Goto APIs

Basics:
API:

Integration API

General:

Basics:

Base-URL: https://capi.lagerkoll.com/v1/integration/
Parameters in the url should all be encoded and all data sent should be UTF-8

MAX number of requests per minute is set to 200.
When the limit is hit an error with code 429 is returned, with the header "Retry-After" containing the number of seconds you have to wait for your next request.

Headers:

There are 2 ways to be authenticated when using this API. in both ways you add headers to the request.
1) Use an API-key together with store-id. This would be used when communicating machine to machine and no real person is involved. The API-key is available from where you activated the API. The store-id is also available in the same place.
2) Use a user_id and user_token together with a store-id. You get these values from the login-request. The values are connected to a person and are gained when an actual login to the system has been made. 
store: <<STORE>>
user_id: <<USER_ID>>
user_token: <<USER_TOKEN>>
api_key: <<API_KEY>>
Accept: application/json
Content-Type: application/json

Errors:

Code Description
900001 Credentials don't match
900101 Common error
900429 Too many requests
905002 Wrong state
905004 Error for integration
905005 Error for external integration
905007 Error posting to BankID 
{
  "errorCode" : 900101,
  "errorMessage" : "Something went wrong on the server",
  "errorField" : null,
  "errorData" : null
}

Integration API:

BankID

BankID check status

GETUrl: /bankid/{order_ref}/status
Headers:
Accept: application/json
Content-type: application/json
Check authentication status from BankID. If user is logged in the success of authentication will automatically connect the logged in user with the ssn from BankID. If user is not logged in and ssn is not found in Lagerkoll, the ssn is returned to client. Otherwise the user is logged in and a new valid webtoken is returned.

Valid parameters:

Parameter Description Default value Allowed values
invite_user_id User id for inviting a new user who wants to login with BankID
invite_user_key Invite key for inviting a new user who wants to login with BankID
Body:
Successfull response:

{
    "accountId": 1146,
    "orderRef": "orderRef",
    "qrCode": "qrCode",
    "hint": "hint",
    "storeId": 3261,
    "status": "status",
    "ssn": "ssn",
    "token": "token"
}

BankID start authentication

POSTUrl: /bankid/start_auth
Headers:
Accept: application/json
Content-type: application/json
Start BankID authentication using either QR Code or logging on to the same device
Body:
Successfull response:

{
    "autoStartToken": "autoStartToken",
    "orderRef": "orderRef"
}

BankID cancel

POSTUrl: /bankid/{order_ref}/cancel
Headers:
Accept: application/json
Content-type: application/json
Cancel ongoing authentication
Body:
Successfull response:

External Integration

Get credentials

GETUrl: /external
Headers:
Content-type: application/json or application/xml
Get external integration credentials
Body:
Successfull response:

{"credentials": [{
    "integration": "integration",
    "allowedMethods": [{}]
}]}

Add credentials

POSTUrl: /external
Headers:
Content-type: application/json or application/xml
Create new external integration credentials
Body:

{
    "authorizationMethod": "DEFAULT",
    "values": {},
    "integration": "integration",
    "allowedMethods": [{}]
}
Successfull response:

{
    "integration": "integration",
    "allowedMethods": [{}]
}

Redirect request

POSTUrl: /external/request
Headers:
Content-type: application/json or application/xml
Redirects requests to external integrations and returns the data. Before the request is redirected credentials will be added. Credentials can be either in the headers-list, in the url or in the body. If a credential is left blank either in the header or in the url, the system will try to find the exact same key in the stored credential and replace the value with that. But a credential could also have the format {{my_key}} and the system will then replace my_key with the stored credential value of that key. This is how it must be done if you have credentials in the body-field
Body:

{
    "headers": {},
    "method": "method",
    "integration": "integration",
    "formDataPartName": "formDataPartName",
    "body": {},
    "url": "url",
    "formDataFilename": "formDataFilename"
}
Successfull response:

Update credentials

PUTUrl: /external/{integration}
Headers:
Content-type: application/json or application/xml
Update existing external integration credentials
Body:

{
    "authorizationMethod": "DEFAULT",
    "values": {},
    "integration": "integration",
    "allowedMethods": [{}]
}
Successfull response:

{
    "integration": "integration",
    "allowedMethods": [{}]
}

Remove credentials

DELETEUrl: /external/{integration}
Headers:
Content-type: application/json or application/xml
Remove existing external integration credentials
Body:
Successfull response:

Fortnox

Initiate Fortnox integration

POSTUrl: /fortnox/initiate
Headers:
Accept: application/json or application/xml
Content-type: application/json or application/xml
Save initial data for Fortnox integration
Body:
Successfull response:

Integration

Get status

GETUrl: /status
Headers:
Accept: application/json
Content-type: application/json
Get status for your integration
Body:
Successfull response:

Send custom request

POSTUrl: /custom
Headers:
Accept: application/json or application/xml
Content-type: application/json or application/xml
Send custom request
Body:

{"path": "path"}
Successfull response:

Sync integration

PUTUrl: /sync
Headers:
Accept: application/json
Content-type: application/json
Start a sync of integration where changed data from external system will be synced to Lagerkoll

Valid parameters:

Parameter Description Default value Allowed values
sync_from_lagerkoll false
Body:
Successfull response:

Start integration

PUTUrl: /status/start
Headers:
Accept: application/json
Content-type: application/json
If integration is paused
Body:
Successfull response:

Remove integration

DELETEUrl:
Headers:
Accept: application/json or application/xml
Content-type: application/json or application/xml
Remove integration and stop all sync messages
Body:
Successfull response:

Visma

Initiate Visma integration

POSTUrl: /visma/initiate
Headers:
Accept: application/json or application/xml
Content-type: application/json or application/xml
Save initial data for Visma integration
Body:
Successfull response:

Visma single sign on

POSTUrl: /visma/login
Headers:
Accept: application/json
Content-type: application/x-www-form-urlencoded
Callback request from Visma single sign on
Body:
Successfull response:

Classes:

BankIDAuthResponse

Field Type Description Default Mandatory Accepted values Example values Access
orderRef String Session's order reference number R
autoStartToken String Token to use to build a link to automatically start BankID on client. The url to start the application on the same device looks like this: https://app.bankid.com/?autostarttoken=[autoStartToken]&redirect=null R

BankIDStatusResponse

Field Type Description Default Mandatory Accepted values Example values Access
orderRef String Session's order reference number R
status String Session's status FAILED, PENDING, COMPLETE R
hint String Error hint from BankID R
ssn String Social security number of the successfully authenticated BankId user R
accountId Long R
storeId Long R
token String API token for logged in user R
qrCode String Dynamic qr code used for logging in R

ExternalCredentials

Field Type Description Default Mandatory Accepted values Example values Access
integration String Name of integration Post R,W
allowedMethods List List of accepted methods for this integration Post GET,POST,PUT,DELETE R,W

ExternalCredentialsRequest

Field Type Description Default Mandatory Accepted values Example values Access
integration String Name of integration Post R,W
values HashMap Map of credentials (Key, value) Post R,W
allowedMethods List List of accepted methods for this integration Post GET,POST,PUT,DELETE R,W
authorizationMethod String Authorization method to use when redirecting external requests DEFAULT DEFAULT,WOO_COMMERCE R,W

ExternalCredentialsResponse

Field Type Description Default Mandatory Accepted values Example values Access
credentials List R

ExternalRequest

Field Type Description Default Mandatory Accepted values Example values Access
integration String Name of integration Post R,W
method String What type of method is the request Post GET,POST,PUT,DELETE R,W
url String Url of the final destination Post R,W
headers HashMap Headers to be redirected to final destination Post R,W
body Object Body to be redirected to final destination Post R,W
formDataPartName String If headersĀ“ Content-Type is set to multipart/form-data the body will be treated as Base64 encoded data that will be redirected to final destination with this fields value as the key R,W
formDataFilename String If headersĀ“ Content-Type is set to multipart/form-data the body will be treated as Base64 encoded data that will be redirected to final destination with this fields value as the filename R,W

IntegrationCustomRequest

Field Type Description Default Mandatory Accepted values Example values Access
path String The path to send the request to true R,W