Rebilly User API (latest)
Download OpenAPI specification:Download
This document covers APIs mostly intended for consumption by Rebilly's Frontend GUI app. However, any client is welcome to use these APIs. Our main API docs can be found here.
The Rebilly API is built on HTTP. Our API is RESTful. It has predictable resource URLs. It returns HTTP response codes to indicate errors. It also accepts and returns JSON in the HTTP body. You can use your favorite HTTP/REST library for your programming language to use Rebilly's API, or you can use one of our SDKs (currently available in PHP or Javascript).
This topic describes the different forms of authentication that are available in the Rebilly API, and how to use them.
Rebilly offers four forms of authentication: secret key, publishable key, JSON Web Tokens, and public signature key.
- Secret API key: Use to make requests from the server side. Never share these keys. Keep them guarded and secure.
- Publishable API key: Use in your client-side code to tokenize payment information.
- JWT: Use to make short-life tokens that expire after a set period of time.
JWT
JWT is a short lifetime token that can be assigned a specific expiration time. To create a JWT session, see JWT session resource.
Usage format: Bearer <JWT>.
ApplicationJWT
Applications in the Rebilly App Store can create a JSON Web Token (JWT) by fetching an user's instance. For more information, see Retrieve an application instance.
Usage format: Bearer <JWT>.
PublishableApiKey
This authentication method is applicable to specific operations.
To create a publishable API key, see Create an API key.
CustomerJWT
To create a JSON Web Token (JWT) using Storefront authentication, see Create a session with username and password.
Usage format: Bearer <JWT>.
To create or manage API keys, select one of the following:
- Use the Rebilly UI: see Manage API keys
- Use the Rebilly API: see the API key operations.
For more information on API keys, see API keys.
Installation and usage instructions can be found here. SDK code examples are included in these docs.
For all PHP SDK examples provided in this spec you will need to configure $client.
You may do it like this:
$client = new Rebilly\Client([
'apiKey' => 'YourApiKeyHere',
'baseUrl' => 'https://api.rebilly.com',
]);
Rebilly provides collections filtering. You can use ?filter param on collection to define which records should be shown in the response.
Here is filter format description:
Fields and values in filter are separated with
::?filter=firstName:John.Fields in filter are separated with
;:?filter=firstName:John;lastName:Doe.You can use multiple values using
,as values separator:?filter=firstName:John,Bob.To negate the filter use
!:?filter=firstName:!John. Note that you can negate multiple values like this:?filter=firstName:!John,Bob. This filter rule will exclude all Johns and Bobs from the response.You can use range filters like this:
?filter=amount:1..10.You can use gte (greater than or equals) filter like this:
?filter=amount:1.., or lte (less than or equals) than filter like this:?filter=amount:..10.You can create some specified values lists and use them in filter:
?filter=firstName:@yourListName. You can also exclude list values:?filter=firstName:!@yourListName.