Skip to content

Public API Reference (2025-07-30)

The Zephr Public API provides common client-side actions tied to a session cookie. Unlike the Admin API, neither users nor other resources can be dereferenced; the only data that can be accessed is owned by the user who is currently signed-in. This design is used to protect other users from malicious attacks.

You can find the base URL for the Public API by navigating to your site domains. To do this, select Sites from the Delivery menu, select your site, and then click the Site Domains button. The base URL is the Live domain.

Zephr forms use the Public API by default, with relative URLs based on the base URL.

Download OpenAPI description
Languages
Servers
Mock server
https://developer.zuora.com/_mock/zephr-api-reference/zephr-public-api
https://{your-domain}

Authentication

Operations

Braintree Payments

Operations

Browser Feature Transformations

Operations

Decision Engine

Operations

Dynamic Offer Decision Engine

Operations

Dynamic Offer Promo Code Decision

Operations

OAuth Flow

Operations

Payments

Operations

Product Sharing

Operations

SDK Feature Decision Engine

Operations

Sessions

Operations

Stripe Payments

Operations

Third-Party Authentication

This section contains the API operations for the OAuth 2.0 Authorization Code Flow.

Operations

User

Operations

V4 Gifts

Create a Gift resource for V4. Gifts can be used to provide access to a particular URL for one session only by appending a gift token ID to the URL as the gift path parameter.

Operations

Web Analytics

Operations

Zephr Features

Operations

Component Library

Operations

Retrieve the Component Library

Request

Components configured in the component library can be retrieved as rendered HTML. The componentId passed in the path can be versioned to reference a specific version of a library component. For example, ‘payment-form:1’, ‘payment-form:4’ or ‘payment-form:active’ to reference the default version of the component.

Security
CookieBlaizeSession or JwtQuery or JwtHeaderXBlaizeJwt or JwtHeaderXZephrJwt or JwtBearer or JwtCookie
Path
componentIdstringrequired

The versioned slug of the component in the library to render, as configured in the console.

Example: my-component:1
curl -i -X GET \
  https://developer.zuora.com/_mock/zephr-api-reference/zephr-public-api/zephr/public/component-library/v1/library-components/my-component:1 \
  -b blaize_session=YOUR_API_KEY_HERE

Responses

OK

Bodytext/html
Response
text/html

Retrieve the Template Components

Request

Template components can be retrieved as rendered HTML. This endpoint is intended to be consumed by callers processing the output of an SDK TRANSFORMATION rule, where templateConfigId will identify a particular instance of a template component being used in an outcome with variables specified.

Security
CookieBlaizeSession or JwtQuery or JwtHeaderXBlaizeJwt or JwtHeaderXZephrJwt or JwtBearer or JwtCookie
Path
templateConfigIdstringrequired

templateConfigId

curl -i -X GET \
  'https://developer.zuora.com/_mock/zephr-api-reference/zephr-public-api/zephr/public/template-components/v1/template-components/{templateConfigId}' \
  -b blaize_session=YOUR_API_KEY_HERE

Responses

OK

Bodytext/html
Response
text/html

Retrieve the UI Components

Request

UI components can be retrieved as rendered HTML. This endpoint is intended to be consumed by callers processing the output of an SDK TRANSFORMATION rule, where componentId will reference a form or custom component created within an outcome of a rule.

Security
CookieBlaizeSession or JwtQuery or JwtHeaderXBlaizeJwt or JwtHeaderXZephrJwt or JwtBearer or JwtCookie
Path
componentIdstringrequired

componentId

Query
ui component variablestring

parameters can optionally be included and will be rendered where the matching param name exists in the UI component

Example: ui component variable=?myVar=test&otherVar=something
curl -i -X GET \
  'https://developer.zuora.com/_mock/zephr-api-reference/zephr-public-api/zephr/public/ui-components/v1/ui-components/{componentId}?ui+component+variable=%3FmyVar%3Dtest%26otherVar%3Dsomething' \
  -b blaize_session=YOUR_API_KEY_HERE

Responses

OK

Bodytext/html
Response
text/html

Retrieve a form by ID

Request

Retrieves a form by ID and returns an HTML page that renders it.

Security
CookieBlaizeSession or JwtQuery or JwtHeaderXBlaizeJwt or JwtHeaderXZephrJwt or JwtBearer or JwtCookie
Path
formIdstringrequired
Query
outcomeIdstring

Used to render the form

ruleIdstring

Used to render the form

curl -i -X GET \
  'https://developer.zuora.com/_mock/zephr-api-reference/zephr-public-api/zephr/public/forms/v1/forms/{formId}?outcomeId=string&ruleId=string' \
  -b blaize_session=YOUR_API_KEY_HERE

Responses

OK

List custom components

Request

Custom components can be retrieved as rendered HTML. This endpoint is intended to be consumed by callers processing the output of an SDK TRANSFORMATION rule, where internalTemplateUsageId will identify a particular instance of a custom component being used in an outcome with variables specified. The variables used by the custom component can be passed in as query parameters with the request which will override the values provided in the rule.

Security
CookieBlaizeSession or JwtQuery or JwtHeaderXBlaizeJwt or JwtHeaderXZephrJwt or JwtBearer or JwtCookie
Path
internalTemplateUsageIdstringrequired

The internal template usage ID.

curl -i -X GET \
  'https://developer.zuora.com/_mock/zephr-api-reference/zephr-public-api/zephr/public/internal-templates/v1/internal-templates/{internalTemplateUsageId}' \
  -b blaize_session=YOUR_API_KEY_HERE

Responses

OK

Bodytext/html
Response
text/html
<div>Some HTML</div>

Change the Stripe subscription price

Request

Generates a new preview of the price that Stripe will charge the customer if they create a new subscription for the specified plan. Note: This method does not create any entities in Stripe and does not result in any payments being made.

Security
CookieBlaizeSession or JwtQuery or JwtHeaderXBlaizeJwt or JwtHeaderXZephrJwt or JwtBearer or JwtCookie
Path
externalIdstringrequired
Bodyapplication/json
plan_idstring
curl -i -X POST \
  'https://developer.zuora.com/_mock/zephr-api-reference/zephr-public-api/zephr/payment/stripe/subscriptions/{externalId}/change-previews' \
  -H 'Content-Type: application/json' \
  -b blaize_session=YOUR_API_KEY_HERE \
  -d '{
    "plan_id": "string"
  }'

Responses

OK

Bodyapplication/json
totalnumber

The total amount the user will be initially charged for the subscription in the relevant currency's lowest denomination (e.g. pence), i.e. for a monthly subscription, the first month's cost.

Example: 5000
sub_totalnumber

The total amount minus tax for the initial charge in the relevant currency's lowest denomination (e.g. pence).

Example: 4500
Response
application/json
{ "total": 5000, "sub_total": 4500 }

Oauth2 Access Token

Operations

Subscription

Operations