Overview

The SPORTident Center REST API provides a minimal, simple and efficient interface to interact with SPORTident Center.

The API is currently in Beta, which means that it could still change in an incompatible way after we receive feedback and opinions from early adaptors. We will inform all current users, should the API change.

Using the API

Authentication

All requests to the API need to be authorised. The user authenticates with his or her API key via the HTTP header "apikey". The API key is available via the Center admin panel user settings.

Http Compression (GZIP)

We support HTTP compression on upload (POST method) and download (all methods, but for content type application/json, text/xml and text/csv only, i.e. for the REST and SOAP API). To upload gzip-compressed data to the server, the client needs to set the header Content-Encoding: gzip. To request a gzip-compressed response, the client needs to set the header Accept-Encoding: gzip. The response may or may not be compressed (very small payloads are not gzipped), which is indicated by whether the Content-Encoding: gzip header is set in the response, or not.

Resources

Events

Retrieve punches for an event

Resource URL

GET /api/rest/v1/public/events/{eventId}/punches

Description

Retrieve punches for an event. The event id is available via the Center admin panel events page. The punches can be retrieved as JSON or CSV formatted data, specified by the Accept header.

Filtering of the punches is possible with the query parameter afterId as listed below.

Typically, to retrieve punches "live" for a running event, you would poll the REST API in a loop (e.g. every ten seconds), starting with afterId=0 (punch ids are always greater than zero) and then increasing afterId to the so far largest returned punch id in each iteration (the returned punches are ordered ascending by punch id).

Simple punch format
Field Description

id

Uniquely identifies this punch

card

SPORTident card number (SIID)

time

Punch time (local time) in milliseconds since the Epoch (1970-01-01 00:00:00)

code

Control code

mode

Punch mode (e.g. Control, Start, Finish, BcControl, etc)
Query parameters
Parameter Description

afterId

(Optional) Get all punches after this id.

limit

(Optional) Return a maximum number of [limit] punches. Default is 50000. Largest possible value is 50000 as well.

projection

(Optional) Return punches in the specified punch format. Currently only "simple" is supported which is the default as well.
Request headers
Name Description

apikey

API key to authenticate the user

Accept

Return punches in the specified format. Acceptable values are "application/json" and "text/csv".

Content-Type

application/json;charset=UTF-8
Response headers
Name Description

X-Count

Returned number of punches, Total number of selected punches
Examples
Curl request to get punches as JSON
$ curl 'https://center.sportident.com/api/rest/v1/public/events/332/punches?afterId=808&projection=simple&limit=5' -i -X GET \
    -H 'Accept: application/json' \
    -H 'apikey: 21f21293-be76-0aef-714d-4287bfa692f6' \
    -H 'Content-Type: application/json;charset=UTF-8'
Retrieve punches as JSON with parameter afterId

Request:

GET /api/rest/v1/public/events/332/punches?afterId=808&projection=simple&limit=5 HTTP/1.1
Accept: application/json
apikey: 21f21293-be76-0aef-714d-4287bfa692f6
Host: center.sportident.com
Content-Type: application/json;charset=UTF-8

Response:

HTTP/1.1 200 OK
Pragma: no-cache
X-Count: 5,95
X-Frame-Options: DENY
Content-Length: 517
Transfer-Encoding: chunked
Set-Cookie: JSESSIONID=98FE374D2B4A765BEEBB20E9B4865F35; Path=/; HttpOnly
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Expires: 0
vary: accept-encoding
X-Content-Type-Options: nosniff
Date: Wed, 25 Mar 2020 17:54:56 GMT
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate

[ {
  "id" : 809,
  "card" : 8888893,
  "time" : 1585162470359,
  "code" : 49,
  "mode" : "BcControl"
}, {
  "id" : 810,
  "card" : 8888894,
  "time" : 1585162471363,
  "code" : 50,
  "mode" : "BcControl"
}, {
  "id" : 811,
  "card" : 8888895,
  "time" : 1585162472367,
  "code" : 51,
  "mode" : "BcControl"
}, {
  "id" : 812,
  "card" : 8888896,
  "time" : 1585162473371,
  "code" : 52,
  "mode" : "BcControl"
}, {
  "id" : 813,
  "card" : 8888897,
  "time" : 1585162474375,
  "code" : 53,
  "mode" : "BcControl"
} ]
JSON access denied response
HTTP/1.1 403 Forbidden
Pragma: no-cache
X-Frame-Options: DENY
Date: Wed, 25 Mar 2020 17:55:28 GMT
Content-Length: 399
Set-Cookie: JSESSIONID=BE258ED47BFFEDF769B8411B6F919A7F; Path=/; HttpOnly
Transfer-Encoding: chunked
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Expires: 0
vary: accept-encoding
X-Content-Type-Options: nosniff
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate

{
  "errors" : [ {
    "entity" : "AccessDeniedException",
    "cause" : "AccessDeniedException",
    "message" : "User 'firstNametestuser2 lastNametestuser2' is not authorised to access event '402'",
    "detailMessage" : "User 'firstNametestuser2 lastNametestuser2' is not authorised to access event '402'",
    "url" : "https://center.sportident.com/api/rest/v1/public/events/402/punches"
  } ]
}
Retrieve punches as CSV

Request:

GET /api/rest/v1/public/events/332/punches?projection=simple&limit=5 HTTP/1.1
apikey: 21f21293-be76-0aef-714d-4287bfa692f6
Host: center.sportident.com
Accept: text/csv

Response:

HTTP/1.1 200 OK
Pragma: no-cache
X-XSS-Protection: 1; mode=block
Expires: 0
X-Frame-Options: DENY
Content-Length: 218
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID=9DAF0B32743FAF43DFB197AF225E5FB0; Path=/; HttpOnly
Date: Wed, 25 Mar 2020 17:54:56 GMT
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-Count: 5,100
Content-Type: text/csv;charset=UTF-8

ID,CODE,CARD,TIME,MODE
804,44,8888888,1585162465339,BcControl
805,45,8888889,1585162466343,BcControl
806,46,8888890,1585162467347,BcControl
807,47,8888891,1585162468351,BcControl
808,48,8888892,1585162469355,BcControl