Authentication

Authorization is important to execute each API methods in RedCappi system. Authorization is done after authenticating the credentials as public and private keys. If authorization is successful then only you will be able to request for creation or updating of any list or contact in the system.

A custom HTTP header based on keyed-HMAC (Hash Message Authentication Code) is used by RedCappi API for authentication. A combination of HTTP request method, API url and json-encoded string of data to be sent are used to create signature. Query string and Posted-data both are sorted lexicographically before process.

Signature = Lower-Case( HTTP-Method   +   "::"   +

API-URL? Lexicographically-Sorted-Query-String   +   “::”   +

JSON-encoded (SORTED-POSTED-DATA) )

This signature along with the user’s private-key is used to calculate the HMAC and thus hashed-signature is created.

Hashed-Signature = HMAC-SHA256( Signature, YOUR-PRIVATE-KEY )

Finally this hashed-signature is used as custom HTTP authorization header in the API request.

Format of the authorization HTTP header is like:

Authorization: RCWS YOUR_PUBLIC_KEY:HASED_SIGNATURE

API Process

A request is processed after authorization of the request. For this system fetches the private-key associated with the public-key from Authorization header. Using this fetched private-key and signature based on the request-parameters and request-method, hashed-signature is calculated using HMAC. If this hashed signature matches with the hashed-signature from authorization header, then request gets authenticated and further process continues. If comparison fails, “Not Authorized” error message is sent as response.

Sample Project

Download the Sample Project and get started in minutes.

 

List Management

Get All Lists

API Request:GET /v1/lists.json/ HTTP/1.1

Host: api.redcappi.com

Content-Length: 20

Content-Type: application/json; charset=UTF-8

Accept: */*

Authorization: RCWS YOUR-PUBLIC-KEY:Hashed-SignatureHere Hashed-Signature is calculated as the following:Signature = get + "::"+ /v1/lists.json/ + "::" + {"posted_data":"[]"}

Hashed-Signature = HMAC-SHA256( Signature, YOUR-PRIVATE-KEY )API Response:{ "1":"List 1", "2":"List 2" }

Get a List

API Request:GET /v1/lists.json?id=2 HTTP/1.1

Host: api.redcappi.com

Content-Length: 20

Content-Type: application/json; charset=UTF-8

Accept: */*

Authorization: RCWS YOUR-PUBLIC-KEY:Hashed-SignatureHere Hashed-Signature is calculated as the following:Signature = get + "::"+ /v1/lists.json?id=2 + "::" + {"posted_data":"[]"}

Hashed-Signature = HMAC-SHA256( Signature, YOUR-PRIVATE-KEY )API Response:{ "2":"List 2" }

Add a List

API Request:POST /v1/lists/List+3 HTTP/1.1

Host: api.redcappi.com

Content-Length: 20

Content-Type: application/json; charset=UTF-8

Accept: */*

Authorization: RCWS YOUR-PUBLIC-KEY:Hashed-SignatureHere Hashed-Signature is calculated as the following:Signature = post + "::"+ /v1/lists./List+3 + "::" + {"posted_data":"[]"}

Hashed-Signature = HMAC-SHA256( Signature, YOUR-PRIVATE-KEY )API Response:{ "code" : 201, "message" : "List List 3 created with list-id 3" }

Edit a List

API Request:POST /v1/lists.json?id=3&name=Renamed+1 HTTP/1.1

Host: api.redcappi.com

Content-Length: 20

Content-Type: application/json; charset=UTF-8

Accept: */*

Authorization: RCWS YOUR-PUBLIC-KEY:Hashed-SignatureHere Hashed-Signature is calculated as the following:Signature = post + "::"+ /v1/lists.json?id=3&name=Renamed+1 + "::" + {"posted_data":"[]"}

Hashed-Signature = HMAC-SHA256( Signature, YOUR-PRIVATE-KEY )API Response:{ "code" : 201, "message" : "List renamed to Renamed 1" }

Delete a List

API Request:DELETE /v1/lists.json/3 HTTP/1.1

Host: api.redcappi.com

Content-Length: 22

Content-Type: application/json; charset=UTF-8

Accept: */*

Authorization: RCWS YOUR-PUBLIC-KEY:Hashed-SignatureHere Hashed-Signature is calculated as the following:Signature = delete + "::"+ /v1/lists.json/3 + "::" + {"posted_data":"[]"}

Hashed-Signature = HMAC-SHA256( Signature, YOUR-PRIVATE-KEY )API Response:{ "code" : 200, "message" : "List removed" }

Contact Management

Get Contacts

API Request:GET /v1/contacts.json/1/contacts/?pagesize=5&offset=2 HTTP/1.1

Host: api.redcappi.com

Content-Length: 20

Content-Type: application/json; charset=UTF-8

Accept: */*

Authorization: RCWS YOUR-PUBLIC-KEY:Hashed-SignatureHere Hashed-Signature is calculated as the following:Signature = get + "::"+ /v1/contacts.json/1/contacts/?offset=2&pagesize=5+ "::" + {"posted_data":"[]"}

Hashed-Signature = HMAC-SHA256( Signature, YOUR-PRIVATE-KEY )API Response:{"1":"contact1@domain.com","2":"contact2@domain.ch","3":"contact3@domain.com","4":"contact4@hotmail.com","5":"contact5@domain.com"}

Get a Contact

API Request:GET /v1/contacts.json/1/contact/2 HTTP/1.1

Host: api.redcappi.com

Content-Length: 20

Content-Type: application/json; charset=UTF-8

Accept: */*

Authorization: RCWS YOUR-PUBLIC-KEY:Hashed-SignatureHere Hashed-Signature is calculated as the following:Signature = get + "::"+ /v1/contacts.json/1/contact/2 + "::" + {"posted_data":"[]"}

Hashed-Signature = HMAC-SHA256( Signature, YOUR-PRIVATE-KEY )API Response:{ "2":"contact2@domain.ch" }

Add a Contact

API Request:POST /v1/contacts.json/1/contacts/ HTTP/1.1

Host: api.redcappi.com

Content-Length: 216

Content-Type: application/json; charset=UTF-8

Accept: */*

Authorization: RCWS YOUR-PUBLIC-KEY:Hashed-SignatureHere Hashed-Signature is calculated as the following:Signature = get + "::"+ /v1/contacts.json/1/contacts/ + "::" + {"address":"","city":"","company":"","country":"india","dob":"","email_address":"contact4@domain.com","first_name":"full name","last_name":"seth1","name":"test21_name","phone":"","state":"","zip_code":"4008"}

Hashed-Signature = HMAC-SHA256( Signature, YOUR-PRIVATE-KEY )API Response:{"code":201,"message":"Contact added"}

Edit a Contact

API Request:POST /v1/contacts.json/1/contacts/42 HTTP/1.1

Host: api.redcappi.com

Content-Length: 216

Content-Type: application/json; charset=UTF-8

Accept: */*

Authorization: RCWS YOUR-PUBLIC-KEY:Hashed-SignatureHere Hashed-Signature is calculated as the following:Signature = get + "::"+ /v1/contacts.json/1/contacts/42 + "::" + {"address":"","city":"","company":"","country":"india","dob":"","email_address":"contact4_new@domain.com","first_name":"full name","last_name":"seth1","name":"test21_name","phone":"","state":"","zip_code":"4008"}

Hashed-Signature = HMAC-SHA256( Signature, YOUR-PRIVATE-KEY )API Response:{"code":200,"message":"Contact updated"}

Delete a Contact

API Request:DELETE /v1/contacts.json/1/contacts/342 HTTP/1.1

Host: api.redcappi.com

Content-Length: 216

Content-Type: application/json; charset=UTF-8

Accept: */*

Authorization: RCWS YOUR-PUBLIC-KEY:Hashed-SignatureHere Hashed-Signature is calculated as the following:Signature = get + "::"+ /v1/contacts.json/1/contacts/342 + "::" + {"posted_data":"null"}
Hashed-Signature = HMAC-SHA256( Signature, YOUR-PRIVATE-KEY )API Response:"Contact removed"