Core APIs
    • API Information
    • Error Code List
    • Clients
      • Get Info Client
        GET
    • Users
      • Login Flow
      • Login (UI by fypass)
        POST
      • Get User Login / Register Status (by fypass)
        GET
    • Devices
      • Save Device
        POST
      • Get Device Detail
        GET
    • Schemas
      • Error Response
      • deviceInfo
      • Fypass URL

    API Information

    Document History#

    VersionReleaseDescription
    1.0.0-Initialize API

    Server#

    EnvironmentBase URL
    Staginghttps://api-core.app-staging.my.id
    Production-

    General Request Field#

    There are several fields that should be set in every endpoint request API.

    x-language#

    Request onMandatoryDefault
    HeaderNoid
    The language used in the messages received in the API response will be based in the value of x-language.
    Allowed values :
    valueDescription
    idBahasa Indonesia
    enEnglish

    x-request-id#

    Request onMandatoryDefault
    HeaderYes
    As the identity of each API request. The value should be unique.

    x-client-key#

    Request onMandatoryDefault
    HeaderYes
    The key received by the client to access the API

    x-version#

    Request onMandatoryDefault
    HeaderYes
    Identified the version API used by the client to request the API endpoint.

    x-token#

    Request onMandatoryDefault
    HeaderConditional
    The x-token field will become mandatory if the API endpoint being requested is specific to user.
    the x-token will be obtained if the user successfully logs in.

    x-signature#

    Request onMandatoryDefault
    HeaderYes
    For verify the request received by trusted client or not, we need to check the signature. Use the private key that received from the admin to create signature.
    The encrypted using RSA 2048 & SHA256.
    Data structure for signature :
    {
  "endpoint": "/user/login?id=3425234245",
  "method": "GET",
  "headers": {
    "x-client-key": "CK00001"
    "x-token": "abcde12345"
    "x-request-id": "ABCEDFGHIJK",
    "x-version": "1.0.0"
  },
  "body": {}
}

    1. endpoint#

    The endpoint used in the request. You can check the endpoint in each the request API info

    2. method#

    The http method used in request.

    3. headers#

    In the headers part, only allowed the method, x-request-id, x-client-key, etc field.

    4. body#

    If there are the body data in send request body. Put the request body info. but, if there is no the body data, fill it with empty object : {}

    Step by step to create Signature#

    1.
    Prepare data according to the structure above
    2.
    Data has been prepared, then convert the data to be string.
    3.
    Encrypt the data string with RSA 2048 & SHA256 use private key that has been received.
    4.
    Encode encrypted data using base64 encode.
    5.
    Then set the data encoded with base64 encode to the "X-Signature" field in the header

    General Response#

    Success#

    You will be received the http status 2XX if the request API is success, and you can see the data need in the response

    Failed#

    There are 2 types failed response.
    5XX : error in the server side
    4XX : error in the client side
    Every you get error response, you will be see the response schema like this :
    Error Response

    Modified at 2025-04-11 13:38:37
    Next
    Error Code List
    Built with