Api >

Service Portal REST API

GET /api/customers/{customer-id}/devices/base/{baseDeviceId}/handsets

GET returns requested Base Device's Handsets
Given I am authenticated as K0002
And there is a Base Device with MAC ABCDEF012345 and it has Handset with port Port0
When I send /api/customers/K0002/devices/base/ABCDEF012345/handsets
Then I should receive HTTP/1.1 200 OK with following body: 
{
  "href": "/api/customers/K0002/devices/base/ABCDEF012345/handsets?_offset=0&_pagesize=16",
  "offset": 0,
  "total": 1,
  "size": 1,
  "items": [{
    "href": "/api/customers/K0002/devices/base/ABCDEF012345/handsets/Port0",
    "data": [{
      "name": "port",
      "value": "Port0"
    }]
  }]
}
GET returns filtered Base Device's Handsets
Given I am authenticated as K0002
And there is a Base Device with MAC ABCDEF012345 and it has Handset with port Port0
and another Handset with port Port2
When I send /api/customers/K0002/devices/base/ABCDEF012345/handsets?_q=Port2
Then I should receive HTTP/1.1 200 OK with following body: 
{
  "href": "/api/customers/K0002/devices/base/ABCDEF012345/handsets?_offset=0&_pagesize=16&_q=Port2",
  "offset": 0,
  "total": 1,
  "size": 1,
  "items": [{
    "href": "/api/customers/K0002/devices/base/ABCDEF012345/handsets/Port2",
    "data": [{
      "name": "port",
      "value": "Port2"
    }]
  }]
}
Cannot read data for missing Customer
Given I am authenticated as Admin
When I send /api/customers/K0404/devices/base/ABCDEF012345/handsets
Then I should receive HTTP/1.1 404 Not Found
with following body: 
{
  "described_by": "http://api.nfon.net/probs/customer-not-found",
  "title": "Customer not found",
  "detail": "Customer with identifier K0404 has not been found"
}
Customer cannot GET other Customer's Base Device Handsets
Given I am authenticated as K0003
And there is a Base Device with MAC ABCDEF012345 and it has Handset with port Port0
When I send /api/customers/K0002/devices/base/ABCDEF012345/handsets
Then I should receive HTTP/1.1 403 Forbidden with following body: 
{
  "title": "Access forbidden",
  "detail": "Access denied to [Customer] with id [K0002]",
  "described_by": "http://api.nfon.net/probs/invalid-authorization"
}
System Integrator cannot access Handsets of Customer that does not belong to him
Given I am authenticated as System Integrator S0002
When I send /api/customers/K0003/devices/base/ABCDEF012345/handsets
Then I should receive HTTP/1.1 403 Forbidden
with following body 
{
  "title": "Access forbidden",
  "detail": "Access denied to [Customer] with id [K0003]",
  "described_by": "http://api.nfon.net/probs/invalid-authorization"
}
Operator cannot access Handsets of Customer that does not belong to him
Given I am authenticated as Operator C0002
When I send /api/customers/K0003/devices/base/ABCDEF012345/handsets
Then I should receive HTTP/1.1 403 Forbidden
with following body 
{
  "title": "Access forbidden",
  "detail": "Access denied to [Customer] with id [K0003]",
  "described_by": "http://api.nfon.net/probs/invalid-authorization"
}
Results generated by Concordion
in 696 ms on 25-Feb-2026 at 00:42:03 CET