API docs by Redocly

Beat Technology Core API Documentation (2.0.0)

Download OpenAPI specification:

License: Commercial

General notes

API consumers

  • 1. End-user apps (customers)
    • Web frontend users (visitors, authenticated users)
    • Mobile app users (visitors, authenticated users)
    • STB users (visitors, authenticated users)
  • 2. Backoffice app (support team)
  • 3. Partner integrations (subscription management)

Endpoints

  • Production environment: `https://api.{service-domain}/v2/{resource}`
  • Staging: environment: `https://api.dev.{service-domain}/v2/{resource}`

UTF-8 encoding

Both Request and Response should be UTF-8 encoded.

Data formats

id - string

This property uniquely identifies a resource. Every resource of a given kind will have a unique id. Even though an id may sometimes look like a number, it should always be treated as a string.

date - string

UTC. Complete date: YYYY-MM-DD (eg 1997-07-16)

datetime - string

UTC. Complete date plus hours, minutes and seconds: YYYY-MM-DDThh:mm:ssTZD (eg 1997-07-16T19:20:30Z), compliant with http://www.w3.org/TR/NOTE-datetime.

Where:

  • YYYY = four-digit year
  • MM = two-digit month (01=January, etc.)
  • DD = two-digit day of month (01 through 31)
  • hh = two digits of hour (00 through 23) (am/pm NOT allowed)
  • mm = two digits of minute (00 through 59)
  • ss = two digits of second (00 through 59)
  • TZD = time zone designator (Z ONLY)

NOTE:

  1. no decimal fraction of a second
  2. TZD is ''Z'' ONLY, no ''+hh:mm'' or ''-hh:mm''

url - string

  • Fully specified urls only.

Image sizes

  • Cover arts: `33, 50, 52, 75, 100, 175, 180, 182, 200, 350, 500* and 800* pixels` (* - Cover art at this size is not available for some releases)
  • Artist pictures: `150, 200 and 300 pixels`.

Naming conventions

  • URL/URI - lower case, underscore.
  • JSON parameters - lower case, underscore.

Request

Content-Type

  • `v2/oauth2` OAuth2 API:
    • `Content-Type: application/x-www-form-urlencoded` - see OAuth2 API spec for details
  • `v2/*` API (all endpoints except `v2/oauth2`):
    • `Content-Type: application/json` - body of POST/PUT request and body of the response is JSON-encoded
    • **DO NOT USE** browser's default `Content-Type: application/x-www-form-urlencoded`.
    • Use for instance `JSON.stringify` function in JavaScript and always set the `Content-Type: application/json` header.

Pagination

Lists or search results are paginated. Pagination based on Range headers with custom range unit depends on resource.

Headers according to HTTP/1.1 RFC:

Defaults: \n * Offset: 0. \n * Max page size: 10, 20, 100, 200 or 1000 items.

Note inconsistency in RFC between formats:

Range: tracks=0-49 \n Content-Range: tracks 0-49/*

NOTES from RFC:

  • Content-Range: unit SP (first-pos ''-'' last-pos) ''/'' (instance-length | ''*'')
  • A server sending a response with status code 416 (Requested range not satisfiable) SHOULD include a Content-Range field with ''*''.
  • A response with status code 206 (Partial Content) MUST NOT include a Content-Range field with ''*''.
  • The instance-length specifies the current length of the selected resource (known number of accessible items in the collection).

IMPORTANT

  • There is next range/page available if instance-length > last-pos + 1.
  • There is no next range/page available (last page reached) if instance-length >= last-pos + 1.
  • Actual number of items in the response can be less than announced by Content-Range fields: (last-pos - first-pos + 1). Example: the result can contain less than 20 tracks even if Content-Range is 40-59. Each result page can contain just part of requested range, but Content-Range header is always represents full range (correct case: request with Range 30-59 >> 2 tracks in response body + Content-Range 30-59/60).

Examples:

// first search query = get first 20 tracks (20 is default value)
// NOTE: the result can contain less than 20 tracks even if Content-Range is 0-19.

Request:
  GET /v2/tracks?query=gaga
  
Response:
  206 Partial Content
  Accept-Ranges: tracks
  Content-Range: tracks 0-19/21 // 21>19+1 => next page exists
  { \n \t\t \"tracks\": [{},{},...] \n \t }

// get second 20 tracks (20-39 - inclusive)
// NOTE: the result can contain less than 20 tracks even if Content-Range is 20-39.

Request:
  GET /v2/tracks?query=gaga
  Range: tracks=20-39
  
Response:
  206 Partial Content \n \t Accept-Ranges: tracks \n\t Content-Range: tracks 20-39/41 // 41>39+1 => next page exists \n\t {...}

// get third 20 tracks (40-59 - inclusive)
// NOTE: the result can contain less than 20 tracks even if Content-Range is 40-59.

Request:
  GET /v2/tracks?query=gaga
  Range: tracks=40-59

Response:
  206 Partial Content
  Accept-Ranges: tracks
  Content-Range: tracks 40-59/61 // 61>59+1 => next page exists \n\t {...}

// error: invalid range

Request:
  GET /v2/tracks?query=gaga
    Range: tracks=1000-999
    
    Response:
      416 Requested Range Not Satisfiable
    {}

Custom HTTP headers

  • [DEPRECATED] X-User-Id (optional) Beat User ID. MUST be included into each authenticated request to Beat API on behalf of end user. Needed for request routing, but not for authentication.
  • [DEPRECATED] X-Client-Id (optional) Header can be used for request routing as well as for providing client-specific data. Header should be included into each request.
  • X-Country (optional) Some data (products, catalog metadata) can be country-specific, client may provide country code in the header. Format: a two-letter code according to (ISO 3166-1 alpha-2)[https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2]
  • X-Include (optional) Specify which additional sub-objects to include in aresponse. The value is a comma-separated list of object names. Valid names are: release-reviews, release-tracks, release-notes, release-prices, track-prices, group-releases, group-banners
  • X-Release-Cover-Sizes (optional) Header specifies sizes for Release cover basic objects. See Basic response objects section for details.
  • X-Artist-Image-Sizes (optional) Header specifies sizes for Artist image basic objects. See Basic response objects section for details.
  • X-Actor-Image-Sizes (optional) Header specifies sizes for Actor image objects. See Basic response objects section for details.
  • [DEPRECATED] X-Audio-Formats deprecated in favour of X-Stream-Formats
  • X-Stream-Formats (optional) Header specifies stream quality. See v2/streams/online and v2/streams/offline for details. The value is a comma-separated list of object names. Valid names are: */high, */normal, */low, h264/*.
  • X-Shop (optional) A shop is a named group of catalog metadata, mainly releases and tracks. Several endpoints support filtering on shops. In this case, if a a shop filter is specified, the entity is only returned if the release is actually a member of that shop – otherwise, 404 is returned. If a shop is not specified, the entity can always be returned as long as it has not been taken down OR it falls back to default shop. Default shop and list of supported shops are service specific. Special value X-Shop: all specifies not filtering on shops at all and not using the default shop.

Response

Response body is JSON-encoded.

Format conventions

Root object of response is a namespace for keys (always a hash, not an array):

{tracks:[{track:{...}}, {track:{...}}]} // no
{tracks:[{...}, {...}]} // yes
{title: 'value'} // no \n {track: {title:'value'}} // yes

HTTP error codes

  • 400 Bad Request - Invalid input parameter. Error message should indicate which one and why.
  • 401 Unauthorized - Bad or expired token. This can happen if the user or Beat revoked or expired an access token. To fix, you should re-authenticate the user.
  • 403 Forbidden - Bad OAuth request. Check request signature, timestamp, etc.
  • 404 Not Found - Requested resource/object is not exists.
  • 405 Method Not Allowed - Request method not expected (generally should be GET or POST).
  • 5xx Server error. Check status page or report a bug.

Error response example

{
  "error": "exception", // required
  "error_description": {string}, // required
  "error_developer": {object} // optional
}

[TODO] Partial response (reserved for future)

By default, the server sends back the full representation of a resource after processing requests. For better performance, you can ask the server to send only the fields you really need and get a partial response instead.

Format of fields parameter based on XPath syntax.

Example request:

1) Option (preferred)
  GET /v2/releases \n\t X-Fields: id,tracks(id,title,covers,artist/cover)

2) Option
  GET /v2/releases?fields=id,tracks(id,title,covers,artist/cover) \n\t NOTE: fields - must be URL encoded

HTTP 400 Bad Request - if fields query parameter is invalid

CORS support

The API supports Cross Origin Resource Sharing (CORS) for AJAX requests.

Here’s a sample request sent from a browser hitting http://example.com:

$ curl -i https://api.beat.no -H \"Origin: http://example.com\"
HTTP/1.1 302 Found \n Location: https://developer.beat.no

Any domain that is registered as an OAuth Application is accepted. Here’s a sample request for a browser hitting beat.no web app:

$ curl -i https://api.beat.no -H \"Origin: http://beat.no\"
HTTP/1.1 302 Found
Location: https://developer.beat.no
Access-Control-Allow-Origin: http://beat.no
Access-Control-Expose-Headers: Content-Range, Link, X-RateLimit-Limit, X-RateLimit-Remaining, X-OAuth-Scopes, X-Accepted-OAuth-Scopes
Access-Control-Allow-Credentials: true

This is what the CORS preflight request looks like:

$ curl -i https://api.beat.no -H \"Origin: http://beat.no\" -X OPTIONS
HTTP/1.1 204 No Content
Access-Control-Allow-Origin: http://beat.no
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-Release-Cover-Sizes, X-Artist-Image-Sizes, X-Stream-Formats, Authorization, X-User-Id, Range
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE
Access-Control-Expose-Headers: Content-Range, Link, X-RateLimit-Limit, X-RateLimit-Remaining, X-OAuth-Scopes, X-Accepted-OAuth-Scopes
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true

Base flows

Authorization flow example

Authorization is based on OAuth2. Every request must include Authorization header.

POST /v2/someresource
Authorization: Bearer <access-token> // required, example: 5aa5cf3e75fb05b1400a024e2e748b40320a4ae8

Activation flow example

  • GET /v2/users?msisdn=4742424242
  • POST /v2/users -> user_id
  • POST /v2/users/:user_id/migrations + {product_id=13} -> sub_id

Deactivation flow example

  • GET /v2/users?msisdn=4742424242
  • GET /v2/users/:user_id/subscriptions?product_id=13
  • DELETE /v2/users/:user_id/subscriptions/:sub_id

Subscription management overview

Authorization

Get access token

>>>
POST /v2/oauth2/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials
&client_id=APP_ID
&client_secret=APP_SECRET

<<<
HTTP/1.1 200 OK
Content-Type: application/json
{
  "access_token":"2YotnFZFEjr1zCsicMWpAA",
  "expires_in":3600,
  "token_type":"bearer",
  "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA" // optional
}

Following requests to API resources should include Authorization header.

POST v2/resource
Authorization: Bearer <access-token>

List of products

>>>
GET /v2/products

<<<
206 Partial Content
{
  "products": [{Product}]
}

Create user

>>>>
POST /v2/users
{
  "msisdn": {string}, // optional
  "firstname": {string}, // optional
  "lastname": {string}, // optional
  "email": {string}, // optional
}

<<<<
409 Conflict - if msisdn is already registered
{}

201 Created
{
  "user": {User}
}

Activate subscription

>>>
POST /v2/users/:user_id/migrations
{
  "product_id": {string},
  "renewable": {boolean} // optional, defaults to true, whether new subscription should renew or not
}

<<<<
201 Created // success, activated
{}

List of subscriptions

>>>
GET /v2/users/:user_id/subscriptions

<<<
206 Partial Content
{
  "subscriptions": [{Subscription}]
}

Stop/resume subscription

>>>
PATCH /v2/users/:user_id/subscriptions/:subscription_id
{
  "state": {int}
}

<<<
200 OK // success
{
  "subscription": {
      "expiry_date": {datetime|null},
      "next_billing_date": {datetime|null},
      "state": {int}
      ...
  }
}

Use one of the following state values:

  • pass 3 to resume stopped subscription
  • pass 6 to stop subscription, it will expire in the end of period

Deactivate subscription

>>>
DELETE v2/users/:user_id/subscriptions/:subscription_id

<<<
200 OK // success, deactivated
{}

Actor

Operations around actors

Fetch actors by role

For now, a role filter has to be specified.

Actors with the current role in at least one of the currently live releases in the catalog are returned. Role can be the name of any role known to exist in the catalog. If it does not exist, an empty collection is returned. Significant roles includes:

  • main-artist for music services
  • author for audio book services
Authorizations:
None
query Parameters
role
required
string
header Parameters
X-Actor-Image-Sizes
string
Range
string

Responses

Response samples

Content type
application/json
{
  • "actors": [
    ]
}

Post actor image

Authorizations:
None
path Parameters
actor_id
required
string
Request Body schema: multipart/form-data
image
string <binary>

Jpeg image of an actor

Responses

Response samples

Content type
application/json
{ }

Artist

Operations around artists

Fetch artist by ID

Authorizations:
None
path Parameters
artist_id
required
string
header Parameters
X-Artist-Image-Sizes
string

Responses

Response samples

Content type
application/json
{
  • "artist": {
    }
}

Patch artist

Favourite / unfavourite artist

Assume the operation is always a success.

Add any custom HTTP headers (like for the GET request, ex: X-Release-Cover-Sizes, X-Artist-Image-Sizes and others) in order to receive necessary data in the response.

Server logic:

IMPORTANT PATCH request is responsible for merging object received from client and object stored on server. Server resolves conflicts if there is any. The response from PATCH will contain the ,merged version of the object in that case. See User Changes API for the details.

Authorizations:
None
path Parameters
artist_id
required
string
header Parameters
X-Artist-Image-Sizes
string
X-Base-Change
integer

base change id, defaults to 0 server side

X-Change-Timestamp
string

time of change in UTC, defaults to current time on the backend

Request Body schema: application/json
favourite
boolean

Responses

Request samples

Content type
application/json
{
  • "favourite": true
}

Response samples

Content type
application/json
{
  • "artist": {
    }
}

Fetch artist biography

Fetch artist biography, link to the full biography and additional artist image.

Authorizations:
None
path Parameters
artist_id
required
string

Responses

Response samples

Content type
application/json
{
  • "bio": {
    }
}

Update artist biography

Authorization: Requires editorial admin token.

Authorizations:
None
path Parameters
artist_id
required
string
Request Body schema: application/json
content
required
string

full text of artist biography

Responses

Request samples

Content type
application/json
{
  • "content": "string"
}

Response samples

Content type
application/json
{
  • "bio": {
    }
}

Full text search for artists

Response can be paginated based on Range headers.

Authorizations:
None
query Parameters
query
required
string
header Parameters
Range
string

artists=20-39 (inclusive)

X-Artist-Image-Sizes
string

Responses

Response samples

Content type
application/json
{
  • "artists": [
    ]
}

Fetch featured artists

  • Pagination: 0-20

  • Authorization: User token or App token

Authorizations:
None
header Parameters
X-Artist-Image-Sizes
string
Range
string

Responses

Response samples

Content type
application/json
{
  • "artists": [
    ]
}

Reorder featured artists

Authorization: Requires editorial admin token.

Authorizations:
None
header Parameters
X-Artist-Image-Sizes
string
Request Body schema: application/json
required
Array of objects (id_object)

Responses

Request samples

Content type
application/json
{
  • "artists": [
    ]
}

Response samples

Content type
application/json
{
  • "artists": [
    ]
}

List top releases for given artist

Response can be paginated based on Range headers.

Authorizations:
None
path Parameters
artist_id
required
string
query Parameters
types
string

comma-separated list or release types, it may include shortened audio or video values:

  • audio is equivalent of album,single,
  • video is equivalent of video-album,video-single

(see Release API for details)

role
string

filers releases on actor role

header Parameters
Range
string
X-Release-Cover-Sizes
string
X-Actor-Image-Sizes
string
X-Includes
string

Responses

Response samples

Content type
application/json
{
  • "releases": [
    ]
}

List top tracks for given artist

Response can be paginate based on Range headers.

Authorizations:
None
path Parameters
artist_id
required
string
query Parameters
role
string

filters tracks on actor role

header Parameters
Range
string
X-Release-Cover-Sizes
string
X-Actor-Image-Sizes
string

Responses

Response samples

Content type
application/json
{
  • "tracks": [
    ]
}

Authentication

API implements OAuth 2.0 protocol for authentication.

Each request to API resources requires an access_token. There are a few ways to get access token depending on client type.

Mobile Apps or Web Apps use authentication by username/password.

Access Tokens

  • User Access Token - token associated with user id - can be requested by:
    • `grant_type=password`
    • `grant_type=clone_token`
    • `grant_type=signed_msisdn`
    • `grant_type=coupon`
    • `grant_type=verification_code`
    • `grant_type=account_user`
    • `grant_type=openid_handle`
  • App Access Token can be requested by:
  • `grant_type=client_credentials`

User Tokens

IMPORTANT. The duration of access_token, refresh_token, scope is unspecified and can be changed at any time. So clients have to expect any duration at any moment in the future (i.e. data type should be considered as a TEXT in terms of SQL).

Authentication by User Password (grant_type=password)

Flow: 4.3 Resource Owner Password Credentials Grant.

NOTE: Authentication by user password is an exceptional case and such flow should only be enabled for selected applications. All other the third-party applications MUST use another ways described below.

Request:
  POST /v2/oauth2/token HTTP/1.1
  Content-Type: application/x-www-form-urlencoded
  
  grant_type=password
  &username=<msisdn|email>
  &password=<password>
  &client_id=APPLICATION_ID
  &client_secret=APPLICATION_SECRET
  
Response:
  HTTP/1.1 200 OK
  Content-Type: application/json;charset=UTF-8
  Cache-Control: no-store
  Pragma: no-cache
  {
    "access_token":"2YotnFZFEjr1zCsicMWpAA",
    "expires_in":3600,
    "token_type":"example", // bearer
    "scope": "" // optional
    "refresh_token":"tGzv3JOkF0XG5Qx2TlKWI\", // optional
    "user_id":"5667asdf" // optional, beat user id - included if access_token generated for authenticated user
  }

Authentication by Signed MSISDN (grant_type=signed_msisdn)

Issue new access token based on signed MSISDN. Used to support Web App's passwordless login for Gakk Media (Robi Web App and others).

SECURITY NOTE: Enabled for Bangladesh phone numbers only at the moment. SECURITY NOTE: Signature can only be generated by nginx based on specific authorization headers provided by carrier's networks. It makes possible to login to the app without typing of password. See nginx configuration for signature generation procedure.

Request:
  POST /v2/oauth2/token HTTP/1.1
  Content-Type: application/x-www-form-urlencoded
  
  grant_type=signed_msisdn
  &msisdn=8801600000199
  &msisdn_signature=87r1uhasdyfp13jskfd
  &client_id=APPLICATION_ID
  &client_secret=APPLICATION_SECRET
  
Response:
  HTTP/1.1 200 OK
  Content-Type: application/json;charset=UTF-8
  Cache-Control: no-store
  Pragma: no-cache
  {
    "access_token":"2YotnFZFEjr1zCsicMWpAA",
    "token_type":"example",
    "expires_in":3600,
    "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA",
    "user_id":"5667asdf" // beat user id
  }

[DEPRECATED] Authentication by coupon code (grant_type=coupon)

Request:
  POST /v2/oauth2/token HTTP/1.1
  Content-Type: application/x-www-form-urlencoded
  
  grant_type=coupon
  &code=test1
  &client_id=APPLICATION_ID
  &client_secret=APPLICATION_SECRET
  
Response:
  HTTP/1.1 200 OK
  Content-Type: application/json;charset=UTF-8
  Cache-Control: no-store
  Pragma: no-cache
  {
    "access_token":"2YotnFZFEjr1zCsicMWpAA",
    "token_type":"example",
    "expires_in":3600,
    "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA",
    "user_id":"5667asdf" // beat user id
  }

Authentication by verification code (grant_type=verification_code)

Code can be generated and optionally send to customer by POST v2/codes.

Request:
  POST /v2/oauth2/token HTTP/1.1
  Content-Type: application/x-www-form-urlencoded
  
  grant_type=verification_code
  &msisdn=0029133437595305 // optional, one of msisdn or user_id should present
  &user_id=1111 // optional, one of msisdn or user_id should present
  &code=1234
  &client_id=APPLICATION_ID
  &client_secret=APPLICATION_SECRET
  
Response:
  HTTP/1.1 200 OK
  Content-Type: application/json;charset=UTF-8
  Cache-Control: no-store
  Pragma: no-cache
  {
    "access_token":"2YotnFZFEjr1zCsicMWpAA",
    "token_type":"example",
    "expires_in":3600,
    "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA",
    "user_id":"5667asdf" // beat user id
  }

Cross-client Authentication (grant_type=clone_token)

Clone user token for the usage by the new client.

The grant_type=clone_token can be used to issue new access_token for the new client based on access_token issued by the different client (both clients are from the same project). The new issued access_token will always have the same associated user_id.

NOTE: Use grant_type=refresh_token to issue access_token for the same client.

Request:
  POST /v2/oauth2/token HTTP/1.1
  Content-Type: application/x-www-form-urlencoded
  
  grant_type=clone_token
  &access_token=2YotnFZFEjr1zCsicMWpAA // access token issued with another client credentials from the same project
  &client_id=APPLICATION_ID
  &client_secret=APPLICATION_SECRET

Response:
  HTTP/1.1 200 OK
  Content-Type: application/json;charset=UTF-8
  Cache-Control: no-store
  Pragma: no-cache
  {
    "access_token":"087fashf34h7adysfy", // new token with the same user_id
    "expires_in":3600,
    "token_type":"example", // bearer
    "scope": "" // optional
    "refresh_token":"dfq4lajw78152345sfga", // optional
    "user_id":"5667asdf" // optional, beat user id - included if access_token generated for authenticated user
  }

Switching between account users (profiles) (grant_type=account_user)

Request:
  POST /v2/oauth2/token HTTP/1.1
  Content-Type: application/x-www-form-urlencoded
  
  grant_type=account_user
  &access_token=<access_token> // access token of one of account users (profiles)
  &user_id=<target_user_id> // id of target profile-user within the same account
  &client_id=APPLICATION_ID
  &client_secret=APPLICATION_SECRET
  
Response:
HTTP/1.1 200 OK
Content-Type: application/json;charset=UTF-8
Cache-Control: no-store
Pragma: no-cache
{
  "access_token":"087fashf34h7adysfy", // new token with the same user_id
  "expires_in":3600,
  "token_type":"example", // bearer
  "scope": "" // optional
  "refresh_token":"dfq4lajw78152345sfga", // optional
  "user_id":"5667asdf" // optional, beat user id - included if access_token generated for authenticated user
}

Authentication by OpenID auth session handle (grant_type=openid_handle)

This option is used to authenticate by a previously-started OpenID session. The handle is a value that retrieved during the first step of this process. Use this call only after the OpenID callback is finished.

Request:
  POST /v2/oauth2/token HTTP/1.1
  Content-Type: application/x-www-form-urlencoded
  
  grant_type=openid_handle
  &handle=<handle>
  &client_id=APPLICATION_ID
  &client_secret=APPLICATION_SECRET
  
Response:
  HTTP/1.1 200 OK
  Content-Type: application/json;charset=UTF-8
  Cache-Control: no-store
  Pragma: no-cache
  {
    "access_token":"2YotnFZFEjr1zCsicMWpAA",
    "expires_in":3600,
    "token_type":"example", // bearer
    "scope": "" // optional
    "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA", // optional\_
    "user_id":"5667asdf" // optional, beat user id - included if access_token generated for authenticated user
  }

TODO

App Tokens

App tokens are used to make requirests to Beat APIs on behalf of an app rather than a user. This can be useful to provide "visitor mode" in the apps.

Authentication by Client Credentials (grant_type=client_credentials)

Request:
  POST /v2/oauth2/token HTTP/1.1
  Content-Type: application/x-www-form-urlencoded
  
  grant_type=client_credentials
  &client_id=APPLICATION_ID
  &client_secret=APPLICATION_SECRET
  
Response (the same as for grant_type=password):
  HTTP/1.1 200 OK
  Content-Type: application/json;charset=UTF-8
  Cache-Control: no-store
  Pragma: no-cache
  {
    "access_token":"2YotnFZFEjr1zCsicMWpAA",
    "expires_in":3600,
    "token_type":"example", // bearer
    "scope": "", // optional
    // NOTE: no refresh_token field
  }

Refreshing Tokens (grant_type=refresh_token)

Access tokens have a limited lifetime and can be refreshed when required without asking the user to login again to get new token.

Request:
  POST /v2/oauth2/token HTTP/1.1
  Content-Type: application/x-www-form-urlencoded
  
  grant_type=refresh_token
  &refresh_token=tGzv3JOkF0XG5Qx2TlKWIA
  &client_id=APPLICATION_ID
  &client_secret=APPLICATION_SECRET

Response (the same as for grant_type=password):
  HTTP/1.1 200 OK
  Content-Type: application/json;charset=UTF-8
  Cache-Control: no-store
  Pragma: no-cache
  {
    "access_token":"2YotnFZFEjr1zCsicMWpAA",
    "expires_in":3600,
    "token_type":"example", // bearer
    "scope": "", // optional
    "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA" // optional
  }

Install Referrer support

Introduced mainly to support Google Play Install Referrer API.

There is an optional parameter to help tracking of install events. When user logs in to the app, client app may specify install_referrer string param provided by Google Play services.

IMPORTANT FOR CLIENTS: App should add install_referrer param only once and must clean it on after successful log in, so repeated log ins should not be tracked/rewarded.

Example:

Request:
  POST /v2/oauth2/token HTTP/1.1
  Content-Type: application/x-www-form-urlencoded
  
  grant_type=password
  &username=johndoe
  &password=A3ddj3w
  &client_id=APPLICATION_ID
  &client_secret=APPLICATION_SECRET,
  &install_referrer=u_12345
  
Response:
  HTTP/1.1 200 OK
  Content-Type: application/json;charset=UTF-8
  Cache-Control: no-store
  Pragma: no-cache
  {
      "access_token":"2YotnFZFEjr1zCsicMWpAA",
      "expires_in":3600,
      "token_type":"example", // bearer
      "scope": "" // optional
      "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA", // optional
      "user_id":"5667asdf" // optional, beat user id - included if access_token generated for authenticated user
  }

OAuth 2.0 Authentication Flows

API implements OAuth 2.0 protocol for authentication.\n\nEach request to API resources requires an access_token. Mobile Apps or Web Apps use authentication by username and password.

User Access Tokens:

  • grant_type=password
  • grant_type=signed_msisdn
  • grant_type=coupon
  • grant_type=verification_code
  • grant_token=clone_token
  • grant_token=account_user
  • grant_token=openid_handle

App Access Token:

  • grant_type=client_credentials
Authorizations:
None
Request Body schema: application/x-www-form-urlencoded
grant_type
required
string

type of access token

username
string

flow: password

password
string

flow: password

msisdn
string

flows: [signed_msisdn, verfication_code, ]

msisdn_signature
string

flow: signed_msisdn

code
string

flows: [verification_code, grant_type=coupon]

user_id
string

flows: [account_user, verification_code (options for verification_code: supply user_id OR msisdn)]

access_token
string

flows: [clone_token, account_user]

handle
string

flow: openid_handle

refresh_token
string

flow: refresh_token

scope
string

( optional )

client_id
string

APPLICATION_ID

client_secret
string

APPLICATION_SECRET

Responses

Response samples

Content type
application/json
{
  • "example_password": {
    },
  • "example_msisdn": {
    },
  • "example_coupon": {
    },
  • "example_verfication": {
    },
  • "example_cross_client": {
    },
  • "example_account_user": {
    },
  • "example_openid": {
    },
  • "example_client_credentials": {
    },
  • "example_refresh": {
    }
}

Create new authentication context

Authorizations:
None
Request Body schema: application/json
partner_id
required
string

ID of the partner

redirect_url
string

URL to redirect to after authentication

Responses

Request samples

Content type
application/json
{
  • "partner_id": "string",
  • "redirect_url": "string"
}

Response samples

Content type
application/json
{
  • "context": {
    }
}

Callback for OpenID auth

Authorizations:
None
query Parameters
state
string
code
string

Responses

Response samples

Content type
application/json
{ }

Finish OpenID auth session

Authorizations:
None

Responses

Banners

Operations around banners

List all banners available to a specific client

Authorizations:
None
query Parameters
filter_empty
boolean

Controls what banners to return. If set to true won't return banners that refers not existing entities.

header Parameters
X-Actor-Image-Sizes
string
X-Artist-Image-Sizes
string
X-Banner-Image-Sizes
string
X-Release-Cover-Sizes
string
X-Include
string
Range
string

Responses

Response samples

Content type
application/json
{
  • "banners": [
    ]
}

Create a new banner

Access token requires special permission.

Authorizations:
None
header Parameters
X-Actor-Image-Sizes
string
X-Artist-Image-Sizes
string
X-Banner-Image-Sizes
string
X-Release-Cover-Sizes
string
Request Body schema: application/json
link_type
required
string
Enum: "release" "artist" "banner-group" "release-group" "series" "url" "paginated-release-group"
link_value
required
string

Responses

Request samples

Content type
application/json
{
  • "link_type": "release",
  • "link_value": "string"
}

Response samples

Content type
application/json
{
  • "banner": {
    }
}

Fetch a banner by ID

Authorizations:
None
path Parameters
banner_id
required
string
header Parameters
X-Artist-Image-Sizes
string
X-Actor-Image-Sizes
string
X-Banner-Image-Sizes
string
X-Release-Cover-Sizes
string
X-Include
Array of strings (schema)

Responses

Response samples

Content type
application/json
{
  • "banner": {
    }
}

Update a banner by ID

Access token requires special permissions.

Authorizations:
None
path Parameters
banner_id
required
string
header Parameters
X-Artist-Image-Sizes
string
X-Actor-Image-Sizes
string
X-Banner-Image-Sizes
string
X-Release-Cover-Sizes
string
Request Body schema: application/json
link_type
required
string
Enum: "release" "artist" "banner-group" "release-group" "series" "url"
link_value
required
string
title
string
subtitle
string

Responses

Request samples

Content type
application/json
{
  • "link_type": "release",
  • "link_value": "string",
  • "title": "string",
  • "subtitle": "string"
}

Response samples

Content type
application/json
{
  • "banner": {
    }
}

Batch

Batch operation

Batching multiple requests Deprecated

Inspired by:

LIMIT: max 20 subrequests allowed.

Server logic:

IMPORTANT PATCH request is responsible for merging object received from client and object stored on server. Server resolves conflicts if there is any. The response from PATCH will contain the merged version of the object in that case. See Changes API for the details.

Authorizations:
None
Request Body schema: application/json
Array of objects <= 20 items

Responses

Request samples

Content type
application/json
{
  • "example 1": {
    },
  • "example 2": {
    },
  • "example 3": {
    }
}

Response samples

Content type
application/json
[
  • {
    }
]

Billing

Workflow to save card to user account

  1. Authorize user using Auth API
  2. POST v2/billing/setupintents - get key necessary to collect card details on the client side
  3. POST v2/billing/paymentmethods - saves card to user account
  4. Activate product via Migration API

Create a Payment Intent

Create a setup intent.

Create setup intent to collect payment method (card) details on the client side. Card details then has to be exchanged to a payment method reference (tokenized) on the client. Payment method reference can be attached to a user by Payment Method API. Access level: requires user token.

Authorizations:
None
Request Body schema: application/json
payment_type
required
integer

User's payment type, see User API for details

payment_method_subtype
string or null
Enum: "card" "bancontact" "ideal" "sepa_debit"

Depends on payment_type. If not set setup intent will be created for any payment subtype allowed for service.

product_id
string or null

Required for vipps payment type. Creates agreement with information about specified product.

campaign_code
string or null

Relevant for vipps payment type. Creates agreement with information about specified product modified by a campaign

redirect_url
string or null

Url of a page that user will be redirected after collection payment details. Relevant for vipps, paystack and reepay.

cancel_url
string or null

Url of a page that user will be redirected after user cancels payment. Relevant for reepay and paystack.

object or null

Optionally used to provide arguments that are unique per payment type

Responses

Request samples

Content type
application/json
{
  • "payment_type": 0,
  • "payment_method_subtype": "card",
  • "product_id": "string",
  • "campaign_code": "string",
  • "redirect_url": "string",
  • "cancel_url": "string",
  • "payment_type_args": {
    }
}

Response samples

Content type
application/json
{
  • "client_secret": "string",
  • "setup_intent": {
    }
}

Get a list of Payment Methods

Authorizations:
None
query Parameters
setupintent
string

If set it will return payment method ids related to specified setup intent

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Create a Payment Method

Create a Payment Method. Saves payment method (card) to user account for later use. Access level: requires user token.

Authorizations:
None
Request Body schema: application/json
payment_type
required
integer

User's payment type, see User API for details

reference
required
string

Card token/reference returned by payment gateway on the client

Responses

Request samples

Content type
application/json
{
  • "payment_type": 0,
  • "reference": "string"
}

Response samples

Content type
application/json
{ }

Bookmark

Operations around bookmarks

Create a bookmark

Authorizations:
None
header Parameters
X-Change-Timestamp
string
Request Body schema: application/json

All request parameters are optional, but at least one should be present.

entity_type
required
string
Enum: "track" "release" "artist"
entity_id
required
string
note
string

user note

position_type
string
Enum: "audio" "ebook"

defaults to audio

position
integer

required if position_type=audio, seconds since beginning of track

reader_position_selector
string

required if position_type=ebook, EPUB CFI (Canonical Fragment Identifier)

reader_position_ratio
number <double> [ 0 .. 1 ]

required if position_type=ebook, position as a fraction of pages read (range: 0-1)

Responses

Request samples

Content type
application/json
{
  • "entity_type": "track",
  • "entity_id": "string",
  • "note": "string",
  • "position_type": "audio",
  • "position": 0,
  • "reader_position_selector": "epubcfi(/6/2!/0)",
  • "reader_position_ratio": 1
}

Response samples

Content type
application/json
{
  • "bookmark": {
    }
}

Fetch a bookmark by ID

Authorizations:
None
path Parameters
bookmark_id
required
string

Responses

Response samples

Content type
application/json
{
  • "bookmark": {
    }
}

Update a bookmark by ID

Authorizations:
None
path Parameters
bookmark_id
required
string
header Parameters
X-Base-Change
string
X-Change-Timestamp
string
Request Body schema: application/json

All request parameters are optional, but at least one should be present.

note
string

user note

position_type
string
Enum: "audio" "ebook"

defaults to audio

position
integer

required if position_type=audio, seconds since beginning of track

reader_position_selector
string

required if position_type=ebook, EPUB CFI (Canonical Fragment Identifier)

reader_position_ratio
number <double> [ 0 .. 1 ]

required if position_type=ebook, position as a fraction of pages read (range: 0-1)

Responses

Request samples

Content type
application/json
{
  • "note": "string",
  • "position_type": "audio",
  • "position": 0,
  • "reader_position_selector": "epubcfi(/6/2!/0)",
  • "reader_position_ratio": 1
}

Response samples

Content type
application/json
{
  • "bookmark": {
    }
}

Delete a bookmark by ID

Authorizations:
None
path Parameters
bookmark_id
required
string
header Parameters
X-Change-Timestamp
string

Responses

Response samples

Content type
application/json
{ }

Campaign

Operations around campaigns

Get campaign

Authorizations:
None
query Parameters
utm_campaign
required
string

campaign code

product_id
string

product id

header Parameters
Range
string

Responses

Response samples

Content type
application/json
{
  • "campaigns": [
    ]
}

List featured campaigns

List featured campaigns

Response can be paginated based on Range header

Authorizations:
None
header Parameters
Range
string

Responses

Response samples

Content type
application/json
{
  • "campaigns": [
    ]
}

Charge

Operations around one-off payments

Fetch a charge for an entity

Authorizations:
None
query Parameters
entity_type
string
Enum: "coupon" "release" "campaign" "track"
entity_id
string

Use commas to separate multiple IDs in the string

Max: 1000 IDs

Responses

Response samples

Content type
application/json
{
  • "charges": [
    ]
}

One-time charge

Access level: Requires user or visitor token in most cases. Can also do operations behalf of a user if reason parameter is set to external_charge and the oauth scope for the request is external-charge.

Authorizations:
None
Request Body schema: application/json
reason
required
string
Enum: "offlining" "coupon" "purchase" "campaign" "external_charge" "vipps_initial_charge" "vipps_renew"

If set to external_charge, then a user_id must also be set.

entity_type
required
string
Enum: "track" "release" "coupon" "campaign" "balance"
entity_id
string

The id value for the given entity type. For instance track_id, release_id or coupon_id.

payment_type
integer

Use 3 for Stripe, see: {User Object} from /v2/users for more options.

source
string

May be required for some payment types, ex: Stripe token for instance.

email
string

Email when charging unauthorized user.

recipient_name
string

Username for email template.

message
string

Personal message for email template.

amount
integer

Charge amount.

unit
string
Enum: "XCR" "EUR"

Unit of charge amount.

Responses

Request samples

Content type
application/json
{
  • "reason": "offlining",
  • "entity_type": "release",
  • "entity_id": "123",
  • "payment_type": 3,
  • "source": "string",
  • "email": "string",
  • "recipient_name": "string",
  • "message": "string",
  • "amount": 0,
  • "unit": "XCR"
}

Response samples

Content type
application/json
{ }

Clientlog

Collect client logs

Upload a new client log

Access level: Requires user or visitor token.

The request should contain a single zip file.

Authorizations:
None
Request Body schema: multipart/form-data
Schema not provided

Responses

Response samples

Content type
application/json
{ }

Coupon

Operations around coupons

List coupon/lookup by code

  • This is the way to validate a coupon. valid flag shows if coupon is valid for redemption,
  • Coupon can be redeemed by POST /users/:user_id/coupons/redemptions
Authorizations:
None
query Parameters
code
required
string

coupon code

header Parameters
Range
string
X-Coupon-Offer-Image-Sizes
string

Responses

Response samples

Content type
application/json
{
  • "coupons": [
    ]
}

Generate coupon (gift card)

Generate coupon based on specific offer from GET /vs/coupons/offers?type=:type. Requires user token

Authorizations:
None
Request Body schema: application/json
offer_id
required
string

see GET /v2/coupons/offers?type=:type

Responses

Request samples

Content type
application/json
{
  • "offer_id": "1234"
}

Response samples

Content type
application/json
{
  • "coupon": {
    }
}

List coupon offers

  • Use this to list available coupon offers (gift card offers).
  • Offers have an image, defines subscription product, may have a price and interval.
  • Offers are used as a source for coupon (gift card) generation - see POST v2/coupons + offer_id for details.
  • User can list generated gift cards by calling GET v2/users/:user_id/coupons?type=giftcard.
  • Generated gift card can be paid by calling POST v2/users/:id/charges + entity_type=coupon,entity_id=:coupon_code.
  • Coupon can be redeemed by calling POST /users/:user_id/coupons/redemptions + coupon.

Optional HTTP header X-Coupon-Offer-Image-Sizes: w50,h200 in the request defines the set of fields in the image object inside the response. If this header is not present, the response will contain an empty list of images.

Authorizations:
None
query Parameters
type
required
string

type of offer - only giftcard is supported

header Parameters
Range
string
X-Coupon-Offer-Image-Sizes
string

Responses

Response samples

Content type
application/json
{
  • "offers": [
    ]
}

Event

Operations around various user events

Fetch feed of events

Personal recommendations and general events

Authorizations:
None
header Parameters
X-Actor-Image-Sizes
string
X-Artist-Image-Sizes
string
X-Release-Cover-Sizes
string
Range
string

Responses

Response samples

Content type
application/json
{
  • "events": [
    ]
}

Favourite

Operations around collection of personal favourites

Return a list of favourite entities

Return only favourite entities. So favourited will be equal to true in the response. Unfavourited entities will never be present in the response.

Authorizations:
None
query Parameters
entity_type
required
string
Enum: "artist" "release" "release-group" "track" "user"

type of the entities

entity_id
required
string
Example: entity_id=1,2,3

comma-separated list of entity IDs to test, limited to 1000 items.

Responses

Response samples

Content type
application/json
{
  • "favourites": [
    ]
}

Home Screen

[DEPRECATED] - use v2/layouts/home to fetch content for the home screen.

Integrations

The Integrations API is a collection of endpoints implementing specifications from Partners.

This is used to propagate business events from the partner to Beat.

Each partner endpoint has a subresource under /v2/integrations/

Handle the request from Stripe

Handle the request from Stripe

You can check documentation here.

Authorizations:
None

Handle the request from Reepay

Handle the request from Reepay

You can check reepay documentation here

Authorizations:
None

Passwords

Operations around passwords

Complete password reset

Complete password reset process by providing security code received by sms or email.

Guests (unauthorized users) can do this call.

Authorizations:
None
Request Body schema: application/json

msisdn or email should be present (not both)

Backend logic:

  • Check if password quality is good enough.
  • Check if provided code equals to stored code from preceding request POST /v2/passwords/requests.
  • If yes, then update password with new one.
msisdn
string

msisdn or email should be present (not both)

email
string

msisdn or email should be present (not both)

code
string

security code received by sms or email

password
string

new password to set

Responses

Request samples

Content type
application/json
{
  • "msisdn": "string",
  • "email": "string",
  • "code": "string",
  • "password": "string"
}

Response samples

Content type
application/json
{ }

Initiate password reset

It initiates password reset process by sending code by sms or email.

Guests (unauthorized users) can do this call.

Authorizations:
None
Request Body schema: application/json

msisdn or email should be present (not both)

Backend logic:

  • Backend sends the security code by sms or backend sends te reset-link by email
  • If return=true passed, then it returns code back rather than send it to the customer
msisdn
string

msisdn or email should be present (not both)

email
string

msisdn or email should be present (not both)

return
boolean

default to false, pass true to get codeback, requires client to have return-password-code scope

Responses

Request samples

Content type
application/json
{
  • "msisdn": "string",
  • "email": "string",
  • "return": true
}

Response samples

Content type
application/json
{
  • "code": "email-token or sms-code"
}

Products

Access to products limited to given access_token/client_id, for instance:

  • End-user apps can only see products available to him.
  • Partners can manage different set of products available for them.
  • Platform can access everything.

Get product

Authorizations:
None
path Parameters
product_id
required
string

Responses

Response samples

Content type
application/json
{
  • "product": {
    }
}

List products

  • Authorization: user or app token required.
  • Pagination: Response can be paginated based on Range headers.
Authorizations:
None
header Parameters
Range
string

Responses

Response samples

Content type
application/json
{
  • "products": [
    ]
}

Progress

Operations around progress

List user progress

This can be used to find the latest played entity

Authorizations:
None
query Parameters
entity_type
string
Enum: "track" "release"
entity_id
string
Example: entity_id=1,2,3

Comma separated list of ids

header Parameters
Range
string

Responses

Response samples

Content type
application/json
{
  • "progresses": [
    ]
}

Create a new progress

Tolerates conflict existing progress: if there is existing progress record on the same entity, then it updates the existing record with the new stop_position and timestamp (i.e. performs upsert)

Authorizations:
None
Request Body schema: application/json
entity_type
required
string
Enum: "track" "release"
entity_id
required
string
changed
required
string <Y-m-d H:i:s>

time of most recent stop_position update - in UTC timezone

position_type
string
Enum: "ebook" "audio"

defaults to audio

stop_position
integer

required if position_type=audio, seconds since beginning of entity

reader_position_selector
string

required if position_type=ebook, EPUB CFI (Canonical Fragment Identifier)

reader_position_ratio
number <double> [ 0 .. 1 ]

required if position_type=ebook, position as a fraction of pages read (range: 0-1)

Responses

Request samples

Content type
application/json
{
  • "entity_type": "track",
  • "entity_id": "string",
  • "changed": "string",
  • "position_type": "ebook",
  • "stop_position": 0,
  • "reader_position_selector": "epubcfi(/6/2!/0)",
  • "reader_position_ratio": 1
}

Response samples

Content type
application/json
{
  • "progress": {
    }
}

Fetch progress by ID

Authorizations:
None
path Parameters
progress_id
required
string

Responses

Response samples

Content type
application/json
{
  • "progress": {
    }
}

Update progress by ID

Authorizations:
None
path Parameters
progress_id
required
string
Request Body schema: application/json
changed
required
string <Y-m-d H:i:s>

time of most recent stop_position update - in UTC timezone

position_type
string
Enum: "ebook" "audio"

defaults to audio

stop_position
integer

required if position_type=audio, seconds since beginning of entity

reader_position_selector
string

required if position_type=ebook, EPUB CFI (Canonical Fragment Identifier)

reader_position_ratio
number <double> [ 0 .. 1 ]

required if position_type=ebook, position as a fraction of pages read (range: 0-1)

Responses

Request samples

Content type
application/json
{
  • "changed": "string",
  • "position_type": "ebook",
  • "stop_position": 0,
  • "reader_position_selector": "epubcfi(/6/2!/0)",
  • "reader_position_ratio": 1
}

Response samples

Content type
application/json
{
  • "progress": {
    }
}

Delete progress by ID

Delete user progress by progress ID

Authorizations:
None
path Parameters
progress_id
required
string

Responses

Response samples

Content type
application/json
{ }

Quotas

Operations around quota

Fetch current user's quotas

Requires User token

Authorizations:
None

Responses

Response samples

Content type
application/json
{
  • "quotas": [
    ]
}

Rating

Allows user to rate various entities - releases. tracks, etc.

Fetch user ratings

Authorizations:
None
query Parameters
entity_type
required
string
Example: entity_type=release

"release" only

entity_id
required
string
header Parameters
Range
string

Responses

Response samples

Content type
application/json
{
  • "ratings": [
    ]
}

Create a rating

Authorizations:
None
header Parameters
X-Change-Timestamp
string
Request Body schema: application/json
entity_type
required
string
Enum: "track" "release" "artist"
entity_id
required
string

corresponds to entity_type

value
required
integer
note
string

Responses

Request samples

Content type
application/json
{
  • "entity_type": "track",
  • "entity_id": "track_id, release_id, or artist_id",
  • "value": 0,
  • "note": "string"
}

Response samples

Content type
application/json
{
  • "rating": {
    }
}

Fetch rating by ID

Authorizations:
None
path Parameters
rating_id
required
string

Responses

Response samples

Content type
application/json
{
  • "rating": {
    }
}

Update rating by ID

Authorizations:
None
path Parameters
rating_id
required
string
header Parameters
X-Change-Timestamp
string
Request Body schema: application/json

All request parameters are optional, but at least one should be present

value
integer
note
string

Responses

Request samples

Content type
application/json
{
  • "value": 0,
  • "note": "string"
}

Response samples

Content type
application/json
{
  • "rating": {
    }
}

Delete a rating

Authorizations:
None
path Parameters
rating_id
required
string
header Parameters
X-Change-Timestamp
string

Responses

Response samples

Content type
application/json
{ }

Release

Operations around releases

Get release

Add X-Include: release-prices in order to include prices to the response

Examples:

/v2/releases/100

/v2/releases/9788242180711?ns=isbn

Authorizations:
None
path Parameters
release_id
required
string

release id if no ns specified

query Parameters
ns
string

namespace of identifiers, supported values: ''isbn''

header Parameters
X-Release-Cover-Sizes
string
X-Actor-Image-Sizes
string
X-Include
string

Responses

Response samples

Content type
application/json
{
  • "release": {
    }
}

Patch release

  1. Favourite / unfavourite release

Assume the operation is always success.

Add any custom HTTP headers (like for the GET request, ex: X-Release-Cover-Sizes, X-Artist-Image-Sizes and others) in order to receive necessary data in the response.

Server logic:

IMPORTANT PATCH request is responsible for merging object received from client and object stored on server. Server resolves conflicts if there is any. The response from PATCH will contain the merged version of the object in that case. See User Changes API for the details.

Authorizations:
None
path Parameters
release_id
required
string
header Parameters
X-Base_Change
integer

base change id, defaults to 0 server side

X-Change-Timestamp
string

time of change in UTC, defaults to current time on the backend

X-Release-Cover-Sizes
string
X-Actor-Image-Sizes
string
X-Include
string
Request Body schema: application/json

parameters are optional, but at least one of them should be present

favourite
boolean

Responses

Request samples

Content type
application/json
{
  • "favourite": true
}

Response samples

Content type
application/json
{
  • "release": {
    }
}

List release alternatives

List available variants of a given book. If book is available in the form of ebook and audio book then both included into response.

Response can be paginated based on Range headers.

Authorizations:
None
path Parameters
id
required
string

Responses

Response samples

Content type
application/json
{
  • "releases": [
    ]
}

[NOT IN USE] Get release bookmarks Deprecated

See Bookmarks API for details.

Get paginated list of bookmarks for specific release.

Authorizations:
None
path Parameters
release_id
required
string
header Parameters
Range
string

Responses

Response samples

Content type
application/json
{
  • "bookmarks": [
    ]
}

List featured releases

Response can be paginated based on Range headers.

Authorizations:
None
header Parameters
X-Release-Cover-Sizes
string
X-Actor-Image-Sizes
string
Range
string
X-Include
string

Responses

Response samples

Content type
application/json
{
  • "releases": [
    ]
}

Patch (reorder) collection of featured releases

Authorization: requires editorial admin token

Authorizations:
None
header Parameters
X-Release-Cover-Sizes
string
X-Actor-Image-Sizes
string
X-Include
string
Request Body schema: application/json
Array of objects (id_object)

Responses

Request samples

Content type
application/json
{
  • "releases": [
    ]
}

Response samples

Content type
application/json
{
  • "releases": [
    ]
}

Delete release group

Authorizations:
None
path Parameters
group_id
required
string
header Parameters
X-Change-Timestamp
string

time of change in UTC, defaults to current time on the backend

Responses

Response samples

Content type
application/json
{ }

Get specific release group

Get a specific release group by ID

Authorizations:
None
path Parameters
group_id
required
string
Enum: "purchased" "borrowed" "finished" "played" "wishlist" "*"

ID may have one of predefined values.

  • purchased lists purchased releases.
  • borrowed lists borrowed releases.
  • finished lists finished releases.
  • played lists recently played releases.
  • wishlist lists releases added to wishlist.
header Parameters
X-Release-Cover-Sizes
string
X-Release-Group-Image-Sizes
string
X-Actor-Image-Sizes
string
X-Include
string

Responses

Response samples

Content type
application/json
{
  • "group": {
    }
}

Patch release group

Access token requires special permission.

All request parameters are optional, but at least one should be present

Authorizations:
None
path Parameters
group_id
required
string
Enum: "wishlist" "*"

only wishlist supported as predefined value

header Parameters
X-Release-Group-Image-Sizes
string
X-Release-Cover-Sizes
integer

header specifies sizes for Release cover basic objects. See Basic response object section for details.

X-Artist-Image-Sizes
string

Header specifies sizes for Artist image basic object.

X-Base-Change
integer
X-Change-Timestamp
string
Request Body schema: application/json
name
string
visible
boolean
Array of objects (group_entry-2)

can be empty

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "visible": true,
  • "releases": [
    ]
}

Response samples

Content type
application/json
{
  • "group": {
    }
}

Delete a release from a release group

Authorizations:
None
path Parameters
group_id
required
string
release_id
required
string

Responses

Response samples

Content type
application/json
[ ]

Get synthetic release group releases

Authorizations:
None
path Parameters
group_id
required
string
Enum: "purchased" "borrowed" "finished" "played" "wishlist"
query Parameters
release_ids
Array of strings

comma-separated list of release IDs, limited to 1000 items.

Supported with purchased, borrowed, finished, wishlist synthetic group

response_type
string

If equal to ''id'' returns only releases ids

header Parameters
X-Release-Cover-Sizes
integer

header specifies sizes for Release cover basic objects. See Basic response object section for details.

X-Actor-Image-Sizes
string

Header specifies sizes for Actor image objects.

X-Include
string
Range
string

Responses

Response samples

Content type
application/json
{
  • "releases": [
    ]
}

Add a release to a release group

Authorizations:
None
path Parameters
group_id
required
string
Request Body schema: application/json
release_id
required
string

Responses

Request samples

Content type
application/json
{
  • "release_id": "string"
}

Response samples

Content type
application/json
[ ]

List release groups

Get a list of all currently visible release groups.

If optional HTTP header X-Include: group-releases is present in the request, the response will include Release base objects instead of just objects with release ids.

Authorizations:
None
header Parameters
X-Release-Group-Image-Sizes
string
X-Release-Cover-Sizes
string
X-Actor-Image-Sizes
string
X-Include
string
Range
string

Responses

Response samples

Content type
application/json
{
  • "groups": [
    ]
}

Add release group

Requires user token.

Authorizations:
None
header Parameters
X-Change-Timestamp
string
Request Body schema: application/json
name
required
string
description
string
Array of objects

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "description": "string",
  • "releases": [
    ]
}

Response samples

Content type
application/json
{
  • "group": {
    }
}

[DEPRECATED] Reorder release groups Deprecated

Access token requires special permission.

Authorizations:
None
header Parameters
X-Release-Group-Image-Sizes
string
X-Release-Cover-Sizes
string
X-Actor-Image-Sizes
string
X-Include
string
Request Body schema: application/json
Array of objects (Release Group Patch Request)

Responses

Request samples

Content type
application/json
{
  • "groups": [
    ]
}

Response samples

Content type
application/json
{
  • "groups": [
    ]
}

List featured release groups

Authorizations:
None
header Parameters
X-Release-Group-Image-Sizes
string
X-Release-Cover-Sizes
string
X-Actor-Image-Sizes
string
X-Include
string
Range
string

Responses

Response samples

Content type
application/json
{
  • "groups": [
    ]
}

Patch list of featured release groups

Authorizations:
None
header Parameters
X-Release-Group-Image-Sizes
string
X-Release-Cover-Sizes
string
X-Actor-Image-Sizes
string
X-Include
string
Request Body schema: application/json
Array of objects

Responses

Request samples

Content type
application/json
{
  • "groups": [
    ]
}

Response samples

Content type
application/json
{
  • "groups": [
    ]
}

Upload release group image

Access token requires special permission.

Authorizations:
None
path Parameters
group_id
required
string
Request Body schema: multipart/form-data
object

Responses

Response samples

Content type
application/json
{ }

List release ratings

Authorizations:
None
path Parameters
release_id
required
string
header Parameters
Range
string

Responses

Response samples

Content type
application/json
{
  • "ratings": [
    ]
}

List personally recommended releases

Returns personalised recommendations based on historical data (play logs)

Authorizations:
None
header Parameters
X-Release-Cover-Sizes
string
X-Artist-Image-Sizes
string
X-Include
string
Range
string

Responses

Response samples

Content type
application/json
{
  • "releases": [
    ]
}

List releases related to given release

The meaning of related releases is defined per service instance.

Response can be paginated based on Range headers.

Authorizations:
None
path Parameters
id
required
string
header Parameters
X-Release-Cover-Sizes
string
X-Actor-Image-Sizes
string
X-Include
string
Range
string

Responses

Response samples

Content type
application/json
{
  • "releases": [
    ]
}

List bookmarks tied to release tracks

Get paginated list of bookmarks for specific release.

Authorizations:
None
path Parameters
release_id
required
string
header Parameters
Range
string

Responses

Response samples

Content type
application/json
{
  • "bookmarks": [
    ]
}

[DEPRECATED] List progresses tied to release tracks Deprecated

Get paginated list of progresses for specific release.

Authorizations:
None
path Parameters
release_id
required
string
header Parameters
Range
string

Responses

Response samples

Content type
application/json
{
  • "progresses": [
    ]
}

Get release by UPC code

Authorizations:
None
path Parameters
upc_code
required
string
Example: 0724382304258
header Parameters
X-Release-Cover-Sizes
string
X-Actor-Image-Sizes
string

Responses

Response samples

Content type
application/json
{
  • "release": {
    }
}

Reports

Operations around reports

File reports Deprecated

Deprecated in favour of Reports API POST /v2/reports. Clients should use the new endpoint for all the reports.

Authorizations:
None

Responses

Response samples

Content type
application/json
{ }

Report player and reader events

Clients MUST collect each and every player/reader event and report them to POST /v2/reports. Clients must keep track of events in the offline mode and report them as soon as a connection establishes.

API

  • [DEPRECATED] POST /v2/player/reports - still functional but deprecated in favour of more generic POST /v2/reports
  • POST /v2/reports - accepts all types of reports listed below

Reports

  • [DEPRECATED] played-offline - in use only in Motitech
  • play.started - track-based report when player starts playing a new track in music services
  • play.ended - track-based report, mandatory for clients using /v2/streams/online and /v2/streams/offline endpoints to fetch a stream url
  • [DEPRECATED] play.progress - track-based playback progress tracking in audiobook services.
  • play.error - track-based report when playing the current track fails

New event format

Important! These events require action to be set instead of event.

  • player.progress - track-/release-based report for tracking playback in audiobook services
  • reader.progress - track-/release-based report for tracking reading in ebook services.
  • reader.consumed - release-based report for when a release has been consumed
  • release.finished - release-based report for a release being finished

Versioning

  • version 1 -> version 3
  • We skip version 2 because it will be used internally.
  • Important change is that we require context field with data specific to a stream which clients get from the backend. Also we don't expect a shop field anymore.

Example

Consider the following case:

The user plays a track from the beginning, 45 seconds later they seek to the 100th second, listens for 3 seconds, then presses "skip 30 seconds" twice, then listens for 40 more seconds, presses "pause", then "resume", listens for 15 more seconds and plays a different track.

The following reports should be sent:

play.started (start_position:0)

play.progress (start_position:0, stop_position:30)

play.progress (start_position:30, stop_position:45)

play.progress (start_position:163, stop_position:193)

play.progress (start_position:193, stop_position:203)

play.progress (start_position:203, stop_position:218)

play.ended (duration:103)\n\nplay.started (start_position:0)

Notice there is no report play.progress (start_position:100, stop_position:103) since user seeks to the 100th second, therefore we do not report progress until the track was played for 30 more seconds.

Here is another example illustrating the difference in report playback progress after seek vs after start/resume:

start 150 -> at 160 seek to 200 -> play for 20 more seconds -> seek to 250 -> play next track at 260:

play.started (start_position:150)

play.progress (start_position:150, stop_position:160)

play.progress (start_position:250, stop_position:260)

play.ended (duration:40)

vs.

start at 150 -> at 160 seek to 200 -> play for 35 more seconds -> seek to 250 -> play next track at 260:

play.started (start_position:150)

play.progress (start_position:150, stop_position:160)

play.progress (start_position:200, stop_position:230)

play.progress (start_position:230, stop_position:235)

play.progress (start_position:250, stop_position:260)

play.ended (duration:55)

Authorizations:
None
Request Body schema: application/json
One of
action
required
string
Value: "player.progress"
version
required
integer
Value: 3
time
required
integer

event timestamp - seconds, unix epoch time

user_id
required
string
device_id
string

unique device-id set by the client

offline
required
boolean
speed
number <float>

0.8 means 20% slower than normal - 1.1 means 10% faster than normal

entity_type
required
string
Enum: "track" "release"
entity_id
required
string

corresponds to entity_type, one of: 'track_id'|'release_id'

start_position
required
integer

seconds since beginning of entity

stop_position
required
integer

seconds since beginning of entity

total_len
integer

ex: length of release/track

sent_time
required
integer

timestamp when the event was sent from originator, unix epoch time

preview
boolean

set if particular service requires reporting for previews

context
object

arbitrary mapping, filled with an equivalent mapping provided by backend to clients along with the consumed content

Responses

Request samples

Content type
application/json
{
  • "play_ended": {
    },
  • "play_error": {
    },
  • "play_progress": {
    },
  • "play_started": {
    },
  • "played_offline": {
    },
  • "player_progress_v1": {
    },
  • "player_progress_v3": {
    },
  • "reader_consumed_v1": {
    },
  • "reader_consumed_v3": {
    },
  • "reader_progress_v1": {
    },
  • "reader_progress_v3": {
    },
  • "release_finished": {
    }
}

Response samples

Content type
application/json
{ }

Series

Operations around series

Get a list of series

Authorizations:
None
query Parameters
query
string
header Parameters
X-Series-Image-Sizes
string
Range
string

Responses

Response samples

Content type
application/json
{
  • "series": [
    ]
}

Get series

Authorizations:
None
path Parameters
series_id
required
string
header Parameters
X-Series-Image-Sizes
string

Responses

Response samples

Content type
application/json
{
  • "series": {
    }
}

Patch Series Deprecated

Authorizations:
None
path Parameters
series_id
required
string
header Parameters
X-Series-Image-Sizes
string
Request Body schema: application/json
name
string
description
string

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "description": "string"
}

Response samples

Content type
application/json
{
  • "series": {
    }
}

Post series image

Authorizations:
None
path Parameters
series_id
required
string
Request Body schema: multipart/form-data
image
string <binary>

Jpeg image of a series

Responses

Response samples

Content type
application/json
{ }

Message

This API contains endpoints for executing business logic in response to incoming SMS messages. Its intended user is the SMS service.

Receiving of incoming messages

All incoming messages which require any business logic processing will be forwarded by the SMS service to this endpoint.

Authorizations:
None
Request Body schema: application/json
id
required
integer
sender
required
string

full MSISDN of the sender

text
required
string

text of message

Responses

Request samples

Content type
application/json
{
  • "id": 0,
  • "sender": "string",
  • "text": "string"
}

Response samples

Content type
application/json
{
  • "message": "string"
}

Receiving of outgoing message delivery report

Authorizations:
None
Request Body schema: application/json

The state parameter is the result of the delivery as confirmed by the operator. Valid values are:

  • DELIVERED
  • INSUFFICIENT_FUNDS
  • UNDELIVERABLE
  • FAILED
  • BARRED_PERMANENTLY
  • BARRED_TEMPORARILY
  • BARRED_PREMIUM (receiver has blocked premium messages)
  • BARRED_AGE_LIMIT (receiver is not old enough for the age limit we ourselves optionally set for outgoing messages)
  • INVALID_NETWORK

Many of these are self-explanatory or explained; the others can be found in the SMS service API docs [to be published].

Note that DELIVERED is the only state indicating successful delivery. If the message had a price, only DELIVERED indicates that this price was successfully charged.

id
required
integer

ID of message referenced by this report

receiver
required
string

full MSISDN of the message's receiver

price
required
integer

the price that was attempted to be charged

state
required
string
Enum: "DELIVERED" "INSUFFICIENT_FUNDS" "UNDELIVERABLE" "FAILED" "BARRED_PERMANENTLY" "BARRED_TEMPORARILY" "BARRED_PREMIUM" "BARRED_AGE_LIMIT" "INVALID_NETWORK"

one of the state constants

Responses

Request samples

Content type
application/json
{
  • "id": 0,
  • "receiver": "string",
  • "price": 0,
  • "state": "DELIVERED"
}

Response samples

Content type
application/json
{
  • "message": "string"
}

Streams

X-Stream-Formats header

Specify optional header X-Stream-Formats: */high, X-Stream-Formats: */normal, X-Stream-Formats: */low in order to adjust audio stream quality. Header value should go from streams object of TrackExtended object - see GET v2/tracks/:track_id for details.

X-Stream-Context header

Getting stream url normally requires user access token and user has be subscribed. However there is a way to get stream url based on different criteria. This is service specific.

Specify optional header X-Stream-Context: <entity_type>/<entity_id> in order to fetch full stream.

Get short preview of the stream

Get a link to a short preview stream. These streams typically have a length between 30 and 60 seconds.

examples:

  • preview by track id: GET /v2/streams/previews/:track_id
  • preview by release id: GET /v2/streams/previews/:release_id?ns=release_id
Authorizations:
None
path Parameters
id
required
string

track id if ns is not specified or release_id if ns=release_id

query Parameters
ns
string

namespace of ids, value release_id supported only

Responses

Response samples

Content type
application/json
{
  • "stream": {
    }
}

Get online stream

Get the link to the full stream for online playing.

  • Supports X-Stream-Formats, X-Stream-Context headers - see Streams API.

IMPORTANT: Client MUST keep track of playback of streams for URLs fetched from this endpoint by sending play reports to the Player Reports API POST v2/player/reports.

For a music service, one should use play.ended events while for audio book service, one should use play.progress events.

Independent of type of service, be sure to set offline=true for offline playback and offline=false for online playback.

Authorizations:
None
path Parameters
track_id
required
string
header Parameters
X-Stream-Formats
string
X-Stream-Context
string

Responses

Response samples

Content type
application/json
{
  • "stream": {
    }
}

Get offline stream

Get the link to the full stream for offline playing.

  • Supports X-Stream-Formats, X-Stream-Context headers - see Streams API.

IMPORTANT: Client MUST keep track of playback of streams for URLs fetched from this endpoint by sending play reports to the Player Reports API POST v2/player/reports.

For a music service, one should use play.ended events while for audio book service, one should use play.progress events.

Independent of type of service, be sure to set offline=true for offline playback and offline=false for online playback.

Authorizations:
None
path Parameters
track_id
required
string

Responses

Response samples

Content type
application/json
{
  • "stream": {
    }
}

[DEPRECATED] Get Stream Deprecated

Get URL to the stream or preview

Authorizations:
None
path Parameters
track_id
required
string

Responses

Response samples

Content type
application/json
{
  • "stream": {
    }
}

Get streams for all tracks in a release

For a given release return all its streams

Authorizations:
None
path Parameters
release_id
required
string

Responses

Response samples

Content type
application/json
{
  • "track": {
    },
  • "streams": {
    }
}

Track

Operations around tracks

Search tracks

Response can be paginated based on Range headers.

Authorizations:
None
query Parameters
query
required
string
header Parameters
Range
string

tracks=20-39 (inclusive)

X-Release-Cover-Sizes
string
X-Actor-Image-Sizes
string

Responses

Response samples

Content type
application/json
{
  • "tracks": [
    ]
}

Get track

  • Add track-prices to X-Include header in order to include prices to the response.
  • Add track-streams to X-Include header in order to include streams to the response.
Authorizations:
None
path Parameters
track_id
required
string
header Parameters
X-Actor-Image-Sizes
string
X-Release-Cover-Sizes
string
X-Include
string

Responses

Response samples

Content type
application/json
{
  • "track": {
    }
}

Patch track

  1. Favourite / unfavourite track.

Assume the operation is always success.

Add any custom HTTP headers (like for the GET request, ex: X-Release-Cover-Sizes, X-Artist-Image-Sizes and others) in order to receive necessary data in the response.

server logic:

IMPORTANT PATCH request is responsible for merging object received from client and object stored on server. Server resolves conflicts if there is any. The response from PATCH will contain the merged version of the object in that case. See User Changes API for the details.

Authorizations:
None
path Parameters
track_id
required
string
header Parameters
X-Base-Change
integer

base change id, defaults to 0 server side

X-Change-Timestamp
string

time of change in UTC, defaults to current time on the backend

X-Actor-Image-Sizes
string
X-Release-Cover-Sizes
string
X-Include
string
Request Body schema: application/json

all the request parameters are optional, but at least one should be present

favourite
boolean

Responses

Request samples

Content type
application/json
{
  • "favourite": true
}

Response samples

Content type
application/json
{
  • "track": {
    }
}

Get track bookmarks

Get paginated list of bookmarks for specific track

Authorizations:
None
path Parameters
track_id
required
string
header Parameters
Range
string

Responses

Response samples

Content type
application/json
{
  • "bookmarks": [
    ]
}

[DEPRECATED] Get progress tied to track Deprecated

Authorizations:
None
path Parameters
track_id
required
string

Responses

Response samples

Content type
application/json
{
  • "progress": {
    }
}

List tracks related to a given track

Response can be paginated based on Range headers.

Authorizations:
None
path Parameters
id
required
string
header Parameters
Range
string

Responses

Response samples

Content type
application/json
{
  • "tracks": [
    ]
}

User

NOTE: :user_id is actual user id if the access_token had been generated with end-user-related grant_type: grant_type=password.

Lookup, search, list users:

  • GET /v2/users?msisdn=4742424242 - lookup by msisdn
  • GET /v2/users?query=4242 - full text search
  • GET /v2/users?account_users=true - list account users (profiles)
  • GET /v2/users?external_user_id=id&external_provider_id=provider - lookup ny external user id

CRUD operations with single user:

  • POST /v2/users - create new
  • GET /v2/users/:user_id - get
  • PATCH /v2/users/:user_id - edit
  • DELETE /v2/users/:user_id - delete

List user friends:

  • [TODO] GET /v2/users/:user_id/friends - list all friends
  • GET /v2/users/:user_id/friends/registered - list friends

User Credentials API:

  • POST /v2/users/:user_id/credentials - add new credential
  • POST /v2/users/:user_id/credentials/verifications - verify credential

User Events API:

  • GET /v2/users/:user_id/events - list user personal events

User Changes API

This is a way to sync personal changes made by user (typically in offline mode) in the apps.

SECURITY NOTE. There is no way to sync personal changes in visitor mode or having Access Token from other user, since it obviously breaks isolation of users from each other.

LOGOUT IN OFFLINE MODE. When user is going to log out being in offline mode and there are unsynced local changes, the app CAN suggest user to go online and sync pending changes first before logging out otherwise unsynced changes can be lost.

  • HEAD /v2/users/:user_id/changes - get personal latest change_id in X-Change response header.
  • POST /v2/batch within a set of POST, PATCH, DELETE subrequests - push local changes and get back merged versions to update a local copy if there is any conflicts
  • GET /v2/users/:user_id/changes?base_change_id=:base_change_id - pull new changes since the last sync

Personal data involved into synchronization

  • favourites for tracks, releases, artists, users
  • release groups (bookshelves)
  • bookmarks
  • ratings

Initial synchronization flow

Step 1. Client gets latest personal change_id from server

Trigger it only if local base_change_id is 0 (no previous syncs).

>>>
HEAD /v2/users/:user_id/changes
<<<
X-Change: <latest_change_id>

Incremental synchronization flow

Step 1. Client pushes local changes to server by BATCH

Compose all local changes into one or a few BATCH requests. Set base_change_id to tell server what latest version of local data the change is based on: mark each subrequest with new base_change_id and change_timestamp fields.

X-Change-Timestamp must in UTC if set.

Request:

POST /v2/batch
{
        // oldest changes first
        "requests": [
                { "method": "POST", "url": "/v2/releases/groups", "body": { ... }, "headers": {"X-Base-Change": 123, "X-Change-Timestamp": ""}},
                { "method": "POST", "url": "/v2/releases/groups", "body": { ... }, "headers": {"X-Base-Change": 123, "X-Change-Timestamp": ""} },
                { "method": "PATCH", "url": "/v2/tracks/:id", "body": { ... }, "headers": {"X-Base-Change": 123, "X-Change-Timestamp": ""} },
                { "method": "PATCH", "url": "/v2/releases/:id", "body": { ... }, "headers": {"X-Base-Change": 123, "X-Change-Timestamp": ""} },
                { "method": "DELETE", "url": "/v2/releases/groups/:id", "body": { ...}, "headers": {"X-Base-Change": 123, "X-Change-Timestamp": ""} },
        ]
}

Server logic:

IMPORTANT PATCH request is responsible for merging object received from client and object stored on server. Server resolves conflicts if there is any. The response from PATCH will contain the merged version of the object in that case.

example of user_changes data:
intID, intUser_ID, intEntityType, intEntityID, intActionType, dteAdded, dteChanged
1, 5667, release-group, 132, PATCH, CURRENT_TIMESTAMP
2, 5667, release-group, 132, DELETE, CURRENT_TIMESTAMP
3, 123, track, 8, PATCH, CURRENT_TIMESTAMP
4, 5667, artist, 1, PATCH, CURRENT_TIMESTAMP
  • For each `PATCH` and `DELETE` change in the request:
    • Load the latest change record for the target object (record with the max change_id for given user, entry_type and entry_id) and get `latest_change_id` and `latest_change_timestamp`.
    • Solve merge conflict: accept or reject client change
      • If `base_change_id` == `latest_change_id` then accept the change
      • If `base_change_id` < `latest_change_id` then resolve the conflict between change from the request and one from the server:
        • Comparing the change timestamp from the request and the `latest_change_timestamp`.
        • Rule: **LATEST CHANGE WINS**.
        • Timestamps must the in UTC.
      • If `base_change_id` > `latest_change_id` then client error, return `400 Bad Request`
    • If change has been accepted, then
      • Add new change record and get `new_change_id`
      • Apply the change
    • Return changed object, add `X-Change: new_change_id` header to the response

Response:

{
        // count and order of responses corresponds to the request
        "responses": [
                { "status": 201, "body": { "id": "123", <merge result> }, "headers": {"X-Change": 1} },
                { "status": 201, "body": { "id": "124", <merge result> }, "headers": {"X-Change": 2} },
                { "status": 200, "body": { "id": "124", <merge result> }, "headers": {"X-Change": 81} },
                { "status": 200, "body": { "id": "124", <merge result> }, "headers": {"X-Change": 82} },
                { "status": 404, "body": { "error_description": "Not found" } },
        ]
}

Client can ignore the response from BATCH.

Step 2. Client pulls incremental changes from server

Request:

GET /v2/users/:user_id/changes?base_change_id=:base_change_id
Range: changes=0-99 // (optional) fetch first 100 changes

Response:

206 Partial Content
Content-Range: changes 0-99/101 // first page, more available
{
        "changes": [
                { "id": 1, "method": "POST", "body": { "group": {Release group extended object} } },
                { "id": 2, "method": "POST", "body": { "group": {Release group extended object} } },
                { "id": 81, "method": "PATCH", "body": { "track": {Track extended object} } },
                { "id": 82, "method": "DELETE", "body": { "group": { "id": "123" }} }, // only "id" is provided if object is deleted
                { < Change object > },
        ]
}

Client should act in the same way in case of PATCH and POST - update local object.

Change object

{
        "id": 1, // change id
        "method": "POST|PATCH|DELETE",
        "body": {
                "release": { // one of track|release|artist
                        "id": "123",
                        // ...
                }
        }
}

When the response is received, client should set local base_change_id to the max change_id from the response (that means client has been upgraded up to the change_id version).

User Subscriptions API

Methods to manipulate the running subscriptions.

  • GET /v2/users/:user_id/subscriptions - list of all running subscriptions
  • PATCH /v2/users/:user_id/subscriptions/:sub_id + {state=6|3} - cancel/resume subscription
  • DELETE /v2/users/:user_id/subscriptions/:sub_id - deactivate subscription

Subscription states (possible state values):

  • 1 - TRIALING live: valid trial subscription. This type of subscription may transition to active once payment is received when the trial has ended.
  • 3 - ACTIVE live: a normal, active subscription. It is not in a trial, and is paid and up to date.
  • 5 - RENEW_FAILURE problem: indicates that the most recent payment has failed, and payment is past due for this subscription. This subscription is in the dunning process.
  • 6 - STOPPED live until expiry date / end of life then: a subscription stopped by user.
  • 7 - DEACTIVATED end of life: a subscription deactivated during migrate process
  • 8 - UNPAID end of life: a subscription is marked unpaid if the retry period expires and dunning has a Final Action of “mark the subscription unpaid”
  • 9 - INCOMPLETE live: payment request has been issued, but confirmation has not yet been received

Search users

NOTE:

  • With query parameters email or msisdn set, or account_users=true, an extended user object will be returned.
  • While with external_provider_id and external_user_id set, a base user object wil be returned.

Authorizations:
None
query Parameters
email
string

search by email (only accessible to user admins)

msisdn
string

search by msisdn (only accessible to user admins)

account_users
boolean

list account users (profiles)

external_user_id
string

Search by external id. Should be specified with external_provider_id

external_provider_id
string

Search by external id. Should be specified with external_user_id

header Parameters
Range
string

Responses

Response samples

Content type
application/json
Example
{
  • "users": [
    ]
}

Add user (profile)

Covers these use cases:

  • Normal signup (request includes app token -> visitor mode)
    • Makes brand new account
    • Makes brand new user
    • Adds user as a master-user to account
  • Adding a profile-user to existing account (request inludes user token -> user mode)
    • Looking up for existing account by provided user token
    • Adds user as a profile-user to existing account

Authorizations:
None
Request Body schema: application/json

A random password will be generated for the account.

msisdn
string
firstname
string
lastname
string
username
string
email
string
password
string

Password should not appear if msisdn present

newsletter
boolean
Default: false
intent
string
Enum: "webshop" "subscription"

the way to distinguish purposes of user creation within the single client, one of ''webshop''|''subscription''.

profile_type
string
Enum: "standard" "child"
email_token
string

Email token validation expects to have email set for user

avatar_id
string
region
string

The region that the user belongs to

Responses

Request samples

Content type
application/json
{
  • "msisdn": "004712345678",
  • "firstname": "string",
  • "lastname": "string",
  • "username": "string",
  • "email": "email@beat.no",
  • "password": "string",
  • "newsletter": false,
  • "intent": "webshop",
  • "profile_type": "standard",
  • "email_token": "string",
  • "avatar_id": "string",
  • "region": "NO"
}

Response samples

Content type
application/json
{
  • "user": {
    }
}

Delete user (profile)

Applicable to profile-users of the account only. Deletion of master-user of the account is not supported.

Authorizations:
None
path Parameters
user_id
required
string

Responses

Response samples

Content type
application/json
{ }

Patch User

Server logic:

IMPORTANT PATCH request is responsible for merging object received from client and object stored on server. Server resolves conflicts if there is any. The response from PATCH will contain the merged version of the object in that case. See User Changes API for the details.

Authorizations:
None
path Parameters
user_id
required
string
header Parameters
X-Base_Change
integer

base change id, defaults to 0 server side

X-Change-Timestamp
string

time of change in UTC, defaults to current time on the backend

X-User-Image-Sizes
string
Request Body schema: application/json

all parameters are optional, but at least one of them should be present

firstname
string
lastname
string
email
string
region
string
password
string
privacy_profile_private
boolean
favourite
boolean

follow/unfollow user

newsletter
boolean

subscribe/unsubscribe to email newsletters

payment_type
integer

see list of supported payment types on User API (user object)

username
string
profile_type
string
Enum: "standard" "child"

Responses

Request samples

Content type
application/json
{
  • "firstname": "string",
  • "lastname": "string",
  • "email": "string",
  • "region": "string",
  • "password": "string",
  • "privacy_profile_private": true,
  • "favourite": true,
  • "newsletter": true,
  • "payment_type": 0,
  • "username": "string",
  • "profile_type": "standard"
}

Response samples

Content type
application/json
{
  • "user": {
    }
}

Get user

Get user account info except of any credentials (i.e. password)

Authorizations:
None
path Parameters
user_id
required
string
header Parameters
X-User-Image-Sizes
string

Responses

Response samples

Content type
application/json
{
  • "user": {
    }
}

[DEPRECATED] Attach credit card to Stripe account Deprecated

Access level: Requires user token.

When credit card successfully attached, it changes user's default payment type to Stripe. See payment_type of User entity in User API.

Authorizations:
None
path Parameters
user_id
required
string
Request Body schema: application/json
token
required
string

credit card token from by Stripe JS SDK

Responses

Request samples

Content type
application/json
{
  • "token": "string"
}

Response samples

Content type
application/json
{ }

Get personal changes

  • [DEPRECATED] Initial fetch GET /v2/users/:user_id/changes - fetch all personal changes
    • Sequential fetch GET /v2/users/:user_id/changes?base_change_id=:base_change_id
      • :base_change_id (optional) is a client's local base_change_id (change_id from the previous syncronization incremented by 1)
Authorizations:
None
path Parameters
user_id
required
string
query Parameters
base_change_id
string
header Parameters
Range
string

changes=0-99

fetch first 100 changes

X-Release-Cover-Sizes
string
X-Artist-Image-Sizes
string
X-Actor-Image-Sizes
string
X-User-Image-Sizes
string
X-Release-Group-Image-Sizes
string
X-Include
string

Responses

Response samples

Content type
application/json
{
  • "changes": [
    ]
}

Get latest change id

This has to be used to get latest change_id of personal changes when user just logged in.

Since API returns latest state of personal collections, client need to know latest change_id. Having latest change_id client is able to skip fetching all the time history of user changes just to get latest change_id. So that significantly speeds initial synchronisation up on log in to the old account.

When the response is received, client should set local base_change_id to the change_id from the response (that means client has been upgraded up to the change_id version).

Authorizations:
None
path Parameters
user_id
required
string

Responses

List user coupons (gift cards)

Supports regular pagination.

Authorizations:
None
path Parameters
user_id
required
string
query Parameters
type
string

type of coupons to list . supports ''giftcard'' only

header Parameters
X-Coupon-Offer-Image-Sizes
string
Range
string

Responses

Response samples

Content type
application/json
{
  • "coupons": [
    ]
}

Redeem coupon

Allows to redeem coupon to any target account.

  • Extends on eof existing subscription or activates a brand new subscription, depends on specific coupon.
  • Request can be made with any access token (visitor/app or user token).
  • Find user_id for target account by GET /v2/user?msisdn=:msisdn.
Authorizations:
None
path Parameters
user_id
required
string
Request Body schema: application/json
coupon
string

Responses

Request samples

Content type
application/json
{
  • "coupon": "string"
}

Response samples

Content type
application/json
{ }

Add credential

Bind credential to the account or accept it for verification.

Bind new type of credentials to the user account. If credential requires verification, then it initiates verification process by sending verification email or sms.

Access level: Requires User Token.

Authorizations:
None
path Parameters
user_id
required
string
Request Body schema: application/json
type
required
integer
Enum: 5 6 7 8 9 10

Credential type. One of:

  1. Stripe customer id
  2. Bokbasen email
  3. Bokbasen ddsid
  4. User email
  5. User unverified msisdn
  6. Paystack customer id
credential
required
string

Responses

Request samples

Content type
application/json
{
  • "type": 5,
  • "credential": "string"
}

Response samples

Content type
application/json
{ }

Verify user email

Verify the e-mail address used in account creation. Verification is important since this is the only channel where the user can receive updates regarding billing status and other account information.

Authorizations:
None
Request Body schema: application/json
type
integer
Enum: 6 8

This API can be used with two credential types:

  • type=6 is for validating bokbasen email
  • type=8 is for validating regular user email

There is no difference except in the bokbasen case, we search the bokbasen account upstream.

credential
string

A string that identifies user. For now, only the two types of email is supported.

Responses

Request samples

Content type
application/json
{
  • "type": 8,
  • "credential": "string"
}

Response samples

Content type
application/json
{ }

Verify added credential

Access level: requires visitor token.

Authorizations:
None
path Parameters
user_id
required
string
Request Body schema: application/json
token
string
type
integer
Enum: 5 6 7 8 9 10

Credential type. One of:

  1. Stripe customer id
  2. Bokbasen email
  3. Bokbasen ddsid
  4. User email
  5. User unverified msisdn
  6. Paystack customer id

Responses

Request samples

Content type
application/json
{
  • "token": "string",
  • "type": 5
}

Response samples

Content type
application/json
{ }

List user events

All events are generated by the backend (by PATCH v2/users/:id + favourite and PATCH v2/artists/:id + favourite at the moment).

Authorizations:
None
path Parameters
user_id
required
string
header Parameters
Range
string
X-Artist-Image-Sizes
string
X-Release-Cover-Sizes
string
X-Actor-Image-Sizes
string

Responses

Response samples

Content type
application/json
{
  • "events": [
    ]
}

List user favouritees

Authorizations:
None
path Parameters
user_id
required
string
header Parameters
Range
string

Responses

Response samples

Content type
application/json
{
  • "users": [
    ]
}

List favourite artists

Authorizations:
None
path Parameters
user_id
required
string
header Parameters
X-Artist-Image-Sizes
string
Range
string

Responses

Response samples

Content type
application/json
{
  • "artists": [
    ]
}

List favourite releases

Authorizations:
None
path Parameters
user_id
required
string
query Parameters
types
string

comma-separated list of release types, it may include shortened audio or video values:

audio is equivalent of album,single,

video is equivalent of video-album,video-single

(see Release API for details)

header Parameters
Range
string
X-Release-Cover-Sizes
string
X-Actor-Image-Sizes
string
X-Include
string

Responses

Response samples

Content type
application/json
{
  • "releases": [
    ]
}

List favourite tracks

Authorizations:
None
path Parameters
user_id
required
string
header Parameters
Range
string
X-Actor-Image-Sizes
string

Responses

Response samples

Content type
application/json
{
  • "tracks": [
    ]
}

List favourite users

Authorizations:
None
path Parameters
user_id
required
string
header Parameters
Range
string

Responses

Response samples

Content type
application/json
{
  • "users": [
    ]
}

Migrate to product / activate subscription

Activate subscription based on given product id, i.e. upgrade/downgrade logic.

Authorizations:
None
path Parameters
user_id
required
string
Request Body schema: application/json
product_id
required
string
renewable
boolean

defaults to true, whether new subscription should renew or not

utm_campaign
string

utm campaign name, may adjust subscription trial period if specified

confirmed
boolean

true by default; if false, request may return 403 code alongside with the url to external confirmation/consent page

metadata
object <json>

a json structure for associating information with the subscription

Responses

Request samples

Content type
application/json
{
  • "product_id": "string",
  • "renewable": true,
  • "utm_campaign": "string",
  • "confirmed": true,
  • "metadata": { }
}

Response samples

Content type
application/json
{ }

Reset password and send the new one by sms

It generates new password for the user, saves it and sends it by sms.

SECURITY NOTE: Only limited number of clients are allowed to do this call. Certain client should be allowed to reset password only for limited number of users (likely the users created by the same client only).

Backend logic:

  • Backend sends the new password by sms
Authorizations:
None
path Parameters
user_id
required
string

Responses

Response samples

Content type
application/json
{ }

[DEPRECATED] Get favourite releases Deprecated

DEPRECATED: Use v2/users/:user_id/favourites/releases instead.

Usage:

  • Latest iOS App build where the endpoint in use: <...>
  • Latest Android App build where the endpoint in use: v2.3.5
Authorizations:
None
path Parameters
user_id
required
string
header Parameters
Range
string
X-Release-Cover-Sizes
string
X-Actor-Image-Sizes
string
X-Include
string

Responses

Response samples

Content type
application/json
{
  • "releases": [
    ]
}

List subscriptions

Get list of all running subscriptions.

Authorizations:
None
path Parameters
user_id
required
string
query Parameters
state
string

If specified fetch paginated and filtered by state subscriptions. Specify state=all to fetch all subscriptions.

header Parameters
Range
string

Responses

Response samples

Content type
application/json
{
  • "subscriptions": [
    ]
}

Patch subscription

Stop/resume subscription

Authorizations:
None
path Parameters
user_id
required
string
subscription_id
required
string
Request Body schema: application/json
state
required
integer

use next values:

  • 6 to stop subscription (chnge state to ''stopped'')
  • 3 to resume stopped subscription (change state back to ''ACTIVE'')

all other values are not allowed

comment
string

feedback when user stops the subscription

Responses

Request samples

Content type
application/json
{
  • "state": 0,
  • "comment": "string"
}

Response samples

Content type
application/json
{
  • "subscription": {
    }
}

Deactivate subscription

Authorizations:
None
path Parameters
user_id
required
string
subscription_id
required
string

Responses

Response samples

Content type
application/json
{ }

Get user balances

A user can have balances in multiple currencies. This lists the user's current balances by currency.

For most services, only a single currency will be returned. There are some special currency codes:

  • XCR means "credits".
  • XCS means "seconds".

Not receiving a balance in a currency means the same thing as receiving a zero balance in a currency.

Authorizations:
None
path Parameters
user_id
string
header Parameters
Range
string

Responses

Response samples

Content type
application/json
{
  • "balances": [
    ]
}

[DEPRECATED] Charge user Deprecated

  • Endpoint deprecated in favour of more general POST v2/charges.
  • Access level: Requires User Token.
Authorizations:
None
path Parameters
user_id
string

Get personal release groups

Get user specific release groups (bookshelves).

If optional HTTP header X-Include: group-releases is present in the request, the response will include Release base objects instead of just objects with release ids.

Authorizations:
None
path Parameters
user_id
required
string
header Parameters
Range
string
X-Release-Group-Image-Sizes
string
X-Release-Cover-Sizes
string
X-Actor-Image-Sizes
string
X-Include
string

Responses

Response samples

Content type
application/json
{
  • "groups": [
    ]
}

Get release group

Authorizations:
None
path Parameters
user_id
required
string
synthetic
required
string
Enum: "purchased" "borrowed" "finished" "played" "wishlist"
header Parameters
X-Release-Group-Image-Sizes
string
X-Release-Cover-Sizes
string
X-Actor-Image-Sizes
string
X-Include
string

Responses

Response samples

Content type
application/json
{
  • "group": {
    }
}

Add release to release group

Authorizations:
None
path Parameters
user_id
string
group_id
string
header Parameters
X-Change-Timestamp
string

Responses

Response samples

Content type
application/json
{
  • "id": "string"
}

Verification code

Operations around verification codes

Initiate authentication by code

  • Request requires App Access Token.
  • Account identifiable by given msisdn or user_id has to be registered in advance.
  • Once code generated it can be used to log in to account grant_type=verification_code.

Backend logic:

  • Backend generates code and optionally sends it by SMS to specified MSISDN
  • If return=true passed, then it returns code back instead of sending it to the customer
Authorizations:
None
Request Body schema: application/json
msisdn
string

one of msisdn or user_id should present (not both)

user_id
string

one of msisdn or user_id should present (not both)

return
boolean

defaults to false, pass true to get code back, requires client to have return-code scope

Responses

Request samples

Content type
application/json
{
  • "msisdn": "string",
  • "user_id": "string",
  • "return": true
}

Response samples

Content type
application/json
{
  • "code": "string"
}

Layouts

This api contain endpoints to construct and fetch layouts for different pages

List layouts

Authorizations:
None
header Parameters
Range
string

Responses

Response samples

Content type
application/json
{
  • "layouts": [
    ]
}

Get layout by id

Authorizations:
None
path Parameters
id
required
string
Enum: "*" "home" "podcasts"

ID may have one of predefined values called alias

Responses

Response samples

Content type
application/json
{
  • "layout": {
    }
}

Patch layout

Change layout name. Change layout sections

Authorizations:
None
path Parameters
id
required
integer
Request Body schema: application/json
name
string
product_id
string or null
Deprecated
region
string or null
Deprecated
profile_type
string or null
Deprecated
Array of objects (layout_sections)

Request sections will replace all current layout sections

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "product_id": "string",
  • "region": "string",
  • "profile_type": "string",
  • "sections": [
    ]
}

Response samples

Content type
application/json
{
  • "layout": {
    }
}

List layout conditions

Authorizations:
None
path Parameters
id
required
integer

Layout id

Responses

Response samples

Content type
application/json
{
  • "conditions": [
    ]
}

Replace layout conditions

Authorizations:
None
path Parameters
id
required
integer

Layout id

Request Body schema: application/json
Array of objects (layout_condition)

Responses

Request samples

Content type
application/json
{
  • "conditions": [
    ]
}

Response samples

Content type
application/json
{
  • "conditions": [
    ]
}

Activation

These endpoints should be used to get activations and activate partner subscriptions.

Confirm activation

When a user successfully logs in, the related subscription must be activated. Use this endpoint in order to do it. A user token from the normal OAuth2 flow must be used for this request.

Authorizations:
None
path Parameters
activation_id
required
string
Request Body schema: application/json
state
string

Should be CONFIRMED

Responses

Request samples

Content type
application/json
{
  • "state": "CONFIRMED"
}

Response samples

Content type
application/json
{ }

Get activation status

When a user clicks on a confirmation link in an email, the page with either login or password set should be shown. Use this endpoint to figure out which page and what data must be shown. A visitor token from the normal OAuth2 flow must be used for this request.

Authorizations:
None
query Parameters
confirmation_code
required
string

Responses

Response samples

Content type
application/json
{
  • "activations": [
    ]
}

Features

Operations around features

List user features

Fetches all features from current user and his subscription.

Authorizations:
None
query Parameters
entity_type
string
Value: "release"

Type of the entities. If present entity_id should also be present.

entity_id
Array of strings

Сomma-separated list of entity IDs

name
string

Filter features by name. Makes sense when entity_type is present.

Responses

Response samples

Content type
application/json
{
  • "features": [
    ]
}

Partners

These endpoints are used by a partner manager to work with partners.

Authentication

In order to use this endpoints normal OAuth flow should be used. Access token must have partner_manager scope, so a separate client should be used to get the access tokens.

Add new partner

Adds a new partner with no authentication clients and no allowed products.

  • To add authentication clients (credentials) use POST /v2/partners/:partner_id/clients
  • To choose allowed products use PUT /v2/partners/:id/products following this request.
Authorizations:
None
Request Body schema: application/json
title
required
string

title of the partner

confirmation_url
required
string

pattern of a URL that user should visit to confirm a subscription

Responses

Request samples

Content type
application/json
{
  • "title": "string",
  • "confirmation_url": "string"
}

Response samples

Content type
application/json
{
  • "partner": {
    }
}

List allowed products for a partner

Authorizations:
None
path Parameters
partner_id
required
integer

Responses

Response samples

Content type
application/json
{
  • "products": [
    ]
}

Replace list of allowed products for a partner

Authorizations:
None
path Parameters
partner_id
required
integer
Request Body schema: application/json
Array
id
string

Responses

Request samples

Content type
application/json
[
  • {
    }
]

Response samples

Content type
application/json
{ }

Partner clients

Clients are used to authenticate partners' requests. Every partner can have one or more clients. Each client has client_id and client_secret that are used to identify the partner.

After creating a new client client_id and client_secret should be sent to the partner, so they can use it.

Create a new client for a partner

Authorizations:
None
path Parameters
partner_id
integer
Request Body schema: application/json
title
required
string

Responses

Request samples

Content type
application/json
{
  • "title": "string"
}

Response samples

Content type
application/json
{
  • "client": {
    }
}

Partner users

Partner users API

Endpoints /v2/partnerusers/* are used by partners to manipulate theirs users and users' subscriptions.

Authentication

In order to use these endpoints a separate authentication method is used, different from the normal OAuth flow.

A partner is provided with a set of clients which credentials should be used to authenticate this partner.

Authentication headers

Each request should contain following headers:

  • X-Auth-Client-Id: {client_id}
  • X-Auth-Client-Secret: {client_secret}

Failed authentication

If no correct credentials were provided, the following response is sent

401 Unauthorized
{}

Endpoints

  • POST /v2/partnerusers/activations - creates a new user, associates with the partner and adds a subscription;
  • DELETE /v2/partnerusers/activations/:activation_id - stop user's subscription.

Associate a user with the current partner

This is a primary endpoint to create and associate a user with the partner and add a partner subscription for this user.

Use cases

  • create a new user and add a partner subscription:
    • property user must be present in the request with valid email or msisdn for this case;
  • add new partner subscription to an existing user without active partner subscription;
  • migrate existing user with an active partner subscription to a different product.

Flow

  • Create a user if it does not exist
    • Check if there is a user with this partner_id + external_id:
      • Do not update the user
    • If there is no user with this partner_id + external_id:
      • Lookup user by e-mail (msisdn)
        • Create new user if does not exist
        • Use existing user if does exist
  • Associate the user with external_id
  • Create subscription for user.
    • If no subscription exists, create a new one
    • If an existing subscription exists for this partner, for a different product, end the previous one, and create a new one
    • If an existing subscription exists for this partner, for the same product, do nothing.
  • If the new subscription is created, it has INCOMPLETE state and should be activated later.
Authorizations:
None
header Parameters
X-Auth-Client-Id
string
X-Auth-Client-Secret
string
Request Body schema: application/json
required
object
object
required
object
state
integer

Optional. If set to 2 and the user already has a running subscription for this partner, no confirmation is required

Responses

Request samples

Content type
application/json
{
  • "partneruser": {
    },
  • "user": {
    },
  • "product": {
    },
  • "state": 0
}

Response samples

Content type
application/json
{
  • "activation": {
    },
  • "user": {
    }
}

End user's subscription

Ends the subscription of the current partner.

Authorizations:
None
path Parameters
activation_id
required
string
header Parameters
X-Auth-Client-Id
string
X-Auth-Client-Secret
string

Responses

Response samples

Content type
application/json
{ }

Banner Images

Upload a banner image

Authorizations:
None
path Parameters
banner_id
required
string
Request Body schema: multipart/form-data
Schema not provided

Responses

Response samples

Content type
application/json
{ }

Banner Groups

Get a list of currently visible groups

Authorizations:
None
query Parameters
group_ids
string

Comma separated list of ids

header Parameters
X-Actor-Image-Sizes
string
X-Artist-Image-Sizes
string
X-Banner-Image-Sizes
string
X-Release-Cover-Sizes
string
X-Include
Array of strings (schema)
Range
string

Responses

Response samples

Content type
application/json
{
  • "groups": [
    ]
}

Create a new banner group

Access token requires special permission.

Authorizations:
None
header Parameters
X-Actor-Image-Sizes
string
X-Artist-Image-Sizes
string
X-Banner-Image-Sizes
string
X-Release-Cover-Sizes
string
Request Body schema: application/json
name
required
string
visible
required
boolean
position
required
integer
source_link_type
string
source_link_value
string
source_link_filter
string

Should be in json format

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "visible": true,
  • "position": 0,
  • "source_link_type": "string",
  • "source_link_value": "string",
  • "source_link_filter": "string"
}

Response samples

Content type
application/json
{
  • "group": {
    }
}

Fetch a banner group by ID

Authorizations:
None
path Parameters
group_id
required
string
header Parameters
X-Actor-Image-Sizes
string
X-Artist-Image-Sizes
string
X-Banner-Image-Sizes
string
X-Release-Cover-Sizes
string
X-Include
Array of strings (schema)

Responses

Response samples

Content type
application/json
{
  • "group": {
    }
}

Update a banner group by ID

Access token requires special permission. All request parameters are optional, but at least one should present

Authorizations:
None
path Parameters
group_id
required
string
header Parameters
X-Actor-Image-Sizes
string
X-Artist-Image-Sizes
string
X-Banner-Image-Sizes
string
X-Release-Cover-Sizes
string
X-Include
string
Request Body schema: application/json
name
string
visible
boolean
source_link_type
string
source_link_value
string
source_link_filter
string

Should be in json format

Array of objects (group_entry)

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "visible": true,
  • "source_link_type": "string",
  • "source_link_value": "string",
  • "source_link_filter": "string",
  • "banners": [
    ]
}

Response samples

Content type
application/json
{
  • "group": {
    }
}

Search releases

Full text search. Response can be paginated based on Range headers

Authorizations:
None
query Parameters
query
string

full-text search

series_id
string

search by series id

rated_by
string
media_available_from
string <Y-m-d>
licensor_id
string

name of a licensor

banner_group_id
string

Filter by releases that are converted to a banner group

release_group_id
string

Filter by releases that are under control of a release group

header Parameters
X-Release-Cover-Sizes
string
X-Actor-Image-Sizes
string
X-Include
string
Range
string
Example: artists=20-39

artists=20-39 (inclusive)

Responses

Response samples

Content type
application/json
{
  • "releases": [
    ]
}

LCP

Generate LCP license

Authorizations:
None
path Parameters
id
required
string

Release ID

Request Body schema: application/json
required
purpose
required
string
Value: "export"
password
required
string non-empty

Responses

Request samples

Content type
application/json
{
  • "purpose": "export",
  • "password": "string"
}

Response samples

Content type
application/json
{ }

CORS preflight

Authorizations:
None

Responses