public-api-docs

Wunder wm - API Suite Documentation

In an effort to streamline APIs of Wunder Mobility (and goUrban), the wm - API suite will unify previously existing APIs. It consists of multiple APIs, amongst others:

• User API
• Operations API
• MaaS API

Use the User API when you are an operator building a white-label customer mobile app or web app for account onboarding, vehicle discovery, rentals, bookings, payments, benefits, localization, settings, events, and configured group/business-account self-service. Start with the User API Guide, then use the domain guides such as the User API Account And Authentication Guide, User API Discovery And Vehicle Guide, User API Rental Guide, User API Booking Guide, User API Payments And Invoices Guide, User API Commercial Products Guide, User API Localization Guide, User API Settings Guide, User API Events Guide, and User API Groups And Business Accounts Guide. MaaS partners should start with the MaaS API and MaaS Usage Guide.

Use the Operations API when you are building operator-side tooling for support, fleet operations, billing, reporting, or branch administration. Start with the Operations API Guide, then use the domain guides such as the Operations API Rental Guide, Operations API Booking Guide, Operations API Vehicle Guide, Operations API Vehicle Category Guide, Operations API Pricing Guide, Operations API Promotions, Packages, Subscriptions, And Benefits Guide, Operations API Customers And Groups Guide, Operations API Payments And Invoices Guide, Operations API Tasks, Damages, And Issues Guide, Operations API Branches And Stations Guide, Operations API Areas Guide, Operations API Points Of Interest Guide, Operations API Business Units And Billable Branches Guide, Operations API Events And User Analytics Guide, and Operations API Analytics And KPIs Guide for specific workflows.

This documentation is currently actively being worked on. Please consult Wunder Mobility Suppport before you start developing against our API to outline your use-case, so that we can support you in the best possible way.

As this documentation is still in progress, please also consult the existing documentation to get started. You can find the existing documentation here:

• Wunder Mobility Help Center

General

Wunder Mobility API for

• endusers/apps to access all required resources to serve the needs of the user as a stakeholder.
• operators managing the fleet. The endpoints included in this API enable operators to manage, maintain, and sync important aspects and models of their fleet.

Find the fundamental concepts of the Wunder Mobility environment in our knowledge base here.

Important data models and concepts of the Wunder Mobility Platform everybody using this API should know about.

Details on Branches, Balances, Terms & Conditions, Message Resources, and many more can be found in the documentation of the respective folder of the API.

Disclaimer: The API response will not include fields that have been set to null. It is the responsibility of the developer using the API to handle any missing fields on their end. This decision is subject to change and any updates will be reflected in the API documentation.

Usage of the API with Stoplight

To explore the API with Stoplight, you need a tenant on the Wunder Mobility Platform and a user with the required permissions or an API client. See the following two sections on how to sign in to use the API.

If you do not have a tenant on the Wunder Mobility Platform yet, please contact Wunder Mobility support.

The selected environment can be changed right to the Send API Request button of each endpoint.

The following placeholders need to be set for your specific environment, which are provided by Wunder Mobility:

• environment - For production it is go, for staging it is go-staging
• tenant - Your tenant name. This is provided by Wunder Mobility.

Authentication

See Authentication on how to request an access token, to authenticate against the Wunder Mobility Platform. The access token can also be used to explore the API with Stoplight.

Error Codes

Error codes are documented in our Knowledge Base Article Errors and error codes

Rate limit

Rate limiting is defined on a client specific basis. See Rate Limiting

Signature

To avoid foreign sign-ups and DDoS attacks a signature hash has to be generated in the frontend and sent to the API for validation. Affected calls:

• User Sign-up
• User Sign-in
• OTP Resend
• Password Reset

This signature hash consists of the signature key, the phone number or email address, and a timestamp. This
Parameter details:

• Timestamp: UNIX timestamp in seconds
• Signature: Generated signature based on the signature key, data input, and timestamp
• Signature Key: Your personal signature key which has to specified in our core for validation
• Data: Either the phone number or email of the respective call

Note: The signature hash is only valid for 30 seconds.

Javascript snippet to generate the signature hash:

export const generateSignatureHash = data => {
  const timestamp = generateTimestamp();
  const signature = sha256(`${signatureKey}${timestamp}${data}${signatureKey}`);
  return { signature, timestamp };
};

URL Example with the mentioned parameters:

const CUSTOMER_SIGN_UP = ({ timestamp, signature }) => `/customers?timestamp=${timestamp}&signature=${signature}`;