openapi: 3.0.0
info:
title: 'Public API Reference'
version: '2023-10-30'
description: >
The Zephr Public API provides common client-side actions tied to a session cookie. Unlike the Admin API, neither users nor other resources can be dereferenced; the only data that can be accessed is owned by the user who is currently signed in.
This design is used to protect other users from malicious attacks.
You can find the base URL for the Public API by navigating to your site domains. To do this, select **Sites** from the **Delivery** menu, select your site, and then click the **Site Domains** button. The base URL is the Live domain.
Zephr forms use the Public API by default, with relative URLs based on the base URL.
tags:
- name: Authentication
x-displayName: Authentication
- name: Braintree Payments
x-displayName: Braintree Payments
- name: Browser Feature Decisions
x-displayName: Browser Feature Decisions
- name: Decision Engine
x-displayName: Decision Engine
- name: Dynamic Offer Decision Engine
x-displayName: Dynamic Offer Decision Engine
- name: OAuth Flow
x-displayName: OAuth Flow
- name: Payments
x-displayName: Payments
- name: Product Sharing
x-displayName: Product Sharing
- name: SDK Feature Decision Engine
x-displayName: SDK Feature Decision Engine
- name: Sessions
x-displayName: Sessions
- name: Stripe Payments
x-displayName: Stripe Payments
- name: Third-Party Authentication
description: 'This section contains the API operations for the OAuth 2.0 Authorization Code Flow.'
x-displayName: Third-Party Authentication
- name: User
x-displayName: User
- name: V4 Gifts
description: >-
Create a Gift resource for V4. Gifts can be used to provide access to a
particular URL for one session only by appending a gift token ID to the URL as the `gift` path parameter.
x-displayName: V4 Gifts
- name: Web Analytics
x-displayName: Web Analytics
- name: Zephr Features
x-displayName: Zephr Features
- name: Component Library
x-displayName: Component Library
servers:
- url: https://{your-domain}
variables:
your-domain:
default: demo-site
description: The domain of your site.
paths:
/blaize/login:
post:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/user-registration-response'
examples:
response:
value:
cookie: >-
blaize_session=0123456789ABCD; Expires=Fri, 16 Nov 2018
12:35:56 GMT; Path=/;
message: Registration successful
tracking_id: TT0123456789ABCD
'400':
description: Bad Request
headers: {}
'401':
description: Unauthorized
headers: {}
summary: Log in to the user account
operationId: Login
description: Logs in to the user account.
tags:
- Authentication
parameters:
- name: cookie
in: header
description: "The session cookie."
required: false
example: blaize_session=... (optional)
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/user-registration-request'
/blaize/logout:
post:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/admin-user-logout-response'
examples:
response:
value:
message: Session deleted
'400':
description: Bad Request
headers: {}
summary: Log out of the user account
operationId: Logout
description: Logs out of the user account.
tags:
- Authentication
parameters:
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/admin-user-logout-request'
/zephr/public/sso/v1/status:
get:
responses:
'200':
description: SSO status was retrieved successfully
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/RetrieveStatusResponse'
examples:
response:
value:
status: authenticated
meta: {}
summary: Retrieve the SSO status
operationId: Retrieve_SSO_Status
description: Retrieves the SSO status and metadata of the current user.
tags:
- Authentication
/zephr/public/sso/v1/status/meta:
put:
responses:
'200':
description: OK
headers: {}
'400':
description: Bad Request
headers: {}
summary: Update the metadata
operationId: Update_Meta
description: Updates the SSO metadata associated with the user.
tags:
- Authentication
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/customer-meta'
example: {}
/blaize/token-exchange:
post:
responses:
'201':
description: Created
headers: {}
'400':
description: Bad Request
headers: {}
summary: Start a passwordless authentication
operationId: Start_Passwordless
description: >
Starts the passwordless authentication.
**IMPORTANT**: For passwordless authentication, first is required to
send a POST to request an email to be sent to the User’s email with a
link for the user to click on to verify his email.
tags:
- Authentication
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/passwordless-authentication-request'
get:
responses:
'302':
description: Found
headers:
Location:
schema:
type: string
Set-Cookie:
schema:
type: string
'400':
description: Bad Request
headers: {}
'401':
description: Unauthorized
headers: {}
summary: Complete a passwordless authentication
operationId: Complete_Passwordless
description: >
Completes the passwordless authentication.
**IMPORTANT**: For passwordless authentication, first is required to
send a POST to request an email to be sent to the User’s email with a
link for the user to click on to verify his email.
tags:
- Authentication
/blaize/users/reset:
post:
responses:
'200':
description: OK
headers: {}
'400':
description: Bad Request
headers: {}
'404':
description: Not Found
headers: {}
summary: Start a password reset
operationId: Start_password_reset
description: >
Starts the password reset. **IMPORTANT**: To reset a user password, first is
required to send a POST to request an email to be sent to the User’s
email with a link for the user to click on so as to verify that he
requested this password change.
tags:
- Authentication
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/password-reset-request'
/blaize/users/reset/{state}:
post:
responses:
'200':
description: OK
headers: {}
'400':
description: Bad Request
headers: {}
'404':
description: Not Found
headers: {}
summary: Complete a password reset
operationId: Complete_password_reset
description: >
Completes the password reset. **IMPORTANT**: To reset a user password, first
is required to send a POST to request an email to be sent to the User’s
email with a link for the user to click on so as to verify that he
requested this password change.
tags:
- Authentication
parameters:
- name: state
in: path
description: Unique State identifier
required: true
schema:
type: string
requestBody:
$ref: '#/components/requestBodies/Complete_password_resetBody'
/blaize/blaize/password-reset.html:
get:
responses:
'200':
description: OK
headers: {}
content:
text/html:
examples:
response:
value: ''
summary: Return the password reset form
operationId: Password_Reset_Form
description: Returns the password reset form
tags:
- Authentication
/blaize/anonymous-session:
post:
responses:
'201':
description: Created
headers:
Set-Cookie:
schema:
type: string
content:
application/json:
schema:
$ref: '#/components/schemas/cdn-anonymous-session-response'
examples:
response:
value:
message: Anonymous session created successfully
tracking_id: 33d576c7-d036-40e7-8141-8a91998a5c79
summary: Create an anonymous session
operationId: Anonymous_Session
description: Creates an anonymous session.
tags:
- Authentication
/blaize/users/update-email:
post:
responses:
'200':
description: OK
headers: {}
'400':
description: Bad Request
headers: {}
'404':
description: Not Found
headers: {}
summary: Start updating the current email address
operationId: Start_updating_your_current_email_address
description: |
Starts updating user's current email address.
tags:
- Authentication
requestBody:
content:
application/json:
schema:
$ref: >-
#/components/schemas/start-update-your-current-email-address-request
/blaize/users/update-email/:
post:
responses:
'200':
description: OK
headers: {}
'400':
description: Bad Request
headers: {}
'404':
description: Not Found
headers: {}
summary: Complete updating the current email address
operationId: Complete_update_your_current_email_address
description: |
Completes updating user's current email address.
tags:
- Authentication
requestBody:
$ref: '#/components/requestBodies/Complete_password_resetBody'
/blaize/update-email.html:
get:
responses:
'200':
description: OK
headers: {}
content:
text/html:
examples:
response:
value: ''
summary: Return the update email request form
operationId: Update_Email_Request_Form
description: Returns the update email request Form.
tags:
- Authentication
/blaize/users/change-password:
post:
responses:
'200':
description: OK
headers: {}
'400':
description: Bad Request
headers: {}
'403':
description: Forbidden
headers: {}
'404':
description: Not Found
headers: {}
summary: Change the user password
operationId: Change_Password
description: Changes the user password.
tags:
- Authentication
requestBody:
content:
application/json:
schema:
type: object
properties:
current_validators:
type: object
properties:
password:
type: string
use_sso:
type: boolean
description: >-
When this is present there should be no identifiers in
the body. The user is identified through a
blaize_session cookie.
new_validators:
type: object
properties:
password:
type: string
use_sso:
type: boolean
description: >-
When this is present there should be no identifiers in
the body. The user is identified through a
blaize_session cookie.
required:
- current_validators
- new_validators
example:
current_validators:
password: mysecurepassword123
new_validators:
password: mysecurepassword123
/blaize/payment/braintree/token:
get:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
type: object
properties:
token:
type: string
example: >-
eyJ2ZXmsaW5nQW...(lots more random-looking
characters)...dyZWmVubW8iOiJvZmYifQ==
examples:
response:
value:
token: >-
eyJ2ZXmsaW5nQW...(lots more random-looking
characters)...dyZWmVubW8iOiJvZmYifQ==
'401':
description: Unauthorized
headers: {}
summary: Retrieve the Braintree token
operationId: Get_Braintree_Token
description: |-
Issues a Braintree client token for the current blaize session.
This holds the user's userId if the user has an authenticated session.
This token can be used to request a payment nonce.
tags:
- Braintree Payments
parameters:
- name: allowUnauthenticated
in: query
description: >-
if tokens can be generated for unauthenticated user sessions -
defaults to false
required: false
schema:
type: boolean
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
/blaize/payment/braintree/subscriptionChargedCallback/:
post:
responses:
'200':
description: OK
headers: {}
summary: Create a subscription start callback
operationId: Stripe_Callback_POST
description: >-
To use subscriptions, braintree callback must be configured to point to
this endpoint.
tags:
- Braintree Payments
/blaize/payment/braintree/subscriptions:
get:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
type: object
required:
- token
- managed-by
- external-id
- next-billing-time
- ends
- blaize-product
- transaction-history
- subscription-state
- plan_id
- plan_name
- currency_code
- pre_discount_price
- billing_frequency_unit
- billing_frequency
- discounts_applied
- multiphase_plan
properties:
token:
type: string
example: 8m2kc5g
description: The token identifier for this payment method.
managed-by:
type: string
example: Braintree
external-id:
type: string
example: abc123
description: The ID for this subscription in Braintree.
next-billing-time:
type: string
example: '2021-05-17T04:31:33Z'
description: >-
ISO-8601 formatted time at which the subscription will
next be billed.
ends:
type: string
example: '2021-05-17T04:31:33Z'
description: >-
ISO-8601 formatted time at which the subscription is
expected to end.
blaize-product:
$ref: '#/components/schemas/subscription-product'
transaction-history:
type: array
items: {}
subscription-state:
type: string
example: active
description: The subscription state, as acquired from Braintree.
paid_through_date:
type: string
example: '2021-05-17T04:31:33Z'
description: >-
ISO-8601 formatted time up to which the subscription has
been paid for. This will be `null` if the subscription has
not yet been paid for.
plan_id:
type: string
example: plan-123
description: The Braintree plan ID
plan_name:
type: string
example: monthly-plan
description: The Braintree plan name
currency_code:
type: string
example: GBP
description: The currency of the subscription price.
pre_discount_price:
type: number
example: 50
description: The subscription price before any discounts are applied.
billing_frequency_unit:
type: string
example: MONTH
description: >-
The time unit of the billing frequency, one of: YEAR,
MONTH, WEEK, DAY.
billing_frequency:
type: number
example: 1
description: >-
The frequency at which the subscription is billed, in the
units specified by billing_frequency_unit.
discounts_applied:
type: boolean
example: true
description: If the subscription has any applied discounts.
multiphase_plan:
type: boolean
example: true
description: If the subscription plan has multiple phases.
examples:
response:
value:
token: 8m2kc5g
managed-by: Braintree
external-id: abc123
next-billing-time: '2021-05-17T04:31:33Z'
ends: '2021-05-17T04:31:33Z'
blaize-product:
id: one-month-one-off
label: One month access
description: One month access
transaction-history:
- human-readable-amount: $2.34
time: ''
currency: $
cents: 234
cycle: month
cycleCount: 1
taxRate:
taxPercent: 15
isTaxInclusive: false
displayName: VAT
active: false
subscription-state: active
paid_through_date: '2021-05-17T04:31:33Z'
plan_id: plan-123
plan_name: monthly-plan
currency_code: GBP
pre_discount_price: 50
billing_frequency_unit: MONTH
billing_frequency: 1
discounts_applied: true
multiphase_plan: true
'401':
description: Unauthorized
headers: {}
'404':
description: Not Found
headers: {}
summary: List the Braintree subscriptions of a user
operationId: List_User_Braintree_Subscriptions
description: Lists all Braintree subscriptions for the logged-in user.
tags:
- Braintree Payments
parameters:
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
/blaize/payment/braintree/subscriptions/{subscriptionId}:
patch:
responses:
'204':
description: No Content
headers: {}
'401':
description: Unauthorized
headers: {}
'404':
description: Not Found
headers: {}
summary: Update the Braintree subscription
operationId: Update_Braintree_Subscription
description: >
Updates a Braintree subscription by ID.
This operation currently only supports updating the payment method for a
subscription, sending the payment method token or nonce.
tags:
- Braintree Payments
parameters:
- name: subscriptionId
in: path
description: Subscription ID
required: true
schema:
type: string
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
requestBody:
content:
application/json:
schema:
type: object
properties:
payment_method_token:
type: string
description: >-
Payment method token referencing a payment method in
Braintree.
payment_method_nonce:
type: string
description: >-
Payment method nonce referencing a payment method in
Braintree.
example:
payment_method_token: alpha123token
payment_method_nonce: alpha123token
delete:
responses:
'200':
description: OK
headers: {}
'404':
description: Not Found
headers: {}
'409':
description: Conflict
headers: {}
summary: Cancel the Braintree subscription
operationId: Cancel_Braintree_Subscription
description: Cancels a Braintree subscription by ID.
tags:
- Braintree Payments
parameters:
- name: subscriptionId
in: path
description: Subscription ID
required: true
schema:
type: string
/blaize/payment/braintree/buy:
post:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
type: object
properties:
grant_id:
type: string
example: aa583cb8-51d1-4bd9-9ec7-3a43796ef8e5
description: New grant of product bundle to user
examples:
response:
value:
grant_id: aa583cb8-51d1-4bd9-9ec7-3a43796ef8e5
'400':
description: Bad Request
headers: {}
'401':
description: Unauthorized
headers: {}
'404':
description: Not Found
headers: {}
summary: Create a Braintree buy (one-off)
operationId: Braintree_Buy_one-off
description: >
Uses the payment info captured by the braintree drop-in UI and encoded in the payment nonce to create a braintree customer and issue a one-off payment.
When braintree responds successfully, the logged-in user will be granted all entitlements in the product's associated bundle.
tags:
- Braintree Payments
parameters:
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
requestBody:
content:
application/json:
schema:
type: object
properties:
product_id:
type: string
description: Product Id/slug
price_point_id:
type: string
description: Price Point Id/slug
payment_nonce:
type: string
description: Payment method nonce from Braintree drop-in UI
required:
- product_id
- price_point_id
- payment_nonce
example:
product_id: lifetime-membership
price_point_id: gold-package
payment_nonce: >-
eyJ2ZXmsaW5nQW...(lots more random-looking
characters)...dyZWmVubW8iOiJvZmYifQ==
/zephr/payment/braintree/payment-methods:
get:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/payment_methods'
examples:
response:
value:
- token: 8m2kc5g
default: false
card_type: Visa
card_holder_name: John Rambo
card_number_masked: 654321******0987
expiration_date: 07/22
expired: false
expiring_soon: false
in_use: false
last_4: '1111'
nonce: 086128f3-04c2-069e-78d2-3f4de98508e5
type: CreditCard
zipcode: '123456'
'401':
description: Unauthorized
headers: {}
'404':
description: Not Found
headers: {}
summary: List Braintree payment methods
operationId: Braintree_List_User_Payment_Methods
description: >-
Lists the Braintree payment method details associated with the logged-in
user.
tags:
- Braintree Payments
parameters:
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
post:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/payment_method'
examples:
response:
value:
token: 8m2kc5g
default: false
card_type: Visa
card_holder_name: John Rambo
card_number_masked: 654321******0987
expiration_date: 07/22
expired: false
expiring_soon: false
in_use: false
last_4: '1111'
nonce: 086128f3-04c2-069e-78d2-3f4de98508e5
type: CreditCard
zipcode: '123456'
'401':
description: Unauthorized
headers: {}
'404':
description: Not Found
headers: {}
summary: Create a Braintree payment method
operationId: Braintree_Create_User_Payment_Method
description: >-
Creates the Braintree payment method with the associated vaulted nonce,
for the authenticated user.
tags:
- Braintree Payments
parameters:
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
requestBody:
content:
application/json:
schema:
type: object
properties:
payment_method_nonce:
type: string
example: aa583cb8...and other characters...3a43796ef8e5
description: The vaulted nonce associated with the new payment method
/zephr/payment/braintree/payment-methods/{paymentMethodToken}:
patch:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/payment_method'
examples:
response:
value:
token: 8m2kc5g
default: false
card_type: Visa
card_holder_name: John Rambo
card_number_masked: 654321******0987
expiration_date: 07/22
expired: false
expiring_soon: false
in_use: false
last_4: '1111'
nonce: 086128f3-04c2-069e-78d2-3f4de98508e5
type: CreditCard
zipcode: '123456'
'400':
description: Bad Request
headers: {}
'401':
description: Unauthorized
headers: {}
'404':
description: Not Found
headers: {}
summary: Update a Braintree payment method
operationId: Braintree_Update_User_Payment_Method
description: >-
Updates the Braintree payment method details associated with the
logged-in user.
The details to update must first be captured from Braintree in a nonce
and vaulted.
tags:
- Braintree Payments
parameters:
- name: paymentMethodToken
in: path
description: The unique ID of the payment method
required: true
schema:
type: string
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
requestBody:
content:
application/json:
schema:
type: object
properties:
payment_method_nonce:
type: string
example: aa583cb8...and other characters...3a43796ef8e5
description: The vaulted nonce associated with the update payment method
delete:
responses:
'204':
description: No Content
headers: {}
'401':
description: Unauthorized
headers: {}
'404':
description: Not Found
headers: {}
summary: Delete the Braintree payment method
operationId: Braintree_Delete_User_Payment_Method
description: Deletes the Braintree payment method associated with the provided token.
tags:
- Braintree Payments
parameters:
- name: paymentMethodToken
in: path
description: The unique ID of the payment method
required: true
schema:
type: string
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
/zephr/payment/braintree/default-payment-method:
put:
responses:
'204':
description: No Content
headers: {}
'400':
description: Bad Request
headers: {}
'401':
description: Unauthorized
headers: {}
'404':
description: Not Found
headers: {}
summary: Set the default Braintree payment method
operationId: Braintree_Set_User_Default_Payment_Method
description: |-
Sets the Braintree default payment method for the logged-in user.
This must be a valid payment method already associated with the user.
tags:
- Braintree Payments
parameters:
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
requestBody:
content:
application/json:
schema:
type: object
properties:
payment_method_token:
type: string
example: payment-method-123
description: >-
The unique ID of the payment method to be set as default for
the user
/zephr/payment/braintree/plans:
get:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
type: object
properties:
plan-id:
$ref: '#/components/schemas/payment_plan'
examples:
response:
value:
plan-id:
id: annual-plan
name: Sports+ Membership Annual
currency_code: USD
base_price: 10.2
billing_interval_unit: MONTH
billing_interval: 3
billing_cycles: 12
trial_duration_unit: DAY
trial_duration: 30
discounts:
- id: annual-discount
name: Sports+ Membership Discount
description: This is a discount description
amount: '9.99'
billing_cycles: '6'
current_billing_cycle: '4'
zephr_product_id: product-123
'400':
description: Bad Request
headers: {}
'401':
description: Unauthorized
headers: {}
'404':
description: Not Found
headers: {}
summary: List all Braintree plans
operationId: Braintree_List_Plans
description: |-
Lists the plans associated with the identified product.
The product ID is required.
tags:
- Braintree Payments
parameters:
- name: product_id
in: query
description: Product ID
required: true
schema:
type: string
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
/blaize/payment/braintree/promo-code:
get:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
type: object
required:
- code
- discount
- paymentOptions
properties:
code:
type: string
example: promo-123
description: The promo code identifier.
discount:
type: number
example: 20
description: The discount amount.
paymentOptions:
type: array
items:
$ref: '#/components/schemas/promo-code-payment-options'
description: The list of payment options.
examples:
response:
value:
code: promo-123
discount: 20
paymentOptions:
- slug: plan-123
currency: $
pricePointId: cost-123
originalPrice: 3.45
discountPrice: 2
'400':
description: Bad Request
headers: {}
'401':
description: Unauthorized
headers: {}
'403':
description: Forbidden
headers: {}
'404':
description: Not Found
headers: {}
summary: Get a Braintree Promo Code
operationId: Braintree_Get_Promo_Code
description: Gets a Braintree promo code.
tags:
- Braintree Payments
parameters:
- name: code
in: query
description: promo code to lookup by ID
required: true
schema:
type: string
- name: paymentForm
in: query
description: payment form to lookup by slug
required: true
schema:
type: string
/blaize/payment/braintree/addons&promoCode={promoCode}:
get:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/add-ons'
examples:
response:
value:
- id: add-123
label: Easy Add-on
value: 12
type: PERCENT
paymentOptions:
- slug: plan-123
currency: $
addonPrice: 12.34
'400':
description: Bad Request
headers: {}
'401':
description: Unauthorized
headers: {}
'403':
description: Forbidden
headers: {}
'404':
description: Not Found
headers: {}
summary: List Braintree add-ons
operationId: Braintree_List_Add-ons
description: Lists the Braintree add-ons.
tags:
- Braintree Payments
parameters:
- name: paymentForm
in: query
description: payment form to lookup by slug
required: true
schema:
type: string
- name: promoCode
in: path
description: promo code to lookup by ID
required: true
schema:
type: string
/blaize/payment/braintree/subscribe:
post:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
type: object
properties:
grant_id:
type: string
example: 33d576c7-d036-40e7-8141-8a91998a5c79
description: New grant of product bundle to user
examples:
response:
value:
grant_id: 33d576c7-d036-40e7-8141-8a91998a5c79
'400':
description: Bad Request
headers: {}
'401':
description: Unauthorized
headers: {}
summary: Start the Braintree subscription (Deprecated)
operationId: Start_Braintree_Subscription_Deprecated
description: >-
** (Deprecated - use the "/zephr/subscribe" operation intead)**
Uses the payment info captured by the braintree drop-in UI and encoded in
the payment nonce to create a braintree customer in with a recurring
payment.
When braintree responds successfully, the logged-in user will be
temporarily granted all entitlements in the product's associated bundle.
tags:
- Braintree Payments
parameters:
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
requestBody:
content:
application/json:
schema:
type: object
properties:
product_id:
type: string
description: Product Id/slug
payment_nonce:
type: string
description: Payment method nonce from Braintree drop-in UI
skip_trial_period:
type: boolean
description: >-
Whether or not to skip any trial period that may be
associated with this subscription. This should be `null` or
not set to use the configured trial period.
start_date:
type: string
description: >-
ISO 8601 date format which determines when the subscription
will start. When the attribute is passed, the value must be
in the future. Otherwise, the subscription is expected to
start immediately.
required:
- product_id
- payment_nonce
example:
product_id: premium-access-monthly-recurring
payment_nonce: >-
eyJ2ZXmsaW5nQW...(lots more random-looking
characters)...dyZWmVubW8iOiJvZmYifQ==
skip_trial_period: true
start_date: '2021-01-01T00:00:00Z'
/zephr/feature-decisions:
post:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/browser-features-response'
examples:
response:
value:
featureResults:
featureX: blaize.transform.resource('...')
resources:
uiComponents:
...: Example
accessDetails:
authenticated: false
accessDecisions:
...: false
entitlements:
...:
usedInDecision: false
decrementedInDecision: false
credits:
...:
usedInDecision: false
decrementedInDecision: false
totalCredits: 0
remainingCredits: 0
meters:
...:
usedInDecision: false
decrementedInDecision: false
totalCredits: 0
remainingCredits: 0
trialTrackingDetails:
- entitlementId: ...
entitlementType: entitlement
trackCreditsUsed: false
trackCreditsRemaining: false
creditsUsedKey: ''
creditsRemainingKey: ''
summary: Execute Browser feature decisions
operationId: Browser_Feature_Decisions
description: >-
Zephr HTML Features can be run in the browser by calling this API
directly or using the Zephr Browser SDK. For compatibility with CDN, any
web headers (Referrer, User-Agent) will be accepted and passed onto the
rule engine.
tags:
- Browser Feature Decisions
parameters:
- name: Cookie
in: header
description: "The session cookie."
required: false
example: blaize_session=...
schema:
type: string
requestBody:
content:
application/json:
schema:
type: object
properties:
featureIds:
type: array
description: Array of HTML Feature IDs
items: {}
session:
type: string
description: Zephr Session ID
referer:
type: string
description: Browser referer
path:
type: string
description: Request path, defaults to "/"
contentId:
type: string
description: >-
Content ID, used to perform requests to a 3rd party API for
additional content information used in making a decision
jwt:
type: string
description: >-
A Json Web Token, may include identity or product holding
claims
customData:
type: object
properties:
key:
type: string
description: Any key value pair
description: Custom data to be used in Feature HTML browser rule
required:
- featureIds
example:
featureIds:
- featureX
session: xxx-xxx-xxx
referer: https://www.zephr.com/
path: /x.html
contentId: xxx-xxx-xxx
jwt: xxx-xxx-xxx
customData:
key: value
/blaize/decision-engine:
post:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/access-decision-response'
examples:
response:
value:
status: '301'
body: Redirecting to login page...
headers:
Location: /login.html
'409':
description: Conflict
headers: {}
summary: Execute the Decision Engine
operationId: POST_Decision_Engine
description: >
The Blaize Decision Engine can be invoked via the Public API to
calculate an HTTP Response based upon Request-Level Rules created in the
Admin Console. This functionality is built into the Blaize Dynamic CDN
but the API variant is useful for CMS or edge side integrations.
tags:
- Decision Engine
requestBody:
content:
application/json:
schema:
type: object
properties:
path:
type: string
http_method:
type: string
session:
type: string
foreign_keys:
type: object
properties: {}
description: Foreign system and ID used to identify the user
request_headers:
type: object
properties:
User-Agent:
type: string
content_metadata:
type: object
properties:
publishedDate:
type: string
jwt:
type: string
btr:
type: string
description: 'MD5-hex-encoding of: path + "|" + trusted referrer secret'
required:
- path
example:
path: /x.html
http_method: POST
session: xxx-xxx-xxx
foreign_keys: {}
request_headers:
User-Agent:
content_metadata:
publishedDate:
jwt: xxx-xxx-xxx
btr: 17e74b9e49e66282e55d4b7ec73de951
/blaize/decision-engine&session={session}&foreign_id.xxx={foreign_id.xxx}&content_id={content_id}&jwt={jwt}&btr={btr}:
get:
responses:
'200':
description: >-
Response status and body are determined by the executed rule. If
there is an error executing the rule, a 200 will be returned.
headers: {}
summary: Retrieve the Decision Engine
operationId: GET_Decision_Engine
description: >-
For compatibility with CDN, any web headers (Referrer, User-Agent) will
be accepted and passed onto the rule engine
tags:
- Decision Engine
parameters:
- name: path
in: query
description: >-
Uniquely identifies the content Zephr is making a decision about.
Request rules can be configured to only execute when the request
path matches a provided regular expression.
required: true
schema:
type: string
- name: session
in: path
description: >-
Zephr Session ID - same as the blaize_session cookie used by the CDN
and authentication endpoints
required: true
schema:
type: string
- name: foreign_id.xxx
in: path
description: >-
Foreign ID used to identify the user. The foreign system is parsed
as the remainder of the parameter key name following 'foreign_id.'
required: true
schema:
type: string
- name: content_id
in: path
description: >-
Passed as `metadata.content_id` to the Content API template, used to
perform requests to a 3rd party API for additional content
information used in making a decision
required: true
schema:
type: string
- name: jwt
in: path
description: A Json Web Token, may include identity or product holding claims
required: true
schema:
type: string
- name: btr
in: path
description: >-
A trusted referrer token. If Zephr generates a matching token using
path, passed-in Referer header and a configured secret, all
entitlements used in this decision will be temporarily granted for
this request
required: true
schema:
type: string
/zephr/public/decisions/v1/dynamic-packages:
post:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/dynamic-offer-decision-response'
'400':
description: Bad Request
headers: {}
summary: Process dynamic offer decisions
operationId: Process_dynamic_package_decisions
description: >
The Dynamic Offer Decision Engine can be invoked via the Public API to
calculate a decision output response based upon each property rule under
the Dynamic Offer created in the Zephr Console.
tags:
- Dynamic Offer Decision Engine
requestBody:
content:
application/json:
schema:
type: object
properties:
dynamic_package:
type: object
properties:
slug:
type: string
description: Dynamic Offer slug
inputs:
type: object
properties: {}
description: >-
Custom inputs configured in Dynamic Offer. This can be
any single layer map of key-value pairs.
required:
- slug
description: >-
The dynamic offer to evaluate, must specify the slug of
the dynamic offer, and any custom input to be used in the
rules
session:
type: string
description: Zephr Session ID, required for trials
foreign_keys:
type: object
properties: {}
description: Foreign system and ID used to identify the user
ip:
type: string
description: Client IP address, defaults to request IP
user_agent:
type: string
description: Client user agent
jwt:
type: string
description: >-
A Json Web Token, may include identity or product holding
claims
path:
type: string
description: Request path, required for trials if used
required:
- dynamic_package
example:
dynamic_package:
slug: packageX
inputs: {}
session: xxx-xxx-xxx
foreign_keys: {}
ip: x.x.x.x
user_agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11)...
jwt: xxx-xxx-xxx
path: /x.html
/blaize/oauth/state:
post:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/oauth-state-response'
examples:
response:
value:
message: State initialized
summary: Start an OAuth flow
operationId: Start_POST
description: Starts the OAuth flow.
tags:
- OAuth Flow
requestBody:
content:
application/json:
schema:
type: object
properties:
start_url:
type: string
target_url:
type: string
example:
start_url: http://blaize.io
target_url: http://blaize.io
/blaize/oauth/google/callback:
get:
responses:
'302':
description: Found
headers:
Location:
schema:
type: string
Set-Cookie:
schema:
type: string
summary: Create a callback for the Google OAuth flow
operationId: Google_GET
description: Callback for Google OAuth Flow.
tags:
- OAuth Flow
parameters:
- name: code
in: query
description: OAuth code
required: true
schema:
type: string
/blaize/oauth/facebook/callback:
get:
responses:
'302':
description: Found
headers:
Location:
schema:
type: string
Set-Cookie:
schema:
type: string
summary: Create a callback for the Facebook OAuth flow
operationId: Facebook_GET
description: Callback for Facebook OAuth flow.
tags:
- OAuth Flow
parameters:
- name: code
in: query
description: OAuth code
required: true
schema:
type: string
/blaize/oauth/linkedin/callback:
get:
responses:
'302':
description: Found
headers:
Location:
schema:
type: string
Set-Cookie:
schema:
type: string
summary: Create a callback for the Linkedin OAuth flow
operationId: Linkedin_GET
description: Callback for Linkedin OAuth flow.
tags:
- OAuth Flow
parameters:
- name: code
in: query
description: OAuth code
required: true
schema:
type: string
/zephr/subscribe:
post:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
type: object
properties:
grant_id:
type: string
example: 33d576c7-d036-40e7-8141-8a91998a5c79
description: New grant of product bundle to user
client_secret:
type: string
example: src_client_secret_QfsM25CJ2uCMon72MiOmUNTj`
description: >-
(Stripe) reference to Stripe payment required to process
payment in front end
payment_intent_id:
type: string
example: pi_1GYZYWLgUJT2XNPAYQMomeqf
description: >-
(Stripe) reference to the payment intent if payment
requires confirmation
examples:
response:
value:
grant_id: 33d576c7-d036-40e7-8141-8a91998a5c79
client_secret: src_client_secret_QfsM25CJ2uCMon72MiOmUNTj`
payment_intent_id: pi_1GYZYWLgUJT2XNPAYQMomeqf
'400':
description: Bad Request
headers: {}
'401':
description: Unauthorized
headers: {}
summary: Start the subscription
operationId: Start_Subscription
description: >
Uses the payment info captured by the payment provider drop-in UI and create a customer with a recurring payment.
When the payment provider responds successfully, the logged-in user will be temporarily granted all entitlements in the product's associated bundle.
tags:
- Payments
parameters:
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
requestBody:
content:
application/json:
schema:
type: object
properties:
product_id:
type: string
description: Product Id/slug
plan_id:
type: string
description: Plan Id/slug
discount_code:
type: string
description: Discount/promotion code
vendor_fields:
type: object
properties:
payment_nonce:
type: string
description: (Stripe) Payment method nonce from Braintree drop-in UI
skip_trial_period:
type: boolean
description: >-
(Braintree) Whether or not to skip any trial period that
may be associated with this subscription. This should be
`null` or not set to use the configured trial period.
start_date:
type: string
description: >-
(Braintree) ISO 8601 date format which determines when
the subscription will start. When the attribute is
passed, the value must be in the future. Otherwise, the
subscription is expected to start immediately.
payment_method:
type: string
description: (Stripe) Payment method from Stripe Elements UI
vault_payment_method:
type: boolean
description: >-
(Braintree) If the payment nonce requires vaulting, for
example if Google Pay is being used. Defaults to false.
description: Parameters specific to the payment provider in use
required:
- product_id
example:
product_id: premium-access-monthly-recurring
plan_id: plan-5
discount_code: SAVE10
vendor_fields:
payment_nonce: >-
eyJ2ZXmsaW5nQW...(lots more random-looking
characters)...dyZWmVubW8iOiJvZmYifQ==
skip_trial_period: true
start_date: '2021-01-01T00:00:00Z'
payment_method: pm_123456789
vault_payment_method: false
/zephr/subscriptions/:subscriptionId:
patch:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
type: object
properties:
grant_id:
type: string
example: 33d576c7-d036-40e7-8141-8a91998a5c79
description: New grant of product bundle to user
examples:
response:
value:
grant_id: 33d576c7-d036-40e7-8141-8a91998a5c79
'400':
description: Bad Request
headers: {}
'401':
description: Unauthorized
headers: {}
'404':
description: Not Found
headers: {}
summary: Update the subscription
operationId: Change_Subscription
description: >-
Updates an existing subscription to change the associated product and plan. Updating the subscription may modify the price of the subscription, and if so the balance will be billed immediately at a pro-rated amount. Parameters specific to the vendor may be specified to change the payment method for
the subscription. Changing to a plan with a different billing frequency from the existing subscription is not supported for some payment providers (Braintree).
tags:
- Payments
parameters:
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
requestBody:
content:
application/json:
schema:
type: object
properties:
product_id:
type: string
description: Product Id/slug
plan_id:
type: string
description: Plan Id/slug
vendor_fields:
type: object
properties:
payment_nonce:
type: string
description: >-
(Braintree) Payment method nonce from Braintree drop-in
UI. If not specified, the existing payment method on the
subscription will be retained.
description: Parameters specific to the payment provider in use
navigated_from:
type: string
description: >-
Specify where the request was made from. Used as data to
pass to change subscription webhooks.
required:
- product_id
- plan_id
- vendor_fields
example:
product_id: premium-access-monthly-recurring
plan_id: plan-5
vendor_fields:
payment_nonce: eyJ2ZXmsaW5nQWdyZWmVubW8iOiJvZmYifQ==
navigated_from: /some/path
/zephr/public/products/v1/shares:
get:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/product_sharing_response'
examples:
response:
value:
owned_products:
- product_id: product-1
product_label: Gold Product
sharing_limit: 3
shares:
member_email: name@domain.com
sharing_id: 0nasdj-aso25-6454
status: active
created_at: '2021-05-17T04:31:33Z'
member_products:
- product_id: product-1
product_label: Gold Product
sharing_id: 0nasdj-aso25-6454
status: active
shared_by_email: owner-user@domain.com
created_at: '2021-05-17T04:31:33Z'
meta_data: {}
summary: Retrieve the product sharing summary
operationId: Get_Product_Sharing_Summary
description: >-
Retrieves a summary of the products that the current user shares with other users, and products that are shared with the current user.
tags:
- Product Sharing
/zephr/public/products/v1/shares/{sharing_id}:
delete:
responses:
'200':
description: OK
headers: {}
'404':
description: Not Found
headers: {}
summary: Delete the product sharing by ID
operationId: Delete_User_Product_Sharing
description: >-
Deletes a user product share by ID. Pending invites and accepted shares can be deleted. Invoking this method will increase the number of shares that the user has available for the given product.
If the sharing_id represents an accepted product sharing, the member used will immediately lose access to the product that was shared with them (unless they have separately granted access to the same product). The member user will also receive an email notifying them that they have been removed
from the product. This email is configurable in admin console.
tags:
- Product Sharing
parameters:
- name: sharing_id
in: path
description: The ID of the user product share to delete
required: true
example: 0nasdj-aso25-6454
schema:
type: string
/zephr/public/products/v1/shares/invitations/emails:
post:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
type: object
required:
- sharing_id
properties:
sharing_id:
type: string
example: 0nasdj-aso25-6454
description: The ID of the created product share
examples:
response:
value:
sharing_id: 0nasdj-aso25-6454
'400':
description: Bad Request
headers: {}
'403':
description: Forbidden
headers: {}
'409':
description: Conflict
headers: {}
summary: Create a product sharing invite via Email
operationId: Create_Product_Sharing_Invite_via_Email
description: >-
Creates a new user product share and send it via email. The exact
contents of this email are configurable in the admin
console. The email may include a link composed of the required attribute
`base_url` and an additional path parameter
`sharing_id`. It is expected that the specified `base_url` will direct
invite recipients to a page that allows them
to accept the invite and register/login. Custom metadata can also be
passed to this method, which will be made available
in the invitation email template and any later calls to access the
publicly available share data. This metadata can be used, for example,
to
include the product owner's first name and a personalised message that
is shown to the recipient in the invitation email
and in a screen that allows the recipient to accept the invite.
Invoking this method will reduce the number of shares that the user has
available for the given product.
The specified product must be shareable, the current user must have
active grants for the product and must not
have already exceeded the configured maximum number of shares for the
product.
tags:
- Product Sharing
requestBody:
content:
application/json:
schema:
type: object
properties:
product_id:
type: string
description: The ID of the product that is being shared
email_address:
type: string
description: The email address to send the invite to
base_url:
type: string
description: >-
The invite link destination URL. The path parameter
'sharing_id=xxx' will be added to this URL. Other path
parameters and anchors are accepted.
meta_data:
type: object
properties: {}
description: >-
Extra information for the user product share, which can be
included in the sent email
required:
- product_id
- email_address
- base_url
example:
product_id: product-1
email_address: name@domain.com
base_url: https://example.com/accept-invite
/zephr/public/products/v1/shares/invitations/tokens:
post:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
type: object
required:
- sharing_id
properties:
sharing_id:
type: string
example: 0nasdj-aso25-6454
description: The ID of the created product share
examples:
response:
value:
sharing_id: 0nasdj-aso25-6454
'400':
description: Bad Request
headers: {}
'403':
description: Forbidden
headers: {}
'409':
description: Conflict
headers: {}
summary: Create a product share invite token
operationId: Create_Product_Share_Invite_Token
description: >-
Creates a new user product share. Invoking this method will reduce the number of shares that the user has available for the given product. The returned token sharing
ID can later be passed to the accept invite method.
Custom metadata can also be passed to this method, which will be made available in later calls to access the publicly available share data. This metadata can be used, for example, to include the product owner's first name and a personalised message that is shown to the recipient in a screen that allows the recipient to accept the invite.
Invoking this method will reduce the number of shares that the user has available for the given product.
The specified product must be shareable, the current user must have active grants for the product and must not have already exceeded the configured maximum number of shares for the product.
tags:
- Product Sharing
requestBody:
content:
application/json:
schema:
type: object
properties:
product_id:
type: string
description: The ID of the product that is being shared
meta_data:
type: object
description: Extra information for the user product share
required:
- product_id
example:
product_id: product-1
/zephr/public/products/v1/shares/invitations/{sharing_id}:
get:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
type: object
properties:
product_id:
type: string
example: product-1
description: The ID of the product that is shared
product_label:
type: string
example: Gold Product
description: The label of the product that is shared
meta_data:
type: object
properties: {}
description: >-
Extra information for the user product share, defined at
the point of creation
examples:
response:
value:
product_id: product-1
product_label: Gold Product
meta_data: {}
'404':
description: Not Found
headers: {}
'429':
description: Too Many Requests
headers: {}
summary: Retrieve the product share invite public data
operationId: Get_Product_Share_Invite_Public_Data
description: >-
Retrieves the publicly accessible data relating to a user product share invite.
This can be used to inform the invitee of the details of the product that is being shared, and any meta_data added at the point of invite creation, such as the name of the user that sent the invite.
This endpoint is not authenticated. The information provided by this endpoint is available to anyone with a valid `sharing_id`.
Invoking this endpoint too rapidly will result in a 429 error response.
tags:
- Product Sharing
parameters:
- name: sharing_id
in: path
description: The ID of the user product sharing invite
required: true
example: 0nasdj-aso25-6454
schema:
type: string
put:
responses:
'200':
description: OK
headers: {}
'400':
description: Bad Request
headers: {}
'404':
description: Not Found
headers: {}
'409':
description: Conflict
headers: {}
summary: Accept a product share invite
operationId: Accept_Product_Share_Invite
description: >-
Accepts a product sharing invite. The current user will gain access to
the product linked to the sharing invite.
The user that send the invite must have an active grant for the product
at the point of acceptance.
If the current user already has a product share for the same product
from the same product owner, an error code
409 will be returned and the invite will not be accepted.
tags:
- Product Sharing
parameters:
- name: sharing_id
in: path
description: The ID of the user product sharing invite
required: true
example: 0nasdj-aso25-6454
schema:
type: string
/zephr/decide:
post:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/feature-decisions-response'
examples:
response:
value:
results:
- sdkFeatureSlug: featureX
outputType: ENUM
outputValue: 'YES'
error: '500: Internal error ...'
'400':
description: Bad Request
headers: {}
summary: Process multiple decisions
operationId: Process_multiple_decisions
description: >
Processes multiple decisions. The SDK Feature Decision Engine can be
invoked via the Public API to calculate a decision output response based
upon Feature SDK Rules created in the Zephr Console.
tags:
- SDK Feature Decision Engine
requestBody:
content:
application/json:
schema:
type: object
properties:
features:
type: array
description: >-
The list of features to evaluate. This must be contain at
least one element. Features are evaluated sequentially, in
the order they are provided.
items: {}
session:
type: string
description: Zephr Session ID, required for trials
foreign_keys:
type: object
properties: {}
description: Foreign system and ID used to identify the user
ip:
type: string
description: Client IP address, defaults to request IP
userAgent:
type: string
description: Client user agent
jwt:
type: string
description: >-
A Json Web Token, may include identity or product holding
claims
required:
- features
example:
features:
- slug: featureX
path: /x.html
contentId: xxx-xxx-xxx
inputs: {}
session: xxx-xxx-xxx
foreign_keys: {}
ip: x.x.x.x
userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11)...
jwt: xxx-xxx-xxx
/zephr/decision-engine&raw={}:
post:
responses:
'200':
description: Raw parameter response
headers: {}
content:
'*/*':
schema:
$ref: '#/components/schemas/feature-decision-response'
summary: Process a single decision
operationId: Process_single_decision
description: >
Processes single decision. The SDK Feature Decision Engine can be invoked
via the Public API to calculate a decision output response based upon
Feature SDK Rules created in the Zephr Console. This endpoint is used by
the Zephr SDK but can be called directly for custom integrations.
tags:
- SDK Feature Decision Engine
parameters:
- name: raw
in: query
description: Should output raw value
required: true
schema:
type: boolean
default: 'false'
requestBody:
content:
application/json:
schema:
type: object
properties:
sdkFeatureSlug:
type: string
description: Feature SDK slug
session:
type: string
description: Zephr Session ID, required for trials
foreign_keys:
type: object
properties: {}
description: Foreign system and ID used to identify the user
ip:
type: string
description: Client IP address, defaults to request IP
userAgent:
type: string
description: Client user agent
path:
type: string
description: Request path, required for trials
contentId:
type: string
description: >-
Content ID, used to perform requests to a 3rd party API for
additional content information used in making a decision
jwt:
type: string
description: >-
A Json Web Token, may include identity or product holding
claims
...:
type: string
description: Custom inputs configured in Feature SDK rule
required:
- sdkFeatureSlug
example:
sdkFeatureSlug: featureX
session: xxx-xxx-xxx
foreign_keys: {}
ip: x.x.x.x
userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11)...
path: /x.html
contentId: xxx-xxx-xxx
jwt: xxx-xxx-xxx
...: ...
/zephr/decision-engine:
get:
responses:
'200':
description: Raw parameter response
headers: {}
content:
'*/*':
schema:
$ref: '#/components/schemas/feature-decision-response'
summary: Retrieve a single decision
operationId: Get_single_decision
description: >-
For compatibility with CDN, any web headers (Referrer, User-Agent) will
be accepted and passed onto the rule engine
tags:
- SDK Feature Decision Engine
parameters:
- name: sdkFeatureSlug
in: query
description: Feature SDK slug
required: true
example: featureX
schema:
type: string
- name: session
in: query
description: Zephr Session ID, required for trials
required: true
example: xxx-xxx-xxx
schema:
type: string
- name: foreign_id.xxx
in: query
description: >-
Foreign ID used to identify the user. The foreign system is parsed
as the remainder of the parameter key name following 'foreign_id.'
required: true
example: xxx-xxx-xxx
schema:
type: string
- name: ip
in: query
description: Client IP address, defaults to request IP
required: true
example: x.x.x.x
schema:
type: string
- name: userAgent
in: query
description: Client user agent
required: true
example: Mozilla/5.0 (Macintosh; Intel Mac OS X 11)...
schema:
type: string
- name: path
in: query
description: Request path, required for trials
required: true
example: /x.html
schema:
type: string
- name: content_id
in: query
description: >-
Content ID, used to perform requests to a 3rd party API for
additional content information used in making a decision
required: true
example: xxx-xxx-xxx
schema:
type: string
- name: jwt
in: query
description: A Json Web Token, may include identity or product holding claims
required: true
example: xxx-xxx-xxx
schema:
type: string
- name: raw
in: query
description: Should output raw value
required: true
schema:
type: boolean
default: 'false'
/zephr/public/sessions/v1/sessions:
get:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/Session'
examples:
response:
value:
- id: aba22-a5mfh-
startDate: '2011-11-11T11:11:11.000'
deviceType: pc
deviceName: Google Nexus 5
ip: 10.10.10.1
browser: Chrome
os: Android
city: Huston
geoState: Texas
country: USA
isRequestingSession: true
summary: List all the user sessions
operationId: List_User_Sessions
description: Lists of all sessions for the current user and site.
tags:
- Sessions
/zephr/public/sessions/v1/sessions/{sessionId}:
delete:
responses:
'200':
description: OK
headers: {}
'404':
description: Not Found
headers: {}
summary: Delete the session by ID
operationId: Delete_Session
description: >-
Deletes a session by ID. Returns a 404 if the specified session does not
exist or does not belong to the current user.
tags:
- Sessions
parameters:
- name: sessionId
in: path
description: The ID of the session to delete
required: true
example: 0nasdj-aso25-6454
schema:
type: string
/zephr/public/sessions/v1/sessions&except-current:
delete:
responses:
'200':
description: OK
headers: {}
summary: Delete all other sessions
operationId: Delete_All_Other_Sessions
description: >-
Deletes all sessions for the current user and site apart from the session
used to make the request.
tags:
- Sessions
parameters:
- name: except-current
in: query
required: false
schema:
type: boolean
/blaize/payment/stripe/publicKey:
get:
responses:
'200':
description: pk_live_PFghBsstUo5FwUGcXBiNvIkY00X1YHtpnJ - String key
headers: {}
content:
application/json:
schema:
type: object
summary: Retrieve the Stripe public key
operationId: Get_Stripe_Public_Key
description: Retrieves the public key for a tenant to process a payment
tags:
- Stripe Payments
parameters:
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
/zephr/payment/stripe/setupIntentSecret:
post:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
type: object
properties:
clientSecret:
type: string
example: src_client_secret_QfsM25CJ2uCMon72MiOmUNTj
description: >-
reference to Stripe payment required to process payment in
front end
examples:
response:
value:
clientSecret: src_client_secret_QfsM25CJ2uCMon72MiOmUNTj
summary: Create a Stripe setup intent secret
operationId: Create_Stripe_Setup_Intent_Secret
description: Creates the client secret to update card details
tags:
- Stripe Payments
parameters:
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
/blaize/payment/stripe/subscription/confirmation:
post:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
type: object
properties:
grant_id:
type: string
example: aa583cb8-51d1-4bd9-9ec7-3a43796ef8e5
description: New grant of product bundle to user
examples:
response:
value:
grant_id: aa583cb8-51d1-4bd9-9ec7-3a43796ef8e5
summary: Start the Stripe subscription confirmation
operationId: Start_Stripe_Subscription_Confirmation
description: >-
If a payment requires confirmation (3dSecure etc), the payment is
confirmed in the front end.
tags:
- Stripe Payments
requestBody:
content:
application/json:
schema:
type: object
properties:
subscriptionId:
type: string
example:
subscriptionId: sub_H8eIeMFwMawg6w
/zephr/payment/stripe/updateSubscription:
post:
responses:
'200':
description: OK
headers: {}
summary: Update the Stripe subscription
operationId: Update_Stripe_Subscription
description: >-
Updates the payment method in the subscription.
Payment method id will be provided by stripe on updating card details in
the front end.
tags:
- Stripe Payments
requestBody:
content:
application/json:
schema:
type: object
properties:
subscription_id:
type: string
payment_method_id:
type: string
required:
- subscription_id
- payment_method_id
example:
subscription_id: sub_H8eIeMFwMawg6w
payment_method_id: pm_2KrMmOCvDgIhZCB6u0Yn7COE
/blaize/payment/stripe/buy:
post:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
type: object
properties:
grant_id:
type: string
example: aa583cb8-51d1-4bd9-9ec7-3a43796ef8e5
description: New grant of product bundle to user
client_secret:
type: string
example: src_client_secret_QfsM25CJ2uCMon72MiOmUNTj`
description: >-
reference to Stripe payment required to process payment in
front end
payment_intent_id:
type: string
example: pi_1GYZYWLgUJT2XNPAYQMomeqf
description: >-
reference to the payment intent if payment requires
confirmation
examples:
response:
value:
grant_id: aa583cb8-51d1-4bd9-9ec7-3a43796ef8e5
client_secret: src_client_secret_QfsM25CJ2uCMon72MiOmUNTj`
payment_intent_id: pi_1GYZYWLgUJT2XNPAYQMomeqf
summary: Create a Stripe one-off payment
operationId: Stripe_Buy
description: >-
Uses the payment method collected by Stripe Elements to create a one off
payment
tags:
- Stripe Payments
requestBody:
content:
application/json:
schema:
type: object
properties:
product_id:
type: string
description: Product Id/slug
price_point_id:
type: string
description: Price Point Id/slug
payment_method:
type: string
description: Payment method from Stripe Elements UI
payment_intent_id:
type: string
description: PaymentIntent id returned after confirming a card payment
required:
- product_id
- price_point_id
- payment_method
example:
product_id: lifetime-membership
price_point_id: gold-package
payment_method: pm_123456789
payment_intent_id: pi_1GYZYWLgUJT2XNPAYQMomeqf
/blaize/payment/stripe/subscriptionChargedCallback:
post:
responses:
'200':
description: OK
headers: {}
summary: Create a webhook for Stripe subscription charged
operationId: WebHook
description: >-
To use subscriptions, Stripe Webhooks for `invoice.payment_succeeded`
must be configured to point to this endpoint.
tags:
- Stripe Payments
/zephr/payment/stripe/subscription/{subscriptionId}/change-previews:
post:
responses:
'200':
description: OK
headers: {}
content:
'*/*':
schema:
type: object
properties:
total:
type: number
example: 5000
description: >-
The total amount of the prorate invoice in the relevant
currency's lowest denomination (e.g. pence).
sub_total:
type: number
example: 4500
description: >-
The total amount of the prorate invoice minus tax in the
relevant currency's lowest denomination (e.g. pence).
'400':
description: Bad Request
headers: {}
'401':
description: Unauthorized
headers: {}
summary: Preview the Stripe subscription change
operationId: Stripe_Change_Subscription_Preview
description: >-
Generates a preview of the invoice that Stripe will create for the
customer if their
subscription is changed to a new plan. The invoice will be a prorated
invoice for the
price difference between current and new subscription plans for the
remainder of the current billing period.
The invoice will be billed immediately upon changing subscription.
The invoice amount may be negative if the customer is changing to a
lower-priced plan.
Note: This method does not modify the user's subscription.
tags:
- Stripe Payments
parameters:
- name: subscriptionId
in: path
description: The ID of the Stripe subscription to change.
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
type: object
properties:
plan_id:
type: string
description: The new Stripe price plan ID.
required:
- plan_id
example:
plan_id: price_H8eIeMFwMawg6w
/zephr/payment/stripe/create-subscription-previews:
post:
responses:
'200':
description: OK
headers: {}
content:
'*/*':
schema:
type: object
properties:
total:
type: number
example: 5000
description: >-
The total amount the user will be initially charged for
the subscription in the relevant currency's lowest
denomination (e.g. pence), i.e. for a monthly
subscription, the first month's cost.
sub_total:
type: number
example: 4500
description: >-
The total amount minus tax for the initial charge in the
relevant currency's lowest denomination (e.g. pence).
tax:
type: number
example: 500
description: >-
The tax amount for the initial charge in the relevant
currency's lowest denomination (e.g. pence).
discount:
type: number
description: >-
The discount amount for the initial charge in the relevant
currency's lowest denomination (e.g. pence).
'400':
description: Bad Request
headers: {}
summary: Preview the Stripe subscription price
operationId: Stripe_Preview_Create_Subscription_Price
description: >-
Generates a preview of the total price and tax amount that Stripe will
charge the customer if they
create a new subscription for the specified plan.
Note: This method does not create any entities in Stripe and does not
result in any payments being made.
tags:
- Stripe Payments
requestBody:
content:
application/json:
schema:
type: object
properties:
product_id:
type: string
description: The ID of the new Zephr product.
plan_id:
type: string
description: The new Stripe price plan ID.
promo_code:
type: string
description: >-
The Stripe promo code that will be attached to the
subscription.
billing_country:
type: string
description: The user's billing country, for tax calculation purposes.
billing_post_code:
type: string
description: >-
The user's billing postal code, for tax calculation
purposes.
required:
- product_id
- plan_id
example:
product_id: zephr-prod-1
plan_id: price_H8eIeMFwMawg6w
promo_code: discount15
billing_country: US
billing_post_code: '90210'
/blaize/payment/stripe/subscribe:
post:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/stripe_start_response_body'
summary: Start the Stripe subscription (Deprecated)
operationId: Start_Stripe_Subscription
description: >-
(Deprecated - use [/zephr/subscribe](#payments-start-subscription-post))
Uses the payment method info captured by the Stripe Elements UI to create
a Stripe customer with a recurring payment.
When Stripe responds successfully, the logged-in user will be
temporarily granted all entitlements in the product's associated bundle.
tags:
- Stripe Payments
requestBody:
content:
application/json:
schema:
type: object
properties:
product_id:
type: string
description: Product Id/slug
payment_method:
type: string
description: Payment method from Stripe Elements UI
required:
- product_id
- payment_method
example:
product_id: premium-access-monthly-recurring
payment_method: pm_123456789
/zephr/oauth2:
get:
responses:
'302':
description: Found
headers:
Location:
schema:
type: string
summary: Start an authorization code flow
operationId: Start_OAuth2_Flow
description: >-
Starts OAuth2 Authorization Code Flow. The resource owner will be
authenticated and be presented with the third-party application
access request.
tags:
- Third-Party Authentication
parameters:
- name: client_id
in: query
description: Zephr Site Oauth2 Client ID
required: true
schema:
type: string
- name: response_type
in: query
description: Must be set to `code`.
required: true
schema:
type: string
- name: redirect_uri
in: query
description: Client's redirection endpoint. Must be an absolute URI.
required: true
schema:
type: string
- name: scope
in: query
description: The scope of the access request.
required: true
schema:
type: string
- name: state
in: query
description: >-
An opaque value used by the client to maintain state between the
request and callback.
required: true
schema:
type: string
/zephr/oauth2/grant:
post:
responses:
'200':
description: OK
headers:
Location:
schema:
type: string
content:
'*/*':
schema:
type: object
properties:
state:
type: string
description: State (string)
code:
type: string
description: Authorization code (string)
'401':
description: Unauthorized
headers: {}
content:
'*/*':
schema:
type: object
properties:
state:
type: string
description: State (string)
error:
type: string
description: Error type (string)
summary: Grant the access request
operationId: Grant
description: >-
The resource owner will consent or deny the third party application
access request, and Zephr will return an authorization code upon user's
consent.
tags:
- Third-Party Authentication
requestBody:
content:
application/json:
schema:
type: object
properties:
client_id:
type: string
description: Zephr Site Oauth2 Client ID
response_type:
type: string
description: Must be set to `code`
redirect_uri:
type: string
description: Client's redirection endpoint. Must be an absolute URI
scope:
type: string
description: >-
The scope of the access request. Supported scopes:
user.account:read, user.profile:read and user.profile:update
state:
type: string
description: >-
An opaque value used by the client to maintain state between
the request and callback
allow:
type: boolean
description: Resource owner consent
required:
- client_id
- response_type
- redirect_uri
- scope
- state
- allow
example:
client_id: '1234567890'
response_type: code
redirect_uri: https://someUrl.com/callback
scope: user.account:read user.profile:read
state: abcdefghijklmnopqrstuvwsyz
allow: true
/blaize/register:
post:
responses:
'201':
description: Created
headers: {}
content:
'*/*':
schema:
$ref: '#/components/schemas/user-register-response'
'400':
description: Bad Request
headers: {}
summary: Register a user
operationId: Register
description: Registers a new User
tags:
- User
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/user-register-request'
/blaize/forget-me:
post:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/delete-user-response'
examples:
response:
value:
message: User deleted successfully
'500':
description: Internal Server Error
headers: {}
summary: Delete the user data
operationId: Forget_Me
description: >-
Deletes user related data like sessions, elasticSearch data, O2Auth
tokens by the provided `user_id` in the session cookie.
tags:
- User
parameters:
- name: Cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
/blaize/account:
get:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/user-public-account'
examples:
response:
value:
identifiers:
email_address: joe.blow@company.com
tracking_id: '123'
'401':
description: Unauthorized
headers: {}
summary: Retrieve the account
operationId: Retrieve_Account
description: Retrieves the user's core account details.
tags:
- User
parameters:
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
/blaize/profile:
get:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/attributes'
examples:
response:
value:
first_name: Joe
surname: Blow
'401':
description: Unauthorized
headers: {}
summary: Retrieve the profile
operationId: Retrieve_Profile
description: Retrieves the user's profile.
tags:
- User
parameters:
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
put:
responses:
'200':
description: OK
headers: {}
'400':
description: Bad Request
headers: {}
'401':
description: Unauthorized
headers: {}
summary: Save the profile
operationId: Save_Profile
description: Creates or updates the user's profile.
tags:
- User
parameters:
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
requestBody:
$ref: '#/components/requestBodies/Save_ProfileBody'
post:
responses:
'200':
description: OK
headers: {}
'400':
description: Bad Request
headers: {}
'401':
description: Unauthorized
headers: {}
summary: Update the profile
operationId: Update_Profile_POST
description: Updates the user's profile, merging with any exist fields.
tags:
- User
parameters:
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
requestBody:
$ref: '#/components/requestBodies/Save_ProfileBody'
patch:
responses:
'200':
description: OK
headers: {}
'400':
description: Bad Request
headers: {}
'401':
description: Unauthorized
headers: {}
summary: Update the profile
operationId: Update_Profile_Patch
description: Updates the user's profile, merging with any exist fields.
tags:
- User
parameters:
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
requestBody:
$ref: '#/components/requestBodies/Save_ProfileBody'
/blaize/profile/{appId}:
get:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/attributes'
examples:
response:
value:
first_name: Joe
surname: Blow
'401':
description: Unauthorized
headers: {}
summary: Retrieve the extended profile
operationId: Extended_Profile
description: Retrieves the user's Extended Profile.
tags:
- User
parameters:
- name: appId
in: path
description: Unique Profile identifier. This cannot start with '_restricted'.
required: true
schema:
type: string
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
put:
responses:
'200':
description: OK
headers: {}
'400':
description: Bad Request
headers: {}
'401':
description: Unauthorized
headers: {}
summary: Save the extended profile
operationId: Save_Extended_Profile
description: Creates or updates the user's Extended Profile.
tags:
- User
parameters:
- name: appId
in: path
description: Unique Profile identifier. This cannot start with '_restricted'.
required: true
schema:
type: string
- name: cookie
in: header
description: "The session cookie."
required: false
example: '`blaize_session=...` (string)'
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/attributes'
/blaize/authorization/challenge:
post:
responses:
'201':
description: Created
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/cdn-auth-challenge-response'
examples:
response:
value:
68cc48be-e47e-4707-8958-1249d87fca86: false
'401':
description: Unauthorized
headers: {}
summary: Create an authorization challenge
operationId: Authorization_Challenge
description: Authorization Challenge against array of entitlement IDs.
tags:
- User
parameters:
- name: cookie
in: header
description: "The session cookie."
required: false
example: blaize_session=5562c0cf-b07a-42d0-ac1a-c0e29735e73a;...
schema:
type: string
requestBody:
content:
application/json:
schema:
type: object
properties:
entitlementIds:
type: array
items: {}
contentIdentifier:
type: string
required:
- entitlementIds
example:
entitlementIds:
- 68cc48be-e47e-4707-8958-1249d87fca86
contentIdentifier: /
/zephr/public/gift-tokens/v1/gift-tokens:
post:
responses:
'201':
description: Created
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/v4-gift-response'
examples:
response:
value:
token: absd-acsd34-casdae-1243c
claimPath: /my-path?gift=absd-acsd34-casdae-1243c
'400':
description: Bad Request
headers: {}
summary: Create a gift V4
operationId: V4_Create_Gift
description: Creates a gift (V4).
tags:
- V4 Gifts
requestBody:
content:
application/json:
schema:
type: object
properties:
path:
type: string
description: >-
The gift will be created for the provided path in the
request body.
required:
- path
example:
path: /my-path
/blaize/datalayer:
get:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
type: object
properties:
dataLayer:
type: array
items: {}
description: >-
Resolved datalayer fields. Any fields that cannot be
resolved will be present as fieldKey: null
examples:
response:
value:
dataLayer:
- '[ {key1: value1}, {key2: value2} ]'
summary: Retrieve the Datalayer
operationId: Get_Datalayer
description: >-
Retrieves the Datalayer object for the current session. All fields configured
in the admin console will be resolved against the current session and
returned
tags:
- Web Analytics
/zephr/features:
get:
responses:
'200':
description: OK
headers: {}
content:
application/json:
schema:
$ref: '#/components/schemas/zephr-features-response-array'
examples:
response:
value:
- id: feature-live
label: feature-label
slug: feature-slug
summary: Retrieve the Zephr Feature
operationId: Zephr_Feature
description: >-
Retrieves the Zephr browser features by default, or optionally with query
parameter ?ruleType returns the given type, they can be html, browser,
json, sdk.
tags:
- Zephr Features
parameters:
- name: ruleType
in: query
description: Type of the feature rule
required: false
schema:
type: string
/zephr/public/component-library/v1/library-components/{componentId}:
get:
responses:
"200":
description: OK
headers: {}
content:
text/html:
examples:
response:
value: ""
"400":
description: Bad Request
headers: {}
summary: Retrieve the Component Library
operationId: Component_Library
description: |
Components configured in the component library can be retrieved as rendered HTML. The formId passed in the path can be versioned to reference a specific version of a library component. For example, ‘payment-form:1’, ‘payment-form:4’ or ‘payment-form:active’ to reference the default version of the component.
tags:
- Component Library
parameters:
- name: formId
in: path
description: formId
required: true
schema:
type: string
/zephr/public/template-components/v1/template-components/{templateConfigId}:
get:
responses:
"200":
description: OK
headers: {}
content:
text/html:
examples:
response:
value: ""
"400":
description: Bad Request
headers: {}
summary: Retrieve the Template Components
operationId: Template_Components
description: |
Template components can be retrieved as rendered HTML. This endpoint is intended to be consumed by callers processing the output of an SDK TRANSFORMATION rule, where templateConfigId will identify a particular instance of a template component being used in an outcome with variables specified.
tags:
- Component Library
parameters:
- name: templateConfigId
in: path
description: templateConfigId
required: true
schema:
type: string
/zephr/public/ui-components/v1/ui-components/{componentId}:
get:
responses:
"200":
description: OK
headers: {}
content:
text/html:
examples:
response:
value: ""
"400":
description: Bad Request
headers: {}
summary: Retrieve the UI Components
operationId: UI_Components
description: |
UI components can be retrieved as rendered HTML. This endpoint is intended to be consumed by callers processing the output of an SDK TRANSFORMATION rule, where componentId will reference a form or custom component created within an outcome of a rule.
tags:
- Component Library
parameters:
- name: componentId
in: path
description: componentId
required: true
schema:
type: string
components:
requestBodies:
Complete_password_resetBody:
content:
application/json:
schema:
type: object
properties:
validators:
type: object
properties:
password:
type: string
use_sso:
type: boolean
description: >-
When this is present there should be no identifiers in the
body. The user is identified through a blaize_session
cookie.
required:
- validators
example:
validators:
password: mysecurepassword123
Save_ProfileBody:
content:
application/json:
schema:
type: object
properties:
first_name:
type: string
surname:
type: string
example:
first_name: Joe
surname: Blow
schemas:
user-registration-request:
type: object
properties:
identifiers:
type: object
properties:
email_address:
type: string
validators:
type: object
properties:
password:
type: string
use_sso:
type: boolean
description: >-
When this is present there should be no identifiers in the body.
The user is identified through a blaize_session cookie.
required:
- identifiers
- validators
example:
identifiers:
email_address: joe.blow@company.com
validators:
password: mysecurepassword123
user-registration-response:
type: object
properties:
cookie:
type: string
example: >-
blaize_session=0123456789ABCD; Expires=Fri, 16 Nov 2018 12:35:56
GMT; Path=/;
message:
type: string
example: Registration successful
tracking_id:
type: string
example: TT0123456789ABCD
admin-user-logout-request:
type: object
properties:
where:
type: string
description: >-
An enum of describing which sessions/devices to log out of.
Options are `JUST_HERE`, `THIS_DEVICE`, `OTHER_DEVICES`,
`EVERYWHERE`.
These options are only valid when Single Sign-On is configured.
When SSO is configured as `autoLogin`, then the default behaviour is
`THIS_DEVICE`.
When SSO is configured as `optIn`, then the default behaviour is
`JUST_HERE`.
`JUST_HERE` is not a valid option when SSO is configured as
`autoLogin`.
example:
where: EVERYWHERE
admin-user-logout-response:
type: object
properties:
message:
type: string
example: Session deleted
RetrieveStatusResponse:
type: object
required:
- status
properties:
status:
type: string
example: authenticated
description: >-
The SSO status of the current user session. This can be:
- `unknown`: The SSO token is not authenticated anywhere, or the
current session is not associated with an SSO token.
- `known`: The current session is anonymous, but the SSO token is
authenticated on another site.
- `authenticated`: The current session is authenticated through an
SSO token.
meta:
oneOf:
- $ref: '#/components/schemas/customer-meta'
- nullable: true
type: string
customer-meta:
type: object
properties: {}
passwordless-authentication-request:
type: object
required:
- identifiers
- delivery
properties:
identifiers:
$ref: '#/components/schemas/identifiers'
delivery:
$ref: '#/components/schemas/delivery'
password-reset-request:
type: object
properties:
identifiers:
$ref: '#/components/schemas/identifiers'
required:
- identifiers
cdn-anonymous-session-response:
type: object
properties:
message:
type: string
example: Anonymous session created successfully
tracking_id:
type: string
start-update-your-current-email-address-request:
type: object
properties:
new_identifiers:
type: object
properties:
email_address:
type: string
required:
- new_identifiers
example:
new_identifiers:
email_address: joe.blow@company.com
identifiers:
type: object
properties:
email_address:
type: string
example: joe.blow@company.com
delivery:
type: object
properties:
method:
type: string
example: email
destination:
type: string
example: joe.blow@company.com
action:
type: string
example: login
redirect:
type: string
example: /
subscription-product:
type: object
properties:
id:
type: string
example: one-month-one-off
description: Zephr product ID
label:
type: string
example: One month access
description: Zephr product label
description:
type: string
example: One month access
description: Description of Zephr product
payment_method:
type: object
required:
- token
- default
- nonce
- type
properties:
token:
type: string
example: 8m2kc5g
description: The token identifier for this payment method.
default:
type: boolean
description: If this the default payment method for this user.
card_type:
type: string
example: Visa
description: In the case of a card payment method, the type of the card.
card_holder_name:
type: string
example: John Rambo
description: >-
In the case of a credit card payment method, the name of the card
holder.
card_number_masked:
type: string
example: 654321******0987
description: >-
In the case of a card payment method, the masked card number,
compliant with PCI security standards.
expiration_date:
type: string
example: 07/22
description: >-
In the case of a card payment method, the expiration date, in the
format of MM/YY or MM/YYYY.
expired:
type: boolean
description: In the case of a card payment method, if the card has expired.
expiring_soon:
type: boolean
description: >-
In the case of a card payment method, if the card will expire within
the configured number of days.
in_use:
type: boolean
description: >-
Indicates if this payment method is used by any subscriptions that
have not been finalised and would be cancelled if this payment
method is deleted.
last_4:
type: string
example: '1111'
description: >-
In the case of a card payment method, the last four digits of the
card number.
nonce:
type: string
example: 086128f3-04c2-069e-78d2-3f4de98508e5
description: A nonce that can be used for other payment method operations.
type:
type: string
example: CreditCard
description: The payment method type.
zipcode:
type: string
example: '123456'
description: >-
In the case of a card payment method, the zip code associated with
the card.
payment_methods:
type: array
items:
$ref: '#/components/schemas/payment_method'
payment_plan:
type: object
required:
- id
- name
- currency_code
- base_price
- billing_interval_unit
- billing_interval
- billing_cycles
- zephr_product_id
properties:
id:
type: string
example: annual-plan
description: The identifier for this payment plan.
name:
type: string
example: Sports+ Membership Annual
description: The name of this payment plan.
currency_code:
type: string
example: USD
description: The ISO 4217 currency code for the transaction.
base_price:
type: number
example: 10.2
description: The price of this plan, without any discounts applied.
billing_interval_unit:
type: string
example: MONTH
description: The time measurement unit for billing interval.
billing_interval:
type: number
example: 3
description: How many time units lapse between billing events.
billing_cycles:
type: number
example: 12
description: How many times billing will occur.
trial_duration_unit:
type: string
example: DAY
description: >-
The time measurement unit for trial duration. This will always be
present if `trial_duration` is set.
trial_duration:
type: number
example: 30
description: How long the trial period lasts.
discounts:
type: array
items: {}
description: Any discounts that may apply to this plan.
zephr_product_id:
type: string
example: product-123
description: The Zephr product ID associated with this plan.
add-ons:
type: array
items:
$ref: '#/components/schemas/add-on'
add-on:
type: object
properties:
id:
type: string
label:
type: string
value:
type: number
paymentOptions:
type: array
items:
$ref: '#/components/schemas/add-on-payment-options'
add-on-payment-options:
type: object
properties:
slug:
type: string
example: plan-123
description: The plan slug with which this add-on is associated.
currency:
type: string
example: $
description: The currency symbol.
addonPrice:
type: number
example: 12.34
promo-code-payment-options:
type: object
properties:
slug:
type: string
example: plan-123
description: The plan slug with which this promo code is associated.
currency:
type: string
example: $
description: The currency symbol.
pricePointId:
type: string
example: cost-123
originalPrice:
type: number
example: 3.45
discountPrice:
type: number
example: 2
browser-features-response:
type: object
properties:
featureResults:
type: object
properties:
featureX:
type: string
example: blaize.transform.resource('...')
description: Feature result transformations
description: Map of HTML Feature IDs and feature result transformations
resources:
type: object
properties:
forms:
type: object
properties: {}
description: Forms used in feature results
paymentForms:
type: object
properties: {}
description: Payment Forms used in feature results
uiComponents:
type: object
properties:
...:
type: string
example: Example
description: UI Components used in feature results
hostedUiComponents:
type: object
properties: {}
description: Hosted UI Components used in feature results
componentTemplates:
type: object
properties: {}
description: Component Templates used in feature results
description: Map of transformation resources
accessDetails:
type: object
properties:
authenticated:
type: boolean
description: Is the session authenticated
accessDecisions:
type: object
properties:
...:
type: boolean
description: Whether the user has access or not
description: Map of access decisions for this feature
entitlements:
type: object
properties:
...:
$ref: '#/components/schemas/access-details-usage-ent'
description: Map of entitlement usage
credits:
type: object
properties:
...:
$ref: '#/components/schemas/access-details-usage'
description: Map of credit usage
meters:
type: object
properties:
...:
$ref: '#/components/schemas/access-details-usage'
description: Map of meter usage
trialTrackingDetails:
type: array
items: {}
description: Array of trial tracking details
description: Feature access details
access-details-usage-ent:
type: object
properties:
usedInDecision:
type: boolean
decrementedInDecision:
type: boolean
access-details-usage:
allOf:
- $ref: '#/components/schemas/access-details-usage-ent'
- type: object
properties:
totalCredits:
type: number
remainingCredits:
type: number
access-decision-response:
type: object
properties:
status:
type: string
example: '301'
body:
type: string
example: Redirecting to login page...
headers:
$ref: '#/components/schemas/headers'
headers:
type: object
properties:
Location:
type: string
example: /login.html
dynamic-offer-decision-response:
type: object
description: "The dynamic offer decision outcomes. Product rule output will be under the products array.
Price rule output will be under each product based on where its rate plan is associated with.
Discount output will be under each charge based on the discount rule condition.
Any custom property rule output will be under the custom object.
If you have in rule analytics enabled, there will be an outcome object returned as part of the response."
properties:
products:
type: array
description: The processed output for mainly the Product rule. Price and Discount, if present,
the output of those would be nested under each product element according to the rule specification.
items:
$ref: "#/components/schemas/do-product-response"
tagline:
type: string
description: The tagline rule output
custom:
type: object
description: key value pair of any custom property rule output.
The key would be the property id, the value would be its rule output
properties: { }
outcomes:
type: array
description: The rule outcome for each property rule within the offer. If you wish to record user conversion data,
you would need to send these outcome data back to Zephr upon when the conversion is happening.
properties:
ruleId:
type: string
description: An identifier for the property rule
outcomeId:
type: string
description: An identifier for the outcome of this property rule execution
errors:
type: array
items:
properties:
property:
type: string
description: The offer property id in which the rule failed to execute
error:
type: string
description: The error message explaining why this decision failed to resolve.
Present only if there was an error.
do-product-response:
type: object
properties:
id:
type: string
label:
type: string
description:
type: string
features:
type: array
items:
$ref: "#/components/schemas/do-product-feature-response"
sharingLimit:
type: number
metadata:
type: object
properties:
order:
type: number
recommended:
type: boolean
prices:
type: array
items:
$ref: "#/components/schemas/do-product-price-response"
do-product-feature-response:
type: object
description:
"The Feature defined in Zephr when configuring the product in Zephr's catalog"
properties:
id:
type: string
label:
type: string
description:
type: string
type:
type: string
do-product-price-response:
type: object
description:
"The price response for each returned product, it will contain data for each product's
associated rate plans and their underlying charges"
properties:
ratePlanId:
type: string
charges:
type: array
items:
$ref: "#/components/schemas/do-product-price-charge-response"
do-product-price-charge-response:
type: object
description:
"The charge response for each rate plan returned, it will contain processed price book items under each charge
and any discount available according to the output and the condition defined in the Dynamic Offer's discount rule."
properties:
productChargeId:
type: string
priceBookItems:
type: array
description:
"The price book items associated with this charge, filtered/sorted according to the price rule of the Dynamic Offer"
items:
type: object
properties: { }
discounts:
type: array
description:
"The discounts associated with this charge, according to the discount rule output of this Dynamic Offer."
items:
$ref:
"#/components/schemas/do-product-price-charge-discount-response"
do-product-price-charge-discount-response:
type: object
description:
"The discount output"
properties:
items:
type: array
items:
$ref:
"#/components/schemas/do-product-price-charge-discount-item-response"
orderType:
type: string
description:
Specify how multiple discounts, if there is any, should be applied together
enum:
- SEQUENTIAL
- STACKED
do-product-price-charge-discount-item-response:
type: object
properties:
order:
type: number
description: The order with defines the priority of this discount
type:
type: string
description: The type of the discount
enum:
- FIXED
- PERCENTAGE
- OVERRIDE
value:
type: number
occurrence:
type: string
description: The frequency this discount occurs, if it's recurring then an end policy is expected to be present
enum:
- ONE_OFF
- RECURRING
startPolicy:
type: object
properties:
type:
type: string
enum:
- ON_CHARGE_START
- AFTER_CHARGE_START
offset:
type: object
format: nullable
properties:
value:
type: number
unit:
type: string
enum:
- CHARGE_BILLING_PERIOD
- DAY
- WEEK
- MONTH
- YEAR
endPolicy:
type: object
properties:
type:
type: string
enum:
- ON_CHARGE_START
- ON_CHARGE_END
- AFTER_CHARGE_START
- AFTER_DISCOUNT_START
offset:
type: object
format: nullable
properties:
value:
type: number
unit:
type: string
enum:
- CHARGE_BILLING_PERIOD
- DAY
- WEEK
- MONTH
- YEAR
oauth-state-response:
type: object
properties:
message:
type: string
example: State initialized
owned_products:
type: array
items:
type: object
properties:
product_id:
type: string
description: The ID of the product that is shared
product_label:
type: string
description: The label of the product that is shared
sharing_limit:
type: number
description: >-
The maximum number of users that this product can be shared with
by the owner
shares:
type: object
properties:
member_email:
type: string
description: >-
The email of the user that this product is shared with. This
will be null if this product share has not yet been accepted
sharing_id:
type: string
description: The ID of the user product share
status:
type: string
description: >-
The status of the user product share. One of 'active',
'inactive', 'pending'
created_at:
type: string
description: ISO-8601 formatted time at which the share was created
member_products:
type: array
items:
type: object
properties:
product_id:
type: string
description: The ID of the product that is shared
product_label:
type: string
description: The label of the product that is shared
sharing_id:
type: string
description: The ID of the user product share
status:
type: string
description: >-
The status of the user product share. One of 'active', 'inactive',
'pending'
shared_by_email:
type: string
description: The email of the product owner
created_at:
type: string
description: ISO-8601 formatted time at which the share was created
meta_data:
type: object
properties: {}
description: >-
Any metadata configured for the user product share, defined at the
point of creation
product_sharing_response:
type: object
properties:
member_products:
$ref: '#/components/schemas/member_products'
owned_products:
$ref: '#/components/schemas/owned_products'
feature-decisions-response:
type: object
required:
- results
properties:
results:
type: array
items:
$ref: '#/components/schemas/feature-decision-response'
description: >-
List of feature decision outcomes. These will be ordered as provided
in the request.
feature-decision-response:
type: object
required:
- sdkFeatureSlug
properties:
sdkFeatureSlug:
type: string
example: featureX
description: Feature SDK slug
outputType:
type: string
enum:
- ENUM
- STRING
- NUMBER
- JSON
- TRANSFORMATION
description: Feature output type. Present if there were no errors.
outputValue:
type: string
example: 'YES'
description: |
Feature output value. Present if there were no errors.
- For the 'JSON_COMPONENT' output type, the response will be stringified JSON, and where ?raw is used in the request, the response will be JSON.
- For the 'TRANSFORMATION' output type, the response will contain a list of transformations to be applied, including ENABLE_CONTENT, CUSTOM_COMPONENT, TEMPLATE_COMPONENT and FORM.
error:
type: string
example: '500: Internal error ...'
description: >-
The error message explaining why this decision failed to resolve.
Present only if there was an error.
Session:
type: object
properties:
id:
type: string
example: aba22-a5mfh-
description: The ID of the session
startDate:
type: string
example: '2011-11-11T11:11:11.000'
description: The creation date-time of the session
deviceType:
type: string
example: pc
description: The type of device this session was created on
deviceName:
type: string
example: Google Nexus 5
description: The name of the device this session was created on
ip:
type: string
example: 10.10.10.1
description: The IP address this session was created from
browser:
type: string
example: Chrome
description: The name of the browser that this session was created from
os:
type: string
example: Android
description: >-
The operating system of the device that this session was created
from
city:
type: string
example: Huston
description: The name of the city that this session was created from
geoState:
type: string
example: Texas
description: The name of the state that this session was created from
country:
type: string
example: USA
description: The name of the country that this session was created from
isRequestingSession:
type: boolean
example: true
description: >-
True if this session is the session that made the request to this
endpoint, otherwise false
stripe_start_response_body:
type: object
properties:
grant_id:
type: string
description: New grant of product bundle to user
clientSecret:
type: string
description: reference to Stripe payment required to process payment in front end
paymentIntentStatus:
type: string
description: status of the payment which may require further action
user-register-request:
type: object
properties:
identifiers:
$ref: '#/components/schemas/identifiers'
validators:
$ref: '#/components/schemas/validators'
attributes:
$ref: '#/components/schemas/attributes'
required:
- identifiers
- validators
user-register-response:
type: object
properties:
cookie:
type: string
message:
type: string
tracking_id:
type: string
delete-user-response:
type: object
properties:
message:
type: string
user-public-account:
type: object
properties:
identifiers:
$ref: '#/components/schemas/identifiers'
tracking_id:
type: string
example: '123'
description: 456 (string)
validators:
type: object
properties:
password:
type: string
example: mysecurepassword123
use_sso:
type: boolean
description: >-
When this is present there should be no identifiers in the body. The
user is identified through a blaize_session cookie.
attributes:
type: object
properties:
first_name:
type: string
example: Joe
surname:
type: string
example: Blow
cdn-auth-challenge-response:
type: object
properties:
68cc48be-e47e-4707-8958-1249d87fca86:
type: boolean
v4-gift-response:
type: object
properties:
token:
type: string
example: absd-acsd34-casdae-1243c
description: The token of the created gift.
claimPath:
type: string
example: /my-path?gift=absd-acsd34-casdae-1243c
description: The path that was generated for claiming the gift.
zephr-features-response-array:
type: array
items:
$ref: '#/components/schemas/zephr-features-response'
zephr-features-response:
type: object
properties:
id:
type: string
example: feature-live
label:
type: string
example: feature-label
slug:
type: string
example: feature-slug