Getting started
Introduction
Our integrations allow you to exchange data with Qualifio automatically.
They currently allow you to manipulate members' profiles, trigger events for them to earn currencies and receive webhooks calls whenever they perform actions in Qualifio.
Authentication
Our APIs require your calls to be authenticated. This is done through the OAuth 2.0 protocol.
An exception to this rule is the endpoint to trigger mapped events. Since it has been designed to be easier to use for our clients, it gives the choice between multiple ways to authenticate. Please refer to the Events documentation for more information.
The webhooks (sent by Qualifio to your applications) also give you the choice between multiple ways for Qualifio to authenticate with your application. Please refer to the Webhooks documentation for more information.
APIs
The Qualifio APIs can be reached via the following URL:
https://manager.loyalty.qualifioapp.com/api/{api-name}
{api-name}
can be one of the following:
ingestor
(for events)management
(for members profiles)
Events
Events can be triggered by calling the ingestor
API. Combined with Earning rules
defined in the Qualifio Manager, they allow the members to earn currencies
based on their actions (purchase, visits...).
Management
The management
API allows you to manipulate members' profiles. You can create, update and delete them.
This can be useful, for example, to create a member's profile when they register to your website and update it when they
subscribe to your newsletter.
Webhooks
While APIs allow the information to circulate from your application to Qualifio, webhooks allow the information to circulate from Qualifio to your application without the need for you to regularly poll our APIs.
When a member performs certain actions, webhooks can be sent to your application, depending on your preferences. They will notify you of changes such as currencies earned, new levels, new identities, etc.
X-Hub signature
X-Hub-Signature is a method allowing to secure webhooks. It allows to verify the signature of a request body using a secret key used both on the sender and receiver side. x-hub-signature
is a header containing an HMAC signature of the request body. A shared secret is used in the HMAC, allowing us to verify your requests.
This method can be used for your event mapping endpoints and to validate social media webhook requests (ie: Facebook, Instagram).
Custom Token
For event mapping only, you can send a static token in your request. This can be done either by using:
- a custom HTTP query parameter:
https://manager.loyalty.qualifioapp.com/api/ingestor/mapped-events/{id}?{your_custom_token_name}={your_token_value}
- a custom HTTP header
headers: {
"your_custom_token_name": "your_token_value"
}