Skip to main content

Requirements

#Requirements

The connection is always initiated by the system connected to the T&T server.

API is transported by HTTPS protocols; requests are sent by POST method.

Request parameters are sent to JSON as part of request bodies.

Highload requests, that are marked with *** in the list of endpoints (section 1.3), can be gzipped; in this case Content-Type of such requests must be sent as octet-stream.

All requests that are not marked with # sign in the list of endpoints (section 1.3) - are signed with the manufacturer's Private key and verified using its Public key loaded into the system.

Encoding — UTF-8.

Authentication — means a bearer token returned in response to a /login_api/ request.

DSASHA256 with RSA.

Additional limits - the minimal interval between two highload requests cannot be less than 2 seconds.

Required headers:

Content-Type = applicationJSON (or application/octet-stream); charset=utf-8
Authorization = Bearer token
X-Requested-With = XMLHttpRequest
X-Signature = request signature
X-Lang = en/az;