Raytio APIs (0.7.6)

Download OpenAPI specification:Download

Cameron Beattie, Marc Loths, Samuel Beattie et al: hello@rayt.io URL: https://www.rayt.io License: MIT License

The Raytio API allows users, organisations, profiles, profile objects, profile object permissions and relationships to be created, updated, read and deleted. It also provides identity document data extraction, data verification, credit checking, bank transaction and accounting data extraction

Authentication

bearerAuth

Use the identity_token from the /token endpoint

Security Scheme Type HTTP
HTTP Authorization Scheme bearer
Bearer format "JWT."

oauth

Allows Authentication for Raytio APIs

generateToken

To make API requests you will need an Authentication Token. Authentication Tokens are temporary "security codes" (similar to session cookies) that allow the system to identify who you are, and that you are allowed to do what you are requesting. For Authentication we use JSON Web Tokens (JWTs). JWTs need to be passed via an Authorization header to all of the Raytio endpoints. This token endpoint returns three types of authentication tokens. The identity_token must be passed as a Bearer token to the appropriate endpoint.
The refresh_token can be used to return updated identity_token and access_token values.

path Parameters
version
required
string (api_version)
Value: "v1"

The API version

Request Body schema: application/json

Username and Password details for authentication

grant_type
string
Enum: "refresh_token" "password"

The type of grant that is being requested

username
string
Value: "user@rayt.io"

User Name. Required where grant_type is password.

password
string
Value: "abcdefabcdef"

Password. Required where grant_type is password.

refresh_token
string

The refresh token. Required where grant_type is refresh_token.

Responses

200

200 OK

401

Unauthorized

500

Internal Server Error

502

Bad Gateway

post/oauth/{version}/token

Production server (uses live data)

https://api.rayt.io/oauth/{version}/token

Sandbox server (uses test data)

https://api-sandbox.rayt.io/oauth/{version}/token

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "grant_type": "refresh_token",
  • "username": "user@rayt.io",
  • "password": "abcdefabcdef",
  • "refresh_token": "string"
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "message": "user@rayt.io has been authenticated.",
  • "identity_token": "abcdefabcdef",
  • "refresh_token": "abcdefabcdef",
  • "access_token": "abcdefabcdef"
}

addUser

The signup endpoint allows the creation of a new username and password. The user must be verified before it can be used.

path Parameters
version
required
string (api_version)
Value: "v1"

The API version

Request Body schema: application/json

Username and Password details for signup

username
required
string
Value: "user@rayt.io"

Username

password
required
string
Value: "abcdefabcdef"

Password

verification_code_org
string
Value: "abcd1234"

The verification code for the user being invited to the organisation. Only relevant if a non-existent user has been invited to join an existing organisation.

Responses

200

200 OK

400

Bad Request

500

Internal Server Error

502

Bad Gateway

post/oauth/{version}/signup

Production server (uses live data)

https://api.rayt.io/oauth/{version}/signup

Sandbox server (uses test data)

https://api-sandbox.rayt.io/oauth/{version}/signup

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "username": "user@rayt.io",
  • "password": "abcdefabcdef",
  • "verification_code_org": "abcd1234"
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "message": "User user@rayt.io has been created and an email with a verification code has been sent to the email address. Please confirm the verification code to complete the registration process."
}

verifyUser

The verify endpoint validates a user's email address by requiring that the code sent to that email address has been verified before the user is activated. The confirmation code expires within 24 hours of being generated. If the confirmation code is provided incorrectly then a new code will be generated and emailed to the user.

path Parameters
version
required
string (api_version)
Value: "v1"

The API version

Request Body schema: application/json

Username and Confirmation details for verify

username
required
string
Value: "user@rayt.io"

Username

verification_code
required
string
Value: "123456789"

Verification code as emailed to the user.

Responses

200

200 OK

400

Bad Request

500

Internal Server Error

502

Bad Gateway

post/oauth/{version}/verify

Production server (uses live data)

https://api.rayt.io/oauth/{version}/verify

Sandbox server (uses test data)

https://api-sandbox.rayt.io/oauth/{version}/verify

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "username": "user@rayt.io",
  • "verification_code": "123456789"
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "message": "User user@rayt.io is verified."
}

resetPassword

The reset-password endpoint will allow a user's password to be reset. A confirmation code will be emailed to the user which must then be provided, together with the new password, to the password-confirm endpoint. The confirmation code expires within 24 hours of being generated. Once a password reset request has been made, it will not be possible to authenticate until the new password has been confirmed.

path Parameters
version
required
string (api_version)
Value: "v1"

The API version

Request Body schema: application/json

Username details for password-reset

username
string
Value: "user@rayt.io"

Username