The Orb DLT Integration Layer APIs provide an integration framework composed of a collection of functions that enable integration of systems and applications across an enterprise with the Orb DLT stack. The Orb DLT IL API is organized around REST and has predictable resource-oriented URLs.

Limitations on user IDs and passwords

User ID specifications

  • Minimum 4 characters
  • Maximum 15 characters
  • Allowed characters:
TypeValue
Numerical characters0-9
Alphabetical lowercase charactersa-z
Alphabetical uppercase charactersA-Z
Underscores_

Reference:Usernames on Twitter

Password specifications

We recommended you use strong passwords when creating new accounts and when setting new accounts' passwords, as per industry best practices. Password complexity is enforced upon creating a new account or changing an existing account's password.

  • Minimum 7 characters

  • Maximum 32 characters

  • Allowed characters:

TypeValue
Numerical characters0-9
Alphabetical lowercase charactersa-z
Alphabetical uppercase charactersA-Z
Symbols!@#$%^&*()_+=-{}[]~`;:?|/,."'<>

Error Management

Errors returned by the API are displayed in JSON format in the response body. It follows the following pattern:

{
 "errors": [
   {
     "category": "INVALID_REQUEST_ERROR",
     "code": "00B1234",
     "detail": "This is a first error message."
   },
   //...
   {
     "category": "INVALID_REQUEST_ERROR",
     "code": "00B5678",
     "detail": "This is a second error message."
   }
 ]
}
  • category: denotes the category of the error. Available values are:
    • AUTHENTICATION_ERROR for errors due to authentication (login or request with wrong authentication header)
    • INVALID_REQUEST_ERROR for an invalid request (such as invalid parameters or attempt to fetch unexisting data)
    • TRANSACTION_ERROR when a transaction fails because of an internal error (the user may need to contact the issuer to validate the state of its coin balance)
    • API_ERROR for any other internal error that does not have an influence on the coin balance.
  • code: a unique identifier for the corresponding error.
  • detail: A description of the error.

Authentication and Authorization

Most of the endpoints of the SmartCoin API requires an authentication token. This token is delivered when making a request to the login endpoint.
For requests requiring an authentication token, the token should be put as a value of the X-Auth-Token header.