API Introduction
The Netasampark REST API provides programmatic access to all platform features. Built with Laravel 11, it offers enterprise-grade performance, security, and scalability.
Base URLs
Production: https://api.netasampark.com/api
Staging: https://staging-api.netasampark.com/api
Development: http://localhost:8000/api
API Versioning
The API uses URL-based versioning:
/api/v1/endpoint
/api/v2/endpoint
Current version: v1 (default, version prefix optional)
Authentication
All protected endpoints require Bearer token authentication.
Get Access Token
POST /api/auth/login
Content-Type: application/json
{
"email": "user@example.com",
"password": "SecurePassword123!"
}
Response:
{
"success": true,
"data": {
"user": {
"id": 1,
"name": "John Doe",
"email": "user@example.com",
"role": "politician"
},
"access_token": "1|xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"token_type": "Bearer"
}
}
Using the Token
Include the token in the Authorization header:
Authorization: Bearer 1|xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Rate Limiting
API endpoints are rate-limited to prevent abuse:
| Endpoint Type | Limit | Window |
|---|---|---|
| Public endpoints | 60 requests | per minute |
| Authenticated endpoints | 120 requests | per minute |
| Authentication endpoints | 5 requests | per minute |
| OTP endpoints | 3 requests | per minute |
Rate limit headers are included in responses:
X-RateLimit-Limit: Maximum requests allowedX-RateLimit-Remaining: Remaining requests in current window
When rate limit is exceeded, a 429 Too Many Requests response is returned.
Response Format
Success Response
{
"success": true,
"message": "Operation successful",
"data": {
// Response data
}
}
Error Response
{
"success": false,
"error_code": "error_code",
"message": "Error message",
"details": {
// Additional error details
}
}
Error Codes
| Code | HTTP Status | Description |
|---|---|---|
validation_error | 422 | Validation failed |
unauthorized | 401 | Authentication required |
forbidden | 403 | Insufficient permissions |
not_found | 404 | Resource not found |
rate_limit_exceeded | 429 | Too many requests |
server_error | 500 | Internal server error |
Core Endpoints
Health Check
GET /api/healthz
Authentication
POST /api/auth/login- LoginPOST /api/auth/register- RegisterPOST /api/auth/send-otp- Send OTPPOST /api/auth/verify-otp- Verify OTP
Voters
GET /api/voters- List votersPOST /api/voters- Create voterGET /api/voters/{id}- Get voterPUT /api/voters/{id}- Update voterDELETE /api/voters/{id}- Delete voter
Messaging
POST /api/messages/send- Send messagePOST /api/messages/broadcast- Broadcast messageGET /api/messages/history- Message history
Campaigns
GET /api/campaigns- List campaignsPOST /api/campaigns- Create campaignGET /api/campaigns/{id}- Get campaign
Grievances
GET /api/grievances- List grievancesPOST /api/grievances- Create grievanceGET /api/grievances/{id}- Get grievance
Webhooks
The API supports webhooks for real-time event notifications.
Available Events:
message.deliveredmessage.failedgrievance.createdgrievance.resolvedpayment.processed
SDK Support
SDK configurations are available for:
- JavaScript/TypeScript
- Python
- PHP
- Java
Best Practices
- Always use HTTPS in production
- Store tokens securely - Never expose in client-side code
- Handle errors gracefully - Check for
successfield - Respect rate limits - Implement exponential backoff
- Use pagination - For large datasets
- Validate input - Always validate before sending
- Handle token expiration - Implement refresh logic
Next Steps
Ready to integrate? Check out the API Examples or SDK Documentation