Api >

Service Portal REST API

GET /api/customers/{customer-id}/phone-books/{phone-book-id}

GET Customer's Phonebook
Given I am authenticated as customer K0002
and there is a Phone Book with
  • id: 100
  • number: +49 (66) 1234-555
  • name: Phone Book
When I send /api/customers/K0002/phone-books/100
Then I should receive HTTP/1.1 200 OK
with following body: 
{
  "href": "/api/customers/K0002/phone-books/100",
  "links": [{
    "rel": "phoneBookVisibilities",
    "href": "/api/customers/K0002/phone-books/100/visibilities"
  }],
  "data": [{
    "name": "displayName",
    "value": "Phone Book"
  }, {
    "name": "displayNumber",
    "value": "+49 (66) 1234-555"
  }]
}
GET Customer's Phonebook without VPN
Given I am authenticated as customer K0002
and there is a Phone Book with
  • id: 100
  • number: +49 (66) 1234-555
  • name: Phone Book
When I send /api/customers/K0002/phone-books/100
Then I should receive HTTP/1.1 200 OK
with following body: 
{
  "href": "/api/customers/K0002/phone-books/100",
  "links": [{
    "rel": "phoneBookVisibilities",
    "href": "/api/customers/K0002/phone-books/100/visibilities"
  }],
  "data": [{
    "name": "displayName",
    "value": "Phone Book"
  }, {
    "name": "displayNumber",
    "value": "+49 (66) 1234-555"
  }]
}
Missing Phone Book
Given I am authenticated as customer K0002
And there is no Phone Book with ID 404 When I send /api/customers/K0002/phone-books/404
Then I should receive HTTP/1.1 404 Not Found 
{
  "detail": "Phone Book with ID 404 has not been found",
  "title": "Phone Book not found",
  "described_by": "http://api.nfon.net/probs/phone-book-not-found"
}
Missing Customer
Given I am authenticated as Admin
When I send /api/customers/K0404/phone-books/100
Then I should receive HTTP/1.1 404 Not Found 
{
  "detail": "Customer with identifier K0404 has not been found",
  "title": "Customer not found",
  "described_by": "http://api.nfon.net/probs/customer-not-found"
}
Customer should not be able to GET another Customer's Phone Book
Given I am authenticated as Customer K0003
When I send /api/customers/K0002/targets/phone-books/100
Then I should receive HTTP/1.1 403 Forbidden 
{
  "title": "Access forbidden",
  "detail": "Access denied to [Customer] with id [K0002]",
  "described_by": "http://api.nfon.net/probs/invalid-authorization"
}
System Integrator should not be able to GET Phone Book of a Customer that he cannot manage
Given I am authenticated as System Integrator S0002
When I send /api/customers/K0003/targets/phone-books/100
Then I should receive HTTP/1.1 403 Forbidden 
{
  "title": "Access forbidden",
  "detail": "Access denied to [Customer] with id [K0003]",
  "described_by": "http://api.nfon.net/probs/invalid-authorization"
}
Operator should not be able to GET Phone Book of a Customer that he cannot manage
Given I am authenticated as Operator C0002
When I send /api/customers/K0003/targets/phone-books/100
Then I should receive HTTP/1.1 403 Forbidden 
{
  "title": "Access forbidden",
  "detail": "Access denied to [Customer] with id [K0003]",
  "described_by": "http://api.nfon.net/probs/invalid-authorization"
}
Results generated by Concordion
in 669 ms on 25-Feb-2026 at 00:47:35 CET