Api >

Service Portal REST API

POST /api/customers/{customer-id}/phone-books

POST creates Customer's Phonebook with only required fields
Given I am authenticated as customer K0002
And next Phone Book ID will be 100
When I send /api/customers/K0002/phone-books
with application/json; charset=UTF-8 and following body: 
{
  "data": [{
    "name": "displayName",
    "value": "Phone Book"
  }, {
    "name": "displayNumber",
    "value": "+49 (66) 1234-555"
  }]
}
Then I should receive HTTP/1.1 201 Created
with http://localhost:9998/api/customers/K0002/phone-books/100 and following body: 
{
  "href": "/api/customers/K0002/phone-books/100"
}
Given I am authenticated as customer K0002
When I send /api/customers/K0002/phone-books/100
Then I should receive HTTP/1.1 200 OK
with following body: 
{
  "href": "/api/customers/K0002/phone-books/100",
  "data": [{
    "name": "displayName",
    "value": "Phone Book"
  }, {
    "name": "displayNumber",
    "value": "+49 (66) 1234-555"
  }]
}
POST creates Customer's Phone Book with all properties
Given I am authenticated as customer K0002
And next Phone Book ID will be 100
When I send /api/customers/K0002/phone-books
with application/json; charset=UTF-8 and following body: 
{
  "data": [{
    "name": "displayName",
    "value": "Phone Book"
  }, {
    "name": "displayNumber",
    "value": "+49 (66) 1234-555"
  }]
}
Then I should receive HTTP/1.1 201 Created
with http://localhost:9998/api/customers/K0002/phone-books/100 and following body: 
{
  "href": "/api/customers/K0002/phone-books/100"
}
Given I am authenticated as customer K0002
When I send /api/customers/K0002/phone-books/100
Then I should receive HTTP/1.1 200 OK
with following body: 
{
  "href": "/api/customers/K0002/phone-books/100",
  "data": [{
    "name": "displayName",
    "value": "Phone Book"
  }, {
    "name": "displayNumber",
    "value": "+49 (66) 1234-555"
  }]
}
Cannot create Phone Book if required properties are empty
Given I am authenticated as customer K0002
When I send /api/customers/K0002/phone-books
with application/json; charset=UTF-8 and following body: 
{
  "data": [{
    "name": "displayName",
    "value": ""
  }, {
    "name": "displayNumber",
    "value": null
  }]
}
Then I should receive HTTP/1.1 400 Bad Request
with following body: 
{
  "errors": [{
    "message": "field is required",
    "path": "displayName",
    "value": ""
  }, {
    "message": "field is required",
    "path": "displayNumber",
    "value": null
  }]
}
Cannot create Phone Book if displayName contains invalid characters
Given I am authenticated as customer K0002
When I send /api/customers/K0002/phone-books
with application/json; charset=UTF-8 and following body: 
{
  "data": [{
    "name": "displayName",
    "value": "invalid=name"
  }, {
    "name": "displayNumber",
    "value": "+49 (66) 1234-555"
  }]
}
Then I should receive HTTP/1.1 400 Bad Request
with following body: 
{
  "errors": [{
    "message": "displayName contains invalid characters",
    "path": "displayName",
    "value": "invalid=name"
  }]
}
Cannot create Phone Book if displayName has invalid length
Given I am authenticated as customer K0002
When I send /api/customers/K0002/phone-books
with application/json; charset=UTF-8 and following body: 
{
  "data": [{
    "name": "displayName",
    "value": "very long, long, long, long, long, long, long, long name"
  }, {
    "name": "displayNumber",
    "value": "+49 (66) 1234-555"
  }]
}
Then I should receive HTTP/1.1 400 Bad Request
with following body: 
{
  "errors": [{
    "message": "displayName must have length between 1 and 50",
    "path": "displayName",
    "value": "very long, long, long, long, long, long, long, long name"
  }]
}
Cannot create Phone Book if displayPhone has invalid format
Given I am authenticated as customer K0002
When I send /api/customers/K0002/phone-books
with application/json; charset=UTF-8 and following body: 
{
  "data": [{
    "name": "displayName",
    "value": "name"
  }, {
    "name": "displayNumber",
    "value": "(66) 1234-555"
  }]
}
Then I should receive HTTP/1.1 400 Bad Request
with following body: 
{
  "errors": [{
    "message": "displayNumber has invalid format",
    "path": "displayNumber",
    "value": "(66) 1234-555"
  }]
}
Missing Customer
Given I am authenticated as Admin
When I send /api/customers/K0404/phone-books
with application/json; charset=UTF-8 and following body: 
{
  "data": [{
    "name": "displayName",
    "value": "Phone Book"
  }, {
    "name": "displayNumber",
    "value": "+49 (66) 1234-555"
  }]
}
Then I should receive HTTP/1.1 404 Not Found 
{
  "detail": "Customer with identifier K0404 has not been found",
  "title": "Customer not found",
  "described_by": "http://api.nfon.net/probs/customer-not-found"
}
Customer should not be able to create another Customer's Phone Books
Given I am authenticated as Customer K0003
When I send /api/customers/K0002/phone-books
with application/json; charset=UTF-8 and following body: 
{
  "data": [{
    "name": "displayName",
    "value": "Phone Book"
  }, {
    "name": "displayNumber",
    "value": "+49 (66) 1234-555"
  }]
}
Then I should receive HTTP/1.1 403 Forbidden 
{
  "title": "Access forbidden",
  "detail": "Access denied to [Customer] with id [K0002]",
  "described_by": "http://api.nfon.net/probs/invalid-authorization"
}
System Integrator should not be able to create Phone Book of a Customer that he cannot manage
Given I am authenticated as System Integrator S0002
When I send /api/customers/K0003/phone-books
with application/json; charset=UTF-8 and following body: 
{
  "data": [{
    "name": "displayName",
    "value": "Phone Book"
  }, {
    "name": "displayNumber",
    "value": "+49 (66) 1234-555"
  }]
}
Then I should receive HTTP/1.1 403 Forbidden 
{
  "title": "Access forbidden",
  "detail": "Access denied to [Customer] with id [K0003]",
  "described_by": "http://api.nfon.net/probs/invalid-authorization"
}
Operator should not be able to create Phone Book of a Customer that he cannot manage
Given I am authenticated as Operator C0002
When I send /api/customers/K0003/phone-books
with application/json; charset=UTF-8 and following body: 
{
  "data": [{
    "name": "displayName",
    "value": "Phone Book"
  }, {
    "name": "displayNumber",
    "value": "+49 (66) 1234-555"
  }]
}
Then I should receive HTTP/1.1 403 Forbidden 
{
  "title": "Access forbidden",
  "detail": "Access denied to [Customer] with id [K0003]",
  "described_by": "http://api.nfon.net/probs/invalid-authorization"
}
Results generated by Concordion
in 975 ms on 25-Feb-2026 at 00:47:35 CET