Overview
KORE’s Premium Deal API offers a secure and programmatic way to create, retrieve, and update deals. This includes deal sheets, billings, and more. It is a RESTful API—a client only needs to send proper HTTPS requests in JSON format. The API always returns a JSON response, even for error conditions.
Obtain an authorization token
Before using the API, you must first obtain a bearer token by sending a POST request to the KOREAuth endpoint. If successful, the endpoint returns a JSON object containing the token.
To send the request, you’ll need these values from KORE:
client_id
(must be URL encoded)client_secret
(must be URL encoded)auth_server
Sample JavaScript code for requesting a bearer token:
var auth_server = "https://koreauth.koresoftware.com/connect/token";
var client_id = "YOUR-CLIENT-ID";
var client_secret = "YOUR-CLIENT-SECRET";
fetch(auth_server, {
method: 'post',
headers: {"Content-type": "application/x-www-form-urlencoded"},
body: "grant_type=client_credentials&scope=pss-api&client_id=" +
client_id + "&client_secret=" + client_secret
});
.then(response => response.json());
.then(token => token.access_token);
.then(
function(token) {
console.log("Token: " + token);
});
Construct the API call
To call the API, you’ll need two values from KORE: api_url
and api_key
.
The api_url
must specify HTTPS; unsecured calls will be rejected. The endpoint for Premium Deals is /aggregates/premium-deal-summaries/by-opportunity/
.
Each query sent to the API must include these headers:
Content-Type: application/json
X-Api-Key:
(KORE will provide the value to use here)Authorization:
(The bearer token obtained in the previous step)
Note: KORE may occasionally provide access to a beta version with new features. To use it, include the optional X-Api-Version
header and the value KORE provides.
The API supports Cross-Origin Resource Sharing (CORS). The headers in the response include Access-Control-Allow-Origin *
allowing your code access regardless of domain. The API will also respond to pre-flight requests.
Caution: Do not set Access-Control-Allow-Origin
true
in your headers. If you use XMLHttpRequest, do not set withCredentials true
.
Sample JavaScript code for making an API call:
var api_url = "https://koreapi.example.com";
var api_key = "YOUR-API-KEY";
var guid = "GUID-OF-PREMIUM-DEAL";
var endpoint = "/aggregates/premium-deal-summaries/by-opportunity/";
var my_token = "TOKEN-FROM-PREVIOUS-STEP";
fetch(api_url + endpoint + guid, {
method: 'get',
headers: {
"Content-type": "application/json",
"X-Api-Key": api_key,
"Authorization": "Bearer " + my_token
};
});
.then(response => response.json());
.then(data => console.log(data));
Response
Success
A successful call returns a JSON object representing the Premium Deal. For example:
[
{
"premium_deal_id": "1234abcd-1234-abcd-123456789abc",
"premium_deal_#": "5555",
"account_id": "abcd1234-abcd-1234-abcdefghi123-",
"account_name": "Try Now Do Ltd",
"total_seats": 8,
"event_name": "Springfield vs. Shelbyville 1/30/21",
"event_id": "12345678-1234-1234-abcdefghijkl",
"section_name": "Premium 102",
"premium_deal_contracted_on": null,
"premium_deal_total": 25000.000000,
"location_total": 12500.000000,
"location_id": "abcdefgh-abcd-abcd-123456789000",
"experience_bank": 0.000000,
"f&b_package": 0.000000,
"license_fee": 12500.000000,
"rental_fee": 0.000000,
"sro": 0.000000,
"tao_spend": 0.000000
}
]
Error
The HTTP status code provides the error type:
400 |
Bad Request |
See details in the response |
401 |
Authentication Required |
The authentication header was missing, or the token was invalid / expired. |
403 |
Forbidden |
The authenticated user doesn’t have permission to take the requested action. |
404 |
Not Found |
The requested entity doesn’t exist |
500 |
Server Error |
See details in the response
|
The API returns a JSON object which may contain additional information about the error. The JSON object includes the following fields:
id |
Entity item ID |
error_id |
Unique reference number; include this code if you open a support ticket |
error |
The category of the error |
message |
A detailed error message |
link |
(reserved for future use) |
errors |
Additional error messages, if any |