type header
The client must specify the content type of the request body within the HTTP header. The client is required to send JSON content in the body, the following header needs to be specified:
Content-Type: application/json
The Accept header
The API services only return JSON formatted data, therefore the client must accept this data representation. The following header must be specified:
Accept: application/json
The Account Number header
Many API services require the client to specify the charge account number. The account number is specified within the header as Account-Number:
accountId: 123456
If this header is not specified and is required for an API service call, a 400 Bad Request error is returned.
OneFlo account numbers are 6 digits long.
Authentication
API Key Header is used for all API service calls. The client must always provide.
Ocp-Apim-Subscription-Key: a2ad7ce1c5814593bddcb9d2a3ec8f91
Â