API Docs

This page contains detailed information about the Mirket API guide.

Control Service

The HTTP POST service that needs to be executed right after the user logs in.

Example URL: https://mirketip/api/customapi/control

Request

{ "Username": "sam\mirketlocal1", "UserIp": "122.4.4.1", "AgentHost": "CustomAppHostName", "AgentIp": "123.3.4.55", "ApiKey": "PtGnz/gSYJQcDYmopxmRDRWcyRuMHcL7ALwlvvjBQko=" }

Username: The form in which the user's SAM information needs to be sent. UserIp: IP address of the end-user who made the login request. AgentHost: Name of the platform to which Mirket is connected. AgentIp: IP address of the platform to which Mirket is connected. ApiKey: The API key you have generated in Mirket."

Note: SAM information contained in Username and the ApiKey information will be obtained from the IT administrator.

Response

{ "Username": "sam\mirketlocal1", "UserIp": "122.4.4.1", "AgentHost": "CustomAppHostName", "AgentIp": "123.3.4.55", "Action": "Pass" }

Action: Pass, Denied, Otp, AcceptApprove, DeniedApprove options are available.

  • Pass: The user login request has been approved. The user's login attempt is successful.

  • Denied: The user login request has been denied. The login status is unsuccessful.

  • Otp: Mirket has defined an OTP role for this user. In this case, Sms, Mirket Otp, or offline OTP code is expected from the end-user and sent to the 'validate' service.

    • If Otp is selected, an additional parameter will be included in the response:

    • "MirketState": "d763b05e-29c3-4e1d-b1d4-03619f893234".

    • MirketState: When sending the OTP code, this relevant state information must be sent along with it to the validate service.

  • AcceptApprove: The user has approved the login request via the Mobile App. In this case, the login request is successful.

  • DeniedApprove: The user has denied the login request via the Mobile App or it has timed out. In this case, the login status is unsuccessful.

Validate Service

The OTP code is a verification service. After the login and control services are executed, if the Action parameter is set to OTP, this service should be executed. It is an HTTP POST service.

Example URL: https://mirketip/api/customapi/control

Request

{ "ApiKey": "PtGnz/gSYJQcDYmopxmRDRWcyRuMHcL7ALwlvvjBQko=", "MirketState": "5eb94242-cecb-4cb1-887e-c520a45ccbc6", "Password": "744776" }

ApiKey: The API key you've generated within Mirket. MirketState: The state value given as a response in the control service. Password: The OTP value entered by the end-user.

Response

{ "MirketState": "5eb94242-cecb-4cb1-887e-c520a45ccbc6", "Action": "AcceptOtp" }

MirketState: The value of the state sent in the request. Action: AcceptOtp, Denied, DeniedOtp options are available.

  • AcceptOtp: The value received when the password information is entered correctly. The login process is successful.

  • Denied: The value received in case of an incorrect apikey or a possible service error. The login process is unsuccessful.

  • DeniedOtp: The value returned when the password information is entered incorrectly. The login fails but can be retried at this stage. If the correct code is entered, the user login will be successful.

Example Codes

PHP

     $url = 'https://x.x.x.x/api/customapi/control';
     $curl = curl_init($url);         
     curl_setopt($curl, CURLOPT_URL, $url);         
     curl_setopt($curl, CURLOPT_POST, true);         
     curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
                   
      $headers = array(
           "Accept: application/json",             
           "Content-Type: application/json",          
       );                   
       
       curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);          
       $data = <<<DATA         
       {         
       "Username": "sam\\\\username",         
       "UserIp": "122.4.4.1",         
       "AgentHost": "CustomAppHostName",         
       "AgentIp": "123.3.4.55",         
       "ApiKey": "8QWloEah5EvKYn6FeJmEIbU6zwxeQh5d1PTs5KERIKI="  
       }         
       DATA;          
       
       curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
                   
       curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);      
       curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);         
       
       $resp = curl_exec($curl);                  
       
       curl_close($curl);          
       
       echo $resp;

.NET C#

ServicePointManager.ServerCertificateValidationCallback += (sender, certificat e, chain, sslPolicyErrors) => true; 
using (HttpClient client = new HttpClient()) 
{     
      string now = DateTime.Now.ToString("ddMMyyyyhhmmss");
      
      RequestControl request = new RequestControl();
      request.Username = "sam\\\\username";
      request.UserIp = "122.4.4.1";     
      request.AgentHost = "CustomAppHostName";     
      request.AgentIp = "123.3.4.55";     
      request.ApiKey = "8QWloEah5EvKYn6FeJmEIbU6zwxeQh5d1PTs5KERIKI=";
      
      var myContent = JsonConvert.SerializeObject(request);
      
      var buffer = Encoding.UTF8.GetBytes(myContent);    
      var byteContent = new ByteArrayContent(buffer);      
      
      byteContent.Headers.ContentType = new MediaTypeHeaderValue("application/js on");
      
      var response = client.PostAsync("https://x.x.x.x/api/customapi/control", b yteContent).Result;
}

Java

try {
    // Create a trust manager that does not validate certificate chains     
    TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
         public java.security.cert.X509Certificate[] getAcceptedIssuers() {
             return null;         
         }         
         public void checkClientTrusted(X509Certificate[] certs, String authTyp e) {
         }         
         public void checkServerTrusted(X509Certificate[] certs, String authTyp e) {
         }     
    }};      
    
    // Install the all-trusting trust manager
    SSLContext sc = SSLContext.getInstance("SSL"); 
    sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());      
    
    // Create all-trusting host name verifier 
    HostnameVerifier allHostsValid = new HostnameVerifier() {
    public boolean verify(String hostname, SSLSession session) {         
        return true;     
        } 
    };      
    
    // Install the all-trusting host verifier 
    HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);  
    
    URL url = new URL("https://x.x.x.x/api/customapi/control"); 
    HttpURLConnection conn = (HttpURLConnection) url.openConnection(); 
    conn.setDoOutput(true); 
    conn.setRequestMethod("POST"); 
    conn.setRequestProperty("Content-Type", "application/json");
    
    Gson gson = new Gson(); 
    RequestControl requestControl = new RequestControl(); 
    requestControl.setUsername("sam\\username"); 
    requestControl.setUserIp("122.4.4.1"); 
    requestControl.setAgentHost("CustomAppHostName"); 
    requestControl.setAgentIp("123.3.4.55");
requestControl.setApiKey("8QWloEah5EvKYn6FeJmEIbU6zwxeQh5d1PTs5KERIKI=");  
    
    String jsonRequestControl = gson.toJson(requestControl); 
    OutputStream os = conn.getOutputStream();
    os.write(jsonRequestControl.getBytes()); 
    os.flush();
    
    BufferedReader br = new BufferedReader(new InputStreamReader(         
        (conn.getInputStream())));  
        
    StringBuilder responseJson = new StringBuilder(); 
    String output; 
    System.out.println("Output from Server .... \n"); 
    while ((output = br.readLine()) != null) {     
        responseJson.append(output); 
    }  
    
    System.out.println(responseJson.toString());
    
    conn.disconnect();
} catch (Exception e) {
    System.out.println(e.getMessage());
}

Related Topics

API Rules

API Logging

PreviousAPI RulesNextProviders

Last updated