Web Services/API Information (v2)
- Michelle Cabaya (Unlicensed)
- Former user (Deleted)
- Melissa Hernandez
- Shaun Richardson
Our web service allows for consistent integrations and services, making it easier for third parties to integrate with the CXT Software suite. It is accessible by both REST and SOAP and accepts both XML and JSON requests.
Integrations are a billable service, with a monthly recurring cost. Please contact Technical Support for more information.
- Authentication is needed for most endpoints. You will need to send an authorization token or do a basic authentication with the call.
- Dates entered should be in milliseconds in UTC for JSON requests (e.g. 1559651878000) and ISO-8601 standard for XML requests (e.g. 2019-06-04T07:36:53).
- Dates returned are formatted according to the Operations App global options settings and localized to where the order was picked up/delivered with the timezone noted.
When entering the workOrderId parameter it must be in the following format:
- route stop: r<stopID>
- on demand pickup: p<orderID>
- on demand delivery: d<orderID>
How will versioning be handled?
CXT Software will support the latest version, plus one previously published version. Response and Request objects, in addition to URLs, may have properties added with new releases. Business logic within the endpoints may change, and/or permission hardening may be applicable to existing endpoints with new releases.
API Usage
You must understand exactly what is being sent, and why, for the various endpoints and all their properties.
Assistance can be requested if the EP/property documentation is unclear, and/or you do not understand how a property is intended to be used.
Note that endpoints/logic that may be hardened from security, permissions, and/or data integrity standpoint when the Operations App is updated.
Requirements
- TLS 1.2
- When calling the web services, the calling system must connect with TLS 1.2
- TLS 1.2 is not supported on Windows 2008 R2 or below. The calling system can run Windows 7, 8.1 or 2012 or newer, all of which support TLS 1.2
Throttling API Calls
By default, API calls are throttled based on individual users and collectively to all users per the following default intervals:
5 per second
300 per minute
18,000 per hour
432,000 per day
If you need to adjust the default values please contact Technical Support.
Getting Started
Our web service is documented with Swagger UI and you can find a list of field definitions to help explain certain API fields. All customers can view this by going to https://<domain>/CxtWebService/CXTWCF.svc/api-docs/. For cloud customers, <domain> would be <CXTID>0.cxtsoftware.net, where <CXTID> is the 4 digit CXT Software account id. For example, if the CXT Software account id is 987, then the endpoint documentation is https://09870.cxtsoftware.net/CxtWebService/CXTWCF.svc/api-docs/
To view the property name, its type, and a brief description of its purpose, click on the 'Model' link for either the request or response object.
How to Use Swagger
- Navigate to URL: https://<domain>/CxtWebService/CXTWCF.svc/api-docs
Authenticate by either getting an authentication token or using basic authentication. See Authenticate. Depending on the user type allowed to access the endpoint, you may need different tokens.
If getting an authorization token, place token in the Authorization Token box at the top.
- Make endpoint requests in JSON or XML
Address Validation
- If the "Enforce Address Validation" global option is checked inside the Operations App, an order/stop will be successfully placed only if the address is validated; the order will fail if the address cannot be validated. If "Enforce Address Validation" is unchecked, the order placement will succeed regardless of validation.
- Only the geocode (lat/lon) is updated when the addresses can be validated.
- If the "Enforce address validation when using web service" global option is checked inside the Operations App, route stops created through the web service will have address validation enforced.
Attachments
Requirements for uploading a file (attachment creation/update):
- When creating a new Attachment, do not send in an id.
- When updating an Attachment, the id must be provided.
Attachment Permissions > Maintenance > Permissions.
| Type | List/View | Add | Edit | Delete |
|---|---|---|---|---|
| Order | Must have permissions enabled for X Dispatch Functions > Orders | If the order is Invoiced
If an order is Settled
For uninvoiced and unsettled orders
| Same as Add permission | Same as Add permission |
| Customer | Must have permissions enabled for X Dispatch Functions > Customers | Must have X Dispatch Functions > Customers > Edit Customers permission enabled | Same as Add permission | Must have X Dispatch Functions > Customers > Delete Customers permission enabled |
| Human Resource | Must have permission enabled for Maintenance Functions > Human Resources > View Contractor Maintenance Functions > Human Resources > View Employees Maintenance Functions > Human Resources > View HR Advanced Information | Must have Maintenance Functions' -> Human Resources > Edit Human Resources permissions enabled | Same as Add permission | Same as Add permission |
| Customer Contract | Must have X Route Functions > Contracts | Must have Contracts > Add Contracts permission enabled | Must have Contracts > Edit Contracts permission enabled | Same as Edit permission |
Authenticate
Most endpoints require authentication from the following user types:
- Driver
- Internet User
- Human Resource
- Operations App User
You can see which user type(s) are required for an endpoint under "Implementation Notes". For example, "Allowed requestors: [Inet user]" requires an authenticated internet user and "Allowed requestors: [Mobile Users]" requires an authenticated driver user.
To authenticate, select sending an authorization token or doing a basic authentication with the call.
Permissions of the authenticated user(s) are based on their user settings in the Operations App.
Token Based Authentication
Token based authentication uses one of the following endpoints to get the authorization token for the user:
Driver endpoint: /v2/Authentication/Drivers
Valid duration of an authentication token: 30 days
"Allow web access" must be enabled on the driver record in the Operations App application. See Drivers (Classic Operations App).
Internet User endpoint: /v2/Authentication/InetUser
Valid duration of an authentication token: 20 minutes
"Allow Web Service API" must be enabled on the internet user record in the Operations App application. See Internet Users (Classic Operations App).
Human Resources endpoint: /v2/Authentication/Worker
Valid duration of an authentication token: 30 days
Operations App User endpoint: /v2/Authentication/XdUser
- Valid duration of an authentication token: 3 hours
Token expiration is automatically extended with each call.
Authenticate Driver Example
Including Tokens in Subsequent Requests
After generating a token, include it in subsequent requests as a value for the Authorization header, in the form 'Token 12345'.
Basic Authentication
Basic authentication credentials must be sent with every request, base64 encoded and the username must be prefixed with 1 or 4 values to distinguish user type:
- Driver prefix: DRIVER
- Internet User prefix: INET
- Human Resources prefix: WORKER
- Operations App User prefix: XDISPATCH
An example of an internet user with the username "cxtsupport" is "INET-cxtsupport".
Basic Auth Example
Examples
The following are examples to help you get started and is not an inclusive list. Use the endpoint URL examples to find documentation in the Swagger UI for details and testing.
Creating a New Order without known order type(s)
Creating a new order creates a new on demand order in the Operations App and requires an internet user authorization token. Before creating an order you will need a list of order types if a static order type is not provided. Order types in the Operations App define the timing and level of service for on demand orders.
How to Retrieve An Order Type
To get a list of available order types, use the /v2/Orders/RatesWithTimeWindows endpoint.
Endpoint URL: https://XXXX0.cxtsoftware.net/CxtWebService/CXTWCF.svc/api-docs/index.html?url=/CxtWebService/CXTWCF.svc/v2/swagger.json#!/Ratings/CxtSoftware_MiddleTier_WebService_CXTWCF_GetBaseRateAndTimeWindowsV2
Section: Ratings
Endpoint: /v2/Orders/RatesWithTimeWindows
Implementation Notes: Allowed requestors: [INet user, XDispatch user] The following permissions need to be enabled in the Operations App on the internet user record in the Options tab, Show Rates to see the initialBaseRate and Show Deliver By Time to see the deliveryTime. To see the initialBaseRate the Global Options in the Operations App also needs to have Total Charges enabled in the Internet Options tab.
| Parameter | Description | Parameter Type | Data Type |
|---|---|---|---|
| interval | The object containing the necessary properties to get a timewindow and baserate | body | JSON/XML |
| includeInvalid | Flag to include invalid order types. This can be useful for debugging. | query | boolean |
Once you have retrieved a list of order types you can use the /v2/Orders endpoint to create new on demand order. See How to Create an Order.
Creating a New Order with known order type(s)
Creating a new order creates a new on demand order in the Operations App and requires an internet user authorization token. Use this endpoint if a static order type is provided. Order types in the Operations App define the timing and level of service for on demand orders.
How to Create an Order
You can use the /v2/Orders endpoint to create new on demand order in the Operations App.
Endpoint URL: https://XXXX0.cxtsoftware.net/CxtWebService/CXTWCF.svc/api-docs/index.html?url=/CxtWebService/CXTWCF.svc/v2/swagger.json#!/Orders/CxtSoftware_MiddleTier_WebService_CXTWCF_OnDemandOrder_CreateV2
Section: Orders
Endpoint: /v2/Orders
Implementation Notes: Allowed requestors: [INet User]
| Parameter | Description | Parameter Type | Data Type |
|---|---|---|---|
| orderRequest | The on demand order to be created. | body | JSON/XML |
Creating a New Route Stop
Creating a new route stop creates a new route stop in the Operations App and requires an Operations App (X Dispatch [XDUser]) user authentication token.
How to Create a Route Stop
You can use the /v2/RouteStops endpoint to create new route stops in the Operations App.
Endpoint URL: https://XXXX0.cxtsoftware.net/CxtWebService/CXTWCF.svc/api-docs/index.html?url=/CxtWebService/CXTWCF.svc/v2/swagger.json#!/Route_Stops/CxtSoftware_MiddleTier_WebService_CXTWCF_PostRouteStopV2
Section: Route Stops
Endpoint: /v2/RouteStops
Implementation Notes: Allowed requestors: [XD User]
| Parameter | Description | Parameter Type | Data Type |
|---|---|---|---|
| request | The data for the new route stop to be created | body | JSON/XML |
| creditLimitBypas | Boolean indicating whether or not to create the route stop if the customer credit limit is exceeded | query | boolean |
Order Status
Internet and Operations App users can get order status data. Including, but not limited to, confirmation, pickup, delivery, and POD details.
For Internet Users
Endpoint URL: https://XXXX0.cxtsoftware.net/CxtWebService/CXTWCF.svc/api-docs/index.html?url=/CxtWebService/CXTWCF.svc/v2/swagger.json#!/Orders/CxtSoftware_MiddleTier_WebService_CXTWCF_GetOnDemandOrderV2
Section: Orders
Endpoint: v2/Orders/{orderId}/{includeItemizedCharges}
Implementation Notes: Allowed requestors: [INet User]
| Parameter | Description | Parameter Type | Data Type |
|---|---|---|---|
| orderId | The ID of the order to retrieve. | path | string |
| includeItemizedCharges | Boolean indicating whether or not to include itemized charges for order. | path | string |
For Dispatch Users
Endpoint URL: https://XXXX0.cxtsoftware.net/CxtWebService/CXTWCF.svc/api-docs/index.html?url=/CxtWebService/CXTWCF.svc/v2/swagger.json#!/Orders/CxtSoftware_MiddleTier_WebService_CXTWCF_GetOnDemandOrderWithItemizedChargesV2
Section: Orders
Endpoint: /v2/Dispatch/Orders/{onDemandOrderId}
Implementation Notes: Allowed requestors: [XD User]
| Parameter | Description | Parameter Type | Data Type |
|---|---|---|---|
| onDemandOrderId | The ID of the on demand order to be retrieved. | path | string |
Track an Order
Get order tracking information based on matching tracking numbers, reference1 values, and unique identifiers of orders and route stops with paging. No authorization token is required, however, the information returned will be limited. For more detailed tracking information to be returned, you must have an internet user authorization token.
Endpoint URL: https://XXXX0.cxtsoftware.net/CxtWebService/CXTWCF.svc/api-docs/index.html?url=/CxtWebService/CXTWCF.svc/v2/swagger.json#!/Shipments/CxtSoftware_MiddleTier_WebService_CXTWCF_GetShipmentSummariesV2
Section: Shipments
Endpoint: /v2/Shipments/Summaries
Implementation Notes: Allowed requestors: [INet user, anonymous user]
| Parameter | Description | Parameter Type | Data Type |
|---|---|---|---|
| searchCriteria | String containing comma-separated search criteria (i.e. Tracking Numbers, Locations, Addresses, Cities, States, Postal codes) - ignored for DateOnly search | query | string |
| trackingType | Specify what fields the trackingNumberList represents (e.g. Tracking(Number, Barcode or Reference), Location, Address, City, State, Postal, or DateOnly) | query | string |
| includePartialMatch | Specify 'true' if partial matches should be included in the search results (default is 'false') | query | boolean |
| beginDate | Optionally specify a begin date to limit the search results | query | string |
| endDate | Optionally specify an end date to limit the search results | query | string |
| numRecentOrders | Set number of recent orders to view for the current user (Note: if this is used, no other search criteria will apply) | query | integer |
| pageNum | The offset for the records to return (Default value is 0) | query | integer |
| pageSize | The number of records to return (Default and Maximum value is 1000) | query | integer |
Add Signature to Work Order
Upload a signature image for a work order.
Endpoint URL: https://XXXX0.cxtsoftware.net/CxtWebService/CXTWCF.svc/api-docs/index.html?url=/CxtWebService/CXTWCF.svc/v2/swagger.json#!/Work_Orders/CxtSoftware_MiddleTier_WebService_CXTWCF_uploadSignatureV2
Section: Work Orders
Endpoint: /v2/WorkOrders/Signatures
Implementation Notes: Allowed requestors: [Mobile User]
| Parameter | Description | Parameter Type | Data Type |
|---|---|---|---|
| workOrderSignature | The signature to be persisted. | body | JSON/XML |
Update Status/Change Timestamp
Mark a work order as picked up, completed, or add a POD.
Endpoint URL: https://XXXX0.cxtsoftware.net/CxtWebService/CXTWCF.svc/api-docs/index.html?url=/CxtWebService/CXTWCF.svc//v2/swagger.json#!/Orders/CxtSoftware_MiddleTier_WebService_CXTWCF_PutOnDemandOrderStatusesV2
Section: Orders
Endpoint: v2/Dispatch/Orders/<onDemandOrderId>/Status
Implementation Notes: Allowed requestors: [XD User]
| Parameter | Description | Parameter Type | Data Type |
|---|---|---|---|
| onDemandOrderId | The ID of the on demand order to be updated | path | string |
Troubleshooting
If you are experiencing connection issues and need CXT Software to help troubleshoot, add the following to the Web.config file, within the <configuration> tag and adjust the log name/location in the 'initializeData' attribute of the snippet below. Make the problematic call. Then include the resulting log as part of the information provided to CXT for troubleshooting.