IntegrityNext | RESTful basic API
The IntegrityNext platform provides REST API access to customers (with ‘Enterprise’ license). These APIs apply specifically to customers which have their own processes and tools in place and want to integrate the IntegrityNext platform into their system landscape. With purchase of the ‘Enterprise’ license customers receive an authentication token. With this customers are able to activate the APIs as a self-service.
IntegrityNext provides two integrations:
- GET Supplier Compliance Data
- POST Create and Invite New Suppliers
Definitions
| Property | Description |
|---|---|
| id | Supplier ID defined by the customer |
| name | Supplier name |
| originalName | Supplier name defined by the customer |
| Email of supplier contact to complete self-assessment | |
| invitationStatus | Status of the supplier registration |
| invitationTopics | Optional array of compliance topics the invited supplier has to answer |
| duns | DUNS - Data Universal Numbering System by Dun & Bradstreet (D&B) |
| street | Supplier street |
| postalCode | Supplier postal code |
| city | Supplier city |
| countryCode | Supplier country (ISO-2 code) |
| publicProfileUrl | Link to public supplier compliance profile (results per topic on a high level) |
| detailedProfileUrl | Link to detailed supplier compliance profile (incl. answers and certificates) |
| socialMediaUrl | Link to social media profile of supplier (findings, messages, live stream) |
| assesment | Self-assessment result |
| socialMediaMonitoring | Social-Media-Monitoring (with critical messages count) |
| abac | Anti-Bribery & Anti-Corruption |
| bucm | Business Continuity |
| cafo | Carbon Footprint |
| cbin | Extended Company Information |
| cmin | Conflict Minerals |
| coba | Cobalt |
| coin | Conflict Of Interest |
| dive | Diversity |
| ecsa | Management & Owners |
| enma | Energy Management |
| epro | Environmental Protection |
| fida | Financial Information |
| gdpr | Data Protection (GDPR) |
| hesa | Health & Safety |
| hrla | Human Rights & Labor |
| isec | Cyber Security |
| qman | Quality Management |
| reac | REACH |
| rohs | RoHS |
| scre | Supply Chain Responsibility |
| shre | EU SRR |
| trps | Trading Partner Security |
Endpoint
https://api.integritynext.com| Method | Path | Description |
|---|---|---|
| GET | /suppliers | Retrieve list of your suppliers with compliance data |
| POST | /suppliers | Create/invite new suppliers to your company |
Please note that order of elements in JSON objects is not guaranteed.
Authentication
Currently only Basic Auth with Bearer token is supported. Simply add an Authorization header with your provided token to the HTTP request, e.g.
$ curl https://api.integritynext.com/suppliers -H "Authorization: Bearer YOUR_TOKEN"
Note: $ is the command line prompt, curl is https://curl.haxx.se/
GET /suppliers
- success: 200/OK
-
success response: Array of Objects
[ { "id": String "name": String "email": String "invitationStatus": Enum ["registered" | "pending"] "duns": String "originalName": String "publicProfileUrl": String (URL) "detailedProfileUrl": String (URL) "socialMediaUrl": String (URL) "address": { "street": String "postalCode": String "city": String "countryCode": String (ISO-2 code) } "assessment": { "total": Enum ["green" | "yellow" | "red" | "grey"] "abac": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "bucm": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "cafo": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "cbin": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "cmin": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "coba": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "coin": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "dive": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "ecsa": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "enma": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "epro": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "fida": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "gdpr": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "hesa": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "hrla": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "isec": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "qman": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "reac": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "rohs": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "scre": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "shre": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] "trps": Enum ["green" | "green-not-relevant" | "yellow" | "red" | "grey"] } "socialMediaMonitoring": { "isCritical": Bool [true | false] "total": Long "abac": Long "bucm": Long "cafo": Long "cbin": Long "cmin": Long "coba": Long "coin": Long "dive": Long "ecsa": Long "enma": Long "epro": Long "fida": Long "gdpr": Long "hesa": Long "hrla": Long "isec": Long "qman": Long "reac": Long "rohs": Long "scre": Long "shre": Long "trps": Long } } ] - error response: see section “Error Handling”
POST /suppliers
- Header “Content-Type” must be set to “application/json”
-
Body: List of suppliers
[ { "id": String (required) "duns": String (optional) "name": String (required) "email": String (required, valid email) "address": { "street": String "postalCode": String "city": String "countryCode": String (ISO-2 code) } "invitationTopics": ["qman", "cmin"] } ] -
Validation
- id, name and email are required
- email must be a valid Email address
-
invitationTopics is optional
Supports the following parameters:
abac, epro, hrla, hesa, scre, shre, cbin, fida, coin, ecsa, trps, qman, enma, isec, gdpr, cmin, reac, rohs, dive, bucm, cafo, coba
See also Definitions for topic parameters.
- success: 200/OK
- success response: empty
-
validation error
- HTTP status 422/UNPROCESSABLE_ENTITY
- error response contains details with specific validation errors (see below)
Error Handling
In case of an error, the Enterprise API will always return an appropriate HTTP status code along with a JSON error response.
Possible error codes
| Status | Description | |
|---|---|---|
| 400 | BAD_REQUEST | Invalid Request data. See error response message and details |
| 401 | UNAUTHORIZED | Wrong/invalid or missing credentials. See section "Authentication" |
| 404 | NOT_FOUND | Resource not found. Most probably you requested the wrong URL |
| 405 | METHOD_NOT_ALLOWED | When trying to access a resource with wrong HTTP method, e.g. PUT on /suppliers |
| 413 | PAYLOAD_TO_LARGE | The amount of data you sent, exceeds a specified maximum. See error response for details |
| 415 | UNSUPPORTED_MEDIA_TYPE | When wrong data format is sent or "content-type" header is wrong |
| 422 | UNPROCESSABLE_ENTITY | Input validation error. Please see error response details |
| 500 | INTERNAL_SERVER_ERROR | Severe, unknown error |
Error response
- timestamp: ISO-formatted date-time (UTC)
- id: a unique identifier of the error
- status: HTTP status code (same as in response header)
- statusMessage: HTTP status message
- message: a brief, human readable error message
- details: optional, may contain arbitrary information about the error, e.g. a list of validation errors (see: example 2, below)
