SHIFT72 API Documentation

Services

The SHIFT72 API is grouped into a number of areas of use. Developers can use this reference page to navigate to areas of interest.

• User API - User login and registration
• Meta API - Provides descriptions for films and TV
• Geo API - Provides geo location information
• Pricing API - Provides multi currency pricing and region controls
• Shopping API - Provides a transactional shopping service
• Content API - Provides content ingestion and playback services
• Reporting API - Provides sales reporting services
• License API - Provides license authorization services
• Webhooks API - Set up integrations which subscribe to certain events from your SHIFT72 platform.

OpenAPI

Our OpenAPI documentation is a work in progress!

• Content API (yaml)
• Users API (yaml)
• Discovery API (yaml)

API Access and Authentication

You can access the Shift72 API through your site’s domain, for example: https://yoursite.com/services/users/auth/sign_in

Authentication can be in two ways:

• API key: generated via the Admin app
• User auth token obtained via the sign in API

In both cases, you provide the token as the X-Auth-Token header on your requests.

Some endpoints return additional data (e.g. unpublished content) when accessed by an admin user or API key.

Example Request

curl -i 'https://store.shift72.com/services/users/auth/sign_up' \
     -d 'user[email]=me@email.com' \
     -d 'user[password]=password' \
     -X POST

curl -i 'https://store.shift72.com/services/users/auth/sign_in' \
     -H 'Content-Type: application/json;charset=UTF-8' \
     -d '{ "user": {
            "email":"user@example.com",
            "password":"123",
            "remember_me":false }
        }'

Response

HttpStatus: 200
{  
  "auth_token":"3007b63f9947fad76cfc3347b1d47a",
  "account":{  
    "user_id":2,
    "email":"admin@store.shift72.com",
    "name":"Admin User",
    "users":[  
      {  
        "id":2,
        "email":"admin@store.shift72.com",
        "name":"Admin User",
        "avatar_url":null,
        "access_code":null,
        "account_admin":null,
        "dob":null
      }
    ],
    "bypass_cache":true
  }
}

Error Handling

Errors will use HTTP status codes. In some cases a reason will be supplied.

Caching

Shift72’s API apply caching based on each API’s cache policy. This varies by endpoint, but some APIs that don’t change frequently may cache responses for up to 5 minutes.

You can opt-out of this cache by setting X-Bypass-Cache: 1 on your requests. Some APIs return different results for admin users (e.g. unpublished content). In admin apps or scripts, it’s always best to use X-Bypass-Cache: 1 to avoid receiving a mix of public and private responses.

CDNs and Reverse Proxies

While you can host your site behind a CDN or reverse proxy for better end-user performance, but it must be configured carefully to avoid incorrect behaviour:

• Respect upstream cache policies. Some APIs (e.g. user library) are intentionally never cached to avoid issues where a user purchases content and can’t immediately see it. Do not override the Cache-Control headers set by the origin server.
• Bypass cache for admin traffic: Configure your CDN to bypass caching when X-Bypass-Cache, or the sig/e cookies are present. This ensures admins can see the preview build of the site, and that the admin app does not malfunction.
• Geolocation awareness: Some APIs such as pricing and availability return localized results based on IP geolocation. A CDN that covers multiple regions may show incorrect prices or availability
• Trusted IP forwarding: playback geolocation and proxy detection features rely on knowing the user’s IP. Ensure your CDN forwards the true client IP, and that Shift72’s servers are configured to trust your CDN’s IP range.

If you’re considering adding a CDN or reverse proxy, please contact your account manager to ensure the correct configuration.

Embedded Checkout

You can embed Shift72 Checkout into any website.

Integrating Checkout into your site

Player

Player URL parameters