Public API

API v1

The Fast Events public API uses REST and JSON is returned by all API responses including errors and HTTP response status codes are to designate success and failure.

Requests to the Fast Events public API is for private information and all endpoints require authentication.

Requirements

All endpoints require an API key in a HTTP header and most use WordPress application passwords in the Authorization HTTP header. By using application passwords (as of WordPress 5.6) you have a great deal of flexibility. You can either create 1 WordPress user and use a single application password for all clients or an application password per client. But you can also create a WordPress user for each client with an application password. In WordPress you can then easily revoke the rights per client. The API KEY can be used as a kind of kill switch. By changing this, all clients will be blocked for the specific endpoint. For the username in the Authorization HTTP header you can use the login name or the emailaddress. Overview per resource:

scans

You need to include the X-FE-API-KEY and its value in a HTTP header. The value can be found in the Scan tab. The Scan app is using these endpoints.

payments

You need to include the X-FE-API-KEY and its value in a HTTP header. The value can be found in the settings of the plugin. The endpoint also needs an application password. The Payment app is using these endpoints.

admin

You need to include the X-FE-API-KEY and its value in a HTTP header for all admin endpoints. The value can be found in the plugin settings. These endpoint also needs an application password.

Tip

You can browse the schemas by accessing every endpoint with an http OPTIONS request. Use Postman to look at the individual fields of an endpoint and its format. Use it also for testing. For example: if your WordPress hosting environment is located at https://exampledomain.com, the REST URL for a new scan request will be https://exampledomain.com/wp-json/fast-events/v1/scans.

Warning

Default values in the schemas are only applicable if a new object is created and if not all fields all provided in the REST request.