Download OpenAPI specification:Download
Westfield Connect is the Authentication and Authorization service for Westfield.
Get client data using client_id
| client_id required | string Example: 68CCED1A7021642427E1D34B9FC2CDD7 client unique identifier |
{- "client_id": "string",
- "name": "string",
- "bypass_consent": true
}Update visitor's email in cognito pool
| Authorization | string |
| old_email_address required | string <email> |
| new_email_address required | string <email> |
| locale | string |
{- "old_email_address": "example@co.co",
- "new_email_address": "example@co.co",
- "locale": "string"
}{- "errors": [
- {
- "code": "string",
- "type": "string",
- "field": "string",
- "message": "string"
}
]
}Send a verification email. if code is present, validate the code.
| new_email_address required | string <email> |
| old_email_address | string <email> |
| validation_code | string |
| locale required | string |
| type required | string Enum: "register" "change_email" "subscribe" |
| resend | boolean |
| pc_code | string |
{- "new_email_address": "example@co.co",
- "old_email_address": "example@co.co",
- "validation_code": "string",
- "locale": "en-US",
- "type": "register",
- "resend": true,
- "pc_code": "string"
}{- "errors": [
- {
- "code": "string",
- "type": "string",
- "field": "string",
- "message": "string"
}
]
}Check visitor's credentials and set URW-AUTH cookie
| email required | string <email> |
| password required | string |
| remember_me | boolean |
{- "email": "example@co.co",
- "password": "string",
- "remember_me": true
}{- "visitor_id": "1b5d452e-2897-4f21-ac74-1b59f820ba97",
- "hash": "string"
}Remove token from dynamo DB
| visitor_id required | string |
| client_id required | string |
{- "visitor_id": "string",
- "client_id": "string"
}{- "errors": [
- {
- "code": "string",
- "type": "string",
- "field": "string",
- "message": "string"
}
]
}Update logged in visitor's password
| Authorization | string |
| old_password required | string |
| new_password required | string |
| locale required | string |
{- "old_password": "string",
- "new_password": "string",
- "locale": "string"
}{- "errors": [
- {
- "code": "string",
- "type": "string",
- "field": "string",
- "message": "string"
}
]
}Initiate an account password reset
| offline_mode | string |
| email required | string <email> |
| client_id required | string |
| redirect_uri required | string |
| locale | string The local used to send the email. if not specified, the default locale for the caller country will be used |
| scope required | string |
| state | string |
| email_type | string |
| pc_code | string |
| country | string |
{- "email": "example@co.co",
- "client_id": "68CCED1A7021642427E1D34B9FC2CDD7",
- "locale": "fr-FR",
- "scope": "string",
- "state": "string",
- "email_type": "string",
- "pc_code": "string",
- "country": "FR"
}{- "errors": [
- {
- "code": "string",
- "type": "string",
- "field": "string",
- "message": "string"
}
]
}Reset account password
| confirmation_code required | string |
| password required | string |
| email required | string |
| locale | string The local used to send the email. if not specified, the default locale for the caller country will be used |
| pc_code | string |
| country | string |
{- "confirmation_code": "string",
- "password": "string",
- "email": "example@co.co",
- "locale": "fr-FR",
- "pc_code": "string",
- "country": "FR"
}{- "errors": [
- {
- "code": "string",
- "type": "string",
- "field": "string",
- "message": "string"
}
]
}Create new user
| client_id required | string Example: client_id=68CCED1A7021642427E1D34B9FC2CDD7 client unique identifier |
| title required | string Enum: "m" "f" "u" |
| first_name required | string |
| last_name required | string |
| email required | string <email> |
| password required | string |
| birth_date | string birth date in following format - 'yyyy-mm-dd' |
| phone | string phone number in following format - E. 164 format for US |
| mobile_locale | string |
| zip_code | string |
| pc_code required | string |
| center_company_id | string |
| origin_type required | string Enum: "connect" "partner" |
| origin required | string Client id of the client the request originated from |
| optin_sms | boolean |
| optin_sms_textid | number |
| optin_commercial | boolean |
| optin_commercial_textid | number |
| optin_privacy_textid required | number |
| optin_terms_textid required | number |
Array of objects |
{- "title": "m",
- "first_name": "john",
- "last_name": "doe",
- "email": "example@co.co",
- "password": "string",
- "birth_date": "2017-07-24",
- "phone": "string",
- "mobile_locale": "FR",
- "zip_code": "string",
- "pc_code": "string",
- "center_company_id": "string",
- "origin_type": "connect",
- "origin": "string",
- "optin_sms": true,
- "optin_sms_textid": 0,
- "optin_commercial": true,
- "optin_commercial_textid": 0,
- "optin_privacy_textid": 0,
- "optin_terms_textid": 0,
- "interests": [
- {
- "external_id": "string",
- "label": "string"
}
]
}{- "visitor_id": "1b5d452e-2897-4f21-ac74-1b59f820ba97",
- "hash": "string"
}Check if user already exist in congnito
| email_address required | string <email> |
{- "email_address": "example@co.co"
}{- "visitor_id": "1b5d452e-2897-4f21-ac74-1b59f820ba97",
- "account_type": "partal"
}List of Centers with logo url and Legal Texts
| include_legaltext required | string Leagal Texts as boolean value |
| locale | string locale |
| pcCode | string pcCode |
{- "data": {
- "centers": [
- {
- "label": "string",
- "country": "string",
- "isWestfield": true,
- "centerId": "string",
- "centerCode": 0,
- "hasWorker": true,
- "hasMultiStep": true,
- "isActive": true,
- "pcCode": "string",
- "creationDate": "string",
- "updateDate": "string",
- "logo_url": "string",
- "hasBasicLoyalty": true
}
], - "legal_text": [
- {
- "id": 0,
- "version": 0,
- "type": "string",
- "requireConsent": true,
- "releaseDate": "string",
- "creationDate": "string",
- "updateDate": "string",
- "optinHeaderText": "string",
- "optinDisplayText": "string",
- "documentText": "string",
- "locale": "string"
}
]
}
}Create new partial user
| client_id required | string Example: client_id=68CCED1A7021642427E1D34B9FC2CDD7 client unique identifier |
| gender | string Enum: "m" "f" "u" |
| first_name required | string |
| last_name | string |
| email required | string <email> |
| phone | string phone number in following format - E. 164 format for US |
| mobile_locale | string |
| timezone | string |
| pc_code required | string |
| optin_sms | boolean |
| optin_sms_textid | number |
| optin_commercial | boolean |
| optin_commercial_textid | number |
Array of objects |
{- "gender": "m",
- "first_name": "john",
- "last_name": "doe",
- "email": "example@co.co",
- "phone": "33631574470",
- "mobile_locale": "FR",
- "timezone": "string",
- "pc_code": "string",
- "optin_sms": true,
- "optin_sms_textid": 0,
- "optin_commercial": true,
- "optin_commercial_textid": 0,
- "interests": [
- {
- "external_id": "string",
- "label": "string"
}
]
}{- "visitor_id": "1b5d452e-2897-4f21-ac74-1b59f820ba97",
- "hash": "string"
}Generate access token for visitors in exchange of authorization_code or refresh_token. Generate access token for machine to machine authentication
| code | string |
| refresh_token | string |
| grant_type required | string Enum: "authorization_code" "refresh_token" "client_credentials" |
| client_id required | string |
| client_secret required | string |
| redirect_uri | string |
| scope | string |
| nonce | string |
| data | object |
{- "code": "cks6qzg0e00v90gmkc3zw0l35",
- "refresh_token": "string",
- "grant_type": "authorization_code",
- "client_id": "68CCED1A7021642427E1D34B9FC2CDD7",
- "client_secret": "E43F531FFE7C6227F680E446604C36FE4CCAEAE97F7276A80153AAAAAAAAAAAA",
- "scope": "profile,email",
- "nonce": "string",
- "data": { }
}{- "access_token": "string",
- "token_type": "string",
- "expires_in": 0,
- "refresh_token": "string",
- "scope": "string",
- "created_at": "string"
}Get cached token by using ott as a cache key with other params
| token | string |
{- "access_token": "string",
- "created_at": "string",
- "expires_at": "string",
- "expires_in_seconds": "string",
- "visitor_id": "string",
- "scopes": "string"
}Temporary route only used by the app to convert old token to a new one
| refresh_token required | string |
| new_client_id required | string |
{- "refresh_token": "string",
- "new_client_id": "string"
}{- "access_token": "string",
- "refresh_token": "string"
}Get user information
| Authorization required | string Token fetched from connect /token endpoint |
{- "first_name": "john",
- "last_name": "doe",
- "name": "john doe",
- "email": "example@co.co",
- "visitor_id": "1b5d452e-2897-4f21-ac74-1b59f820ba97"
}Get visitor basic information
| visitor_id required | string Example: d73283f7-55c8-57ba-86ff-c800b642bc42 Visitor unique identifier |
{- "first_name": "john",
- "last_name": "doe",
- "email": "example@co.co",
- "phone": "string",
- "mobileLocale": "FR",
- "acquisition_pc_code": "string",
- "gender": "string"
}Delete visitor's credentials from cognito
| visitor_id required | string Example: d73283f7-55c8-57ba-86ff-c800b642bc42 Visitor unique identifier |
| Authorization required | string Machine-Machine token fetched from connect /token endpoint |
{- "metadata": { }
}Transfer visitor credentials to cognito
| Authorization required | string Token fetched from connect /token endpoint |
| visitor_id required | string Visitor unique identifier |
| email_address required | string |
| password | string |
{- "visitor_id": "d73283f7-55c8-57ba-86ff-c800b642bc42",
- "email_address": "string",
- "password": "string"
}{- "errors": [
- {
- "code": "string",
- "type": "string",
- "field": "string",
- "message": "string"
}
]
}Create external-id for a visitor on visitorAPI
| visitor_id required | string Example: d73283f7-55c8-57ba-86ff-c800b642bc42 Visitor unique identifier |
| external_id required | string Id of external resource |
| external_type required | string Type of external resource |
{- "external_id": "string",
- "external_type": "string"
}{- "data": {
- "externalId": "2e90fe3b088c7b27a6d08",
- "visitorId": "e45934e1-5fd4-4651-b7bc-50c977a3b8c5",
- "externalType": "designa",
- "creationDate": "2019-08-24T14:15:22Z",
- "updateDate": "2019-08-24T14:15:22Z"
},
}Get external ids for given visitorId
| visitor_id required | string Example: d73283f7-55c8-57ba-86ff-c800b642bc42 Visitor unique identifier |
| external_type required | string Enum: "designa" "facebook" "google" "cognito" "partner" "crm_id" "wifi_device_id" External type |
| fields | string Example: fields=foo,bar List of fields to return |
{- "data": {
- "externalId": "2e90fe3b088c7b27a6d08",
- "visitorId": "e45934e1-5fd4-4651-b7bc-50c977a3b8c5",
- "externalType": "designa",
- "creationDate": "2019-08-24T14:15:22Z",
- "updateDate": "2019-08-24T14:15:22Z"
},
}Delete visitor’s external id
| visitor_id required | string Example: d73283f7-55c8-57ba-86ff-c800b642bc42 Visitor unique identifier |
| external_type required | string Enum: "designa" "facebook" "google" "cognito" "partner" "crm_id" "wifi_device_id" External type |
{- "errors": [
- {
- "code": "string",
- "type": "string",
- "field": "string",
- "message": "string"
}
]
}Request the children list for a single category and locale
| category_id required | integer Category identifier |
| westfield_locale required | string (locales) Enum: "en_US" "en_UK" "en_GB" "de_AT" "fr_FR" "en_FR" "pl_PL" "ca_ES" "es_ES" "eu_ES" "cs_CZ" "da_DK" "de_DE" "it_IT" "nl_BE" "de_BE" "fr_BE" "nl_NL" "pt_PT" "sk_SK" "sv_SE" "uk_UA" "default" Locale identifier. Four letter ISO code with hyphen or underscore. Request the child categories with the locale westfield_locale. |
| depth | integer Category depth. Request categories with depth. |
| fields | string Example: fields=enter comma(,) separated values if multiple. i.e. field1,field2,field3 Fields in response. Array that lists the fields requested. If empty or not supplied, all attributes will be returned. |
| updated_since | string Updated since. Request the categories updated since a specific date and time. ISO-8601 format. |
| strict | string If set to false, default/fallback data to be returned if fields for translations does not exist for {westfield_locale} |
{- "data": [
- {
- "_links": {
- "image": {
- "href": "string"
}, - "parent": {
- "href": "string",
- "parent_id": 0
}, - "self": {
- "href": "string"
}
}, - "category_id": 0,
- "children": [
- { }
], - "children_sort_order": [
- 0
], - "depth": 0,
- "description": "string",
- "external_type": "string",
- "icon": "string",
- "image": "string",
- "locale": "en_US",
- "name": "string",
- "path": "string",
- "seo_title": "string",
- "slug": "string",
- "sort_order": 0,
- "state": "string",
- "status": {
- "state": "string"
}, - "updated_at": "string",
- "westfield_locale": "en_US"
}
], - "errors": { },
- "meta": {
- "api_version": "string",
- "deprecation_information": {
- "deprecated_at": "string",
- "goes_away_at": "string",
- "more_info": {
- "href": "string"
}
}, - "origin": "string",
- "page": 0,
- "page_count": 0,
- "per_page": 0,
- "total": 0
}
}[- {
- "name": "string",
- "redirectUris": [
- "string"
], - "type": "string",
- "bypassConsent": true,
- "scope": "read:ldb,write:ldb",
- "accessTokenExpires": 0,
- "refreshTokenExpires": 0,
- "grantType": "machine",
- "isActive": true,
- "contactName": "string",
- "contactEmail": "user@example.com",
- "clientId": "string",
- "createdBy": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "updatedBy": "string",
- "updatedAt": "2019-08-24T14:15:22Z"
}
]The answer will have the secret unhashed caller must have the scop write:ldb
| name required | string |
| redirectUris required | Array of strings |
| type required | string |
| bypassConsent required | boolean |
| scope required | string^[a-z]+:[a-zA-Z]+(\.[a-zA-Z]+)*(,[a-z]+:[a-zA... |
| accessTokenExpires required | integer <int64> |
| refreshTokenExpires required | integer <int64> |
| grantType required | string Enum: "machine" "visitor" |
| isActive required | boolean |
| contactName | string |
| contactEmail | string <email> |
| createdBy required | string |
{- "name": "string",
- "redirectUris": [
- "string"
], - "type": "string",
- "bypassConsent": true,
- "scope": "read:ldb,write:ldb",
- "accessTokenExpires": 0,
- "refreshTokenExpires": 0,
- "grantType": "machine",
- "isActive": true,
- "contactName": "string",
- "contactEmail": "user@example.com",
- "createdBy": "string"
}{- "name": "string",
- "redirectUris": [
- "string"
], - "type": "string",
- "bypassConsent": true,
- "scope": "read:ldb,write:ldb",
- "accessTokenExpires": 0,
- "refreshTokenExpires": 0,
- "grantType": "machine",
- "isActive": true,
- "contactName": "string",
- "contactEmail": "user@example.com",
- "clientId": "string",
- "createdBy": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "updatedBy": "string",
- "updatedAt": "2019-08-24T14:15:22Z",
- "secret": "string"
}caller must have the scop write:ldb
| clientId required | string |
| name | string |
| redirectUris | Array of strings |
| type | string |
| bypassConsent | boolean |
| scope | string^[a-z]+:[a-zA-Z]+(\.[a-zA-Z]+)*(,[a-z]+:[a-zA... |
| accessTokenExpires | integer <int64> |
| refreshTokenExpires | integer <int64> |
| grantType | string Enum: "machine" "visitor" |
| isActive | boolean |
| contactName | string |
| contactEmail | string <email> |
| secret | string |
| updatedBy required | string |
{- "name": "string",
- "redirectUris": [
- "string"
], - "type": "string",
- "bypassConsent": true,
- "scope": "read:ldb,write:ldb",
- "accessTokenExpires": 0,
- "refreshTokenExpires": 0,
- "grantType": "machine",
- "isActive": true,
- "contactName": "string",
- "contactEmail": "user@example.com",
- "secret": "string",
- "updatedBy": "string"
}{- "name": "string",
- "redirectUris": [
- "string"
], - "type": "string",
- "bypassConsent": true,
- "scope": "read:ldb,write:ldb",
- "accessTokenExpires": 0,
- "refreshTokenExpires": 0,
- "grantType": "machine",
- "isActive": true,
- "contactName": "string",
- "contactEmail": "user@example.com",
- "clientId": "string",
- "createdBy": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "updatedBy": "string",
- "updatedAt": "2019-08-24T14:15:22Z"
}