Getting started

Before we jump into the details of our services, we would like to share a few technical details with you around the standards and technologies that we use in our API. This is to help your development team to understand how our API works and how to make secure calls to it.

REST services

Our API is a REST API.

You can use either JSON or XML to exchange data with us. You specify this in the header of your request, as shown below:

JSON	Content-Type: application/json Accept: application/json
XML	Content-Type: application/xml Accept: application/xml

"Content-Type" indicates that the data that you send us - the request body - is in JSON (or XML) format.
"Accept" indicates that the data that you want to receive from us - the response body - must be in JSON (or XML) format.

Authentication

Every request to our API is authenticated. When you sign up for our services, we generate a personal identification number that we associate with your account. Every time you request a service, you have to send through this PIN. This is like entering a PIN number when withdrawing cash at an ATM: because only you know the PIN, we can know for sure that the request is coming from you.

To help us to authenticate you, you have to add the following 3 headers in your request:

SenderID	This is an ID to identify you, the sender of the request. We will share your ID with you when we create your account. Your sender ID will never change.
ReceiverID	This is the ID of the receiver of your request. This will always be PCH (unless you are given special instructions by our fulfilment analysts), so you can always send through a value of "PCH".
CheckString	This is your PIN. We will generate it for you and share it with you in a secure way to ensure that only you know what it is. As a matter of good practice, we will periodically (or whenever you request it) regenerate your PIN.

If you omit any of the headers, or send through the wrong values, you will get a response with a HTTP error status:

HTTP status: 400 Bad Request

JSON | XML

{
    "Message": "Invalid check string."
}

<Error>
    <Message>Invalid check string.</Message>
</Error>

Encryption

We use Secure Socket Layer (SSL) to ensure that the data that you exchange with us over the internet is always encrypted. This means that hackers will not be able to intercept and read your messages.

Examples

Below is an example POST request to create a new delivery order:

POST https://dataflo.pchintl.com/api/v1/DO

Headers:

SenderID:     YourSenderID
ReceiverID:   PCH
CheckString: YourCheckString
Content-Type: application/json
Accept:       application/json

Request body: This is where you have to include your delivery order, in JSON format.
Response body: We will send a response back to you in JSON format.

Below is an example GET request to retrieve new goods available notices:

GET https://dataflo.pchintl.com/api/v1/GAN/ByNextToken?NextToken=85

Headers:

SenderID:     YourSenderID
ReceiverID:   PCH
CheckString: YourCheckString
Content-Type: application/json
Accept:       application/json

Request body: This is a GET request, so the request body is empty. (The request body is only required for POST requests.)
Response body: We will send a response back to you in JSON format.

Please note that all requests must use HTTPS protocol. This is to enable SSL.