Rebilly User API (2.1)

Download OpenAPI specification:Download

Introduction

This document covers APIs mostly intended for consumption by Rebilly's Frontend GUI app. However, any client is welcome to use these APIs. Our main API docs can be found here.

The Rebilly API is built on HTTP. Our API is RESTful. It has predictable resource URLs. It returns HTTP response codes to indicate errors. It also accepts and returns JSON in the HTTP body. You can use your favorite HTTP/REST library for your programming language to use Rebilly's API, or you can use one of our SDKs (currently available in PHP or Javascript).

Authentication

When you sign up for an account, you are given your first API key. You can generate additional API keys, and delete API keys (as you may need to rotate your keys in the future). You authenticate to the Rebilly API by providing your secret key in the request header.

Rebilly offers three forms of authentication: secret key, publishable key, JSON Web Tokens, and public signature key.

  • Secret API key: used for requests made from the server side. Never share these keys. Keep them guarded and secure
  • Publishable API key: used for requests from the client side.
  • JWT: short lifetime tokens that can be assigned a specific expiration time

Never share your secret keys. Keep them guarded and secure.

JWT

You can create a JSON Web Token (JWT) via our JWT Session resource. Usage format: Bearer <JWT>

Security Scheme Type HTTP
HTTP Authorization Scheme bearer
Bearer format "JWT"

PublishableApiKey

Only for the Tokens resource. You can create a Publishable API Key via our API Keys resource, by specifying the type as publishable.

Security Scheme Type API Key
Header parameter name: Authorization

SecretApiKey

When you sign up for an account, you are given your first secret API key. To do so please follow this link. Also you can generate additional API keys, and delete API keys (as you may need to rotate your keys in the future). All API keys can be restricted to a small set of permissions (restricted API keys).

Security Scheme Type API Key
Header parameter name: REB-APIKEY

SDKs

Javascript SDK

Installation and usage instructions can be found here. SDK code examples are included in these docs.

PHP SDK

For all PHP SDK examples provided in this spec you will need to configure $client. You may do it like this:

$client = new Rebilly\Client([
    'apiKey' => 'YourApiKeyHere',
    'baseUrl' => 'https://api.rebilly.com',
]);

Using filter with collections

Rebilly provides collections filtering. You can use ?filter param on collection to define which records should be shown in the response.

Here is filter format description:

  • Fields and values in filter are separated with :: ?filter=firstName:John.

  • Fields in filter are separated with ;: ?filter=firstName:John;lastName:Doe.

  • You can use multiple values using , as values separator: ?filter=firstName:John,Bob.

  • To negate the filter use !: ?filter=firstName:!John. Note that you can negate multiple values like this: ?filter=firstName:!John,Bob. This filter rule will exclude all Johns and Bobs from the response.

  • You can use range filters like this: ?filter=amount:1..10.

  • You can use gte (greater than or equals) filter like this: ?filter=amount:1.., or lte (less than or equals) than filter like this: ?filter=amount:..10.

  • You can create some predefined values lists and use them in filter: ?filter=firstName:@yourListName. You can also exclude list values: ?filter=firstName:!@yourListName

➔ Next to JWT Session