Partner User Guide to Management APIs
Integrate P2PE Manager functionality with your client's platforms and/or services using the Management API.
The Management APIs are designed so that our partners can integrate client P2PE Manager functionality with their own platform/service. Because partners are altering resources on behalf of their clients, they have increased access to P2PE resources through the Management APIs when compared to P2PE Manager's user interface. Client-level user roles do not have access to the P2PE Manager APIs, and a partner cannot alter a device's state through the P2PE Manager UI. They can only do so through the Management APIs.
Typically, a partner will perform the following actions on the Decryptx Management APIs:
- Manage sub-partner accounts.
- Manage client accounts.
- Manage client locations.
- Manage devices on behalf of clients.
- Manage attestations on behalf of clients.
- In special cases, some partners will manage transactions through the Management APIs. See the separate Transactions API
Listing Existing Resources
When creating resources through the Management APIs, you will have to include references to other resources on the P2PE Manager. In general, these references are JSON objects with either the resource ID, e.g., { "id": "23"} or name, e.g., { "name": "IDtech SecuRED"}.
For example, a reference to a parent resource is required when creating a sub-partner or a client. A client reference is required when creating a location or attestation. The following API call examples list the device and client resources:
Development vs Production
These examples use the Management APIs certification environment. To evaluate your requests against the production environment replace the host
cert-bluefin.p2pemanager.comwithbluefin.p2pemanager.com.
List all Partner Endpoints:
GET https://cert-apis.p2pemanager.com/api/v1/partners?take=2&skip=0
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
{
"total": 100,
"data": [
{
"id" : "6580",
"name" : "ASM Software",
"reference" : "asms",
"billingId" : "001J000001ngZle",
"partnerId" : "45",
"verificationPhrase" : "The quick brown fox jumps over the lazy dog",
"clientCanOrderEquipment" : true,
"parent": {
"id" : "73",
"name" : "ASM Global"
},
"version": 0,
"location": {
"id" : "33644",
"name" : "ASM Software Headquarters"
},
"contact": {
"id" : "91724"
},
"isActive": true
},
{
"id" : "73",
"name" : "ASM Global",
"reference" : "ASM_GLOBAL",
"billingId" : "2",
"partnerId" : "54",
"verificationPhrase" : "donotpassgo",
"clientCanOrderEquipment" : true,
"version" : 10,
"location": {
"id" : "25329",
"name" : "ASM Global Headquarters"
},
"contact" : {
"id" : "71265"
},
"isActive" : true
}
]
}
List all of ASM Software's clients:
GET https://cert-apis.p2pemanager.com/api/v1/clients?partner=6580&take=2&skip=0
Authorization: Basic dXNlcjpwYXNzd29yZA==
{
"total": 1,
"data": [
{
"id" : "4684",
"name" : "The Tired Window",
"mid" : "563423567",
"billingId" : "001J000001oiXle",
"mid" : "220614971581",
"isActive" : true,
"version" : 0,
"partner": {
"id" : "73",
"name" : "ASM Global"
},
"directPartner": {
"id" : "6580",
"name" : "ASM Software"
},
"location": {
"id" : "33668",
"name" : "The Tired Window Headquarters"
},
"contact" : {
"id" : "91740"
}
}
]
}
At this point, you have your primary reference objects that can be used when creating sub-partners, client, location, and attestations.
{ "id" : "73" }- ASM Software Partner{ "id" : "4684" }- The Tired Window Client
Creating a Client
The following example outlines how a partner can create a client resource. When creating the resource they must include a reference to the client's direct partner. The mid is an open field that allows a partner to associate a client with a merchant identifier from their own software service. A location and user resource must also be specified; the values specified in the API call are broken out to standalone location and user resources. The CardConex ID is a Bluefin specific field.
POST https://cert-apis.p2pemanager.com/api/v1/clients
Authorization: Basic dXNlcjpwYXNzd29yZA==
{
"name" : "The Tired Window",
"billingId" : "001J000001oiXle",
"mid" : "220614971581",
"isActive" : true,
"directPartner": {
"id": "6580"
},
"location": {
"name" : "The Tired Window Headquarters",
"nameOfBusiness" : "The Tired Window",
"locationType" : "Merchant retail location",
"uniqueId" : "ce65d83b-2a2c-48c8-b909-d8960e6a1c9b",
"country" : {
"code" : "US"
},
"address1" : "123 Main St",
"address2" : "Suite 100",
"city" : "Atlanta",
"stateProvince" : "Georgia",
"postalCode" : "30350",
"mailAddress1" : "123 Main St",
"mailAddress2" : "Suite 100",
"mailCity" : "Atlanta",
"mailStateProvince" : "Georgia",
"mailPostalCode" : "30350"
},
"contact": {
"userName" : "dbackler3",
"firstName" : "Dora",
"lastName" : "Backler",
"email" : "[email protected]",
"phone" : "687-251-0960",
"userRole" : "Client Admin",
"isActive" : true,
"sendWelcomeEmail" : true
}
}
The ID of the newly created resource is returned in the response:
{
"id": "4684"
}
Creating a Location
A client can have more than one location associated with their account. The following example creates a second location for our sample The Tired Window Client.
POST https://cert-apis.p2pemanager.com/api/v1/locations
Authorization: Basic dXNlcjpwYXNzd29yZA==
{
"client": {
"id": "4684"
},
"name": "The Tired Window Tulsa",
"nameOfBusiness" : "The Tired Window Tulsa",
"locationType" : "Regional Office",
"uniqueId" : "ce65d83b-2a2c-48c8-b909-e5460e6a1c9b",
"country" : {
"code" : "US"
},
"address1" : "123 Main St",
"address2" : "Suite 100",
"city" : "Tulsa",
"stateProvince" : "Oklahoma",
"postalCode" : "30350",
"mailCountry" : "United States",
"mailAddress1" : "123 Main St",
"mailAddress2" : "Suite 100",
"mailCity" : "Tulsa",
"mailStateProvince" : "Oklahoma",
"mailPostalCode" : "30350",
"notes": ""
}
Creating an Attestation
PCI Compliance Regulations for point to point encryption (P2PE) mandate that devices be inspected annually. The following example creates an attestation record. A reference to the client must be included in the API call; a list of device reference objects containing the devices' serial numbers must also be specified. An optional note can also be included.
POST https://cert-apis.p2pemanager.com/api/v1/attestations
Authorization: Basic dXNlcjpwYXNzd29yZA==
{
"name" : "Annual check 2017",
"completeDate" : "2017-12-25 15:45:34",
"client": {
"id": "4684"
},
"devices": [
{
"serialNumber" : "123123123"
}
],
"notes" : "This terminal was inspected by Dora."
}
The API call response contains a the device serial number:
[
{
"id": "3453455",
"device": {
"id": "175108",
"serialNumber": "123123123"
}
}
]
Updated almost 2 years ago