Draft Narvar Notification Center Hipaa
Base URL
The Narvar Notification Center API is implemented using the Narvar HIPAA stack. All PHI is stored in encrypted format at all times. Narvar Implementation consultant will send the keys for Staging. Production keys will be sent directly by the Narvar HIPAA team.
For HIPAA staging all calls will be made from the following host: https://hipaa-staging.narvar.com/api/v1 For HIPAA production all calls will be made from the following host: https://hipaa.narvar.com/api/v1
How this works: Step 1: Make the initial call to get tokens. These will be used for any subsequent calls to HIPAA endpoint. The tokens have a two hour lifespan which is also returned in the initial response. " Please only make one call per 2 hour session. There is no need to make a call for each HIPAA request"
Step 2: Using the response tokens as basic auth credentials for the HIPAA calls, you can now make POSTs, PUTs and GETs. All PHI data is encrypted.
The Postman collection for Notification Center API can be found here https://www.getpostman.com/collections/c8ac94a3455d6c8dd943
Authentication
Create tokens for the HIPAA auth call. This gives a set of credentials that lasts for two hours. The user can use this to make all subsequent HIPAA calls.
Request headers
Responses
Body
{customer_id}
{customer_id}
{customer_id}
{customer_id}
Authentication
Retrieve existing customer preferences using a customer ID for a customer. This method must be used prior to updating a customer preference. The modified_datetime value from the GET response must be provided in the PUT request.
Path variables
pass the customer id (case sensitive)
Responses
Returns customer preferences
Body
Customer first name
Customer last name
The customer locale; default is en_US
Notification preferences for the user
The opt in channel
The contact information for the channel
List of contact details for the channel
The contact information for the channel
OS type
Android device
iOS device
Unique id for the device like IMEI etc
The last time the record has been modified. All dates and times are expressed in ISO 8601, with a UTC offset (denoted by the Z)
Bad Request
Unauthorized
Internal Server Error
GET https://ws-qa01.narvar.qa/api/v1/notify-preferences/customer-level/customer/1234 HTTP/1.1
HTTP/1.1 200 OK
Content-Type: application/json
{
"status": "OK",
"messages": [
"success"
],
"customer_preferences": {
"first_name": "Vlad",
"last_name": "Smith",
"locale": "en_US",
"notification_pref_details": [
{
"channel": "sms",
"contact": "777-777-7777"
}
],
"modified_datetime": "2018-04-10T17:33:36.742Z"
}
}
{customer_id}
Authentication
Create a new customer and notification preference record for a customer. A customer notification preference is considered as an opt-in for notifications in the preferred channel for all new orders. It is very important that the customer id used for a customer, is not used to represent any other customer, or guest. This is to ensure Narvar can accurately display and update notification preferences.
Path variables
The unique identifier that represents the customer (case sensitive)
Request body
The customer’s notification preferences
The notifiation preferences for the customer
Location where the user updated opt in preferences
A retailer’s account or order history page
A retailer’s page after an order has been placed
A retailer’s page during the checkout flow
Customer first name
Customer last name
Notification preferences for the user
The opt in channel
The contact information for the channel
List of contact details for the channel
The contact information for the channel
OS type
Android device
iOS device
Unique id for the device like IMEI etc
The customer locale; default is en_US
Responses
ITEM CREATED
Bad request or invalid phone number
Unauthorized
Internal Server Error
POST https://ws-qa01.narvar.qa/api/v1/notify-preferences/customer-level/customer/1234 HTTP/1.1
Content-Type: application/json
{
"customer_preferences": {
"traffic_source": "MY_ACCOUNT_PAGE",
"first_name": "John",
"last_name": "Doe",
"notification_pref_details": [
{
"channel": "sms",
"contact": "777-777-7777"
}
],
"locale": "en_US"
}
}
HTTP/1.1 201 Created
{customer_id}
Authentication
Update an existing customer record to add or modify notification preferences for a customer. Modifications include changing preference details or opting out of notifications. In order to conform to REST, full resource representation is expected. For example, if an optional field (phone number) is blank in the request, the API will delete the existing phone number from the customer preferences.
Path variables
The unique identifier that represents the customer (case sensitive)
Request body
The customer’s notification preferences
The notifiation preferences for the customer
Location where the user updated opt in preferences
A retailer’s account or order history page
A retailer’s page after an order has been placed
A retailer’s page during the checkout flow
Customer first name
Customer last name
Notification preferences for the user
The opt in channel
The contact information for the channel
List of contact details for the channel
The contact information for the channel
OS type
Android device
iOS device
Unique id for the device like IMEI etc
The customer locale; default is en_US
The most recent time when the user updated their preferences. All dates and times are expressed in ISO 8601, with a UTC offset (denoted by the Z)
Responses
OK
Bad request or invalid phone number
Unauthorized
Internal Server Error
PUT https://ws-st01.narvar.qa/api/v1/notify-preferences/customer-level/customer/1234 HTTP/1.1
Content-Type: application/json
{
"customer_preferences": {
"traffic_source": "MY_ACCOUNT_PAGE",
"first_name": "John",
"last_name": "Doe",
"notification_pref_details": [
{
"channel": "sms",
"contact": "777-777-7777"
}
],
"locale": "en_US",
"modified_datetime": "2017-12-21T23:34:06.114905"
}
}
HTTP/1.1 200 OK
{customer_id}
/order/{order_id}
{customer_id}
{customer_id}
/order/{order_id}
{customer_id}
/order/{order_id}
Authentication
Create a new order-level preference for a guest customer opt-in. The guest customer will receive notifications for the specific order. It is very important that the customer id used for a guest is unique, and will not be used again for any other opt-in. This is to ensure Narvar can accurately display and update notification preferences.
Path variables
The unique identifier that represents the customer (case sensitive)
Order number
Request body
The customer’s notification preferences for the order
Location where the user updated opt in preferences
A retailer’s account or order history page
A retailer’s page after an order has been placed
A retailer’s page during the checkout flow
Order number for the opt in
Customer first name
Customer last name
Notification preferences for the user
The opt in channel
The contact information for the channel
List of contact details for the channel
The contact information for the channel
OS type
Android device
iOS device
Unique id for the device like IMEI etc
The customer locale; default is en_US
At this time only true should be passed in this field
At this time only true should be passed in this field
Responses
ITEM CREATED
Bad request or invalid phone number
Unauthorized
Internal Server Error
POST https://ws-st01.narvar.qa/api/v1/notify-preferences/order-level/customer/1234/order/9876 HTTP/1.1
Content-Type: application/json
{
"order_preferences": {
"traffic_source": "MY_ACCOUNT_PAGE",
"order_id": "9876",
"first_name": "John",
"last_name": "Doe",
"notification_pref_details": [
{
"channel": "sms",
"contact": "777-777-7777"
}
],
"locale": "en_US",
"is_guest": true,
"is_active": true
}
}
HTTP/1.1 201 Created
{customer_id}
Authentication
Retrieve order preferences for a given customer ID for a guest customer.
Path variables
pass the customer id (case sensitive)
Request parameters
Pass in an order id to return results for one order
Default false, all active orders will be returned, set to true if inactive orders should be returned
Responses
Returns customer preferences
Body
Order to which the user has subscribed
Customer first name
Customer last name
The customer locale; default is en_US
Informs whether the order is active or not
Notification preferences for the user
The opt in channel
The contact information for the channel
List of contact details for the channel
The contact information for the channel
OS type
Android device
iOS device
Unique id of device like IMEI etc
The last time the record was modified. All dates and times are expressed in ISO 8601, with a UTC offset (denoted by the Z)
Bad Request
Unauthorized
Internal Server Error
GET https://ws-qa01.narvar.qa/api/v1/notify-preferences/order-level/customer/1234?order_id=9876&is_include_inactive=true HTTP/1.1
HTTP/1.1 200 OK
Content-Type: application/json
{
"status": "OK",
"messages": [
"success"
],
"order_preferences": [
{
"order_id": "9876",
"first_name": "Nanda",
"last_name": "Kumar",
"locale": "en_US",
"is_guest": false,
"is_active": true,
"notification_pref_details": [
{
"channel": "sms",
"contact": "777-777-7777"
}
],
"modified_datetime": "2018-04-10T22:02:41.349Z"
}
]
}
{customer_id}
/order/{order_id}
Authentication
Update an existing customer order-level record to add or modify notification preferences for a customer. Modifications include changing preference details or opting out of notifications. In order to conform to REST, full resource representation is expected. For example, if an optional field (phone number) is blank in the request, the API will delete the existing phone number from the customer preferences.
Path variables
The unique identifier that represents the customer (case sensitive)
Order number
Request body
The customer’s notification preferences
Location where the user updated opt in preferences
A retailer’s page after an order has been placed
A retailer’s account or order history page
A retailer’s page during the checkout flow
Customer last name
Notification preferences for the user
The opt in channel
The contact information for the channel
List of contact details for the channel
The contact information for the channel
OS type
Android device
iOS device
Unique id for the device like IMEI etc
The customer locale; default is en_US
At this time only true should be passed in this field
At this time only true should be passed in this field
The most recent time when the user updated their preferences. All dates and times are expressed in ISO 8601, with a UTC offset (denoted by the Z)
Responses
Bad request or invalid phone number
Unauthorized
Internal Server Error
PUT https://ws-st01.narvar.qa/api/v1/notify-preferences/order-level/customer/1234/order/9876 HTTP/1.1
Content-Type: application/json
{
"order_preferences": {
"traffic_source": "MY_ACCOUNT_PAGE",
"order_id": "9876",
"first_name": "John",
"last_name": "Doe",
"notification_pref_details": [
{
"channel": "sms",
"contact": "777-777-7777"
}
],
"locale": "en_US",
"is_guest": true,
"is_active": true,
"modified_datetime": "2018-09-17T22:33:12.848Z"
}
}
HTTP/1.1 200 OK