Authorization & Conventions

Authorization

All API requests require an Authorization header of type Bearer in the following format:

"Authorization: Bearer {API_TOKEN}"

Example:

curl --request GET \
     --url https://api.vcita.biz/platform/v1/invoices \
     --header 'Accept: application/json' \
     --header 'Authorization: Bearer {API_TOKEN}'

Response structure

Success response

{
    "status": "OK",
    "data": {payload} // either an object or a list
    }
}

Error response

{
    "status": "Error",
    "error": string // error message
}

Pagination

APIs that are returning lists also have pagination functionality, and by default, we return 25 entries per page.
Pagination info is applied to the API request URL as an additional query params in the following manner:

https://api.vcita.biz/platform/v1/invoices?per_page=50&page=3

  • per_page indicates the number of results to be returned per page.
  • page indicates the specific page you want to get results from.

x-on-behalf-of header

Available only for partners and directory owners

The "x-on-behalf-of" header allows directory owners to send API requests on behalf of specific businesses by using the directory token and specifying the relevant business id in the x-on-behalf-of header.

Example:

curl --request GET \
     --url https://api.vcita.biz/platform/v1/invoices \
     --header 'Accept: application/json' \
     --header 'Authorization: Bearer {DIRECTORY_TOKEN}' \
     --header 'x-on-behalf-of: {BUSINESS_ID}'