{"activeVersionTag":"latest","latestAvailableVersionTag":"latest","collection":{"info":{"_postman_id":"8b07e93e-fdb5-4a0f-87fb-f880060df456","name":"Wheel Pros APIs","description":"## Product Data Portal Environments\n\n| Environment | Base URL | \n| ------ | ------ |\n| Dev | https://dev.backend.api.data.wheelpros.com/dev |\n| qa | https://qa.backend.api.data.wheelpros.com/qa |\n| stage | https://stage.backend.api.data.wheelpros.com/stage |\n| prod | https://backend.api.data.wheelpros.com/prod |\n\n**Note:** We recommend using a product data portal staging environment for all kinds of testing and development purposes.\n\n## Steps need to be followed before using the Order APIs\n\n- Register the **user** account in [Product Data Portal](https://data.wheelpros.com)\n- Once the admin approves the account the one-time password will be sent to the registered email address \n- Update the password in the Product Data Portal Portal\n- Request WheelPros to access Order Related APIs ( By Default there is no access will be available for Order APIs )\n- Update Postman environment variables with the Product Data Portal Username and password\n\n\n## Authentication\n\nTo use the APIs in this collection the requests needs to be signed by using an AWS Signature Version 4 Standard. This will provide the RBAC ( Role-Based Access Control ) to access the APIs.\n\nIn the process of signing the request, it is required to have IAM Credentials ( AccessKey, SecretKey, SessionToken ), AWS Region ( '`us-west-2`' ) and Service ( '`execute-api`' ).\n\nIn the postman Collection itself, there is a request ( 'Authentication' ) to get the temporary IAM credentials from the portal. These credentials are short lived and have access to certain APIs, please refer to the API Documentation for more information.\n\n**Note:** In Postman everything is going to be handled by the scripts we wrote in the collection.\n\n**Error Message Insufficient access permissions**\n\n```\n{\n \"message\": \"User: arn:aws:sts::***:assumed-role/***/CognitoIdentityCredentials is not authorized to perform: execute-api:Invoke on resource: arn:aws:execute-api:us-west-2:********0831:slygwos7kf/stage/POST/orders/* with an explicit deny\"\n}\n```\n\n**Note:** This denotes the username and password is valid but the user does not have sufficient permissions to access order-related APIs. Please request wheelpros for access.\n\n## Request Signing Samples\n\n**_Python Code Snippet - Without Using SDK_**\n```py\nimport sys, os, base64, datetime, hashlib, hmac \nimport requests # pip install requests\n# Key derivation functions. See:\n # http://docs.aws.amazon.com/general/latest/gr/signature-v4-examples.html#signature-v4-examples-python\ndef sign(key, msg):\n return hmac.new(key, msg.encode(\"utf-8\"), hashlib.sha256).digest()\n \ndef getSignatureKey(key, date_stamp, regionName, serviceName):\n kDate = sign(('AWS4' + key).encode('utf-8'), date_stamp)\n kRegion = sign(kDate, regionName)\n kService = sign(kRegion, serviceName)\n kSigning = sign(kService, 'aws4_request')\n return kSigning\n\ndef handler(event, content):\n # ************* REQUEST VALUES *************\n method = 'POST'\n service = 'execute-api'\n host = 'slygwos7kf.execute-api.us-west-2.amazonaws.com'\n region = 'us-west-2'\n endpoint = 'https://slygwos7kf.execute-api.us-west-2.amazonaws.com/stage/search/loadFilterData/'\n # POST requests use a content type header.\n # the content is JSON.\n content_type = 'application/x-amz-json-1.0'\n \n \n request_parameters = '{\"filterType\": \"WHEEL\",\"filters\": {\"filterQuery\": \"\"}}'\n # Read AWS access key from env. variables or configuration file. Best practice is NOT\n # to embed credentials in code.\n access_key = ''\n secret_key = ''\n session_token = ''\n if access_key is None or secret_key is None:\n print('No access key or secret key is available.')\n sys.exit()\n \n # Create a date for headers and the credential string\n t = datetime.datetime.utcnow()\n amz_date = t.strftime('%Y%m%dT%H%M%SZ')\n date_stamp = t.strftime('%Y%m%d') # Date w/o time, used in credential scope\n \n \n # ************* TASK 1: CREATE A CANONICAL REQUEST *************\n # http://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html\n \n # Step 1 is to define the verb (GET, POST, etc.)--already done.\n \n # Step 2: Create canonical URI--the part of the URI from domain to query \n # string (use '/' if no path)\n canonical_uri = '/stage/search/loadFilterData/'\n \n ## Step 3: Create the canonical query string. In this example, request\n # parameters are passed in the body of the request and the query string\n # is blank.\n canonical_querystring = ''\n \n # Step 4: Create the canonical headers. Header names must be trimmed\n # and lowercase, and sorted in code point order from low to high.\n # Note that there is a trailing \\n.\n canonical_headers = 'content-type:' + content_type + '\\n' + 'host:' + host + '\\n' + 'x-amz-date:' + amz_date + '\\n' + 'x-amz-security-token:' + session_token + '\\n'\n \n # Step 5: Create the list of signed headers. This lists the headers\n # in the canonical_headers list, delimited with \";\" and in alpha order.\n # Note: The request can include any headers; canonical_headers and\n # signed_headers include those that you want to be included in the\n # hash of the request. \"Host\" and \"x-amz-date\" are always required.\n signed_headers = 'content-type;host;x-amz-date;x-amz-security-token'\n \n # Step 6: Create payload hash. In this example, the payload (body of\n # the request) contains the request parameters.\n payload_hash = hashlib.sha256(request_parameters.encode('utf-8')).hexdigest()\n \n # Step 7: Combine elements to create canonical request\n canonical_request = method + '\\n' + canonical_uri + '\\n' + canonical_querystring + '\\n' + canonical_headers + '\\n' + signed_headers + '\\n' + payload_hash\n print('Canonical String:',canonical_request)\n \n # ************* TASK 2: CREATE THE STRING TO SIGN*************\n # Match the algorithm to the hashing algorithm you use, either SHA-1 or\n # SHA-256 (recommended)\n algorithm = 'AWS4-HMAC-SHA256'\n credential_scope = date_stamp + '/' + region + '/' + service + '/' + 'aws4_request'\n string_to_sign = algorithm + '\\n' + amz_date + '\\n' + credential_scope + '\\n' + hashlib.sha256(canonical_request.encode('utf-8')).hexdigest()\n # print(\"signing String:\",string_to_sign);\n # ************* TASK 3: CALCULATE THE SIGNATURE *************\n # Create the signing key using the function defined above.\n signing_key = getSignatureKey(secret_key, date_stamp, region, service)\n \n # Sign the string_to_sign using the signing_key\n signature = hmac.new(signing_key, (string_to_sign).encode('utf-8'), hashlib.sha256).hexdigest()\n \n \n # ************* TASK 4: ADD SIGNING INFORMATION TO THE REQUEST *************\n # Put the signature information in a header named Authorization.\n authorization_header = algorithm + ' ' + 'Credential=' + access_key + '/' + credential_scope + ', ' + 'SignedHeaders=' + signed_headers + ', ' + 'Signature=' + signature\n \n \n # header, the headers must be included in the canonical_headers and signed_headers values, as\n # noted earlier. The order here is not significant.\n # # Python note: The 'host' header is added automatically by the Python 'requests' library.\n headers = {'Content-Type':content_type,\n 'X-Amz-Date':amz_date,\n 'Authorization':authorization_header,\n 'X-Amz-Security-Token': session_token\n }\n \n \n # ************* SEND THE REQUEST *************\n print('\\nBEGIN REQUEST++++++++++++++++++++++++++++++++++++')\n print('Request URL = ' + endpoint)\n \n r = requests.post(endpoint, data=request_parameters, headers=headers)\n \n print('\\nRESPONSE++++++++++++++++++++++++++++++++++++')\n print('Response code: %d\\n' % r.status_code)\n print(r.text)\n```\n\n\n**AWS Docs for Request Signing: ** - https://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html\n\n## Request Signing Samples in other programming languages\n\n**Docs for AWS Signature V4: ** https://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html\n\n**AWS Javascript SDK: ** https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/\n\n**AWS Request Signing Example Javascript: ** https://github.com/mhart/aws4\n\n**AWS Request Signing Example for .NET: ** https://github.com/aws/aws-sdk-net/blob/master/sdk/src/Core/Amazon.Runtime/Internal/Auth/AWS4Signer.cs \n\n**PHP Example for Request Signing: ** https://docs.aws.amazon.com/aws-sdk-php/v3/api/class-Aws.Signature.SignatureV4.html#_signRequest","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","isPublicCollection":false,"owner":"14787489","collectionId":"8b07e93e-fdb5-4a0f-87fb-f880060df456","publishedId":"Tz5wVZn2","public":true,"publicUrl":"https://dev.api.postman.wheelpros.com","privateUrl":"https://go.postman.co/documentation/14787489-8b07e93e-fdb5-4a0f-87fb-f880060df456","customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"EF5B25"},"documentationLayout":"classic-single-column","customisation":null,"version":"8.10.1","publishDate":"2021-08-26T13:41:23.000Z","activeVersionTag":"latest","documentationTheme":"light","metaTags":{},"logos":{}},"statusCode":200},"environments":[{"name":"WheelPros-PDP-Stage","id":"e6b16626-90b4-49f0-9c28-75a78cf227fd","owner":"14787489","values":[{"key":"local-token-creds","value":"","enabled":false},{"key":"baseURL","value":"https://stage.backend.api.data.wheelpros.com/stage","enabled":true},{"key":"host","value":"stage.backend.api.data.wheelpros.com","enabled":true},{"key":"region","value":"us-west-2","enabled":true},{"key":"pdp-username","value":"","enabled":true},{"key":"pdp-password","value":"","enabled":true}],"published":true}],"user":{"authenticated":false,"permissions":{"publish":false}},"run":{"button":{"js":"https://run.pstmn.io/button.js","css":"https://run.pstmn.io/button.css"}},"web":"https://www.getpostman.com/","team":{"logo":"https://res.cloudinary.com/postman/image/upload/t_team_logo_pubdoc/v1/team/768118b36f06c94b0306958b980558e6915839447e859fe16906e29d683976f0","favicon":"https://wheelpros.com/favicon.ico"},"isEnvFetchError":false,"languages":"[{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"HttpClient\"},{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"RestSharp\"},{\"key\":\"curl\",\"label\":\"cURL\",\"variant\":\"cURL\"},{\"key\":\"dart\",\"label\":\"Dart\",\"variant\":\"http\"},{\"key\":\"go\",\"label\":\"Go\",\"variant\":\"Native\"},{\"key\":\"http\",\"label\":\"HTTP\",\"variant\":\"HTTP\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"OkHttp\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"Unirest\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"Fetch\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"jQuery\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"XHR\"},{\"key\":\"c\",\"label\":\"C\",\"variant\":\"libcurl\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Axios\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Native\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Request\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Unirest\"},{\"key\":\"objective-c\",\"label\":\"Objective-C\",\"variant\":\"NSURLSession\"},{\"key\":\"ocaml\",\"label\":\"OCaml\",\"variant\":\"Cohttp\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"cURL\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"Guzzle\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"HTTP_Request2\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"pecl_http\"},{\"key\":\"powershell\",\"label\":\"PowerShell\",\"variant\":\"RestMethod\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"http.client\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"Requests\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"httr\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"RCurl\"},{\"key\":\"ruby\",\"label\":\"Ruby\",\"variant\":\"Net::HTTP\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"Httpie\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"wget\"},{\"key\":\"swift\",\"label\":\"Swift\",\"variant\":\"URLSession\"}]","languageSettings":[{"key":"csharp","label":"C#","variant":"HttpClient"},{"key":"csharp","label":"C#","variant":"RestSharp"},{"key":"curl","label":"cURL","variant":"cURL"},{"key":"dart","label":"Dart","variant":"http"},{"key":"go","label":"Go","variant":"Native"},{"key":"http","label":"HTTP","variant":"HTTP"},{"key":"java","label":"Java","variant":"OkHttp"},{"key":"java","label":"Java","variant":"Unirest"},{"key":"javascript","label":"JavaScript","variant":"Fetch"},{"key":"javascript","label":"JavaScript","variant":"jQuery"},{"key":"javascript","label":"JavaScript","variant":"XHR"},{"key":"c","label":"C","variant":"libcurl"},{"key":"nodejs","label":"NodeJs","variant":"Axios"},{"key":"nodejs","label":"NodeJs","variant":"Native"},{"key":"nodejs","label":"NodeJs","variant":"Request"},{"key":"nodejs","label":"NodeJs","variant":"Unirest"},{"key":"objective-c","label":"Objective-C","variant":"NSURLSession"},{"key":"ocaml","label":"OCaml","variant":"Cohttp"},{"key":"php","label":"PHP","variant":"cURL"},{"key":"php","label":"PHP","variant":"Guzzle"},{"key":"php","label":"PHP","variant":"HTTP_Request2"},{"key":"php","label":"PHP","variant":"pecl_http"},{"key":"powershell","label":"PowerShell","variant":"RestMethod"},{"key":"python","label":"Python","variant":"http.client"},{"key":"python","label":"Python","variant":"Requests"},{"key":"r","label":"R","variant":"httr"},{"key":"r","label":"R","variant":"RCurl"},{"key":"ruby","label":"Ruby","variant":"Net::HTTP"},{"key":"shell","label":"Shell","variant":"Httpie"},{"key":"shell","label":"Shell","variant":"wget"},{"key":"swift","label":"Swift","variant":"URLSession"}],"languageOptions":[{"label":"C# - HttpClient","value":"csharp - HttpClient - C#"},{"label":"C# - RestSharp","value":"csharp - RestSharp - C#"},{"label":"cURL - cURL","value":"curl - cURL - cURL"},{"label":"Dart - http","value":"dart - http - Dart"},{"label":"Go - Native","value":"go - Native - Go"},{"label":"HTTP - HTTP","value":"http - HTTP - HTTP"},{"label":"Java - OkHttp","value":"java - OkHttp - Java"},{"label":"Java - Unirest","value":"java - Unirest - Java"},{"label":"JavaScript - Fetch","value":"javascript - Fetch - JavaScript"},{"label":"JavaScript - jQuery","value":"javascript - jQuery - JavaScript"},{"label":"JavaScript - XHR","value":"javascript - XHR - JavaScript"},{"label":"C - libcurl","value":"c - libcurl - C"},{"label":"NodeJs - Axios","value":"nodejs - Axios - NodeJs"},{"label":"NodeJs - Native","value":"nodejs - Native - NodeJs"},{"label":"NodeJs - Request","value":"nodejs - Request - NodeJs"},{"label":"NodeJs - Unirest","value":"nodejs - Unirest - NodeJs"},{"label":"Objective-C - NSURLSession","value":"objective-c - NSURLSession - Objective-C"},{"label":"OCaml - Cohttp","value":"ocaml - Cohttp - OCaml"},{"label":"PHP - cURL","value":"php - cURL - PHP"},{"label":"PHP - Guzzle","value":"php - Guzzle - PHP"},{"label":"PHP - HTTP_Request2","value":"php - HTTP_Request2 - PHP"},{"label":"PHP - pecl_http","value":"php - pecl_http - PHP"},{"label":"PowerShell - RestMethod","value":"powershell - RestMethod - PowerShell"},{"label":"Python - http.client","value":"python - http.client - Python"},{"label":"Python - Requests","value":"python - Requests - Python"},{"label":"R - httr","value":"r - httr - R"},{"label":"R - RCurl","value":"r - RCurl - R"},{"label":"Ruby - Net::HTTP","value":"ruby - Net::HTTP - Ruby"},{"label":"Shell - Httpie","value":"shell - Httpie - Shell"},{"label":"Shell - wget","value":"shell - wget - Shell"},{"label":"Swift - URLSession","value":"swift - URLSession - Swift"}],"layoutOptions":[{"value":"classic-single-column","label":"Single Column"},{"value":"classic-double-column","label":"Double Column"}],"versionOptions":[],"environmentOptions":[{"value":"0","label":"No Environment"},{"label":"WheelPros-PDP-Stage","value":"14787489-e6b16626-90b4-49f0-9c28-75a78cf227fd"}],"canonicalUrl":"https://dev.api.postman.wheelpros.com/view/metadata/Tz5wVZn2"}