This documentation applies to version 1
of the WeSeeDo Direct API. To see the API documentation for version 2
, go to Documentation.
Introduction
The WeSeeDo Direct API helps you to implement a one-way, safe and live visual connection in your existing software packages. It enables you to watch and assist customers during a telephone conversation, while the telephone connection remains.
You can integrate the WeSeeDo Direct API within your existing company processes and your own applications using OAuth2. The WeSeeDo Direct API does not store data.
API specification
Base URL
https://api-prd.kpn.com/communication/weseedo/weseedodirect
Conceptual model
Definitions
Agent
A person working for an agency or company that deals with customer queries.
Participant
A person or customer who reports incidents to the agent.
API workflow
Automatic agent login workflow
Requirements
Participant
A mobile device with:
- A camera.
- An adequate internet connection, minimum 3G or wifi.
- A WebRTC supported browser.
Agent
- A WebRTC supported browser, preferably Google Chrome.
Features
- One-way visual connection.
- Direct image of location/situation on site.
- Existing telephone calls will continue to work.
- Agents can take pictures of location or situation on-site in the web browser (optional).
- Agents can chat with participants (optional).
Getting started
Make sure you've read What's in it for you for more info on how to register and start testing APIs.
Authentication
The API follows the KPN Store API Authentication Standard to secure the API. It includes the use of OAuth 2.0 client_id
and client_secret
to receive an access token.
Go to the Authentication tab on top of this page to find out how to:
- Authenticate to an API using cURL.
- Authenticate to an API on Swaggerhub.
- Import Open API Specifications (OAS), also called Swagger files into Postman.
The following section shows a selection of API requests. Go to the API specification to see all requests.
How to...
Follow these steps to schedule your first WeSeeDo Direct video call:
- Obtain access token.
- Retrieve user details.
- Update user details.
- Delete users.
- Create agent users.
- Create a new meeting.
- Send SMS to participant.
- Fetch the URL so that agent is able to login.
Obtain access token
To perform actions on the API, you need to authenticate using your OAuth 2.0 credentials. See Authentication.
Retrieve user details
Retrieves a specific user.
Path parameters
To retrieve user details, replace {id}
with the id
attribute of an user in the path.
Request
GET /api/users/{id}
The server will provide a response similar to the object below:
^^Response example^^
{
"success": true,
"result": [
{
"id": "58..eb",
"name": "Agent 1",
"email": "agent1@weseedo.nl",
"locale": "nl",
"role": "agent",
"company": {
"id": "58..60",
"name": "WeSeeDo B.V."
}
},
{
"id": "58..ec",
"name": "Assistent 1",
"email": "assistent1@weseedo.nl",
"locale": "nl",
"role": "assistent",
"company": {
"id": "58..60",
"name": "WeSeeDo B.V."
}
}
]
}
Update user details
Updates the details of a specific user.
Request
PUT /api/users{id}
Path parameters
To create a user, replace {id
} with the id
attribute of a user in the path.
Request
^^Request body example^^
{
"first_name": "string",
"last_name": "string",
"locale": "string"
}
Response
^^Response example^^
{
"success": true,
"result": [
{
"id": "58..82",
"first_name": "Testfirstname",
"last_name": "Testlastname",
"name": "Testfirstname Testlastname",
"email": "agent1@weseedo.nl",
"locale": "nl",
"role": "agent",
"created_at": "2017-11-17T12:07:56.308Z",
"company": {
"id": "58..82",
"name": "WeSeeDo B.V."
}
}
]
}
Delete users
Request
DELETE /api/users/{id}
To delete a user, replace {id}
with the id
attribute of a user in the path.
^^Response example^^
{
"success": true,
"result": {
"id": "5a..82"
}
}
Create agent users
This endpoint allows you to create agent users.
Send a request to the /api/user
endpoint with the details of the user.
- If you set a
password
:- Production users will be able to log in directly to WeSeeDo production using the provided
email
andpassword
. - Sandbox users will be able to log in directly to WeSeeDo sandbox using the provided
email
andpassword
.
- Production users will be able to log in directly to WeSeeDo production using the provided
- If you don't set a
password
, users will receive an e-mail at the specifiedemail
with an activation link to create a password themselves.
The password must have a:
- Minimum of 8 characters.
- Minimum of 1 lower case character.
- Minimum of 1 uppercase character.
- Minimum of 1 number.
Request
POST /api/user
^^Request body example^^
{
"first_name": "John",
"last_name": "Doe",
"role": "agent",
"email": "john.doe@weseedo.nl",
"password": "JohnDoePassWord#123"
"locale": "nl",
}
^^Response example^^
{
"success": true,
"result": {
"id": "THE_ID_OF_YOUR_USER_HERE",
"first_name": "John",
"last_name": "Doe",
"name": "John Doe",
"email": "john.doe@weseedo.nl",
"company": {
"id": "5d..c3",
"name": "WeSeeDo Demo Company B.V."
},
"created_at": "2019-01-01T00:00:00.000Z",
"role": "agent",
"locale": "nl"
}
}
The
id
of the newly created agent user is the userid
of the agent that you will use in subsequent requests.
Create a new meeting
This endpoint creates a new meeting. Use an internationally formatted phone number (for example, '+31612345678). Dutch formats
0612345678and
12345678are automatically converted to their international format
+31612345678`.
Request
POST /api/meeting
^^Request body example^^
{
"participant": “0612345678”
}
^^Response example^^
{
"success": true,
"result": {
"id": "THE_ID_OF_THE_MEETING_HERE",
"room_id": "9XT...3cX",
"room_password": "FBJ...A0a",
"duration": 0,
"room_available_from": 1568827158,
"room_available_till": 1569431958,
"participants": [
{
"username": "agent.5d8...45c",
"name": "Test Agent",
"id": "5d8...463",
"user": "5d8...45c",
"email": "test_agent@weseedo.nl"
},
{
"username": "visitor.qBSnqvFI9TSEsSZA",
"name": "0612312312",
"id": "THE_ID_OF_THE_PARTICIPANT_HERE",
"hash": "A_HASHED_TOKEN_FOR_THE_PARTICIPANT (for example: 4AWLhxRfOgsK0xBC5MRVHZVuELL964zu_mwUwyXwsDEGW07oy4XLiSqtsdvj0QhWp)"
}
]
}
}
The
id
andhash
from the participants list (the first one is the agent, the second is the participant).
Send an SMS to a participant
Now that the meeting is created, send an SMS containing a secure URL to the participant. The recipient needs to click on the URL to start the video streaming session with the agent user.
In the body of the SMS use the id
and hash
of the participant that was returned when creating the meeting.
Request
POST /api/sms
^^Request body example^^
{
"participant": "Use the 'id' of the participant that was returned when creating the meeting",
"body": "Click on the link and click 'Allow'. https://login-direct.weseedo.nl/client.html?id=**REPLACE_WITH_PARTICIPANT_HASH**"
}
^^Response example^^
{
"result": true
}
A text message is sent to the participant's smartphone. The participant needs to click on the secure link and allow access to the camera of the phone. The video will start streaming immediately to the agent.
Fetch the URL so that agent is able to log in
This endpoints allows a user to be able to automatically log in to the WeSeeDo Direct web interface by generating a login URL. Redirect the user to the generated URL to log the user in automatically without the need to enter a username and password.
Send a request to the /api/autologin
endpoint with the e-mail address of the agent in the HTTP header.
Request
GET /api/autologin
Header parameters
Send the e-mail address of the user in the header:
-H 'company_email: firstname.lastname@company.com'
The server provides a Redirect URL, which allows the agent to log in to the portal:
^^Response Redirect URL example^^
{
"url": "https://sandbox-direct.weseedo.nl/login/aHgW5FupTeDYLIA6q1IHkqfDaB4Tnqq14hb5StqqWlNsiTarvMTA6aZboBZAB0u9fRwE6QBDy5dgfhuTf0SonGCX1YHqWZu6OLHyZIvQXfSFT2Hqazv2JrL4rSxLmDppDh3uBH6FAvDBCHJDpMi1K2MU3WGHOgsVT1U0A5IlN2lWhJug3hFqLWEdfDvTmuPjX7CG1pSNkSLhFWQGqItnw6KsdBhZJzajdjSAJamBZx1Ofe6WrR947kcTeCluVfrQ"
}
URLs to sandbox and production site
- WeSeeDo sandbox:
https://sandbox-direct.weseedo.nl/login/REPLACE_WITH_ACCESS_TOKEN_OF_AGENT
. - WeSeeDo production:
https://login-direct.weseedo.nl/login/REPLACE_WITH_ACCESS_TOKEN_OF_AGENT
.
When using the URLs mentioned above, the agent will automatically be logged in and able to use the application.
The user interface also provides the ability to create meetings. If you want to prevent the agent from creating meetings that way and only want to log in the agent for a specific WeSeeDo Direct session, do the following:
- After creating a new meeting, send the redirect URL with an added
/1
to the participant.
For example (production):
^^Response Redirect URL example^^
https://sandbox-direct.weseedo.nl/login/aHgW5FupTeDYLIA6q1IHkqfDaB4Tnqq14hb5StqqWlNsiTarvMTA6aZboBZAB0u9fRwE6QBDy5dgfhuTf0SonGCX1YHqWZu6OLHyZIvQXfSFT2Hqazv2JrL4rSxLmDppDh3uBH6FAvDBCHJDpMi1K2MU3WGHOgsVT1U0A5IlN2lWhJug3hFqLWEdfDvTmuPjX7CG1pSNkSLhFWQGqItnw6KsdBhZJzajdjSAJamBZx1Ofe6WrR947kcTeCluVfrQ/1
The redirect URLs send the participant to a limited web interface, which only allows to:
- Wait for a participant to click the link in the SMS.
- Perform the video call.
- When the call ends, the agent is redirected to a page indicating that the call has ended. The normal user interface to schedule meetings will not be accessible to the agent.
Return codes
Code | Description |
---|---|
200 | Success. |
201 | Created. |
202 | Accepted. |
302 | Found. Link in location header. |
400 | Bad request. |
401 | Unauthorized. |
403 | Forbidden. |
404 | Not found. |
405 | Method not allowed. |
412 | Precondition failed. |
429 | Too many requests. |
500 | Internal server error. |
502 | Bad gateway. |
503 | Service unavailable. |
HTTP response headers
The following tables display the standard response headers that are returned with each API response:
Standard response field name | Description |
---|---|
sunset | This field will be populated with the deprecation details. By default the value is n/a. |
api-version | Indicates the API version you have used. |
quota-interval | Used to specify an integer (for example, 1, 2, 5, 60, and so on) that will be paired with the quota-time-unit you specify (minute, hour, day, week, or month) to determine a time period during which the quota use is calculated. For example, an interval of 24 with a quota-time-unit of hour means that the quota will be calculated over the course of 24 hours. |
quota-limit | Number of API calls an user can make within a given time period. If this limit is exceeded, the user will be throttled and API requests will fail. |
quota-reset-UTC | All quota times are set to the Coordinated Universal Time (UTC) time zone. |
quota-time-unit | Used to specify the unit of time applicable to the quota. For example, an interval of 24 with a quota-time-unit of hour means that the quota will be calculated over the course of 24 hours. |
quota-used | Number of API calls made within the quota. |
strict-transport-security | The HTTP Strict-Transport-Security (HSTS) response header lets a website tell browsers that it should only be accessed using HTTPS, instead of using HTTP. All present and future subdomains will be HTTPS for a maximum of 1 year and access is blocked to pages or sub domains that can only be served over HTTP including HSTS preload lists of web browsers. Strict-Transport-Security: max-age=31536000; includeSubDomains; preload. |
Access control field name | Description |
access-control-allow-credentials | Tells browsers whether to expose the response to frontend JavaScript when the request's credentials mode (Request.credentials) is include. When a request's credentials mode (Request.credentials) is include, browsers will only expose the response to frontend JavaScript if the Access-Control-Allow-Credentials value is true. Boolean. |
access-control-allow-origin | Indicates whether the response can be shared with requesting code from the given origin. |
access-control-allow-headers | Used in response to a pre-flight request which includes the Access-Control-Request-Headers to indicate which HTTP headers can be used during the actual request. |
access-control-max-age | Indicates how long the results of a pre-flight request (that is the information contained in the Access-Control-Allow-Methods and Access-Control-Allow-Headers headers) can be cached. |
access-control-allow-methods | Indicates which HTTP methods are allowed on a particular endpoint for cross-origin requests.For example: GET, PUT, POST, DELETE. |
content-length | The Content-Length entity header indicates the size of the entity-body, in bytes, sent to the recipient. |
content-type | The Content-Type entity header the client what the content type of the returned content actually is. |