Getting Started
This guide will get you all set up and ready to use Msaaq APIs. We'll cover different APIs and how to authenticate requests as well as making your first API request.
Terminology
Before we get started, let's define some terms that you'll come across when working with Msaaq APIs:
- Dashboard: The Dashboard is a web application that allows you to manage your Msaaq account, create and manage Tenants, and more.
- Dashboard User: A person who uses the Dashboard. Users can be part of one or more Tenants and can have different roles in each Tenant (Owner, Administrator, Instructor, Marketer, etc.).
- Tenant: An isolated instance of Msaaq. Each tenant has its own Tenant Users, courses, digital products, consulting sessions, and more.
- Tenant User: A person who uses a specific Tenant. Tenant Users are usually referred to as Students. They can be added by Dashboard Users or by signing up via the Tenantfront or the Authentication API in the Tenant API.
- Tenantfront: The default frontend of every Tenant. It's where Tenant Users can purchase and access courses, digital products, consulting sessions, and more. The Tenantfront is usually accessible at
https://{tenant_slug}.msaaq.net
or by its custom domain if it has one set up in the Dashboard.
APIs Overview
Msaaq has two main APIs, the Dashboard API and the Tenant API.
- Dashboard API (aka. Admin API): Used to serve and manage Msaaq Users and Tenants' actions and operations, managing Tenants includes content management, Tenant Users management (Adding, Updating, Gifting products, etc.) as well as Payment Gateways and everything else related to configuring Tenants. Basically everything that you can see/do when you visit the Dashboard. This API is also known as the Admin API.
- Tenant API: Used to serve the Tenantfront actions and operations, including Tenant User authentication, making payments, retrieving courses, digital products, consulting sessions, bundles, and everything else related to a tenant. There are no roles in the Tenant API, all requests are made on behalf of the visitors or the Tenant Users.
API Base URL
The base URL for the Msaaq API is https://api.msaaq.com/v1
. While all API requests should be made to this URL, each API has its own path that you should append to the base URL.
API Paths
- Dashboard API: All requests to the Dashboard API should be made to the
/admin
path (e.g.,https://api.msaaq.com/v1/admin/courses
). - Tenant API: All requests to the Tenant API should be made to the
/tenant
path (e.g.,https://api.msaaq.com/v1/tenant/courses
).
Authentication
Before making your first API request, you should authenticate your requests. You can authenticate your requests using an API access token. You can obtain an access token through our OAuth 2.0 flow.
OAuth 2.0 flow
The OAuth 2.0 flow requires you to send a POST
request to the /v1/oauth/token
endpoint with your client ID and client secret. The response will include an access token that you can use to authenticate your requests.
Notice that the OAuth endpoint is not part of any of the APIs, it's a standalone endpoint that you can use to obtain an access token, which you can then use to authenticate your requests to any of the APIs.
Make sure that your plan includes API access and that you've obtained a client ID and a client secret. You can contact us if you need to obtain these credentials. You can check if your plan includes API access through your subscription details page in the Dashboard.
:::warning[Warning]
Your client ID and client secret should be kept confidential. Do not expose them in public repositories or client-side code/requests. If you suspect that your client ID and/or client secret have been compromised, contact us immediately to revoke them.
:::
Request
axios.post('https://api.msaaq.com/v1/oauth/token', {
client_id: 'YOUR_CLIENT_ID',
client_secret: 'YOUR_CLIENT_SECRET',
})
```
requests.post('https://api.msaaq.com/v1/oauth/token', json={
'client_id': 'YOUR_CLIENT_ID',
'client_secret': 'YOUR_CLIENT_SECRET'
})
```
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://api.msaaq.com/v1/oauth/token');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode([
'client_id' => 'YOUR_CLIENT_ID',
'client_secret' => 'YOUR_CLIENT_SECRET'
]));
curl_exec($ch);
curl_close($ch);
```
Response
<DataSchema id="3696947" />
Making your first API request
Now that you have a valid access token, you can make your first API request. Below, you can see how to send a GET
request to the Ping endpoint. If everything is done right, you'll get a simple Pong response.
:::tip[Tip]
When interacting with the APIs, we recommend setting the Accept
header to application/json
to ensure that you always receive JSON responses.
:::
Request
axios.get('https://api.msaaq.com/v1/oauth/ping', {
headers: {
'Accept': 'application/json',
'Authorization': 'Bearer THE_OBTAINED_ACCESS_TOKEN'
}
})
```
requests.get('https://api.msaaq.com/v1/oauth/ping', headers={
'Accept': 'application/json',
'Authorization': 'Bearer THE_OBTAINED_ACCESS_TOKEN'
})
```
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://api.msaaq.com/v1/oauth/ping');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Accept: application/json',
'Authorization: Bearer THE_OBTAINED_ACCESS_TOKEN'
));
curl_exec($ch);
curl_close($ch);
```
Response
What's next?
Great, you're now set up with an API client and have made your first request to the API. Here are a few links that might be handy as you venture further into the MSAAQ API: