查看中文版   

I. Make a request

Character set: utf-8

Headers' Content-Type:"application/json"

Obtain or submit specific business data by sending a POST message to the request address.Here's an example of getting order list data:

Example request address for this business: 

  http://[Dedicated business domain name]/api/orders. Your company's dedicated business domain name please contact the technical service personnel to obtain.

Click here to view the interface debugging demo page. (Note: This page is for demonstration purposes only, if you need to debug your company's interface, please access your dedicated business domain name directly to access the debug page.)


Request message:

{
"app_id": 1000012965,
"data": {
        "page_number": 1,
        "page_size": 10,
        "include_details": false,
        "timestamp": 9876543210123
     },
    "nonce_str": "ABCDE0123456789ABCDE0123456789",
    "sign": "123456789ABCDE0123456789ABCDE0"
}

Field description:

Parameter Function

app_id

The startnet user number used by your company.

data

About querying the extended data for your business, 

page_number: page number, 

page_size: Pagination size, 

include_details: Indicates whether the returned data also contains detailed data(This refers to the product details of the order),

timestamp: timestamp.

nonce_str

32-bit random string.

sign

MD5 signature.


Response message("application/json",Only when the Response Code is 200, it means that the server responded successfully, and then it is necessary to continue the subsequent judgment):

{
    "app_id": 1000012965,
    "result_code": 0,
    "result_msg": "",
    "data": {
        "page_number": 1,
        "page_size": 1,
        "total_count": 43,
        "total_pages": 43,
        "results": [
        {
           "id": 1,
            "code": "SD0011611-000001",
            "create_time": "2016-11-23T11:23:49",
            "amount": 6,
            "customer_id": 2,
            "dept_id": 1,
            "stock_id": 1,
            "invoice_type": 3001,
            "delivery_address": "Guangzhou Startnet Software Co.,Ltd.",
            "consignee_name": "Startnet Software",
            "consignee_mobile": "12345678901",
            "delivery_date": "2016-11-23T11:23:49",
            "memo": "",
            "quantity": 1,
            "approved_amount": 6,
            "approved_quantity": 1,
            "modify_time": "2016-11-23T11:23:49",
            "is_scrap": false
             "details": null,
           }
          ],
         "include_details": false,
         "timestamp": 637638692306895600
      },
     "nonce_str": "89D7E709ED265D977084ECD9D7CD9762",
     "sign": "B3EF586E690F01D25524EDFA84459CA3"
}

Field description:

Parameter
Function

app_id

The startnet user number used by your company.

result_code

Error code, 0 indicates that the operation was successful, other values indicate the meaning of the detailed see your company's actual interface debugging page.

result_msg

wrong description.

data

The query data returned, 

page_number: page number,

page_size: Pagination size,

total_count: Total number of items,

total_pages: total pages,

results: Represents a list of orders (where field interpretation is detailed on the interface debug page),

include_details: Indicate whether the returned data also contains detailed data (here refers to the product details of the order),

timestamp: timestamp.

nonce_str

32-bit random string.

sign

MD5 signature.


II. Sign

The generation algorithm of the field'sign' in the JSON format request message submitted to the server: 

  MD5(app_id + '_' + AppKey + '_' + JSON(data) + '_' + nonce_str), thereinto:

Parameter
Function

AppKey

A unique identification code for accessing the startnet API interface, Provided by Startnet Software Company to your company (please contact technical service personnel to obtain).

JSON(data)

Convert the 'data' field to jSON string form, format: No indentation, no blank formatting characters (that is, minimized compression).

For example, Use these methods: 

  JSON.stringify(data) or 

  Newtonsoft.Json.JsonConvert.SerializeObject(data, Newtonsoft.Json.Formatting.None).

MD5(params)

Use the MD5 algorithm to calculate the hexadecimal hash code of the params value,

Among them, params is the string parameter after concatenating all the values with the characters'_' (excluding the quotation marks) in order, and ensure that the string in the parameter is UTF-8 encoded.


Comments for other fields:

Parameter
Function

app_id

The field 'app_id' of the model class 'ApiRequest' of the request body.

data

The field 'data' of the model class 'ApiRequest' of the request body.

Please strictly follow the field definition of the relevant request body model class: Including name and order, Even if the value is null, it must be included in the JSON request body.

If the model class you define does not match the requirements or a field is missing, it will cause signature validation to fail.

nonce_str

The field 'nonce_str' of the model class 'ApiRequest' of the request body.


III. Verification

Use the following algorithm to generate signatures for the relevant fields of the JSON format response message returned on the server side.

Generate algorithm: 

  MD5(app_id + '_' + AppKey + '_' + JSON(data) + '_' + result_code + '_' + result_msg + '_' + nonce_str), thereinto:

Parameter
Function

AppKey

A unique identification code for accessing the startnet API interface, Provided by Startnet Software Company to your company (please contact technical service personnel to obtain).

JSON(data)

Convert the 'data' field to jSON string form, format: No indentation, no blank formatting characters (that is, minimized compression).

For example, Use these methods: 

  JSON.stringify(data) or 

  Newtonsoft.Json.JsonConvert.SerializeObject(data, Newtonsoft.Json.Formatting.None).

MD5(params)

Use the MD5 algorithm to calculate the hexadecimal hash code of the params value,

Among them, params is the string parameter after concatenating all the values with the characters '_' (excluding the quotation marks) in order, and ensure that the string in the parameter is UTF-8 encoded.


Then compare the above signature value with the value of the field 'sign' of the response body model class 'ApiResponse'.

If the two values are equal, the signature passes, otherwise the returned response data must be discarded.


Comments for other fields:

Parameter
Function

app_id

The field 'app_id' of the model class'ApiResponse' of the response body.

data

The field'data' of the model class'ApiResponse' of the response body.

Please strictly follow the field definition of the relevant request body model class: Including name and order, Even if the value is null, it must be included in the JSON request body.

If the model class you define does not match the requirements or a field is missing, it will cause signature validation to fail.

result_code

The field 'result_code' of the model class 'ApiResponse' of the response body.

result_msg

The field 'result_msg' of the model class 'ApiResponse' of the response body.

nonce_str

The field 'nonce_str' of the model class'ApiResponse' of the response body.


IV.The value description of the field 'result_code' of the model class 'ApiResponse' of the response body:

Code Function

0

Successful operation.

1

Parameter 'app_id' error (including missing or invalid).

2

The parameter 'nonce_str' error.

3

The parameter 'sign' is wrong.

4

The signature failed.

5

Failed to verify signature.

6

'nonce_str' cannot be reused.

7

Data resource association error.

8

Database access failed.

400

Invalid request (including the following parameters: path, query, or body).

404

The data resource could not be found.



V. Other documents:

Demo (C#)

Download Libraries (.NET Framework)

MD5 Signature Demo (C#)