Documentation in progress
Deprecated
You are looking to the old version of the API (version 1.0) Commanders Act will end support and maintenance for HTTP tracking API source 1.0 on August 31, 2023. This API will be fully deprecated on December 2023. After this date, the current format will no longer be supported and any requests using it may generates error.
We encourage you to begin using the new payload format as soon as possible to ensure a smooth transition. The new format is described here. Please refer to our documentation for more information on how to use the new format.
What changed in the payload format from the 1.0 to the 2.0 version :
All event data were inside the properties
object. They are now at the root. The properties
object doesn't exist any more.
All contextual meta-data were at the root, they are now inside a new context
object. For example these meta-data obects event_id
, device
, page
, app
, event_timestamp
are now in the context
object.
The HTTP Tracking API 1.0 lets you record data from any website or application. Requests are routed to our servers, and your data is routed to any destination you desire.
Authenticate to the Tracking API by sending your project’s Source Key along with a request in the headers like so: Authorization: Bearer NJtcKaoCYu...mGZDxRgMBMUw==
The source key is provided to you when you create a source in the source catalogue
To send data to our HTTP API, a content-type header must be set to 'application/json'
.
We presently return a 200 response for all API requests, thus debugging should be done using the platform interface or our config API (event inspector or event delivery API). The sole exception is that if the request is too large or the JSON is invalid, it will return a 400.
There is a maximum of 32KB
per API request.
There is no real rate limit above which the system will discard your data. But if you need to import at a rate faster than 500 requests per second, please contact us beforehand.
You may use the event API to capture the actions that your users perform. Every action results in what is known as an "event," which have associated properties.
You should keep track of activities that are indications of your app's performance, such as Signed Up, Item Purchased, and Article Bookmarked. To begin, we recommend tracking only a few key events. More may easily be added later!
Example event
call: ()
Find details on best practices in event naming as well as the event
method payload in our Spec.
If you want to use Http tracking API from you mobile APP instead of SDK, look at the Mobile event specificity
Timestamps supported are in milliseconds (ms).
Documentation in progress
Documentation in progress
version 2.0
The HTTP Tracking API is used to track events from any website, application or server. The data is collected by our servers, and then processed and routed to any configured destination. It is often used for server-to-server use case.
The API's collect endpoint is available at the following URL:
HTTP method: POST
tc_s
(required): site id
token
(required): source key
The endpoint requires a Content-Type
header set to application/json
:
The properties of the event must be provided in the request body in JSON format.
Timestamps must be in milliseconds (ms).
consistent_anonymous_id
corresponds to a unique identifier for a user, used on the CAX platform to identify a user. It is the equivalent of CAID cookie on a Web source.
As an exception, a 400 HTTP code is returned in case the request is too large or the payload JSON is invalid.
There is a maximum of 32KB
per API request.
The batch
API endpoint accepts a maximum of 500KB
per request, with a limit of 32KB
per event in the batch.
Example of an API request:
Download OpenAPI specification:
Our API operates over HTTPS, a standard for secure communication on the internet. This protocol ensures that data is encrypted and transmitted securely.
In conjunction with HTTPS, we employ an API token-based authentication system. Each created source is assigned a unique token that remains consistent across all API requests for this specific source. This design offers both security and convenience, allowing clients to manage multiple sources each with their own dedicated token. The ability for clients to create, manage, and deactivate sources at will via our interface adds an additional layer of control, ensuring that tokens can be invalidated as necessary for security or operational reasons. Our security approach is tailored to the diverse needs of our clients. We focus on providing a secure, efficient, and user-friendly experience. Our choice of HTTPS and token-based authentication aligns with our commitment to delivering robust security while ensuring ease of integration and operational flexibility for our clients. This approach is chosen over more complex systems like Mutual TLS (mTLS), OpenID Connect (OIDC), or IP filtering.
Currently the batch endpoint is not publicly open, please contact us if you want to be part of the closed beta.
The batch
method lets you send a series of event
requests in a single batch, saving on outbound requests.
There is a maximum of 500KB
per batch request and 32KB
per call.
The BATCH API's collect endpoint is available at the following URL:
Example of an API request:
To manage users, check instead the dedicated , and for products, the .
The source key is displayed in the settings of any .
Find details on best practices in event naming as well as the event
method payload in our .
The format of the payload evolved on Nov. 2022. The old format will still be supported during one year. .
The endpoint returns a 200 HTTP response to all API requests. Thus, debugging should be done using the platform interface or our (event inspector or event delivery API).
There is no real rate limit above which the system will discard your data. But if you need to import at a rate faster than 500 requests per second, please beforehand.