User API

All user requests (besides user creation) must be authenticated with the user's password. Authenticated requests simply have an additional HTTP header:

X-NAAMA-AUTHENTICATION: username="[email]", response="[hash code]", version="1"

The hash code above is a SHA256 digest, hex encoded, of a few pieces of information about the request.

hashcode = SHA256( SHA256([password]) + [email] + [uri] )

Notice that the password is first SHA256 digested, it is never sent across in clear text. The URI does not include the domain, so it would be something like /o/141 . NB this authentication is in addition to the standard client authentication.

Get Account Information Gets information about a given authenticated user

GET /u/[email]

Try it out

 

The user's email address

 

The user's SHA encoded password. API Explorer forms will automatically encode it for you.

 

This call returns an object with the following properties:

 

The user's email address

 

The user's SHA encoded password. API Explorer forms will automatically encode it for you.

 

The user's first name

 

The user's last name

 

Create account Creates a new account

POST /u/[email]

Try it out

 

The user's email address

 

The user's SHA encoded password. API Explorer forms will automatically encode it for you.

 

The user's first name

 

The user's last name

 

This call returns an object with the following properties

 

If there was an error this is set to 1, otherwise it's 0.

 

If there was an error, this contains the reason why.

 

Get All Saved Addresses Gets all addresses saved to a user's account.

GET /u/[email]/addrs

Try it out

 

The user's email address

 

The user's SHA encoded password. API Explorer forms will automatically encode it for you.

 

This call returns an array of addresses objects with the following properties:

 

The nickname of this address (i.e. Home, Work).

 

The street address.

 

(Optional) The 2nd line of the street address.

 

The city of this address.

 

The state of this address.

 

The zip code of this address.

 

The formatted phone number of this address.

 

Get a single saved address Gets details about a single user address

GET /u/[email]/addrs/[nick]

Try it out

 

The user's email address

 

The user's SHA encoded password. API Explorer forms will automatically encode it for you.

 

The nickname of this address(i.e. Home, Work)

 

This call returns an address object with the following properties:

 

The nickname of this address (i.e. Home, Work).

 

The street address.

 

(Optional) The 2nd line of the street address.

 

The city of this address.

 

The state of this address.

 

The zip code of this address.

 

The formatted phone number of this address.

 

Create an Address Creates a new address. If used with the nickname of an existing address it will edit it.

PUT /u/[email]/addrs/[nick]

Try it out

 

The user's email address

 

The user's SHA encoded password. API Explorer forms will automatically encode it for you.

 

The nickname of this address (i.e. Home, Work).

 

The street address.

 

(Optional) The 2nd line of the street address.

 

The city of this address.

 

The state of this address.

 

The zip code of this address.

 

The formatted phone number of this address.

 

This call returns an object with the following properties

 

If there was an error this is set to 1, otherwise it's 0.

 

If there was an error, this contains the reason why.

 

Remove an Address Deletes a user's address.

DELETE /u/[email]/adrrs/[nick]

Try it out

 

The user's email address

 

The user's SHA encoded password. API Explorer forms will automatically encode it for you.

 

The nickname of the address to delete.

 

This call returns an object with the following properties

 

If there was an error this is set to 1, otherwise it's 0.

 

If there was an error, this contains the reason why.

 

Get all saved credit cards Gets all of a user's saved credit cards.

GET /u/[email]/ccs

Try it out

 

The user's email address

 

The user's SHA encoded password. API Explorer forms will automatically encode it for you.

 

This call returns an array of objects. Each one has the following properties:

 

The nickname of this credit card.

 

The name on the card.

 

The last 5 digits of the card.

 

The 2 digit expiration month

 

The 4 digit expiration year.

 

The type of card (i.e. American Express).

 

The street address of this card's billing address.

 

The city of this card's billing address.

 

The state of this card's billing address.

 

The zip code of this card's biling address.

 

Get a single credit card. Gets a single saved credit card by its nickname.

GET /u/[email]/ccs/[nick]

Try it out

 

The user's email address

 

The user's SHA encoded password. API Explorer forms will automatically encode it for you.

 

The nickname of the credit card.

 

This call returns a credit card object with the following properties:

 

The nickname of this credit card.

 

The name on the card.

 

The last 5 digits of the card.

 

The 2 digit expiration month

 

The 4 digit expiration year.

 

The type of card (i.e. American Express).

 

The street address of this card's billing address.

 

The city of this card's billing address.

 

The state of this card's billing address.

 

The zip code of this card's biling address.

 

Create Credit Card Adds a new credit card. If a card already exists with the given nickname it edits.

PUT /u/[email]/ccs/[nick]

Try it out

 

The user's email address

 

The user's SHA encoded password. API Explorer forms will automatically encode it for you.

 

The nickname of this credit card.

 

The name on the card.

 

The 15 or 16 digit credit card number.

 

The 3 or 4 digit security code.

 

The 2 digit expiration month

 

The 4 digit expiration year.

 

The type of card (i.e. American Express).

 

The street address of this card's billing address.

 

(Optional) The 2nd part of the street address.

 

The city of this card's billing address.

 

The state of this card's billing address.

 

The zip code of this card's biling address.

 

The phone number on this credit card.

 

This call returns an object with the following properties

 

If there was an error this is set to 1, otherwise it's 0.

 

If there was an error, this contains the reason why.

 

Remove Credit Card Removes a user's saved credit card

DELETE /u/[email]/ccs/[nick]

Try it out

 

The user's email address

 

The user's SHA encoded password. API Explorer forms will automatically encode it for you.

 

The nickname of the credit card to be removed.

 

This call returns an object with the following properties

 

If there was an error this is set to 1, otherwise it's 0.

 

If there was an error, this contains the reason why.

 

Get Order History Gets a summary of previous orders.

GET /u/[email]/orders

Try it out

 

The user's email address

 

The user's SHA encoded password. API Explorer forms will automatically encode it for you.

 

This call returns an array of order objects. Each object has the following properties.

 

Ordr.in's unique order id.

 

Ordrin's unique restaurant id for the restaurant that delivered this order.

 

The name of the restaurant that delivered this order.

 

The formatted subtotal for this order.

 

The formatted tip amount of this order.

 

The formatted tax amount of this order.

 

The formatted fee of this order.

 

The formatted total price of this order.

 

The time of this order. In seconds since the Unix Epoch.

 

An Array of items in this order.

 

Get an order Get's details about a specific order.

GET /u/[email/order/[oid]

Try it out

 

The user's email address

 

The user's SHA encoded password. API Explorer forms will automatically encode it for you.

 

Ordr.in's unique order id number.

 

This call returns an order object with the following properties.

 

Ordr.in's unique order id.

 

Ordrin's unique restaurant id for the restaurant that delivered this order.

 

The name of the restaurant that delivered this order.

 

The formatted subtotal for this order.

 

The formatted tip amount of this order.

 

The formatted tax amount of this order.

 

The formatted fee of this order.

 

The formatted total price of this order.

 

The time of this order. In seconds since the Unix Epoch.

 

An Array of items in this order.

 

Change Password Changes a user's password

PUT /u/[email]/password

Try it out

 

The User's email address.

 

The User's current password. This is used to authenticate using the NAAMA-AUTHENTICATION header.

 

The user's new password. SHA256 hex encoded. API Explorer forms will automatically encode it for you. This should be passed in the request body.

 

This call returns an object with the following properties

 

If there was an error this is set to 1, otherwise it's 0.

 

If there was an error, this contains the reason why, or it gives a success message.