Tuslr

Enterprise

Tuslr API Reference

The Tuslr API makes it easy to tap into the digital mesh that runs across cities.   Make requests to our API endpoints and we’ll give you everything you need to create new and magical experiences for your users. The possibilities are endless!

All production API requests are made to:

https://api.Tuslr.com/

The current version of the API is v1.2.   Backwards incompatible changes will result in a version bump.   Some of our API endpoints require OAuth 2.0 credentials.   Please see the Authentication & Authorization guide to get started.

There is also a sandbox to use when developing and testing applications, with requests being made to:

https://sandbox-api.Tuslr.com/

¶ REST

The Tuslr API is a RESTful API.   This means that the API is designed to allow you to get, create, update and delete objects with the HTTP verbs GET, POST, PUT, PATCH, & DELETE.

¶ JSON

The Tuslr API speaks exclusively in JSON. This means that you should always set the Content-Type header to application/ Json to ensure that your requests are properly accepted and processed by the API.

¶ Authentication

All API calls require authentication using either a server token or bearer token depending on the endpoint.   Bearer tokens allow your application to access the Tuslr API on behalf of a user and are obtained after a user has authorized your application through one of the supported OAuth 2.0 authorization grants.   Bearer tokens are valid for authentication on all endpoints within the API.

For endpoints where user context is not necessary, such as GET /v1/products, you may use your application’s server token instead of having to authenticate a specific user.

Some endpoints such as Ride Request – Receipt require privileged scopes to be used in production by all Tuslr users.   For more information read about scopes.

¶ Cross-Origin Resource Sharing

The Tuslr API supports CORS for communicating from Javascript for these endpoints.   You will need to specify an Origin URI (found in the Settings tab under Security section) when creating your application to allow for CORS to be whitelisted for your domain.   Please note that your server_token is still considered sensitive and it is your responsibility to protect it.

var xhr = new XMLHttpRequest();

xhr.open(‘GET’, ‘https://api.Tuslr.com/v1.2/products?latitude=37.7759792&longitude=-122.41823’);

xhr.setRequestHeader(“Authorization”, “Token “);

xhr.send();

¶ Pagination

Some endpoints such as Rider History return a potentially lengthy array of objects.   In order to keep the response sizes manageable the API will take advantage of pagination.   Pagination is a mechanism for returning a subset of the results for a request and allowing for subsequent requests to “page” through the rest of the results until the end is reached.   Paginated endpoints follow a standard interface that accepts two query parameters, limit and offset and return a payload that follows a standard form.   These parameters names and their behavior are borrowed from PostgreSQL LIMIT and OFFSET keywords.

¶ Versioning

The Tuslr API is constantly being worked on to add features, make improvements, and fix bugs. This means that you should expect changes to be introduced and documented.   Whenever we make a significant change to an endpoint, we will increase the version number used in the path of the resource being requested.

However, there are some changes or additions that are considered backwards-compatible and your applications should be flexible enough to handle them.   These include:

Adding new endpoints to the API

Adding new attributes to the response of an existing endpoint

Changing the order of attributes of responses (JSON by definition is an object of unordered key/value pairs)

¶ Common Types

IDs in the Tuslr API are not guaranteed to be UUIDs and will be variable length.

Date and time will be expressed as an integer which represents the number of seconds since the Unix epoch in UTC.

Latitude and longitude will be expressed as floats, with the precision on both the request and response up to six decimal places.

Phone numbers will be expressed in E.164 format.

Country codes will be expressed as ISO 3166-1 alpha-3 code.

¶ HTTP Status Codes

Status Code  Description

200  OK.   Everything worked as expected.

201  Created.   We will return a 201 after a successful POST where a resource was created.

302  Retry request on given redirect URI.

400  Malformed request.

401  Unauthorized.   The request requires user authentication (not logged in).   Also used for invalid OAuth 2.0 credentials.

403  Forbidden.   Also used for unauthorized requests such as improper OAuth 2.0 scopes or permissions issues.

403  User not allowed.   User is banned and is not permitted to request a ride.

404  Not found.

406  Unacceptable content type.   Client sent an accepts header for a content type which does not exist on the server.   Body includes a list of acceptable content types, such as “Unacceptable content type. Request resource as: application/json.

409  A conflict needs to be resolved before the request can be made.

422  Invalid request.   The request body is parse-able however with invalid content or there are issues with a rider’s user account.

429  Too Many Requests.   Exceeded the rate limit for requests.

500  Internal Server Error.

503  The backend server is not available.

¶ Errors

Error responses will have a consistently formed JSON body.   The keys may include:

Key  Value

message  Human readable message which corresponds to the client error.

code  Underscored delimited string.

fields (optional)  A hash of field names that have validations. This has a value of an array with member strings that describe the specific validation error.

¶ Error Response

Status-Code: 422 Invalid Request

{

  “message”: “Invalid user”,

  “code”: “invalid”,

  “fields”: {

    “first_name”: [“Required”]

  }

}

¶ API Endpoints

Method  Endpoint  Description

GET  /products  List products

GET  /products/{product_id}  Get product details

GET  /estimates/price  Get price estimates

GET  /estimates/time  Get time estimates

GET  /me  Get user information

PATCH  /me  Apply a user promotion

GET  /history  Get user history

GET  /places/{place_id}  Get a saved place

PUT  /places/{place_id}  Update a saved place

POST  /requests/estimate  Get request estimate

POST  /requests  Create ride request

GET  /requests/{request_id}  Get ride details

DELETE  /requests/{request_id}  Cancel request

PATCH  /requests/{request_id}  Update request

GET  /requests/{request_id}/map  Get tracking map

GET  /requests/{request_id}/receipts  Get receipt Tuslr

Scroll to Top