# GETTING STARTED # API Links # Test, demo, and production If you want to access ONMARKET, you have three options depending on your purpose. The testing link is for developers who want to try out new features or fix bugs before they are released to the public. The demo link is for users who want to see how ONMARKET works and what it can do without affecting the real data. The production link is for users who want to use ONMARKET for their actual tasks and projects. Each link has a different URL and login credentials, so make sure you use the right one for your needs.

Test	testapi.onmarket.id
Demo	demoapi.onmarket.id
Production	api.onmarket.id

#### Other necessary links These are links that necessary for authentication or other purposes.

Name	Link	Details
USAPI User State API	Test: testusapi.onindonesia.id Demo: demousapi.onindonesia.id Production: usapi.onindonesia.id	User related purpose ie, authentication, user details or user transactions.

# Authentication To access the API a user has to have the *"Access System API"* permission enabled on one of their assigned roles. Permissions to content accessed via the API is limited by the roles & permissions assigned to the user that's used to access the API. Authentication to use the API is primarily done using API Tokens. Once the *"Access System API"* permission has been assigned to a user, a "API Tokens" section should be visible when editing their user profile. These values should be used as a header in API HTTP requests in the following format: ``` Authorization: Bearer ``` Here's an example of an authorized Axios request to list books in the system: ```javascript const axios = require('axios'); let config = { method: 'get', maxBodyLength: Infinity, url: 'https://testapi.onmarket.id/user/address/list?page=1', headers: { 'Authorization': 'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoidXNlcm5ldzEiLCJhZ2VudCI6bnVsbCwibmF0aXZlIjpmYWxzZSwiaWF0IjoxNjk5MzUwMDYxfQ.eg945MifOGFH2tz1aT0UgD0YFHziV4rellDF5isXVlQ' } }; axios.request(config) .then((response) => { console.log(JSON.stringify(response.data)); }) .catch((error) => { console.log(error); }); ``` To get this token, you need to use this particular link for authentication: #### (POST) https://usapi.onindonesia.id/auth

Body parameters

username : <string> password : <string> options : <object>{ nativeApp: <boolean> }

For websites, use "false" value in nativeApp. For mobile phones, use "true" value in nativeApp.

Example request

We're using test link for this example. For production, use usapi.onindonesia.id

```json { "username": "usernew1", "password": "12345678", "options": { "nativeApp": false } } ```

Example result

```json { "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoidXNlcm5ldzEiLCJhZ2VudCI6bnVsbCwibmF0aXZlIjpmYWxzZSwiaWF0IjoxNjk5MzUwMDYxfQ.eg945MifOGFH2tz1aT0UgD0YFHziV4rellDF5isXVlQ" } ```

Error lists

422 Unprocessable Entry ```json { "message": "Invalid Credential" } ``` 400 Bad Request ```json { "message": "Invalid JSON Format" } ```

# Transaction flowchart

Name	Link	Details
USAPI User State API	Test: testusapi.onindonesia.id Demo: demousapi.onindonesia.id Production: usapi.onindonesia.id	User related purpose ie, authentication, user details or user transactions.