Skip to main content

Getting Started with XFA API

Welcome to the XFA API Documentation, the XFA API can be used by costumers, partners, and vendors to interact and expand the XFA platform to extract reports, automate actions & more.

This documentation includes specific information about the authentication required, some example usecases and an API playground to dynamically test out the API endpoints & functionality.

Authentication

Step 1: Create Your Service Account

  1. Go to your XFA dashboard
  2. Click on SettingsAdminAdd an Admin
  3. Create your service account using email and password
    • ⚠️ IMPORTANT: You MUST use email/password authentication
    • 🔒 Store these credentials securily
    • 🚫 Never share these credentials with anyone

Step 2: Get Your Authentication Token

To interact with the XFA API, You'll need to obtain an authentication token using the email/password from the previous step. Here's a detailed breakdown of the authentication process:

  1. URL:

    • https://cognito-idp.eu-west-1.amazonaws.com/

  2. Headers:

    • x-amz-target: AWSCognitoIdentityProviderService.InitiateAuth

  3. Request Body (sent as JSON):

    • AuthFlow: "USER_PASSWORD_AUTH" - Specifies we're using username/password authentication
    • ClientId: "5svu9bb7s7gvmq404ilp0mrul2"
    • AuthParameters: Contains the credentials
      • USERNAME: Your email address
      • PASSWORD: Your password

Upon successful execution, the command will return an access token that you can use for subsequent API calls to the XFA platform.

Test manually:
  1. Open your terminal or API testing tool
  2. Use this command (replace the placeholders):
curl -X POST https://cognito-idp.eu-west-1.amazonaws.com/ \
  -H "x-amz-target: AWSCognitoIdentityProviderService.InitiateAuth" \
  -d '{
  "AuthFlow": "USER_PASSWORD_AUTH", 
  "ClientId": "5svu9bb7s7gvmq404ilp0mrul2",
  "AuthParameters": {
    "USERNAME": "YOUR_EMAIL",
    "PASSWORD": "YOUR_PASSWORD"
  }
}'
  1. You'll receive a response like this, you'll need the AccessToken for API calls:
{
   "AuthenticationResult": {
      "AccessToken": "eyJraW......",
      "ExpiresIn": 3600,
      "IdToken": "eyJraWQiO.......",
      "RefreshToken": "eyJjdHki.........",
      "TokenType": "Bearer"
   },
   "ChallengeParameters": {
      
   }
}
Token Expiration

Your token will expire after 1 hour. Make sure your application can request a new token when needed!

Use the API Playground

Want to test the API without writing code?

  1. Go to our API Playground
  2. Enter your token in the "Authentication" section
  3. Try out any endpoint with just a few clicks!

Customize your experience

You can change the programming language for code examples using the selector at the top of the page. This will update all code examples throughout the documentation to match your preferred language.