By using the API, you agree to the conditions in this section. If you disagree with any of these conditions, we will not be able to grant you a license to use the API.
The Conditions of Use are intended to limit the data security and data integrity risks associated with the use of an API by the end user.
The credentials provided for use of this API should not be shared with third parties, and should be kept confidential due to the nature of the data which is accessible. If you require access to be granted to third parties, please contact us to discuss commercial arrangements with the third party.
The end user accepts all responsibility for the safeguarding of said credentials, and must notify Idox plc immediately if they suspect the credentials have been leaked or shared so access can be revoked to prevent the misuse of the API.
The API has been provided without any warranty or support, and as such, the use of the API and documentation should be restricted to IT professionals experienced in the use of such services.
The end user accepts all responsibility for any actions carried out via this API, and understands the legal implications of the data protection act and associated laws governing the collection and use of data.
The API has been designed to allow the viewing, searching, creation, modification and deletion of records, and should not be used for any other purpose other than those outlined in this documentation.
If records are found to have been created or modified via the API which have an impact upon data security or integrity, this is the sole liability of the end user. Idox plc accept no responsibility, and will offer no additional support in these events.
If you find that anything within the documentation does not work as described, Tascomi will endevour to resolve this through our support process.
Tascomi shall not be liable to you for any damages arising out of or in connection with use of the API whether or not Tascomi has been advised of the possibility of such damages.
The Conditions of Use are subject to change without notice.
By making use of this API via the supplied credentials, you are explicitly agreeing that you have read and understand the conditions of use outlined in this documentation, and are bound to them.
The API is supplied "as is" with this documentation, and as such, does not come with any additional support.
It is the sole responsibility of the end user to ensure they understand the implications (including but not limited to: data protection, data integrity) of accessing any resources via the API.
The REST API makes use of a public key and an HMAC token for authentication.
Various HTTP request methods are used depending upon the data operation as detailed below with each operation type.
The data operations available via this API are as follows:
| Operation Type | HTTP Method | Description |
|---|---|---|
| View All | GET | Used to view all records of a particular resource type. |
| View Single | GET | Used to view a specific record of a particular resource type based on the record id. |
| Search | GET | Used to search all records of a particular resource type. |
| Create | PUT | Used to create a new record of a particular resource type. |
| Update | POST | Used to update a specific record of a particular resource type based on the record id. |
| Delete | DELETE | Used to delete a specific record of a particular resource type based on the record id. |
The response is returned as a JSON string, with optional pagination data returned as custom headers should a view all/search operation be used as detailed in the Paginating Records section of the documentation.
Technical details for the authentication method, and request formats are detailed below for those wishing to implement their own API calls.
If you wish to view the available resources for your API Profile, please provide your public key in the request.
https://hackney-planning.idoxcloud.com/rest/v1/?public_key={PUBLIC KEY}The following HTTP response codes have been implemented to indicate the status of the request.
| Response Code | Description | Troubleshooting |
|---|---|---|
| 200 OK | Request valid, authenticated and successfully processed. | |
| 202 Accepted | Request valid, authenticated but no data was returned. | |
| 400 Bad Request | Request invalid. | The requested resource or operation may have been invalid. |
| 401 Unauthorized | Request valid, authenticated failed. | Check authentication credentials are correct. Check that the resource and permission is valid based on the Available Resources section of the documentation. |
API requests are authenticated using the provided API public key, and a base64 encoded HMAC hash generated using the provided API private key.
When using a supported API Client class, the authentication values and headers are generated automatically.
The preferred method is to use a supported API Client class, and the below information is for reference only
The authentication details are to be sent as custom headers with the request as follows:
X-Public: {PUBLIC KEY}
X-Hash: {HMAC HASH}
The HMAC hash is generated using a sha256 hashed token; generated from the API public key and a date time stamp in the format YmdHi (YearMonthDayHourMinute e.g. 201501311430), and encoded using the API private key
The resulting token is to then be base64 encoded before sending
The following code will generate the appropriate token using PHP:
$public_key = '1234567890';
$private_key = '0987654321';
$token = hash('sha256', $public_key . date('YmdHi'));
$hash = base64_encode(hash_hmac('sha256', $token, $private_key));
The following code will generate the appropriate token using PHP:
string public_key = '1234567890';
string private_key = '0987654321';
string datestamp = DateTime.Now.Year + DateTime.Now.Month.ToString().PadLeft(2, '0') + DateTime.Now.Day.ToString().PadLeft(2, '0') + DateTime.Now.Hour + DateTime.Now.Minute.ToString().PadLeft(2, '0');
string token = public_key + datestamp;
SHA256Managed hashString = new SHA256Managed();
byte[] hash = hashString.ComputeHash(Encoding.UTF8.GetBytes(token));
token = hash.Aggregate(string.Empty, (current, x) => current + String.Format("{0:x2}", x));
using (var hMAC = new HMACSHA256(Encoding.UTF8.GetBytes(private_key)))
{
hMAC.ComputeHash(Encoding.UTF8.GetBytes(token));
token = ByteToString(hMAC.Hash).ToLower();
token = System.Convert.ToBase64String(Encoding.UTF8.GetBytes(token));
}
The following code will generate the appropriate token using Python:
import hmac, hashlib;
import time;
import base64;
public_key = '501d132c35c885f9cd22f2adb424c212'
private_key = 'a444588427e8cc348b675bda1743b547'
the_time = time.strftime("%Y%m%d%H%M");
crypt = hashlib.sha256(public_key + the_time);
token = crypt.hexdigest();
hash = base64.b64encode(hmac.new(private_key, token, hashlib.sha256).hexdigest());
As the authentication token is based off a datetime stamp, it is essential to ensure that the server making the request is in sync with the API time server.
Your server NTP should be configured to use the following address: ntp.tascomi.com
The base URL for all API requests should be made to: https://hackney-planning.idoxcloud.com/rest/v1/
The remainder of the URI should be made up depending upon the request type, data to be sent, and record specifics as outlined under each of the request type headings
https://{BASE API URL}/{RESOURCE NAME}{/ID}*
| Request Method | Request URI | Request Data | Request Details |
|---|---|---|---|
| GET | https://hackney-planning.idoxcloud.com/rest/v1/contacts | View all contact records | |
| GET | https://hackney-planning.idoxcloud.com/rest/v1/contacts/12 | View single contact record; id 12 | |
| GET | https://hackney-planning.idoxcloud.com/rest/v1/contacts?sort=-postcode | View all contact records, sort by postcode descending | |
| GET | https://hackney-planning.idoxcloud.com/rest/v1/contacts?page=3 | View all contact records, paginate to third page of results | |
| GET | https://hackney-planning.idoxcloud.com/rest/v1/contacts?firstname=John | Search all contact records, where firstname is John | |
| GET | https://hackney-planning.idoxcloud.com/rest/v1/contacts?firstname=John&order=surname | Search all contact records, where firstname is John, sort by surname ascending | |
| PUT | https://hackney-planning.idoxcloud.com/rest/v1/contacts |
|
Create contact record with firstname John, surname Doe |
| POST | https://hackney-planning.idoxcloud.com/rest/v1/contacts/15 |
|
Update contact record id 15, with surname Smith |
| DELETE | https://hackney-planning.idoxcloud.com/rest/v1/contacts/8 | Delete contact record id 8 |
/{ID} should be appended to the request URI to access a single record
<!-- View contact id 1 -->
curl -H "X-Public: {PUBLIC KEY}" -H "X-Hash: {TOKEN}" -X GET https://hackney-planning.idoxcloud.com/rest/v1/contacts/1{
"id":1,
"title_id":2,
"firstname":"John",
"surname":"Doe",
"house_name_or_number":"Apt 12",
"postcode":"ZY12 3XY",
"email":"john.doe@example.com"
}
When using one of the supported API Client classes, the optional parameters can either be added as part of the URI query parameters, or passed into the class as an array.
| Parameter | Type | Example Usage | Description |
|---|---|---|---|
| page | integer | page=3 | Used for pagination of results |
| sort | string | sort=-surname | Used for sorting of results based on specified field name. A minus before the field name indicates descending order, otherwise ascending. |
<!-- View all contacts -->
curl -H "X-Public: {PUBLIC KEY}" -H "X-Hash: {TOKEN}" -X GET https://hackney-planning.idoxcloud.com/rest/v1/contacts
<!-- View all contacts, sort by surname ascending -->
curl -H "X-Public: {PUBLIC KEY}" -H "X-Hash: {TOKEN}" -X GET https://hackney-planning.idoxcloud.com/rest/v1/contacts&sort=surname
<!-- View all contacts, paginate to page 3 of results -->
curl -H "X-Public: {PUBLIC KEY}" -H "X-Hash: {TOKEN}" -X GET https://hackney-planning.idoxcloud.com/rest/v1/contacts?page=3
<!-- View all contacts, sort by postcode descending, paginate to page 4 of results -->
curl -H "X-Public: {PUBLIC KEY}" -H "X-Hash: {TOKEN}" -X GET https://hackney-planning.idoxcloud.com/rest/v1/contacts?sort=-postcode&page=4[
{
"id":1,
"title_id":2,
"firstname":"John",
"surname":"Doe",
"house_name_or_number":"Apt 12",
"postcode":"ZY12 3XY",
"email":"john.doe@example.com"
},
{
"id":2,
"title_id":3,
"firstname":"Jane",
"surname":"Doe",
"house_name_or_number":"35a",
"postcode":"EX12 3XZ",
"email":"jane.doe@example.com"
}
]When using one of the supported API Client classes, the optional parameters can either be added as part of the URI query parameters, or passed into the class as an array.
| Parameter | Type | Example Usage | Description |
|---|---|---|---|
| {FIELD NAME} | string | firstname=John | Use any field name from the resource to perform a search on that field |
| page | integer | page=3 | Used for pagination of results |
| sort | string | sort=-surname | Used for sorting of results based on specified field name. A minus before the field name indicates descending order, otherwise ascending. |
<!-- Search contacts with surname Doe -->
curl -H "X-Public: {PUBLIC KEY}" -H "X-Hash: {TOKEN}" -X GET https://hackney-planning.idoxcloud.com/rest/v1/contacts?surname=Doe
<!-- Search contacts with surname Doe, sort by surname ascending -->
curl -H "X-Public: {PUBLIC KEY}" -H "X-Hash: {TOKEN}" -X GET https://hackney-planning.idoxcloud.com/rest/v1/contacts?surname=Doe&sort=surname
<!-- Search contacts with surname Doe, paginate to page 4 of results -->
curl -H "X-Public: {PUBLIC KEY}" -H "X-Hash: {TOKEN}" -X GET https://hackney-planning.idoxcloud.com/rest/v1/contacts?surname=Doe&page=4
<!-- Search contacts with surname Doe, paginate to page 2 of results, sort by postcode descending -->
curl -H "X-Public: {PUBLIC KEY}" -H "X-Hash: {TOKEN}" -X GET https://hackney-planning.idoxcloud.com/rest/v1/contacts?surname=Doe&page=2&sort=-postcode[
{
"id":1,
"title_id":2,
"firstname":"John",
"surname":"Doe",
"house_name_or_number":"Apt 12",
"postcode":"ZY12 3XY",
"email":"john.doe@example.com"
},
{
"id":2,
"title_id":3,
"firstname":"Jane",
"surname":"Doe",
"house_name_or_number":"35a",
"postcode":"EX12 3XZ",
"email":"jane.doe@example.com"
}
]When using one of the supported API Client classes, the parameters should be passed into the class as an array. For other implementations, the parameter should be passed as request data
Parameters are based on the available fields for the resource. Values should be passed as a key:value array.
<!-- Create contact with firstname Sam surname Doe -->
curl -H "X-Public: {PUBLIC KEY}" -H "X-Hash: {TOKEN}" -d "firstname=Sam&surname=Doe" -X PUT https://hackney-planning.idoxcloud.com/rest/v1/contacts
{
"title_id":null,
"firstname":"Sam",
"surname":"Doe",
"house_name_or_number":null,
"postcode":null,
"email":null
}When using one of the supported API Client classes, the parameters should be passed into the class as an array. For other implementations, the parameter should be passed as request data
The resource id should be specified as part of the request URI as per the example.
Parameters are based on the available fields for the resource.
<!-- Update contact id 3 with email sam.doe@example.com -->
curl -H "X-Public: {PUBLIC KEY}" -H "X-Hash: {TOKEN}" -d "email=sam.doe@example.com" -X POST https://hackney-planning.idoxcloud.com/rest/v1/contacts/3
{
"title_id":null,
"firstname":"Sam",
"surname":"Doe",
"house_name_or_number":null,
"postcode":null,
"email":"sam.doe@example.com"
}Extreme care should be taken when using the DELETE operation as it cannot be undone via the API
The resource id should be specified as part of the request URI as per the example.
<!-- Delete contact id 3 -->
curl -H "X-Public: {PUBLIC KEY}" -H "X-Hash: {TOKEN}" -X DELETE https://hackney-planning.idoxcloud.com/rest/v1/contacts/3
The response HTTP status should confirm that the request was OK, there will be no resulting data.
As mentioned above, the pagination of records when performing view or search operations is done via the parameter "page".
The information about the number of results, results per page, and current page number is sent as custom headers in the response
When using one of the supported API Client classes, this information will be extracted automatically and included in the response array as detailed in the API Client class specifics below.
| Header | Description |
|---|---|
| X-Number-Of-Results | The count of results returned by the view or search operation |
| X-Page-Number | The current page number. Page can be changed as detailed above using the parameter page |
| X-Results-Per-Page | The number of results returned per page. For V1 of the API, this is a hard limit and cannot be changed. To fetch additional results, an iteration function should be created by the end user to make multiple requests to the API. |
The parameters to instantiate a new API Client class are as follows:
| Parameter | Required | Type | Description |
|---|---|---|---|
| $public_key | string | API Profile public key | |
| $private_key | string | API Profile private key | |
| $url | string | API Request URI | |
| $request_method | string | HTTP request method to be used | |
| $data | array | Data to be send with request | |
| $debug | boolean | Used for server-side debugging of requests. Should only be set to true if requested by Idox plc. |
<?php
// include APIClient class
require_once 'class.APIClient.php';
// instantiate request
$request = new APIClient($public_key, $private_key, $request_uri, $request_method, $debug);
// send request and get result
$result = $request->sendRequest();
?>
The $result will be an array containing:
| Key | Description |
|---|---|
| header | The full request header returned from the server |
| http_status | The resulting http status, indicating if the request was successful, unauthorized, not implemented, etc. |
| number_of_results | The number of results returned when performing view all/search operations. Not implemented for other operations |
| page_number | The current page number of results when paginating view all/search operations. Not implemented for other operations |
| results_per_page | A hard limit of results per page when paginating view all/search operations. Not implemented for other operations |
| reply | The resulting data, as an array parsed from the return JSON string. |
<?php
// include APIClient class
require_once 'class.APIClient.php';
// setup request details
$public_key = '1234567890';
$private_key = '0987654321';
$request_uri = 'https://hackney-planning.idoxcloud.com/rest/v1/contacts/1';
// set appropriate request method to view
$request_method = 'get';
// instantiate request
$request = new APIClient($public_key, $private_key, $request_uri, $request_method);
// send request and get result
$result = $request->sendRequest();
// show response
print_r($result);
?>Array
(
[header] => Array
(
[0] => HTTP/1.1 200 OK
[1] => Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
[2] => Pragma: no-cache
[3] => Vary: Accept-Encoding,User-Agent
[4] => Content-Type: application/json
)
[http_status] => 200 - OK
[reply] => stdClass Object
(
[id] => 1
[title_id] => 2
[firstname] => John
[surname] => Doe
[house_name_or_number] => Apt 12
[postcode] => ZY12 3XY
[email] => john.doe@example.com
)
)
<?php
// include APIClient class
require_once 'class.APIClient.php';
// setup request details
$public_key = '1234567890';
$private_key = '0987654321';
$request_uri = 'https://hackney-planning.idoxcloud.com/rest/v1/contacts';
// set appropriate request method to view
$request_method = 'get';
// set optional parameter to sort results
$request_data = array(
'sort'=>'firstname'
);
// instantiate request
$request = new APIClient($public_key, $private_key, $request_uri, $request_method);
// send request and get result
$result = $request->sendRequest();
// show response
print_r($result);
?>Array
(
[header] => Array
(
[0] => HTTP/1.1 200 OK
[1] => Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
[2] => Pragma: no-cache
[3] => Vary: Accept-Encoding,User-Agent
[4] => Content-Type: application/json
[5] => X-Number-Of-Results: 2
[6] => X-Page-Number: 1
[7] => X-Results-Per-Page: 30
)
[http_status] => 200 - OK
[number_of_results] => 2
[page_number] => 1
[results_per_page] => 30
[reply] => Array
(
[0] => stdClass Object
(
[id] => 1
[title_id] => 2
[firstname] => John
[surname] => Doe
[house_name_or_number] => Apt 12
[postcode] => ZY12 3XY
[email] => john.doe@example.com
)
[1] => stdClass Object
(
[id] => 2
[title_id] => 3
[firstname] => Jane
[surname] => Doe
[house_name_or_number] => 35a
[postcode] => EX12 3XZ
[email] => jane.doe@example.com
)
)
)
<?php
// include APIClient class
require_once 'class.APIClient.php';
// setup request details
$public_key = '1234567890';
$private_key = '0987654321';
$request_uri = 'https://hackney-planning.idoxcloud.com/rest/v1/contacts';
// set appropriate request method to search
$request_method = 'get';
// set parameters for search
$request_data = array(
'firstname'=>'Sam',
'sort'=>'surname'
);
// instantiate request
$request = new APIClient($public_key, $private_key, $request_uri, $request_method, $request_data);
// send request and get result
$result = $request->sendRequest();
// show response
print_r($result);
?>Array
(
[header] => Array
(
[0] => HTTP/1.1 200 OK
[1] => Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
[2] => Pragma: no-cache
[3] => Vary: Accept-Encoding,User-Agent
[4] => Content-Type: application/json
[5] => X-Number-Of-Results: 1
[6] => X-Page-Number: 1
[7] => X-Results-Per-Page: 30
)
[http_status] => 200 - OK
[number_of_results] => 1
[page_number] => 1
[results_per_page] => 30
[reply] => Array
(
[0] => stdClass Object
(
[id] => 3
[title_id] =>
[firstname] => Sam
[surname] => Doe
[house_name_or_number] =>
[postcode] =>
[email] => sam.doe@example.com
)
)
)
<?php
// include APIClient class
require_once 'class.APIClient.php';
// setup request details
$public_key = '1234567890';
$private_key = '0987654321';
$request_uri = 'https://hackney-planning.idoxcloud.com/rest/v1/contacts';
// set appropriate request method to create
$request_method = 'put';
// set parameters for contact data
$request_data = array(
'firstname'=>'James',
'surname'=>'Doe',
'house_name_or_number'=>'41'
);
// instantiate request
$request = new APIClient($public_key, $private_key, $request_uri, $request_method, $request_data);
// send request and get result
$result = $request->sendRequest();
// show response
print_r($result);
?>Array
(
[header] => Array
(
[0] => HTTP/1.1 200 OK
[1] => Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
[2] => Pragma: no-cache
[3] => Vary: Accept-Encoding,User-Agent
[4] => Content-Type: application/json
)
[http_status] => 200 - OK
[reply] => stdClass Object
(
[id] => 4
[title_id] =>
[firstname] => James
[surname] => Doe
[house_name_or_number] => 41
[postcode] =>
[email] =>
)
)
<?php
// include APIClient class
require_once 'class.APIClient.php';
// setup request details
$public_key = '1234567890';
$private_key = '0987654321';
$request_uri = 'https://hackney-planning.idoxcloud.com/rest/v1/contacts/4';
// set appropriate request method to update
$request_method = 'post';
// set parameters for contact data
$request_data = array(
'email'=>'james.doe@example.com',
'postcode'=>'JD12 3LR',
);
// instantiate request
$request = new APIClient($public_key, $private_key, $request_uri, $request_method, $request_data);
// send request and get result
$result = $request->sendRequest();
// show response
print_r($result);
?>Array
(
[header] => Array
(
[0] => HTTP/1.1 200 OK
[1] => Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
[2] => Pragma: no-cache
[3] => Vary: Accept-Encoding,User-Agent
[4] => Content-Type: application/json
)
[http_status] => 200 - OK
[reply] => stdClass Object
(
[id] => 4
[title_id] =>
[firstname] => James
[surname] => Doe
[house_name_or_number] => 41
[postcode] => JD12 3LR
[email] => james.doe@example.com
)
)
<?php
// include APIClient class
require_once 'class.APIClient.php';
// setup request details
$public_key = '1234567890';
$private_key = '0987654321';
$request_uri = 'https://hackney-planning.idoxcloud.com/rest/v1/contacts/4';
// set appropriate request method to delete
$request_method = 'delete';
// instantiate request
$request = new APIClient($public_key, $private_key, $request_uri, $request_method);
// send request and get result
$result = $request->sendRequest();
// show response
print_r($result);
?>Array
(
[header] => Array
(
[0] => HTTP/1.1 200 OK
[1] => Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
[2] => Pragma: no-cache
[3] => Vary: Accept-Encoding,User-Agent
[4] => Content-Type: application/json
)
[http_status] => 200 - OK
[reply] =>
)
<?php
// include APIClient class
require_once 'class.APIClient.php';
// setup request details
$public_key = '1234567890';
$private_key = '0987654321';
$request_uri = 'https://hackney-planning.idoxcloud.com/rest/v1/licences/4';
// set appropriate request method to update
$request_method = 'post';
// set parameters for contact data
$request_data = array(
'email'=>'james.doe@example.com',
'postcode'=>'JD12 3LR',
// you can put here one or multiple files, but files key must be an array
'files'=>[
// FULL_PATH_TO_THE_FILES should present a full path to thel local file, for instance:
// Windows: @C:\Users\Documents\file.pdf
// MAC: @/Users/USER_NAME/Documents/file.pdf
'@'. FULL_PATH_TO_THE_FILES . 'file.pdf',
'@'. FULL_PATH_TO_THE_FILES . 'file2.png'
],
// optional just to present nicely on the system Uploaded Files Section
'folder_name'=>'--- any folder name ---'
);
// instantiate request
$request = new APIClient($public_key, $private_key, $request_uri, $request_method, $request_data);
// send request and get result
$result = $request->sendRequest();
// show response
print_r($result);
?>Array
(
[header] => Array
(
[0] => HTTP/1.1 200 OK
[1] => Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
[2] => Pragma: no-cache
[3] => Vary: Accept-Encoding,User-Agent
[4] => Content-Type: application/json
)
[http_status] => 200 - OK
[reply] => stdClass Object
(
[id] => 4
[title_id] =>
[firstname] => James
[surname] => Doe
[house_name_or_number] => 41
[postcode] => JD12 3LR
[email] => james.doe@example.com
[uploaded_files] => Array
(
[0] => stdClass Object
(
[id] => 269
[title] => file.pdf
[name] => 1660043487::-::file.pdf
[size] => 8373
[custom_date] => 2022-08-01
[file] => file.pdf
[error] =>
)
[1] => stdClass Object
(
[id] => 270
[title] => file2.png
[name] => 1660043487::-::file2.png
[size] => 555657
[custom_date] => 2022-08-01
[file] => file2.png
[error] =>
)
)
)
)
)
<?php
// include APIClient class
require_once 'class.APIClient.php';
// setup request details
$public_key = '1234567890';
$private_key = '0987654321';
$request_uri = 'https://hackney-planning.idoxcloud.com/rest/v1/licences/4';
// set appropriate request method to update
$request_method = 'post';
// set parameters for contact data
$request_data = array(
'email'=>'james.doe@example.com',
'postcode'=>'JD12 3LR',
// you can put here one or multiple files, but files key must be an array
'plans'=>'@'. FULL_PATH_TO_THE_FILES . 'file2.png',
// FULL_PATH_TO_THE_FILES should present a full path to thel local file, for instance:
// Windows: @C:\Users\Documents\file.pdf
// MAC: @/Users/USER_NAME/Documents/file.pdf
);
// instantiate request
$request = new APIClient($public_key, $private_key, $request_uri, $request_method, $request_data);
// send request and get result
$result = $request->sendRequest();
// show response
print_r($result);
?>