Api >

Service Portal REST API

PUT /api/customers/{identifier}/devices/xcapi/{externalIdentifier}

Update External Line Device
Given I am authenticated as customer K0002
and there is a External Line device with ID device123 and an associatedMobilePhoneNumber +01232456789
and there is a site with ID site

suppressLineNo possible values are: DEFAULT(use the trunk setting), ON, OFF

When I send /api/customers/K0002/devices/external-line/device123 with application/json; charset=UTF-8
and following body: 
{
  "links": [{
    "rel": "site",
    "href": "/api/customers/K0002/sites/site"
  }],
  "data": [{
    "name": "suppressLineno",
    "value": "DEFAULT"
  }, {
    "name": "associatedMobilePhoneNumber",
    "value": "+1234567890333"
  }]
}
Then I should receive HTTP/1.1 204 No Content
Given I am authenticated as customer K0002
When I send /api/customers/K0002/devices/external-line/device123
Then I should receive HTTP/1.1 200 OK
with following body: 
{
  "href": "/api/customers/K0002/devices/external-line/device123",
  "links": [{
    "rel": "site",
    "href": "/api/customers/K0002/sites/site"
  }],
  "data": [{
    "name": "suppressLineno",
    "value": DEFAULT
  }, {
    "name": "associatedMobilePhoneNumber",
    "value": "+1234567890333"
  }]
}
Update External Line Device with already used associatedMobilePhoneNumber must fail
Given I am authenticated as customer K0002
and there is an External Line device with ID device123 and an associatedMobilePhoneNumber +1232456789
and another there is External Line device with ID device124 and an associatedMobilePhoneNumber +9999999999
and there is a site with ID site

suppressLineNo possible values are: DEFAULT(use the trunk setting), ON, OFF

When I send /api/customers/K0002/devices/external-line/device123 with application/json; charset=UTF-8
and following body: 
{
  "links": [{
    "rel": "site",
    "href": "/api/customers/K0002/sites/site"
  }],
  "data": [{
    "name": "suppressLineno",
    "value": "DEFAULT"
  }, {
    "name": "associatedMobilePhoneNumber",
    "value": "+9999999999"
  }]
}
Then I should receive HTTP/1.1 400 Bad Request
Customer cannot change concurrentLines or setE164DidInTo
Given I am authenticated as customer K0002
and there is a External Line device with ID device123 and an associatedMobilePhoneNumber +01232456789
and setE164DidInTo is set When I send /api/customers/K0002/devices/external-line/device123 with application/json; charset=UTF-8
and following body: 
{
  "data": [{
    "name": "concurrentLines",
    "value": 8
  }, {
    "name": "setE164DidInTo",
    "value": true
  }]
}
Then I should receive HTTP/1.1 400 Bad Request with following body: 
{
  "errors": [{
    "message": "Invalid field.",
    "path": "concurrentLines"
  }]
}
Admin can change concurrentLines and setE164DidInTo
Given I am authenticated as admin
and there is a External Line device with ID device123 and an associatedMobilePhoneNumber +01232456789
and setE164DidInTo is set and cidScreening is set When I send /api/customers/K0002/devices/external-line/device123 with application/json; charset=UTF-8
and following body: 
{
  "data": [{
    "name": "concurrentLines",
    "value": 8
  }, {
    "name": "setE164DidInTo",
    "value": false
  }, {
    "name": "cidScreening",
    "value": "ALLOW_ANY"
  }]
}
Then I should receive HTTP/1.1 204 No Content
Given I am authenticated as customer K0002
When I send /api/customers/K0002/devices/external-line/device123
Then I should receive HTTP/1.1 200 OK
with following body: 
{
  "href": "/api/customers/K0002/devices/external-line/device123",
  "data": [{
    "name": "concurrentLines",
    "value": 8
  }, {
    "name": "setE164DidInTo",
    "value": false
  }]
}
Admin cannot update site for another Customer
Given I am authenticated as admin
and next Site ID will be 360
and there is a site with ID site for Customer K0003
and there is a External Line device with ID device123 and an associatedMobilePhoneNumber +01232456789
When I send /api/customers/K0002/devices/external-line/device123 with application/json; charset=UTF-8
and following body: 
{
  "links": [{
    "rel": "site",
    "href": "/api/customers/K0003/sites/site"
  }]
}
Then I should receive HTTP/1.1 400 Bad Request
with following body: 
{
  "detail": "Could not create or update resource due to constraint violations",
  "title": "Validation error",
  "errors": [{
    "message": "Site not allowed",
    "detailMessage": "Site [site] is not reachable for customer [K0002]",
    "path": "site",
    "value": null
  }],
  "described_by": "http://api.nfon.net/probs/validation-error"
}
Given I am authenticated as customer K0002
When I send /api/customers/K0002/devices/external-line/device123
Then I should receive HTTP/1.1 200 OK
with following body: 
{
  "links": [{
    "rel": "site",
    "href": "/api/customers/K0002/sites/1"
  }]
}
Cannot update with not existing Site
Given I am authenticated as customer K0002
and there is a External Line device with ID device123 and an associatedMobilePhoneNumber +01232456789
When I send /api/customers/K0002/devices/external-line/device123 with application/json; charset=UTF-8
and following body: 
{
  "links": [{
    "rel": "site",
    "href": "/api/customers/K0002/sites/not_existing"
  }]
}
Then I should receive HTTP/1.1 404 Not Found with following body: 
{
  "detail": "Site [not_existing] not found for Customer [K0002]",
  "described_by": "http://api.nfon.net/probs/site-not-found"
}
Cannot edit not existing device
Given I am authenticated as customer K0002
And there is no XCAPI device with id ABCDEF012345
When I send /api/customers/K0002/devices/external-line/ABCDEF012345 with application/json; charset=UTF-8
and following body: 
{}
Then I should receive HTTP/1.1 404 Not Found with following body: 
{
  "title": "Device not found",
  "detail": "Device with unique identifier ABCDEF012345 has not been found",
  "described_by": "http://api.nfon.net/probs/device-not-found"
}
Admin cannot update External Line Device for not existing Customer
Given I am authenticated as Admin
When I send /api/customers/K0404/devices/external-line/device123 with application/json; charset=UTF-8
and following body: 
{}
Then I should receive HTTP/1.1 404 Not Found with following body: 
{
  "described_by": "http://api.nfon.net/probs/customer-not-found",
  "title": "Customer not found",
  "detail": "Customer with identifier K0404 has not been found"
}
Customer cannot update not his Device
Given I am authenticated as customer K0003 and there is a External Line device with ID device123 and an associatedMobilePhoneNumber +01232456789
for Customer K0002
When I send /api/customers/K0002/devices/xcapi/device123 with application/json; charset=UTF-8
and following body: 
{}
Then I should receive HTTP/1.1 403 Forbidden
with following body: 
{
  "title": "Access forbidden",
  "detail": "Access denied to [Customer] with id [K0002]",
  "described_by": "http://api.nfon.net/probs/invalid-authorization"
}
System Integrator cannot update External Line Device of Customer that does not belong to him
Given I am authenticated as System Integrator S0002
When I send /api/customers/K0003/devices/external-line/device123 with application/json; charset=UTF-8
and following body: 
{}
Then I should receive HTTP/1.1 403 Forbidden
with following body 
{
  "title": "Access forbidden",
  "detail": "Access denied to [Customer] with id [K0003]",
  "described_by": "http://api.nfon.net/probs/invalid-authorization"
}
Operator cannot update External Line Device of Customer that does not belong to him
Given I am authenticated as Operator C0002
When I send /api/customers/K0003/devices/external-line/device123 with application/json; charset=UTF-8
and following body: 
{}
Then I should receive HTTP/1.1 403 Forbidden
with following body 
{
  "title": "Access forbidden",
  "detail": "Access denied to [Customer] with id [K0003]",
  "described_by": "http://api.nfon.net/probs/invalid-authorization"
}
Results generated by Concordion
in 1456 ms on 25-Feb-2026 at 00:41:36 CET