{ "openapi": "3.0.0", "info": { "title": "Resales Online API Document", "description": "\n# Authentication\n\nAll PropQ API calls should be authenticated via OAuth2 client credentials flow. In order to using the API,\nyou must have a **client id** and a **client secret**. Contact Resales Online for these information. You have to\nstore securely in your side. **Never** hardcode them in your code.\n\nEach API call is an HTTP request with at least two headers:\n * `Content-Type`: always be `application/json`. If this header is missing or not correct, the response code can\n be incorrect.\n * `Authorization`: must be a string in the following format `Bearer ` with the `` is\n an access token grantted from our server. An access token can be cached in your system\n (local files, databases, ...) to use in 30 days since it is created.\n\nTo get a new access token, send and HTTP `POST` request to `https://api.propq.com/oauth/token` with\nthese parameters:\n* `grant_type`: always be `client_credentials`\n* `client_id`: your client id (should be an integer)\n* `client_secret`: your client secret (should be a string)\n\nIf the data is valid, the response we be a JSON object with the following fields:\n* `access_token`: the access token that you will use in other API requests\n* `expires_in`: the number of seconds that the access token is valid. Currently, this value always be `2592000`\n(30 days)\n* `token_type`: Always be `Bearer`\n\nThe *example* section gives an example of how to work with Resales Online APIs.\n\n\n\n\n# Response code\n\nThere are different HTTP response code from the API:\n\n* `200`: the API call is processed successfully. The response data is a JSON object.\n* `400`: there are errors when processing the request\n* `401`: the access token is missing or invalid\n* `403`: the current user does not have sufficient privilege to call the current API\n* `419`: the current API is called with an incorrect method. For example, you send a `POST` request\nto an endpoint that only accepts `GET` requests.\n* `422`: the input data is not valid. The validation errors is returned in the body\n* `5xx`: there are errors in Resales Online servers\n* `3xx`: the `Content-Type` may be missing and the current request is not processed successfully\n\n# Example\nThis is an example PHP script to call the `/iam/me` API endpoint. Here, we store the secret key in a file and cache\nthe access token (in files, too) so that we don't need to request new one every time the script is run.\n\n```\n \"client_credentials\",\n \"client_id\" => CLIENT_ID,\n \"client_secret\" => $clientSecret\n ];\n\n $ch = curl_init();\n curl_setopt($ch, CURLOPT_URL, $tokenEndPoint);\n curl_setopt($ch, CURLOPT_POST, 1);\n curl_setopt($ch, CURLOPT_POSTFIELDS, $params);\n curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);\n $output = curl_exec($ch);\n curl_close ($ch);\n $json = json_decode($output, true);\n $accessToken = $json['access_token'];\n\n file_put_contents(FILE_ACCESS_TOKEN, $accessToken);\n}\n\n// Now, with access token we can call other APIs.\n// The example below calling the `/iam/me` end point to get the information of\n// the current user.\n$url = API_ROOT . \"/api/v1/iam/me\";\n$ch = curl_init();\ncurl_setopt($ch, CURLOPT_URL, $url);\ncurl_setopt($ch, CURLOPT_RETURNTRANSFER, true);\ncurl_setopt($ch, CURLOPT_HTTPHEADER, [\n'Content-Type: application/json',\n'Authorization: Bearer ' . $accessToken\n]);\n$output = curl_exec($ch);\ncurl_close ($ch);\n$json = json_decode($output, true);\n\n// Display the json output\nvar_dump($json);\n```\n", "version": "1.7.0" }, "servers": [ { "url": "https://api.propq.com/v1", "description": "The API endpoint" } ], "security": [ { "OAuth2": [] } ], "components": { "securitySchemes": { "OAuth2": { "type": "oauth2", "description": "This API use OAuth2 with the client credentials flow", "flows": { "clientCredentials": { "tokenUrl": "https://api.propq.com/oauth/token", "scopes": {} } } } } }, "tags": [ { "name": "Token" }, { "name": "Development Unit" }, { "name": "Publish Development" } ], "paths": { "/oauth/token": { "post": { "summary": "Retrieve a token", "description": "Get a new OAuth2 token for the current client. This is the only request that do not accept a JSON body\nand do not require an access token. This also the only request that you **must not** including the\n`Content-Type: application/json` header.\n", "security": [], "servers": [ { "url": "https://api.propq.com" } ], "tags": [ "Token" ], "requestBody": { "content": { "application/x-www-form-urlencoded": { "schema": { "type": "object", "required": [ "grant_type", "client_id", "client_secret" ], "properties": { "grant_type": { "type": "string", "enum": [ "client_credentials" ], "description": "Currently, we only support client credentials flow, the value always be `client_credentials`" }, "client_id": { "type": "number", "description": "The client id number" }, "client_secret": { "type": "string", "description": "The client secret key" } } } } } }, "responses": { "200": { "description": "The request is success and a new token is created", "content": { "application/json": { "schema": { "type": "object", "required": [ "token_type", "expires_in", "access_token" ], "properties": { "token_type": { "type": "string", "description": "Always be `Bearer`", "enum": [ "Bearer" ] }, "expires_in": { "type": "integer", "description": "The number of minutes until this token expires" }, "access_token": { "type": "string", "description": "The access token that can be used to call other APIs" } }, "example": { "token_type": "Bearer", "expires_in": 7200, "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0" } } } } }, "400": { "description": "There are errors with the request" }, "401": { "description": "The client information is not valid" } } } }, "/developments/{development_id}/units/update-by-name": { "parameters": [ { "$ref": "#/paths/~1developments~1%7Bdevelopment_id%7D~1publish/parameters/0" } ], "post": { "summary": "Update by unit name", "description": "Update a development unit by a unit name and development project id", "tags": [ "Development Unit" ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "required": [ "UntName", "UntStatus", "UntPrice", "UntDirections" ], "properties": { "UntName": { "type": "string", "description": "The name of the unit to be updated" }, "UntStatus": { "type": "number", "enum": [ { "1": "AVAILABLE" }, { "2": "HOLD" }, { "4": "SOLD" }, { "8": "RESERVED" } ], "description": "The new status of the unit" }, "UntPrice": { "type": "number", "description": "The new price of the unit" }, "UntDirections": { "type": "array", "description": "The new direction list of the unit" } }, "example": { "UntName": "Test", "UntStatus": 1, "UntPrice": 123456, "UntDirections": [ "N", "S" ] } } } } } } }, "/developments/{development_id}/publish": { "parameters": [ { "name": "development_id", "in": "path", "description": "The ID of the development project", "required": true, "schema": { "type": "string" } } ], "post": { "summary": "Publish a development", "description": "Publish a development by development id", "tags": [ "Publish Development" ] } }, "/developments/{development_id}/publish-status": { "parameters": [ { "$ref": "#/paths/~1developments~1%7Bdevelopment_id%7D~1publish/parameters/0" } ], "get": { "summary": "Get development status", "description": "Get status of development by development id", "tags": [ "Publish Development" ], "responses": { "200": { "description": "The request is success and development status is return", "content": { "application/json": { "schema": { "type": "object", "required": [ "DevStatus" ], "properties": { "DevStatus": { "type": "string", "description": "Status of development" } }, "example": { "DevStatus": "PUBLISHING" } } } } }, "400": { "description": "There are errors with the request" }, "404": { "description": "The development id is not valid" } } } } } }