This documentation applies to version 1 of the WeSeeDo Direct API. To see the API documentation for version 2, go to Documentation.


Introduction

The WeSeeDo Direct API helps you to implement a one-way, safe and live visual connection in your existing software packages. It enables you to watch and assist customers during a telephone conversation, while the telephone connection remains.

You can integrate the WeSeeDo Direct API within your existing company processes and your own applications using OAuth2. The WeSeeDo Direct API does not store data.


API specification

Test the API on SwaggerHub


Base URL

https://api-prd.kpn.com/communication/weseedo/weseedodirect


Conceptual model

WeSeeDo Direct Conceptual Model


Definitions

Agent

A person working for an agency or company that deals with customer queries.

Participant

A person or customer who reports incidents to the agent.


API workflow

WeSeeDo Direct API Workflow


Automatic agent login workflow

WeSeeDo Direct Agent auto login workflow


Requirements

Participant

A mobile device with:

  • A camera.
  • An adequate internet connection, minimum 3G or wifi.
  • A WebRTC supported browser.

Agent

  • A WebRTC supported browser, preferably Google Chrome.


Features

  • One-way visual connection.
  • Direct image of location/situation on site.
  • Existing telephone calls will continue to work.
  • Agents can take pictures of location or situation on-site in the web browser (optional).
  • Agents can chat with participants (optional).


Getting started

Make sure you've read What's in it for you for more info on how to register and start testing APIs.

Authentication

The API follows the KPN Store API Authentication Standard to secure the API. It includes the use of OAuth 2.0 client_id and client_secret to receive an access token.

Go to the Authentication tab on top of this page to find out how to:

  • Authenticate to an API using cURL.
  • Authenticate to an API on Swaggerhub.
  • Import Open API Specifications (OAS), also called Swagger files into Postman.


The following section shows a selection of API requests. Go to the API specification to see all requests.

How to...

Follow these steps to schedule your first WeSeeDo Direct video call:

  1. Obtain access token.
  2. Retrieve user details.
  3. Update user details.
  4. Delete users.
  5. Create agent users.
  6. Create a new meeting.
  7. Send SMS to participant.
  8. Fetch the URL so that agent is able to login.

Obtain access token

To perform actions on the API, you need to authenticate using your OAuth 2.0 credentials. See Authentication.

Retrieve user details

Retrieves a specific user.

Path parameters

To retrieve user details, replace {id} with the id attribute of an user in the path.

Request

GET /api/users/{id}

The server will provide a response similar to the object below:

^^Response example^^
{
  "success": true,
  "result": [
    {
      "id": "58..eb",
      "name": "Agent 1",
      "email": "agent1@weseedo.nl",
      "locale": "nl",
      "role": "agent",
      "company": {
        "id": "58..60",
        "name": "WeSeeDo B.V."
      }
    },
    {
      "id": "58..ec",
      "name": "Assistent 1",
      "email": "assistent1@weseedo.nl",
      "locale": "nl",
      "role": "assistent",
      "company": {
        "id": "58..60",
        "name": "WeSeeDo B.V."
      }
    }
  ]
}

Update user details

Updates the details of a specific user.

Request

PUT /api/users{id}

Path parameters

To create a user, replace {id} with the id attribute of a user in the path.

Request

^^Request body example^^
{
  "first_name": "string",
  "last_name": "string",
  "locale": "string"
}

Response

^^Response example^^
{
  "success": true,
  "result": [
    {
      "id": "58..82",
      "first_name": "Testfirstname",
      "last_name": "Testlastname",
      "name": "Testfirstname Testlastname",
      "email": "agent1@weseedo.nl",
      "locale": "nl",
      "role": "agent",
      "created_at": "2017-11-17T12:07:56.308Z",
      "company": {
        "id": "58..82",
        "name": "WeSeeDo B.V."
      }
    }
  ]
}

Delete users

Request

DELETE ​/api​/users​/{id}

To delete a user, replace {id} with the id attribute of a user in the path.

^^Response example^^
{
  "success": true,
  "result": {
    "id": "5a..82"
  }
}

Create agent users

This endpoint allows you to create agent users.

Send a request to the /api/user endpoint with the details of the user.

  • If you set a password:
    • Production users will be able to log in directly to WeSeeDo production using the provided email and password.
    • Sandbox users will be able to log in directly to WeSeeDo sandbox using the provided email and password.
  • If you don't set a password, users will receive an e-mail at the specified email with an activation link to create a password themselves.

The password must have a:

  • Minimum of 8 characters.
  • Minimum of 1 lower case character.
  • Minimum of 1 uppercase character.
  • Minimum of 1 number.

Request

POST /api/user

^^Request body example^^
{
  "first_name": "John",
  "last_name": "Doe",
  "role": "agent",
  "email": "john.doe@weseedo.nl",
  "password": "JohnDoePassWord#123"
  "locale": "nl",
}

^^Response example^^
{
  "success": true,
  "result": {
    "id": "THE_ID_OF_YOUR_USER_HERE",
    "first_name": "John",
    "last_name": "Doe",
    "name": "John Doe",
    "email": "john.doe@weseedo.nl",
    "company": {
      "id": "5d..c3",
      "name": "WeSeeDo Demo Company B.V."
    },
    "created_at": "2019-01-01T00:00:00.000Z",
    "role": "agent",
    "locale": "nl"
  }
}

The id of the newly created agent user is the user id of the agent that you will use in subsequent requests.

Create a new meeting

This endpoint creates a new meeting. Use an internationally formatted phone number (for example, '+31612345678). Dutch formats0612345678and12345678are automatically converted to their international format+31612345678`.

Request

POST /api/meeting

^^Request body example^^
{
  "participant": “0612345678”
}

^^Response example^^
{
  "success": true,
  "result": {
    "id": "THE_ID_OF_THE_MEETING_HERE",
    "room_id": "9XT...3cX",
    "room_password": "FBJ...A0a",
    "duration": 0,
    "room_available_from": 1568827158,
    "room_available_till": 1569431958,
    "participants": [
      {
        "username": "agent.5d8...45c",
        "name": "Test Agent",
        "id": "5d8...463",
        "user": "5d8...45c",
        "email": "test_agent@weseedo.nl"
      },
      {
        "username": "visitor.qBSnqvFI9TSEsSZA",
        "name": "0612312312",
        "id": "THE_ID_OF_THE_PARTICIPANT_HERE",
        "hash": "A_HASHED_TOKEN_FOR_THE_PARTICIPANT (for example: 4AWLhxRfOgsK0xBC5MRVHZVuELL964zu_mwUwyXwsDEGW07oy4XLiSqtsdvj0QhWp)"
      }
    ]
  }
}

Theid and hash from the participants list (the first one is the agent, the second is the participant).

Send an SMS to a participant

Now that the meeting is created, send an SMS containing a secure URL to the participant. The recipient needs to click on the URL to start the video streaming session with the agent user.

In the body of the SMS use the id and hash of the participant that was returned when creating the meeting.

Request

POST /api/sms

^^Request body example^^
{
  "participant": "Use the 'id' of the participant that was returned when creating the meeting",
  "body": "Click on the link and click 'Allow'. https://login-direct.weseedo.nl/client.html?id=**REPLACE_WITH_PARTICIPANT_HASH**"
}

^^Response example^^
{
  "result": true
}

A text message is sent to the participant's smartphone. The participant needs to click on the secure link and allow access to the camera of the phone. The video will start streaming immediately to the agent.

Fetch the URL so that agent is able to log in

This endpoints allows a user to be able to automatically log in to the WeSeeDo Direct web interface by generating a login URL. Redirect the user to the generated URL to log the user in automatically without the need to enter a username and password.

Send a request to the /api/autologin endpoint with the e-mail address of the agent in the HTTP header.

Request

GET /api/autologin

Header parameters

Send the e-mail address of the user in the header:

-H 'company_email: firstname.lastname@company.com'

The server provides a Redirect URL, which allows the agent to log in to the portal:

^^Response Redirect URL example^^
{

    "url": "https://sandbox-direct.weseedo.nl/login/aHgW5FupTeDYLIA6q1IHkqfDaB4Tnqq14hb5StqqWlNsiTarvMTA6aZboBZAB0u9fRwE6QBDy5dgfhuTf0SonGCX1YHqWZu6OLHyZIvQXfSFT2Hqazv2JrL4rSxLmDppDh3uBH6FAvDBCHJDpMi1K2MU3WGHOgsVT1U0A5IlN2lWhJug3hFqLWEdfDvTmuPjX7CG1pSNkSLhFWQGqItnw6KsdBhZJzajdjSAJamBZx1Ofe6WrR947kcTeCluVfrQ"

}

URLs to sandbox and production site

  • WeSeeDo sandbox: https://sandbox-direct.weseedo.nl/login/REPLACE_WITH_ACCESS_TOKEN_OF_AGENT.
  • WeSeeDo production: https://login-direct.weseedo.nl/login/REPLACE_WITH_ACCESS_TOKEN_OF_AGENT.

When using the URLs mentioned above, the agent will automatically be logged in and able to use the application.

The user interface also provides the ability to create meetings. If you want to prevent the agent from creating meetings that way and only want to log in the agent for a specific WeSeeDo Direct session, do the following:

  • After creating a new meeting, send the redirect URL with an added /1 to the participant.

For example (production):

^^Response Redirect URL example^^
https://sandbox-direct.weseedo.nl/login/aHgW5FupTeDYLIA6q1IHkqfDaB4Tnqq14hb5StqqWlNsiTarvMTA6aZboBZAB0u9fRwE6QBDy5dgfhuTf0SonGCX1YHqWZu6OLHyZIvQXfSFT2Hqazv2JrL4rSxLmDppDh3uBH6FAvDBCHJDpMi1K2MU3WGHOgsVT1U0A5IlN2lWhJug3hFqLWEdfDvTmuPjX7CG1pSNkSLhFWQGqItnw6KsdBhZJzajdjSAJamBZx1Ofe6WrR947kcTeCluVfrQ/1

The redirect URLs send the participant to a limited web interface, which only allows to:

  • Wait for a participant to click the link in the SMS.
  • Perform the video call.
  • When the call ends, the agent is redirected to a page indicating that the call has ended. The normal user interface to schedule meetings will not be accessible to the agent.


Return codes

Code Description
200 Success.
201 Created.
202 Accepted.
302 Found. Link in location header.
400 Bad request.
401 Unauthorized.
403 Forbidden.
404 Not found.
405 Method not allowed.
412 Precondition failed.
429 Too many requests.
500 Internal server error.
502 Bad gateway.
503 Service unavailable.


HTTP response headers

The following tables display the standard response headers that are returned with each API response:

Standard response field name Description
sunset This field will be populated with the deprecation details. By default the value is n/a.
api-version Indicates the API version you have used.
quota-interval Used to specify an integer (for example, 1, 2, 5, 60, and so on) that will be paired with the quota-time-unit you specify (minute, hour, day, week, or month) to determine a time period during which the quota use is calculated.
For example, an interval of 24 with a quota-time-unit of hour means that the quota will be calculated over the course of 24 hours.
quota-limit Number of API calls an user can make within a given time period.
If this limit is exceeded, the user will be throttled and API requests will fail.
quota-reset-UTC All quota times are set to the Coordinated Universal Time (UTC) time zone.
quota-time-unit Used to specify the unit of time applicable to the quota.
For example, an interval of 24 with a quota-time-unit of hour means that the quota will be calculated over the course of 24 hours.
quota-used Number of API calls made within the quota.
strict-transport-security The HTTP Strict-Transport-Security (HSTS) response header lets a website tell browsers that it should only be accessed using HTTPS, instead of using HTTP. All present and future subdomains will be HTTPS for a maximum of 1 year and access is blocked to pages or sub domains that can only be served over HTTP including HSTS preload lists of web browsers.
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload.
Access control field name Description
access-control-allow-credentials Tells browsers whether to expose the response to frontend JavaScript when the request's credentials mode (Request.credentials) is include.
When a request's credentials mode (Request.credentials) is include, browsers will only expose the response to frontend JavaScript if the Access-Control-Allow-Credentials value is true. Boolean.
access-control-allow-origin Indicates whether the response can be shared with requesting code from the given origin.
access-control-allow-headers Used in response to a pre-flight request which includes the Access-Control-Request-Headers to indicate which HTTP headers can be used during the actual request.
access-control-max-age Indicates how long the results of a pre-flight request (that is the information contained in the Access-Control-Allow-Methods and Access-Control-Allow-Headers headers) can be cached.
access-control-allow-methods Indicates which HTTP methods are allowed on a particular endpoint for cross-origin requests.
For example: GET, PUT, POST, DELETE.
content-length The Content-Length entity header indicates the size of the entity-body, in bytes, sent to the recipient.
content-type The Content-Type entity header the client what the content type of the returned content actually is.

Mopinion feedback