An API to deal with the Flexisip server
The API is available under /api
A from (consisting of the user SIP address, prefixed with sip:), content-type and accept HTTP headers are required to use the API properly
> GET /api/{endpoint}
> from: sip:foobar@sip.example.org
> content-type: application/json
> accept: application/json
Restricted endpoints are protected using a DIGEST authentication or an API Key mechanisms.
To authenticate using an API Key, you need to authenticate to your account panel and being an administrator.
On your panel you will then find a form to generate your personnal key.
You can then use your freshly generated key by adding a new x-api-key header to your API requests:
> GET /api/{endpoint}
> from: sip:foobar@sip.example.org
> x-api-key: {your-api-key}
> …
To discover the available hashing algorythm you MUST send an unauthenticated request to one of the restricted endpoints.
For the moment only DIGEST-MD5 and DIGEST-SHA-256 are supported through the authentication layer.
> GET /api/{restricted-endpoint}
> …
< HTTP 401
< content-type: application/json
< www-authenticate: Digest realm=test,qop=auth,algorithm=MD5,nonce="{nonce}",opaque="{opaque}"
< www-authenticate: Digest realm=test,qop=auth,algorithm=SHA-256,nonce="{nonce}",opaque="{opaque}"
You can find more documentation on the related IETF RFC-7616.
POST /accountsJSON parameters:
username unique username, minimum 6 characterspassword required minimum 6 charactersalgorithm required, values can be SHA-256 or MD5domain optional, the value is set to the default registration domain if not setactivated optional, a boolean, set to false by defaultTo create an account directly from the API.
This endpoint is authenticated and requires an admin account.
GET /pingReturns pong
GET /devicesReturn the user registered devices.
DELETE /devices/{uuid}Remove one of the user registered devices.
@endsection