Generic Operation

Overview#

Carat Portal has a REST interface for performing generic operations. Understand that "generic operations" are operations that are exclusive to certain authorizers and do not conform to previous standardized operations.

In this REST interface, consider that each operation code depends on additional data so that it works as expected. Some of these operations require an authenticity token, which must be generated for each call of the generic operation. For more details on each generic operation, see the specific routing documentation.

And to learn more about these nomenclatures (Bin, Software Express, Carat, e-Sitef) Learn more

Communication#

To make a generic service REST web service request, use the following Carat Portal base URLs:

Production base URL:

https://esitef.softwareexpress.com.br/e-sitef/api

Base Homologation URL:

https://esitef-homologacao.softwareexpress.com.br/e-sitef/api

What you will need#

An application capable of receiving POST HTTPS calls   Active registration in the Carat Portal environment with the URL for the authenticity POST (please request this registration to our support team)

Flow#

Generic operations have two flows that depend on the requirement of the authenticity token for the execution of the operation.

Flow description:

  1. Merchant requests the generation of a token for generic operations.
  2. Carat Portal generates a authenticity token internally
  3. The generated authenticity token is sent to the store via POST to the authenticity URL. The merchant must keep this token.
  4. The merchant uses the generated authenticity token to perform a generic operation.
  5. Carat Portal validates and inactivates the authenticity token before performing the requested operation.
  6. Carat Portal performs the generic operation and obtains the results of the operation.
  7. Carat Portal returns the result of the requested operation.

Obs: Some generic operations does not need the use of the authenticity token. Please check the item corresponding to the operation used in the specific routing to verify this need.
In case the authenticity token is not needed, the steps 1, 2 and 3 from the flow ahead are not necessary.