Introduction
Drop-In Solutions
REST APIs

REST API

REST API Reference

Introduction

The Opinous REST API offers a convenient, fast, developer friendly REST API over HTTP.

All of our APIs are hosted at:

https://api.opinous.com

It's important to note that all Opinous APIs use TLS 1.3 and enforce HTTPS connections.

Insecure connections that do not use HTTPS will be automatically redirected to HTTPS so your request client must support HTTPS in order to connect.

Speed and Uptime

Opinous APIs are designed to be used in your mission critical production workloads. We know how important uptime is to you and your customers and take our responsibilities as a service provider seriously.

All of our APIs are hosted using a High Availability architecture with automated failover. This means that in the event of any issues with our infrastructure we automatically switch your traffic over to a backup cluster that can continue to serve traffic.

For our Reviews API we target an API side response time of 50 milliseconds - however round trip network time may vary based on the geography of your own servers. For most of our customers the Reviews API will respond fast enough that it can be used dynamically on page load - however we would still recommend caching in order to provide your customers with the fastest possible experience.

Compliance and Data Locality

All of our systems are configured and protected in line with Information Security best practices informed by ISO 27001 and ISO 27002 guidelines.

Opinous is fully compliant with GDPR and provides both Privacy and Security by Design and Default.

All Opinous data and systems are resident in the EU - Primarily in Amsterdam and Frankfurt.

Data Processing Addendums are available on request for Enterprise customers by contacting their account manager. If you require a DPA or other custom contractual instrument for GDPR compliance please contact [email protected].

Authentication

Opinous APIs use Bearer tokens for authentication.

For APIs that require Authentication you should provide the API token in the Authorization header as follows:

Authorization: Bearer <API_ACCESS_TOKEN>

Creating an API Token

You can create new API tokens using the Developer section of the Organization settings page located here.

Simply click the "Create new Token" button and provide the token's name and permission level. You will then be shown your new API key which can be used right away.

Setting the permissions of an API Token

You can update the permission level of inside the Developer section of the Organization settings page located here.

Use the permission level dropdown to

Revoking API tokens

In the event of a security breach or as part of routine maintenance you are able to revoke your issued API tokens using the Developer section of the Organization settings page located here.