Dstny Core – Admin API & User API
Dstny Core APIs – Admin API & User API
Partner Integration Guide
📘 API Documentation Links
Use the links below to access the full, up-to-date API documentation.
User API Documentation
(Available to all partners)
🔗 https://www.dstny.se/hubfs/user-api.html
Admin API Documentation
(Available to Whitelabel partners only)
🔗 https://www.dstny.se/hubfs/admin-api.html
1. Introduction
Dstny Core provides APIs that partners can use to integrate with user and administrative functionality in the Dstny platform.
This guide explains:
-
The difference between User API and Admin API
-
Who can access each API
-
How authentication works
-
When to use each API
2. Which API Should I Use?
User API (Available to All Partners)
Use the User API when:
-
Acting on behalf of an end user
-
Performing user-scoped operations
-
Using token-based (Bearer) authentication
-
Accessing APIs through the Edge Node
Typical use cases:
-
End-user functionality
-
User-level configuration and actions
-
Integrations requiring user authentication
Admin API (Restricted Access)
The Admin API is only accessible to Whitelabel partners.
Use the Admin API when:
-
Performing administrative or system-level operations
-
Managing organizations, domains, and users
-
Building system-to-system integrations
-
Using HMAC-signed requests via the Management Node
Important:
If you are not a Whitelabel partner, Admin API access is not available.
3. Base URLs
User API
https://{external-address}/api
Admin API
https://{managementnode}/api/admin
4. Authentication Overview
| API | Authentication Method | Access Level |
|---|---|---|
| User API | Bearer token (RFC6750) | All partners |
| Admin API | HMAC-signed API ticket (SNT-HMACv1) | Whitelabel partners only |
5. User API – How to Authenticate and Use
5.1 Authentication
User API uses Bearer token authentication.
Authorization: Bearer {token}
-
No secret is required
-
The token represents the authenticated end user
-
Accepted via the Edge Node
5.2 Creating User API Tickets
User API tickets can be created:
-
In the Core portal (bc.dstny.se)
-
Via the User Ticket API
Supported methods:
-
End users authenticate using credentials (+ optional 2FA)
-
Super admins create user tickets using Admin/System tickets
5.3 Example User API Request
curl -s \
-H "Accept: application/json" \
-H "Authorization: Bearer {token}" \
'https://{external-address}/api/admin/user/domain.com'
6. Admin API – How to Authenticate and Use
(Whitelabel partners only)
6.1 Authentication Model
Admin API requires HMAC-signed requests.
-
Security scheme:
SNT-HMACv1 -
Signature algorithm:
HMAC-SHA256 -
Uses Admin or System API tickets
-
Accepted only via the Management Node
6.2 Authorization Header Format
Authorization: SNT-HMACv1
token="API_TICKET",
signature_method="HMAC-SHA256",
signature="CALCULATED_SIGNATURE",
timestamp="UNIX_TIMESTAMP",
nonce="RANDOM_STRING"
Key rules:
-
Timestamp = seconds since Unix epoch (UTC)
-
Nonce must be unique per request
-
Signing follows RFC5849 (OAuth 1.0)
6.3 HTTP Methods
| Method | Description |
|---|---|
| GET | Read resources |
| POST | Create resources |
| PUT | Update resources |
| PATCH | Partial update |
| DELETE | Remove resources |
6.4 Example Admin API Request
curl -s \
-H "Accept: application/json" \
-H "Authorization: SNT-HMACv1 ..." \
'https://{managementnode}/api/admin/organization/company.com'
7. Common Request Requirements
Required Headers
Accept: application/json
When sending JSON data
Content-Type: application/json
For PATCH requests
Content-Type: application/json-patch+json
8. URI Encoding & Data Rules
-
Non-ASCII characters must be UTF-8 percent-encoded
Example:mötley crüe → m%C3%B6tley%20cr%C3%BCe -
Newline characters must not be used inside names
-
Boolean values must be lowercase (
true,false)
Summary
-
User API is available to all partners and customers
-
Admin API is restricted to Whitelabel partners
-
Admin API requires HMAC-signed requests and Management Node access
-
Always refer to the documentation links above for full API details