Overview

The SPORTident Center REST API provides a minimal, simple and efficient interface to interact with SPORTident Center.

The API is currently in Beta, which means that it could still change in an incompatible way after we receive feedback and opinions from early adaptors. We will inform all current users, should the API change.

Using the API

Authentication

All requests to the API need to be authorised. The user authenticates with his or her API key via the HTTP header apikey. The API key is available via the Center Admin Frontend: My Account > API key.

HTTP compression

SPORTident Center supports HTTP compression on upload (POST method) and download (for all methods, but only for content-type "application/json", "text/xml" and "text/csv").

To upload gzip-compressed data to the server, the client needs to set the header Content-Encoding: gzip.

To request a gzip-compressed response, the client may set the header Accept-Encoding: gzip. The response may or may not be compressed, which is indicated by whether the Content-Encoding: gzip header is set in the response or not. Very small payloads are not compressed.

Resources

Events

Retrieve punches for an event

Resource URL

GET /api/rest/v1/public/events/{eventId}/punches

Description

Retrieve punches for an event. The event id is available via the Center Admin Frontend: Events > Event > Settings.

The punches can be retrieved as JSON or CSV formatted data. The requested format has to be specified in the Accept header of the request.

Filtering of the punches is possible with the query parameters afterId and limit as listed below.

Typically, to retrieve punches "live" for a running event, you would poll the REST API in a loop (e.g. every ten seconds), starting with afterId=0 (punch ids are always greater than zero) and then increasing afterId to the so far largest returned punch id in each iteration (the returned punches are ordered ascending by punch id).

Simple punch format
Field Description

id

Uniquely identifies this punch

card

SPORTident card number (SIID)

time

Punch time (local time) in milliseconds since the Epoch (1970-01-01 00:00:00)

code

Control code

mode

Punch mode (e.g. Control, Start, Finish, BcControl, etc)

Query parameters
Parameter Description

afterId

(Optional) Get all punches after this id.

limit

(Optional) Return a maximum number of [limit] punches. Default is 50000. Largest possible value is 50000 as well.

projection

(Optional) Return punches in the specified punch format. Currently only "simple" is supported which is the default as well.

Request headers
Name Description

apikey

API key to authenticate the user

Accept

Return punches in the specified format. Acceptable values are "application/json" and "text/csv".

Content-Type

application/json;charset=UTF-8

Response headers
Name Description

X-Count

Returned number of punches, Total number of selected punches

Examples
Curl request to get punches as JSON
$ curl 'https://center-origin.sportident.com/api/rest/v1/public/events/112/punches?afterId=213&projection=simple&limit=5' -i -X GET \
    -H 'Accept: application/json' \
    -H 'apikey: 84b4f017-41d2-2544-1f5b-591319f6cb0d' \
    -H 'Content-Type: application/json;charset=UTF-8'
Retrieve punches as JSON with parameter afterId

Request:

GET /api/rest/v1/public/events/112/punches?afterId=213&projection=simple&limit=5 HTTP/1.1
Accept: application/json
apikey: 84b4f017-41d2-2544-1f5b-591319f6cb0d
Content-Type: application/json;charset=UTF-8
Host: center-origin.sportident.com

Response:

HTTP/1.1 200 OK
Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
Set-Cookie: SESSION=ZDQ5ODRlMmMtOGU5ZC00YTQzLWI4OTUtMWUzYTUwMzUyM2Ux; Path=/; HttpOnly; SameSite=Lax
X-Frame-Options: DENY
X-Count: 5,95
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Encoding: gzip
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Tue, 07 Sep 2021 20:58:57 GMT
Keep-Alive: timeout=60
Connection: keep-alive
Content-Length: 517

[ {
  "id" : 214,
  "card" : 8888893,
  "time" : 1631055512074,
  "code" : 49,
  "mode" : "BcControl"
}, {
  "id" : 215,
  "card" : 8888894,
  "time" : 1631055513078,
  "code" : 50,
  "mode" : "BcControl"
}, {
  "id" : 216,
  "card" : 8888895,
  "time" : 1631055514085,
  "code" : 51,
  "mode" : "BcControl"
}, {
  "id" : 217,
  "card" : 8888896,
  "time" : 1631055515089,
  "code" : 52,
  "mode" : "BcControl"
}, {
  "id" : 218,
  "card" : 8888897,
  "time" : 1631055516093,
  "code" : 53,
  "mode" : "BcControl"
} ]
JSON access denied response
HTTP/1.1 403 Forbidden
Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
Set-Cookie: SESSION=NDUzNjg3NmEtYTc0NC00OWY4LWE5YzItMDMxNDI4YjE5MjA0; Path=/; HttpOnly; SameSite=Lax
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Encoding: gzip
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Tue, 07 Sep 2021 20:48:35 GMT
Keep-Alive: timeout=60
Connection: keep-alive
Content-Length: 403

{
  "errors" : [ {
    "entity" : "AccessDeniedException",
    "cause" : "AccessDeniedException",
    "message" : "User 'firstNametestuser2 lastNametestuser2' is not authorised to access event '24'",
    "detailMessage" : "User 'firstNametestuser2 lastNametestuser2' is not authorised to access event '24'",
    "url" : "https://center-origin.sportident.com/api/rest/v1/public/events/24/punches"
  } ]
}
Retrieve punches as CSV

Request:

GET /api/rest/v1/public/events/112/punches?projection=simple&limit=5 HTTP/1.1
Accept: text/csv
apikey: 84b4f017-41d2-2544-1f5b-591319f6cb0d
Host: center-origin.sportident.com

Response:

HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Count: 5,100
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Set-Cookie: SESSION=Zjg2NDVjYmItMDk4MC00MGE4LWE5ZmUtZjAzMDFjNTBhYjYx; Path=/; HttpOnly; SameSite=Lax
Content-Type: text/csv;charset=UTF-8
Content-Length: 218
Date: Tue, 07 Sep 2021 20:58:57 GMT
Keep-Alive: timeout=60
Connection: keep-alive

ID,CODE,CARD,TIME,MODE
209,44,8888888,1631055507054,BcControl
210,45,8888889,1631055508058,BcControl
211,46,8888890,1631055509062,BcControl
212,47,8888891,1631055510066,BcControl
213,48,8888892,1631055511070,BcControl