Create profile

From ePrize Developers Wiki

Revision as of 16:18, 17 March 2009 (edit) Brian-quail (Talk | contribs) ← Previous diff		Revision as of 16:19, 17 March 2009 (edit) (undo) Brian-quail (Talk | contribs) Next diff →
Line 6:		Line 6:
	...		...
	{keyN}:{valueN}		{keyN}:{valueN}
-
-	Response:
-	201 Created
-	Location: /v1/{apikey}/profile/{uid}
-	Entity body same as GET /v1/{apikey}/profile/{uid}
	</pre>		</pre>

---

Revision as of 16:19, 17 March 2009

Request representation:
{profile-key}:{profile-value}
{key1}:{value1},
{key2}:{value2},
...
{keyN}:{valueN}

Profile Created

HTTP Status: 201 Created
Location: /v1/{apikey}/profile/{uid}
<?xml version="1.0" encoding="UTF-8" ?>
<result ver="ePrize Web Services 1.0">
  <result>
    <profile>
      <id>{uid}</id>
      <email>some.email@address.com</email>
      <safekey1>safekey1-value</safekey1>
      <safekey2>safekey2-value</safekey2>
    </profile>
  </result>
  <status>1</status>
</result>

Profile Already Exists

HTTP Status: 409 Conflict
<?xml version="1.0" encoding="UTF-8" ?>
<result ver="ePrize Web Services 1.0">
  <result>
    <errors>
      <terminal_errors>
        <error>duplicate_account</error>
      </terminal_errors>
    </errors>
  </result>
  <status>1</status>
</result>

Invalid Request - Errors

HTTP Status: 400 Bad Request
<?xml version="1.0" encoding="UTF-8" ?>
<result ver="ePrize Web Services 1.0">
  <result>
    <errors>
      <field_errors>
        <field>
          <name>field1</name>
          <error>VALIDATION</error>
        </field>
        <field>
          <name>field2</name>
          <error>NULL</error>
        </field>
        ...
        <field>
          <name>fieldN</name>
          <error>NULL</error>
        </field>
      </field_errors>
    </errors>
  </result>
  <status>1</status>
</result>

Promotion is configured with one unique {profile-key} such as email, user_name, or mobile_phone. At a minimum, the profile must have a {profile-value} for this key and {profile-value} must be unique within the promotion.

Additional key:value pairs may be submitted. The {apikey} may enforce rules on these pairs such as required vs optional, size limits and validation. Common examples of other keys are address, birthdate and optin. The name of a key must begin with a letter and consist of only lowercase ASCII letters, numbers and underscores.

Typically the {apikey} will be configured to require a CAPTCHA challenge/response in the request headers of an untrusted create profile request. A failed CAPTCHA is the same as a failed validation, resulting in a response of 400 Bad Request.

This URL is an entry point. It may be easily attacked because valid URLs are easy to guess. CAPTCHA protects against automated attacks.