Instructions for API

This is a fake API for training purposes and doesn't exist. It is based on a real API, but we're not telling you which one ;-). See the blog post here for details.

We have a REST API for recording, recalling and editing transactions.

Requests are sent over HTTPs (this is recommended but not mandatory) via a get request to:

Query parameters:

  1. UserId - your ID number
  2. API Key - a key assigned to your account
  3. method - the API method to invoke (see below)

You will also supply any additional parameters that the method requires.

Additionally, your API key and password, separated by a colon, must be hashed and sent in a HTTP Header, X-Secret-Key-Hash. The hashing is performed using SHA256.

Return code:

Every request will result in a HTTP 200, the body of the resonse will contain a string contains the details of any errors, or a "OK" string for success.

Eg: "Transaction failed, insufficient priviledge"

Or: "Transaction Suceeded"

Method reference

The API supports a series of methods:

record record a transactionmethod=record
date=format mm/dd/yyyy
amount=value of sales
.... then a long series of methods (omitted), each with different parameters.


X-Secret-Key-Hash: 86c6635240863643e02d533b0dea0d3dc94a420f02d0ca5517a7bd6ec7fe893f