In case you find any situation (possible attack scenario) which doesn’t conform to this document, please notify us immediately. The purpose here is pure technical, for a legal text go to our SDK Agreement.
An API operation (read, list, create, etc.) can be:
- unrestricted - the operation is allowed to anyone. Resources under such control are considered public.
- restricted-to-license - the operation on a resource is allowed to anyone who has a valid license for that resource. These are usually b2c operations.
- restricted-to-partner - the operation on a resource is allowed only to the administrator of a 3rd-party application. These are usually b2b operations.
- admin-only - the operation is only available to some of our employees (and maybe contracted partners).
- All API access must go over HTTPS. This is true for mobile clients as well.
- We employ both session and token authentications. B2B/server-server operations must authenticate with the token, while human-server operations must authenticate with the session.
- Some operations are seemingly unrestricted, but you have to know a license key to retrieve/change anything.
- Our SDK does not keep a record of your users, they are identified by their license key.
This entity represents the measurement application you develop.
All operations on an existing application are restricted-to-partner. This includes:
- viewing/modifying the API token
- viewing the details of an application.
This entity represents an allowance to use Notch sensors.
|Enumerate||restricted-to-partner||Must list only licenses that were purchased by the given partner.|
|Create||restricted-to-partner||Creating = purchasing a new one.|
During activation, the Notch sensor is authorized to make measurements with a given license key. This is a code exchange process initiated by our SDK.
Here is the sensor network represented (how devices communicate). This entity is managed by our mobile SDK.
|Enumerate||admin||only not supported operation|
This one is tricky, as it’s not represented on our public API, but some details must be available to the measurement SDK. The following details are unrestricted:
- mac address
- product versions (HW/SW versions, version strings)
- calibration information
In some cases, we want to hear about the sensor status. Re-reporting calibration data is restricted-to-license.