API reference

Record types

List record types

This endpoint returns the available record types, e.g. movie, organization, person, etc.

Response parameters

Retrieve a record type

This endpoint retrieves the JSON file of a record type. This JSON file contains the list of parameters available in the record type.

Response parameters

Records

Search records

Filtering records

The search records endpoint supports chained filters. The filter is sent in body of the request.

{
   "or":[
      {
         "and":[
            {
               "property": "name",
               "startsWith": "R"
            },
            {
               "property": "name",
               "contains": "o"
            }
         ]
      },
      {
         "and":[
            {
               "property": "name",
               "startsWith": "G"
            },
            {
               "property": "name",
               "contains": "w"
            }
         ]
      }
   ]
}

In addition to chained filters, records can be queried with single filters as well.

{
   "and":[
      {
         "property": "name",
         "startsWith": "R"
      }
   ]
}

Supported operators for filtering

  • startsWith

  • endsWith

  • contains

  • equalsTo

Retrieve a record

Create a record

Each user is granted access to 6 default movie records that cannot be updated or deleted.

Each user can create up to 14 movie records, resulting in 20 retrievable movie records.

The body of the request contains the parameters available in the selected record type.

Update a record

Only the records created by the user can be updated.

The body of the request contains the parameters available in the selected record type.

Delete a record

Only the records created by the user can be deleted.

Files/Folders

Retrieve files or folders

Download a file

Delete a file

Upload a file

Each user is granted access to 1 default record that cannot be deleted.

Each user can upload up to 1 file, resulting in 2 retrievable files.

The maximum size of a file one can upload to an upload session is 4 bytes. A single request within the upload session cannot exceed 1 byte. Example: If a file has 4 bytes, the file has to be split into 4 separate requests containing a block of data (bytes).

Step one: Open a slot for a file upload

Open a slot for an upload session and save the file's name and the given file path where the file should be uploaded.

Only one slot can be open at a time. The slot can be open for max 1 minute. The session is dropped if the file upload is not finished by that time or if the upload session ends up with an error.

Step two: Upload the first block of data of the file

Upload the first block of data to an upload session.

Step three: Upload the other blocks of data of the file

Append more data to an upload session.

Step four: Upload the last block of data of the file and close the session

Finish the upload session by uploading the last block (byte) of the file's data.

Webhooks

Verification of the webhook

The Make Academy API version 3 uses a digital signature which is generated using the secret key entered when creating a webhook and the body of the webhook’s request. This data is contained within the Signature header.

The header contains the SHA algorithm used to generate the signature. To verify that the request originates from the App Academy API, you'll need to compute the HMAC 256 using your secret key and the body and compare it to the signature contained in the header. The successful matching of these values ensures that the webhook's source is the App Academy API.

Example of computing HMAC 256 in JavaScript

import * as crypto from 'crypto';

function generateHMACSHA256(secretKey: string, data: string): string {
  const hmac = crypto.createHmac('sha256', secretKey);
  hmac.update(data);
  return hmac.digest('hex');
}

const secretKey = 'yourSecretKey';
const body = 'yourBodyContent';

const hmacSHA256 = generateHMACSHA256(secretKey, body);
console.log(`HMAC-SHA256: ${hmacSHA256}`);

Responding to the webhook

You must set up the verification of the webhook.

When a webhook is attached, the verification payload is sent to the webhook. You must respond with the correct HTTP code:

  • 200 for correct signature

  • 400 for incorrect signature

For the 400 code, you must respond with the following response:

Headers

"Content-type": "application/json"

Body

{
    "message": "Invalid signature"
}

Webhook's payload

Payload parameters

{
    "eventType": "verification",
    "data": {...}
}

Attach a webhook

Detach a webhook

Last updated