Cafebazaar Developer API

Introduction

Cafebazaar Developer API is a REST API that allows you to automatically perform some of your product management tasks. Using this API, you can check the status of your products and subscriptions sales from your personal server.

Not all developers will need to use Developer API. In most cases, you can manage these sales from your Developer Panel. However, if you have a large number of apps and in-app products, this API might be useful for you.

This API allows you to receive details of your products and subscriptions sales by sending a standard GET request. In this request you send information about a sale (package name, product/subscription id ,and purhcase token) and server responds to your request with a JSON object containing datails about the product/subscription sale.

You can use this API for several purposes, such as reporting, checking the status of a single product sale, and confirming product sales and subscriptions expiration date.

Using API

Cafebazaar uses OAuth 2.0 protocol for authentication process in Developer API. To use Developer API, you first need to create a Client in your Cafebazaar developer panel, and then use the information from that Client to recieve an access_token. access_token is the token you should send with each API request to the Cafebazaar.

To start using Developer API, you'll have to follow this steps:

  1. Create a Client. Each Client contains information used by Cafebazaar to authenticate an API user. To create a Client, go to your developer panel, click on the Developer API on the side menu to go to Developer API page. In this page click on the New Client button.
  2. In the opened modal, enter your desired value for Redirect URI. This address specifies where should Cafebazaar send the response to your request for Authentication Code in the next steps.
  3. Go to the following address:

    https://pardakht.cafebazaar.ir/auth/authorize/?response_type=code&access_type=offline&redirect_uri=<REDIRECT_URI>&client_id=<CLIENT_ID>
    

    Note that you should replace <REDIRECT_URI> and <CLIENT_ID> with values from the Client you've created in the previous steps.

  4. Click on Authorize in the opened page.
  5. Your browser will redirect you to the address you've entered as Redirect URI. The Authentication Code is sent with this request as a GET query field with the name "code", which looks similiar to affAKBEs80Yz1AjHXtoKHZnWj1UItfnKwp1b5FRg.
  6. By sending a POST requsest to:
    https://pardakht.cafebazaar.ir/auth/token/
    With these fields:
    grant_type=authorization_code
    code=<the code from the previous step>
    client_id=<the client ID token from your defined Client in previous steps>
    client_secret=<the client secret from your defined Client>
    redirect_uri=<the redirect URI from your defined Client>
    
    You will recieve access_token and refresh_token.
    A successful response will be JSON format and looks similiar to:
    {
       "access_token": "GWObRK06KHLr8pCQzDXJ9hcDdSC3eV",
       "token_type": "Bearer",
       "expires_in": 3600,
       "refresh_token": "yBC4br1l6OCNWnahJvreOchIZ9B6ze",
       "scope": "androidpublisher"
    }
  7. Now that you have recieved your access_token, you can use the API by sending these kind of requests:
    https://pardakht.cafebazaar.ir/api/<your desired function>?access_token=<access_token you've recieved>
  8. Each access_token is only valid for a short time. After your access_token expired, you can get a new one from Cafebazaar using your refresh_token. To do so, send a POST request to:
    https://pardakht.cafebazaar.ir/auth/token/
    With these fields:
    grant_type=refresh_token
    client_id=<the client ID token from your defined Client>
    client_secret=<the client secrey from your defined Client>
    refresh_token=<the refresh token from the previous steps>
    
    A successful response will be JSON format and looks similiar to:
    {
       "access_token": "uX5qC82EGWjkjjeyvTzTufHOM9HZfM",
       "token_type": "Bearer",
       "expires_in": 3600,
       "scope": "androidpublisher"
    }
    Using this, your server can access Developer API continuously.

Implemented functions in Developer API

Currently these functions are implemented:

  1. In-app purchase validation:
    This function returns status of purchase and consume of an in-app purchase.
    https://pardakht.cafebazaar.ir/api/validate/<package_name>/inapp/<product_id>/purchases/<purchase_token>/?access_token=<access_token>
    Note that you have to fill the values in the angle brackets according to your request. The result will look similar to:
    {
       "consumptionState": 1,
       "purchaseState": 0,
       "kind": "androidpublisher#inappPurchase",
       "developerPayload": "something",
       "purchaseTime": 1414181378566
    }
  2. Subscription validation: This function returns status, start date and expiration date of a subscription.
    https://pardakht.cafebazaar.ir/api/applications/<package_name>/subscriptions/<subscription_id>/purchases/<purchase_token>/?access_token=<access_token>
    The result will look similar to:
    {
            "kind": "androidpublisher#subscriptionPurchase",
            "initiationTimestampMsec": 1414181378566,
            "validUntilTimestampMsec": 1435912745710,
            "autoRenewing": true,
    }
  3. Subscription cancellation: This function cancels a subscription.
    https://pardakht.cafebazaar.ir/api/applications/<package_name>/subscriptions/<subscription_id>/purchases/<purchase_token>/cancel/?access_token=<access_token>
    If successful, this method returns an empty response body. This function won't refund previous purchases and the subscription remains valid until its expiration time.