Endpoint Details
All Endpoints
The following information applies to most or all endpoints:
Tokens
Most endpoints require a token, provided by the auth endpoint. This should be stored and passed in the query string with a key of token. Alternatively, passing a header of Auth-User with the user ID of the current user also works. The latter is designed to work with the AWS API Gateway functionality.
Successful queries with a valid token refreshes it for an additional hour on all endpoints that require the token.
Errors with tokens are as follows:
-
Token not provided.
Code: 403
Content:{ status: 403, message: 'Token not provided' } -
Invalid token.
Code: 403
Content:{ status: 403, message: 'Invalid token' } -
Member is expired and attempting to act as an officer.
Code: 403
Content:{ status: 403, message: 'User is expired' } -
Member is suspended and attempting to act as an officer.
Code: 403
Content:{ status: 403, message: 'User is suspended' } -
Attempted to check user expiration but no user data found.
Code: 500
Content:{ status: 500, message: 'User is not loaded' }
Permissions
Some endpoints, mostly write ones, require the user associated with a given token to have a given role.
Endpoints that check permissions can accept an optional query string of useOffice equal to the ID of the office to use. This is useful where a user wants to act as a specific office, instead of the first available one.
Errors with permission errors are as follows:
-
User has no offices
Code: 403
Content:{ status: 403, message: 'User has no offices' } -
User has offices, but none with the right role
Code: 403
Content:{ status: 403, message: 'No offices with permission' } -
No valid offices found
Code: 403
Content:{ status: 403, message: 'Officer not found in chain' }
Note: Users with the admin role pass all permission checks.