{"activeVersionTag":"latest","latestAvailableVersionTag":"latest","collection":{"info":{"_postman_id":"d06214fe-b315-4d30-8acb-0d4a3b6765b1","name":"EasyLodge API V1","description":"### Overview\n\nEasylodge™ offers an extensive API that allows users to access system functionality independent of the web user interface. This document provides a list of API endpoints and some limited insight into the data structures and organization used in the system in the context of the API.\n\nThe API is a JSON API, so all requests to the API should indicate the JSON request and response type. For example, the content type in the header should be set to \"application/json\".\n\nTo illustrate, here is an example API endpoint URL:\n\n`https://easylodge.com.au/example.json`\n\nThe \".json\" file extension in the API endpoint URL indicates that the request format is JSON and implies that the response will also be in JSON format. Please note that the API does not support any other request formats.\n\nThis document is not definitive and may be updated at any time to reflect improvements and corrections to this document, or changes in the API. The versioning information on the Overleaf should serve as a guide to the currentness and relevance of a specific version.\n\nThe API is currently versioned as V1, and subsequent alterations will be made in a backwards-compatible manner.\n\n### RESTful Interface\n\nEasyLodge uses a RESTful architecture to structure its API interface, although there may be some practical and legacy exceptions to this. This document will not elaborate on the REST architecture, so readers are encouraged to familiarize themselves with the concepts by visiting the following link: [https://en.wikipedia.org/wiki/Representational_state_transfer](https://)\n\n### Request Payload\n\nFor POST, and PUT/PATCH actions, the request body needs to include a data structure that has the name of the object as its top element, and that element should not be empty.\n\nBy way of example, a json request to create a new user, should look like:\n\n``` json\n{\n  \"user\": {\n    \"email\": \"example_email@easylodge.com\",\n    \"full_name\": \"Example User\",\n    ...\n  }\n}\n\n ```\n\nEasyLodge uses parameter whitelisting and will quietly reject unknown parameters, but will require that at least something is sent in the request body. Failure to do so will result in an error code.\n\n### Authentication\n\nSign in will return a session token. The token and username/email combination must be sent on every API request. These need to be sent in as HTTP request headers:\n\n`X-USER-EMAIL`\n\n`X-USER-TOKEN`\n\nThe authentication token returned by a successful login may change over time. Typically the token will not change between logins, but we recommend the token be retrieved between logical batches of work, to avoid unexpected authentication failures.\n\nEasyLodge ™ supports multiple concurrent logins for the same user. There is no limit to the number of concurrent requests that can be served to a single authenticated user. However, please bear in mind that the system also supports multi-tenancy for users, so it is possible to change the context that a user is acting under. All logins for the same user share a single context.\n\nPOST /api/v1/session.json\n\nExample Request:\n\n``` json\n{\n  \"email\": \"user@example.com\",\n  \"password\": \"password\",\n  \"mode\": \"user\"\n}\n\n ```\n\nExample Response\n\n``` json\n{\n  \"id\": 999,\n  \"email\": \"user@example.com\",\n  \"authentication_token\": \"AAAYHeFFFAE2777yNXXX\",\n  …\n}\n\n ```\n\nSubsequent requests that use the authenticate user should then always include the headers\n\n`X-USER-EMAIL=user@example.com`\n\n`X-USER-TOKEN=AAAYHeFFFAE2777yNXXX`\n\n### Users (Originator and BackOffice) and Borrowers (customer portal)\n\nAuthentication supports two modes: user and portal. The former forces only applications users to be considered for a login attempt. The latter, only CRM records. EasyLodge supports the ability to let applicants and borrowers access their accounts, through a self-service portal, if configured to do so.\n\nIn the absence of a specified mode, the order of preference is first portal and then user.\n\nNOTE: it is entirely possible for the same email address to be used for a user on the system, and for that email to be associated with an applicant on a finance application or a borrower on a loan. Specifying the mode disambiguates the context of the login attempt.\n\nPATCH /api/v1/session/forgot_password\n\nExample request\n\n``` json\n{\n  \"email\": \"user@example.com\"\n}\n\n ```\n\nExample response\n\nNone. This request triggers an email to be delivered to the user at the email address provided, if such a user exists. The system does not offer a success or failure response, to prevent guessing attacks on usernames.\n\n``` json\n{\n  \"email\": \"user@example.com\"\n}\n\n ```\n\nPATCH /api/v1/session/reset_password\n\nThe link received by the user will include a single use password reset token, eg.\n\n[https://easylodge.com.au/vue/reset-password?reset_password_token=QQaiQ7UpmVX2sFxHfnfD](https://)\n\nExample request\n\n``` json\n{\n  \"token\": \"QQaiQ7UpmVX2sFxHfnfD\",\n  \"password\": \"secret\",\n  \"password_confirmation\": \"secret\"\n}\n\n ```\n\nExample response\n\nThe full record for the updated user or CRM instance (see USER and CLIENT below)\n\n### Application token for direct-to-web users\n\nThere is no need to authenticate a user on lodging direct-to-web finance applications. In that case an application access token will be returned to the caller and needs to be sent in on subsequent requests. Direct-to-web users are extremely limited in the scope and access permissions.\n\nThe token can be presented on the query string as\n\n`?application_token=YOUR_TOKEN_HERE`\n\nOr as a header on the request\n\n`X_APPLICATION_TOKEN`\n\nNOTE: Application token authentication will ONLY work if the user on the finance application is a direct-to-web user.\n\nNOTE: Application token authentication will only be attempted if the usual email+token authentication did not succeed\n\n### API Endpoints\n\nAll API endpoints are relative to the base /api/v1.\n\nFor example: [https://easylodge.com.au/api/v1/session.json](https://)\n\nFor brevity , all PATCH HTTP verbs are interchangeable with PUT, the API will respond the same for both, this reference will only mention PATCH.\n\nThe API endpoints are listed in alphabetical order for ease of reference.\n\nAll sections below include a list of attributes that are expected as input, and returned as results. These common attributes are always included, but are omitted from the specific lists for brevity:\n\n- `:id`\n    \n- `:created_at`\n    \n- `:updated_at`\n    \n- `:deleted_at`\n    \n- `:errors`\n    \n- `:error_messages`\n    \n\nThere are several groupings that are applied to the API. These serve to segregate EasyLodge™ and EasyTrack™ logic.\n\nEasyLodge ™ is further subdivided into a Wizard section.\n\nCommon or top level elements are dealt with outside of these groupings.\n\nNote on data type casting: To prevent errors where values are required to be numerical, but are provided as text or are missing, the API will convert all fields called amount or fields that end in _fee, to a numerical format. Invalid values will result in 0. All values changed in this way are interpreted as decimal values. Nested values, however deep, will be converted.\n\n### Filtered Results\n\nAll API endpoints support the optional ability to filter results based on the record created_at and updated_at.\n\nTo make use of this, request need to be sent in with the following query parameters:\n\n- `created_before`\n    \n- `created_after`\n    \n- `updated_before`\n    \n- `updated_after`\n    \n\nResults will be limited to those that fall into any of these values. Any Combination is allowed:\n\nEg.\n\n[https://easylodge.com.au/api/v1/companies?created_before=17/03/2020&updated_after=12/09/2020](https://)\n\nWill return all records that were created before the first date and updated after second the date provided.\n\nNote: not all endpoints currently activate this feature. At the time of writing the filter is active on\n\n- `Finances`\n    \n- `Loans`\n    \n- `Changes`","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","isPublicCollection":false,"owner":"23970794","collectionId":"d06214fe-b315-4d30-8acb-0d4a3b6765b1","publishedId":"2s93RXrqBi","public":true,"publicUrl":"https://documenter-api.postman.tech/view/23970794/2s93RXrqBi","privateUrl":"https://go.postman.co/documentation/23970794-d06214fe-b315-4d30-8acb-0d4a3b6765b1","customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"0465b3"},"documentationLayout":"classic-double-column","customisation":{"metaTags":[{"name":"description","value":""},{"name":"title","value":""}],"appearance":{"default":"dark","themes":[{"name":"dark","logo":null,"colors":{"top-bar":"212121","right-sidebar":"303030","highlight":"54a9ed"}},{"name":"light","logo":null,"colors":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"0465b3"}}]}},"version":"8.10.0","publishDate":"2023-05-25T06:05:24.000Z","activeVersionTag":"latest","documentationTheme":"light","metaTags":{"title":"","description":""},"logos":{"logoLight":null,"logoDark":null}},"statusCode":200},"environments":[{"name":"UAT-AU","id":"2a0c730c-03e2-4872-99fb-a0ba03cd4c27","owner":"23970794","values":[{"key":"username","value":"example@easylodge.com.au","enabled":true,"type":"default"},{"key":"token","value":"token","enabled":true,"type":"default"},{"key":"password","value":"secret","enabled":true,"type":"default"},{"key":"base_url","value":"https://uat.easylodge.com.au/api/v1","enabled":true,"type":"default"},{"key":"quote_id","value":"","enabled":true,"type":"any"},{"key":"finance_application_id","value":"","enabled":true,"type":"any"},{"key":"wizard_store_id","value":"","enabled":true,"type":"any"},{"key":"person_id","value":"","enabled":true,"type":"any"},{"key":"wizard_store_person_id","value":"","enabled":true,"type":"any"},{"key":"residential_history_id","value":"","enabled":true,"type":"any"},{"key":"address_id","value":"","enabled":true,"type":"any"},{"key":"decision_id","value":"","enabled":true,"type":"any"},{"key":"build_loan_response","value":"","enabled":true,"type":"any"},{"key":"funding_id","value":"","enabled":true,"type":"any"},{"key":"lodge_disbursements","value":"","enabled":true,"type":"any"},{"key":"user_id","value":"","enabled":true,"type":"any"},{"key":"randomDateTime","value":"","enabled":true,"type":"any"},{"key":"address_uuid","value":"","enabled":true,"type":"any"},{"key":"business_uuid","value":"","enabled":true,"type":"any"},{"key":"track_loan_id","value":"","enabled":true,"type":"any"},{"key":"asset_id","value":"","enabled":true,"type":"any"},{"key":"store_quote_id","value":"","enabled":true,"type":"any"},{"key":"wizard_store_quote_id","value":"","enabled":true,"type":"any"}],"published":true}],"user":{"authenticated":false,"permissions":{"publish":false}},"run":{"button":{"js":"https://run.pstmn.io/button.js","css":"https://run.pstmn.io/button.css"}},"web":"https://www.getpostman.com/","team":{"logo":"https://res.cloudinary.com/postman/image/upload/t_team_logo_pubdoc/v1/team/31b31b8223c1362b8df47fee1eec1cc9368eb9ebf1ef51c81f228cb4175881a9","favicon":""},"isEnvFetchError":false,"languages":"[{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"HttpClient\"},{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"RestSharp\"},{\"key\":\"curl\",\"label\":\"cURL\",\"variant\":\"cURL\"},{\"key\":\"dart\",\"label\":\"Dart\",\"variant\":\"http\"},{\"key\":\"go\",\"label\":\"Go\",\"variant\":\"Native\"},{\"key\":\"http\",\"label\":\"HTTP\",\"variant\":\"HTTP\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"OkHttp\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"Unirest\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"Fetch\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"jQuery\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"XHR\"},{\"key\":\"c\",\"label\":\"C\",\"variant\":\"libcurl\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Axios\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Native\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Request\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Unirest\"},{\"key\":\"objective-c\",\"label\":\"Objective-C\",\"variant\":\"NSURLSession\"},{\"key\":\"ocaml\",\"label\":\"OCaml\",\"variant\":\"Cohttp\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"cURL\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"Guzzle\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"HTTP_Request2\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"pecl_http\"},{\"key\":\"powershell\",\"label\":\"PowerShell\",\"variant\":\"RestMethod\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"http.client\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"Requests\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"httr\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"RCurl\"},{\"key\":\"ruby\",\"label\":\"Ruby\",\"variant\":\"Net::HTTP\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"Httpie\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"wget\"},{\"key\":\"swift\",\"label\":\"Swift\",\"variant\":\"URLSession\"}]","languageSettings":[{"key":"csharp","label":"C#","variant":"HttpClient"},{"key":"csharp","label":"C#","variant":"RestSharp"},{"key":"curl","label":"cURL","variant":"cURL"},{"key":"dart","label":"Dart","variant":"http"},{"key":"go","label":"Go","variant":"Native"},{"key":"http","label":"HTTP","variant":"HTTP"},{"key":"java","label":"Java","variant":"OkHttp"},{"key":"java","label":"Java","variant":"Unirest"},{"key":"javascript","label":"JavaScript","variant":"Fetch"},{"key":"javascript","label":"JavaScript","variant":"jQuery"},{"key":"javascript","label":"JavaScript","variant":"XHR"},{"key":"c","label":"C","variant":"libcurl"},{"key":"nodejs","label":"NodeJs","variant":"Axios"},{"key":"nodejs","label":"NodeJs","variant":"Native"},{"key":"nodejs","label":"NodeJs","variant":"Request"},{"key":"nodejs","label":"NodeJs","variant":"Unirest"},{"key":"objective-c","label":"Objective-C","variant":"NSURLSession"},{"key":"ocaml","label":"OCaml","variant":"Cohttp"},{"key":"php","label":"PHP","variant":"cURL"},{"key":"php","label":"PHP","variant":"Guzzle"},{"key":"php","label":"PHP","variant":"HTTP_Request2"},{"key":"php","label":"PHP","variant":"pecl_http"},{"key":"powershell","label":"PowerShell","variant":"RestMethod"},{"key":"python","label":"Python","variant":"http.client"},{"key":"python","label":"Python","variant":"Requests"},{"key":"r","label":"R","variant":"httr"},{"key":"r","label":"R","variant":"RCurl"},{"key":"ruby","label":"Ruby","variant":"Net::HTTP"},{"key":"shell","label":"Shell","variant":"Httpie"},{"key":"shell","label":"Shell","variant":"wget"},{"key":"swift","label":"Swift","variant":"URLSession"}],"languageOptions":[{"label":"C# - HttpClient","value":"csharp - HttpClient - C#"},{"label":"C# - RestSharp","value":"csharp - RestSharp - C#"},{"label":"cURL - cURL","value":"curl - cURL - cURL"},{"label":"Dart - http","value":"dart - http - Dart"},{"label":"Go - Native","value":"go - Native - Go"},{"label":"HTTP - HTTP","value":"http - HTTP - HTTP"},{"label":"Java - OkHttp","value":"java - OkHttp - Java"},{"label":"Java - Unirest","value":"java - Unirest - Java"},{"label":"JavaScript - Fetch","value":"javascript - Fetch - JavaScript"},{"label":"JavaScript - jQuery","value":"javascript - jQuery - JavaScript"},{"label":"JavaScript - XHR","value":"javascript - XHR - JavaScript"},{"label":"C - libcurl","value":"c - libcurl - C"},{"label":"NodeJs - Axios","value":"nodejs - Axios - NodeJs"},{"label":"NodeJs - Native","value":"nodejs - Native - NodeJs"},{"label":"NodeJs - Request","value":"nodejs - Request - NodeJs"},{"label":"NodeJs - Unirest","value":"nodejs - Unirest - NodeJs"},{"label":"Objective-C - NSURLSession","value":"objective-c - NSURLSession - Objective-C"},{"label":"OCaml - Cohttp","value":"ocaml - Cohttp - OCaml"},{"label":"PHP - cURL","value":"php - cURL - PHP"},{"label":"PHP - Guzzle","value":"php - Guzzle - PHP"},{"label":"PHP - HTTP_Request2","value":"php - HTTP_Request2 - PHP"},{"label":"PHP - pecl_http","value":"php - pecl_http - PHP"},{"label":"PowerShell - RestMethod","value":"powershell - RestMethod - PowerShell"},{"label":"Python - http.client","value":"python - http.client - Python"},{"label":"Python - Requests","value":"python - Requests - Python"},{"label":"R - httr","value":"r - httr - R"},{"label":"R - RCurl","value":"r - RCurl - R"},{"label":"Ruby - Net::HTTP","value":"ruby - Net::HTTP - Ruby"},{"label":"Shell - Httpie","value":"shell - Httpie - Shell"},{"label":"Shell - wget","value":"shell - wget - Shell"},{"label":"Swift - URLSession","value":"swift - URLSession - Swift"}],"layoutOptions":[{"value":"classic-single-column","label":"Single Column"},{"value":"classic-double-column","label":"Double Column"}],"versionOptions":[],"environmentOptions":[{"value":"0","label":"No Environment"},{"label":"UAT-AU","value":"23970794-2a0c730c-03e2-4872-99fb-a0ba03cd4c27"}],"canonicalUrl":"https://documenter.gw.postman.com/view/metadata/2s93RXrqBi"}