Skip to content
/
SDK Feature Decision Engi...

Public API Reference (2025-07-30)

The Zephr Public API provides common client-side actions tied to a session cookie. Unlike the Admin API, neither users nor other resources can be dereferenced; the only data that can be accessed is owned by the user who is currently signed-in. This design is used to protect other users from malicious attacks.

You can find the base URL for the Public API by navigating to your site domains. To do this, select Sites from the Delivery menu, select your site, and then click the Site Domains button. The base URL is the Live domain.

Zephr forms use the Public API by default, with relative URLs based on the base URL.

Download OpenAPI description
index.json
index.yaml
Languages
Servers
Mock server
https://developer.zuora.com/_mock/zephr-api-reference/zephr-public-api
https://{your-domain}

Authentication

Operations

Braintree Payments

Operations

Browser Feature Transformations

Operations

Decision Engine

Operations

Dynamic Offer Decision Engine

Operations

Dynamic Offer Promo Code Decision

Operations

OAuth Flow

Operations

Payments

Operations

Product Sharing

Operations

SDK Feature Decision Engine

Operations

Process multiple decisions

Request

Processes multiple decisions. The SDK Feature Decision Engine can be invoked via the Public API to calculate a decision output response based upon Feature SDK Rules created in the Zephr Console.

Security
CookieBlaizeSession or JwtQuery or JwtHeaderXBlaizeJwt or JwtHeaderXZephrJwt or JwtBearer or JwtCookie
Bodyapplication/json
featuresArray of anyrequired

The list of features to evaluate. This must be contain at least one element. Features are evaluated sequentially, in the order they are provided.

Example: [{"slug":"featureX","path":"/x.html","content_id":"xxx-xxx-xxx","inputs":{}}]
sessionstring

Zephr Session ID, required for trials.

Example: "xxx-xxx-xxx"
foreign_keysobject

Foreign system and ID used to identify the user.

Example: {}
ipstring

Client IP address, defaults to request IP.

Example: "x.x.x.x"
user_agentstring

Client user agent

Example: "Mozilla/5.0 (Macintosh; Intel Mac OS X 11)..."
jwtstring

A Json Web Token, may include identity or product holding claims.

Example: "xxx-xxx-xxx"
dry_run_modeboolean

A flag to indicate where the decision request would persist states such as user entitlement, segments, test groups, etc.

Default false
curl -i -X POST \
  https://developer.zuora.com/_mock/zephr-api-reference/zephr-public-api/zephr/decide \
  -H 'Content-Type: application/json' \
  -b blaize_session=YOUR_API_KEY_HERE \
  -d '{
    "features": [
      {
        "slug": "featureX",
        "path": "/x.html",
        "content_id": "xxx-xxx-xxx",
        "inputs": {}
      }
    ],
    "session": "xxx-xxx-xxx",
    "foreign_keys": {},
    "ip": "x.x.x.x",
    "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 11)...",
    "jwt": "xxx-xxx-xxx"
  }'

Responses

OK

Bodyapplication/json
resultsArray of objects(feature-decision-response)required

List of feature decision outcomes. These will be ordered as provided in the request.

results[].​sdkFeatureSlugstringrequired

The slug of the SDK feature which has been evaluated.

Example: "sdk-feature-1"
results[].​outputTypestring

Feature output type. Present if there were no errors.

Enum"ENUM""STRING""NUMBER""JSON""TRANSFORMATION""COMPONENT"
results[].​outputValuestring

Feature output value. Present if there were no errors.

  • For the 'JSON_COMPONENT' output type, the response will be stringified JSON.
  • For the 'TRANSFORMATION' output type, the response will contain a stringified JSON array of transformations to be applied, including ENABLE_CONTENT, CUSTOM_COMPONENT, TEMPLATE_COMPONENT and FORM.
Example: "YES"
results[].​errorstring

The error message explaining why this decision failed to resolve. Present only if there was an error.

Example: "500: Internal error ..."
Response
application/json
{
  "results": [
    { … }
  ]
}

Process a single decision

Request

Processes a single SDK feature decision. An SDK feature rule can be configured in the console, and allows a custom decision to be made using a range of inputs to drive the behaviour of a website or app. SDK features can output any one of several data types as configured in the console.

  • String: The output can be any string.
  • Number: The output can be any numerical value
  • Enum: The output can be one of a list of strings as configured in the developer panel for the rule. This is used for short output strings.
  • Component: The output can be one of a list of strings as configured in the developer panel for the rule. This is used for long output strings, such as HTML or JSON.
  • JSON: The output can be any JSON object. JSON schema validation can optionally be enforced when creating JSON outputs in the console.
  • Transformation: The output will be a JSON array of transformations to be applied to content on a webpage or in an app. This allows the configuration of the same types of outcomes that can be built with an HTML feature rule, such as hiding content and displaying a payment form.

SDK features permit business decisions to drive access or behaviour to be made in an app that is not using HTML content. SDK decisions are relevant for both anonymous and authenticated sessions. If no session is provided via the request then an anonymous session will not be created.

Invoking an SDK decision may cause side effects as configured in the rule, such as invoking webhooks or recording trial usages. When dryRunMode is enabled in the request, trial usages will not be recorded.

Security
CookieBlaizeSession or JwtQuery or JwtHeaderXBlaizeJwt or JwtHeaderXZephrJwt or JwtBearer or JwtCookie
Query
rawbooleanrequired

If set to true, then the decision output will be returned in it's raw form, without metadata.
If set to false, the decision output will be returned in an escaped form together with metadata about the decision.

Default false
Bodyapplication/json
sdkFeatureSlugstringrequired

Feature SDK slug as configured in the console.

Example: "sdk-feature-1"
sessionstring

Zephr Session ID, required for trials and for user-based decisions.

Example: "0f88f32c-b03c-49cd-b977-0ca224d1acee"
foreign_keysobject

A map where the key is a foreign system and the value is an ID used to identify the user in that system.

Example: {"external-system":"user-1"}
ipstring

Client IP address, defaults to request IP.

Example: "56.123.124.23"
userAgentstring

Client user agent.

Example: "Mozilla/5.0 (Macintosh; Intel Mac OS X 11)..."
pathstring

Request path representing the content being consumed for trials.

Example: "/article.html"
contentIdstring

Content ID, used to perform requests to a 3rd party API for additional content information used in making a decision. The endpoint and path format for content ID requests can be configured in the console.

Example: "paid-article-123"
jwtstring

A Json Web Token, may include identity or product holding claims.

Example: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
giftTokenstring

Enables a decision to be made in the rule based on whether access should be granted as the user has gift access.

Example: "23810040-8149-4f4e-a4d1-c8268340be7f"
dryRunModeboolean

If the decision should be run without recording trial usage.

property name*stringadditional property

Custom inputs configured in Feature SDK rule.

curl -i -X POST \
  'https://developer.zuora.com/_mock/zephr-api-reference/zephr-public-api/zephr/decision-engine?raw=false' \
  -H 'Content-Type: application/json' \
  -b blaize_session=YOUR_API_KEY_HERE \
  -d '{
    "sdkFeatureSlug": "sdk-feature-1",
    "session": "0f88f32c-b03c-49cd-b977-0ca224d1acee",
    "foreign_keys": {
      "external-system": "user-1"
    },
    "ip": "56.123.124.23",
    "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 11)...",
    "path": "/article.html",
    "contentId": "paid-article-123",
    "jwt": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
    "dryRunMode": false,
    "giftToken": "23810040-8149-4f4e-a4d1-c8268340be7f",
    "custom-input-1": "custom-value"
  }'

Responses

OK. The output of the SDK feature rule, which may be wrapped with metadata according to the raw query parameter value.

Body
sdkFeatureSlugstringrequired

The slug of the SDK feature which has been evaluated.

Example: "sdk-feature-1"
outputTypestring

Feature output type. Present if there were no errors.

Enum"ENUM""STRING""NUMBER""JSON""TRANSFORMATION""COMPONENT"
outputValuestring

Feature output value. Present if there were no errors.

  • For the 'JSON_COMPONENT' output type, the response will be stringified JSON.
  • For the 'TRANSFORMATION' output type, the response will contain a stringified JSON array of transformations to be applied, including ENABLE_CONTENT, CUSTOM_COMPONENT, TEMPLATE_COMPONENT and FORM.
Example: "YES"
errorstring

The error message explaining why this decision failed to resolve. Present only if there was an error.

Example: "500: Internal error ..."
Response
{
  "sdkFeatureSlug": "sdk-feature-1",
  "outputType": "ENUM",
  "outputValue": "YES"
}

Retrieve a single decision

Request

For compatibility with CDN, any web headers (Referrer, User-Agent) will be accepted and passed onto the rule engine

Security
CookieBlaizeSession or JwtQuery or JwtHeaderXBlaizeJwt or JwtHeaderXZephrJwt or JwtBearer or JwtCookie
Query
sdkFeatureSlugstringrequired

Feature SDK slug

Example: sdkFeatureSlug=featureX
sessionstringrequired

Zephr Session ID, required for trials.

Example: session=xxx-xxx-xxx
foreign_id.xxxstringrequired

Foreign ID used to identify the user. The foreign system is parsed as the remainder of the parameter key name following 'foreign_id.'

Example: foreign_id.xxx=xxx-xxx-xxx
ipstringrequired

Client IP address, defaults to request IP.

Example: ip=x.x.x.x
userAgentstringrequired

Client user agent

Example: userAgent=Mozilla/5.0 (Macintosh; Intel Mac OS X 11)...
pathstringrequired

Request path, required for trials.

Example: path=/x.html
content_idstringrequired

Content ID, used to perform requests to a 3rd party API for additional content information used in making a decision.

Example: content_id=xxx-xxx-xxx
jwtstringrequired

A Json web token, may include identity or product holding claims.

Example: jwt=xxx-xxx-xxx
rawbooleanrequired

Should output raw value

Default false
curl -i -X GET \
  'https://developer.zuora.com/_mock/zephr-api-reference/zephr-public-api/zephr/decision-engine?sdkFeatureSlug=featureX&session=xxx-xxx-xxx&foreign_id.xxx=xxx-xxx-xxx&ip=x.x.x.x&userAgent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+11%29...&path=%2Fx.html&content_id=xxx-xxx-xxx&jwt=xxx-xxx-xxx&raw=false' \
  -b blaize_session=YOUR_API_KEY_HERE

Responses

Raw parameter response

Body*/*
sdkFeatureSlugstringrequired

The slug of the SDK feature which has been evaluated.

Example: "sdk-feature-1"
outputTypestring

Feature output type. Present if there were no errors.

Enum"ENUM""STRING""NUMBER""JSON""TRANSFORMATION""COMPONENT"
outputValuestring

Feature output value. Present if there were no errors.

  • For the 'JSON_COMPONENT' output type, the response will be stringified JSON.
  • For the 'TRANSFORMATION' output type, the response will contain a stringified JSON array of transformations to be applied, including ENABLE_CONTENT, CUSTOM_COMPONENT, TEMPLATE_COMPONENT and FORM.
Example: "YES"
errorstring

The error message explaining why this decision failed to resolve. Present only if there was an error.

Example: "500: Internal error ..."

Sessions

Operations

Stripe Payments

Operations

Third-Party Authentication

This section contains the API operations for the OAuth 2.0 Authorization Code Flow.

Operations

User

Operations

V4 Gifts

Create a Gift resource for V4. Gifts can be used to provide access to a particular URL for one session only by appending a gift token ID to the URL as the gift path parameter.

Operations

Web Analytics

Operations

Zephr Features

Operations

Component Library

Operations

Change the Stripe subscription price

Request

Generates a new preview of the price that Stripe will charge the customer if they create a new subscription for the specified plan. Note: This method does not create any entities in Stripe and does not result in any payments being made.

Security
CookieBlaizeSession or JwtQuery or JwtHeaderXBlaizeJwt or JwtHeaderXZephrJwt or JwtBearer or JwtCookie
Path
externalIdstringrequired
Bodyapplication/json
plan_idstring
curl -i -X POST \
  'https://developer.zuora.com/_mock/zephr-api-reference/zephr-public-api/zephr/payment/stripe/subscriptions/{externalId}/change-previews' \
  -H 'Content-Type: application/json' \
  -b blaize_session=YOUR_API_KEY_HERE \
  -d '{
    "plan_id": "string"
  }'

Responses

OK

Bodyapplication/json
totalnumber

The total amount the user will be initially charged for the subscription in the relevant currency's lowest denomination (e.g. pence), i.e. for a monthly subscription, the first month's cost.

Example: 5000
sub_totalnumber

The total amount minus tax for the initial charge in the relevant currency's lowest denomination (e.g. pence).

Example: 4500
Response
application/json
{
  "total": 5000,
  "sub_total": 4500
}

Oauth2 Access Token

Operations

Subscription

Operations