commit 91ac68e9d296bda509e74541a88b74e5621b9ae9
parent de576548370947dbb0ac0a905c6c0ddc05476f99
Author: Christian Grothoff <christian@grothoff.org>
Date: Thu, 4 Mar 2021 16:01:53 +0100
clarify paths
Diffstat:
1 file changed, 22 insertions(+), 5 deletions(-)
diff --git a/core/api-merchant.rst b/core/api-merchant.rst
@@ -72,8 +72,15 @@ Examples:
A public endpoint (explicit "default" instance):
https://merchant-backend.example.com/instances/default/orders
- Endpoint to manage other instances (ONLY for implicit "default" instance):
+ Endpoints to manage other instances (ONLY for implicit "default" instance):
https://merchant-backend.example.com/private/instances
+ https://merchant-backend.example.com/private/instances/$ID
+
+ Endpoints to manage own instance
+ https://merchant-backend.example.com/private
+ https://merchant-backend.example.com/private/auth
+ https://merchant-backend.example.com/instances/$ID/private
+ https://merchant-backend.example.com/instances/$ID/private/auth
Unavailabe endponts (will return 404):
https://merchant-backend.example.com/instances/myinst/private/instances
@@ -918,9 +925,13 @@ Setting up instances
}
+.. http:post:: /private/instances/$INSTANCE/auth
.. http:post:: [/instances/$INSTANCE]/private/auth
- Update the authentication settings for an instance.
+ Update the authentication settings for an instance. POST operations against
+ an instance are authenticated by checking that an authorization is provided
+ that matches either the credential required by the instance being modified
+ OR the 'default' instance, depending on the access path used.
**Request** the request must be an `InstanceAuthConfigurationMessage`.
@@ -950,12 +961,13 @@ Setting up instances
}
+.. http:patch:: /private/instances/$INSTANCE
.. http:patch:: [/instances/$INSTANCE]/private
Update the configuration of a merchant instance. PATCH operations against
an instance are authenticated by checking that an authorization is provided
that matches either the credential required by the instance being modified
- OR the 'default' instance.
+ OR the 'default' instance, depending on the access path used.
**Request**
@@ -1060,9 +1072,13 @@ Inspecting instances
}
+.. http:get:: /private/instances/$INSTANCE
.. http:get:: [/instances/$INSTANCE]/private
- This is used to query a specific merchant instance.
+ This is used to query a specific merchant instance. GET operations against
+ an instance are authenticated by checking that an authorization is provided
+ that matches either the credential required by the instance being modified
+ OR the 'default' instance, depending on the access path used.
**Response:**
@@ -1142,6 +1158,7 @@ Inspecting instances
Deleting instances
------------------
+.. http:delete:: /private/instances/$INSTANCE
.. http:delete:: [/instances/$INSTANCE]/private
This request will be used to delete (permanently disable)
@@ -1152,7 +1169,7 @@ Deleting instances
For deletion, the authentication credentials must match
the instance that is being deleted or the 'default'
- instance.
+ instance, depending on the access path used.
**Request:**
