Introduction

GreenIT 2025 Feedback API

Hi devs,

These are testing routes that work exactly like how they would in production, but they wont save anything to the database.

API Secret The route to get the token requires a secret to be set. This way we prevent any strangers from acquiring a token. The field to set is called api_secret, and can be seen in the example. The secret needs to be embedded in the React frontend as an environment variable.

The api_secret for the routes in this docs page is 12345, but is different for the production routes.

The routes behavior is the same between docs version and production version, though they point to different tables in the database. The docs table will be cleared each night.

Routes

• api/docs/token -> requires the api_secret and returns a token with a 15 minute expiration time.
• api/docs/response/hash -> requires the token and a responseId, stores qualtrics data in the database and returns the hash for retrieval
• api/docs/response/data -> requires the token and a hash, this retrieves the data as a json to use in the frontend
• api/docs/email -> requires an email input, the hash and the token (participant has 15 minutes to decide on getting an email). This sends them an email with the link containing the hash

The test responses in the docs table can be removed manually using the docs/response/remove route, This route is only available for the test database.

Test responseIds

• R_8OkTUcNei8V6fYb
• R_8m4QRv1xidLB3bI
• R_8oaOoLHl3hU1ldp
• R_8rvgqfsRwrvrU0Y Use this one for testing a 'bad' response. Apparently the qualtrics state was not finalized with this one.

Production routes for the frontend The production routes have the same naming logic, but note that the docs/ path segment should be removed. E.g. "https://api.green-it.nl/api/docs/response/hash" becomes: "https://api.green-it.nl/api/response/hash"

Cheers, Quinten

Authenticating requests

To authenticate requests, include an Authorization header with the value "Bearer {YOUR_AUTH_KEY}".

All authenticated endpoints are marked with a requires authentication badge in the documentation below.

You can retrieve your token by trying out the GET api/docs/token route below.

Endpoints

POST api/docs/token

curl --request POST \
    "https://api.green-it.nl/api/docs/token" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"api_secret\": \"12345\"
}"

const url = new URL(
    "https://api.green-it.nl/api/docs/token"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "api_secret": "12345"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

POST api/docs/response/hash

curl --request POST \
    "https://api.green-it.nl/api/docs/response/hash" \
    --header "Authorization: Bearer 0|tokenincludingprecedingnumberandpipesymbol" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"responseId\": \"R_8OkTUcNei8V6fYb\"
}"

const url = new URL(
    "https://api.green-it.nl/api/docs/response/hash"
);

const headers = {
    "Authorization": "Bearer 0|tokenincludingprecedingnumberandpipesymbol",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "responseId": "R_8OkTUcNei8V6fYb"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

POST api/docs/response/data

curl --request POST \
    "https://api.green-it.nl/api/docs/response/data" \
    --header "Authorization: Bearer 0|tokenincludingprecedingnumberandpipesymbol" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"hash\": \"itsjustabigrandomstring\"
}"

const url = new URL(
    "https://api.green-it.nl/api/docs/response/data"
);

const headers = {
    "Authorization": "Bearer 0|tokenincludingprecedingnumberandpipesymbol",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "hash": "itsjustabigrandomstring"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

POST api/docs/email

curl --request POST \
    "https://api.green-it.nl/api/docs/email" \
    --header "Authorization: Bearer 0|tokenincludingprecedingnumberandpipesymbol" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"email\": \"youremailadress\",
    \"hash\": \"itsjustabigrandomstring\",
    \"preview\": \"1\"
}"

const url = new URL(
    "https://api.green-it.nl/api/docs/email"
);

const headers = {
    "Authorization": "Bearer 0|tokenincludingprecedingnumberandpipesymbol",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "email": "youremailadress",
    "hash": "itsjustabigrandomstring",
    "preview": "1"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

POST api/docs/response/remove

curl --request POST \
    "https://api.green-it.nl/api/docs/response/remove" \
    --header "Authorization: Bearer 0|tokenincludingprecedingnumberandpipesymbol" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"responseId\": \"R_8OkTUcNei8V6fYb\"
}"

const url = new URL(
    "https://api.green-it.nl/api/docs/response/remove"
);

const headers = {
    "Authorization": "Bearer 0|tokenincludingprecedingnumberandpipesymbol",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "responseId": "R_8OkTUcNei8V6fYb"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.