API docs by Redocly

Westfield Staff Access APIs (1)

Download OpenAPI specification:Download

Summary of Westfield Staff Access API endpoints.

Staff Access

Endpoints related to Staff Access

STAFF MANAGEMENT

Staff with access to Westfield APIs

Returns a list of staff limited to 100 enabled staff by default

Authorizations:
api_key
query Parameters
q
string

Search string

role
string

Limits the result to staff with a specific role

header Parameters
Authorization
required
string^[bB]earer [A-Za-z0-9]{64}$

Staff Access token type and token value.

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Create new staff

Authorizations:
api_key
header Parameters
Authorization
required
string^[bB]earer [A-Za-z0-9]{64}$

Staff Access token type and token value.

Request Body schema: application/json
required
required
object (Staff)

Staff

Responses

Request samples

Content type
application/json
{
  • "staff": {
    }
}

Response samples

Content type
application/json
{
  • "id": 0,
  • "uuid": "string",
  • "okta_id": "string",
  • "first_name": "string",
  • "last_name": "string",
  • "country": "string",
  • "email": "string",
  • "confirmation_token": "string",
  • "confirmed_at": "string",
  • "updated_at": "string",
  • "created_at": "string",
  • "roles": [
    ],
  • "additional_permissions": "string",
  • "metadata": { },
  • "disabled_at": "string"
}

Returns user versions.

Request user versions.

Authorizations:
api_key
path Parameters
uuid
required
integer

User identifier. Request the user version with uuid.

query Parameters
page
integer
Default: 1

Results page number. Specific page of results to request when paginating.

per_page
integer <= 100
Default: 10

Results per page. Number of items per result set when paginating.

sort
Array of strings

Sort results by one or more fields. Change sort order by adding desc or asc after field name.

version_action
string
Enum: "create" "update" "delete"

Version Action. Request the retailer versions with action.

header Parameters
Authorization
required
string^[bB]earer [A-Za-z0-9]{64}$

Staff Access token type and token value.

Responses

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "errors": { },
  • "meta": {
    }
}

A specific staff

Returns a staff

Authorizations:
api_key
path Parameters
uuid
required
string
header Parameters
Authorization
required
string^[bB]earer [A-Za-z0-9]{64}$

Staff Access token type and token value.

Responses

Response samples

Content type
application/json
{
  • "id": 0,
  • "uuid": "string",
  • "okta_id": "string",
  • "first_name": "string",
  • "last_name": "string",
  • "country": "string",
  • "email": "string",
  • "confirmation_token": "string",
  • "confirmed_at": "string",
  • "updated_at": "string",
  • "created_at": "string",
  • "roles": [
    ],
  • "additional_permissions": "string",
  • "metadata": { },
  • "disabled_at": "string"
}

Update a staff.

Request update of a staff from JSON data in the request body.

Authorizations:
api_key
path Parameters
uuid
required
string

User id.

header Parameters
Authorization
required
string^[bB]earer [A-Za-z0-9]{64}$

Staff Access token type and token value.

Request Body schema: application/json
required
required
object (Staff)

Staff

Responses

Request samples

Content type
application/json
{
  • "staff": {
    }
}

Response samples

Content type
application/json
{
  • "data": { },
  • "errors": {
    },
  • "meta": {
    }
}

STAFF AUTH

Create OAuth token.

If you send the grant type client_credentials you must also provide the client_id and client_secret. If you send the grant type password you must also provide the username and password; you may optionally provide client_id and client_secret. If you send the grant type as authorization_code, you must provide the client_id and client_secret along with the code and redirect_uri.

Authorizations:
api_key
Request Body schema: application/json
required
grant_type
required
string

Grant Type

client_id
required
string

OAuth client identifier

client_secret
required
string

OAuth client secret

username
string

Username

password
string

Password

redirect_uri
string

The redirect_uri specified when registering the app and in the /authorize call (must match exactly).

code
string

The code parameter returned by the /authorize step.

scope
string

OAuth Scope

Responses

Request samples

Content type
application/json
{
  • "grant_type": "string",
  • "client_id": "string",
  • "client_secret": "string",
  • "username": "string",
  • "password": "string",
  • "redirect_uri": "string",
  • "code": "string",
  • "scope": "string"
}

Response samples

Content type
application/json
{
  • "access_token": "string",
  • "refresh_token": "string",
  • "token_type": "bearer",
  • "expires_in": 0,
  • "created_at": "2019-08-24T14:15:22Z",
  • "scope": "string"
}

Revoke an OAuth token

Authorizations:
api_key
header Parameters
Authorization
required
string^Basic [A-Za-z0-9]+$

Encode with base64 client_id:client_secret. Then for the authentication use Basic space and encoded client_id:client_secret. Example: "Basic Encode_Base64(client_id:client_secret)"

Request Body schema: application/json
required
token
required
string

Access token

Responses

Request samples

Content type
application/json
{
  • "token": "string"
}

Response samples

Content type
application/json
{
  • "data": { },
  • "errors": {
    },
  • "meta": {
    }
}

Returns Information about an OAuth Access token.

Authorizations:
api_key
query Parameters
access_token
required
string

Responses

Response samples

Content type
application/json
{
  • "scopes": [
    ],
  • "expires_in_seconds": 0,
  • "created_at": "2019-08-24T14:15:22Z",
  • "expires_at": "2019-08-24T14:15:22Z",
  • "session_id": "string",
  • "uuid": "string",
  • "application": {
    },
  • "resource_owner": { }
}