MENU navbar-image

Introduction

This documentation aims to provide all the information you need to work with our API.

Base URL

Environment Base URL
Sandbox https://api-sandbox.abyan.ph
Production https://api-prod.abyan.ph

Authenticating requests

To authenticate requests, include an Authorization header with the value "Bearer {YOUR_ACCESS_TOKEN}".

All authenticated endpoints are marked with a requires authentication badge in the documentation below.

You can retrieve your token by visiting your Authentication dashboard.

Authentication

Generate access token

Use this endpoint to generate access token using your client id and client secret

Example request:
curl --request POST \
    "https://api-sandbox.abyan.ph/api/partners/v1/oauth2/token" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"grant_type\": \"client_credentials\",
    \"client_id\": \"6j3mj13bmntioepd0o622ed2g4\",
    \"client_secret\": \"c915on174ls8dq9el5ljuqi696fckntqgqn0k4t1p753ursfrac\",
    \"scope\": \"delivery\"
}"

const url = new URL(
    "https://api-sandbox.abyan.ph/api/partners/v1/oauth2/token"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "grant_type": "client_credentials",
    "client_id": "6j3mj13bmntioepd0o622ed2g4",
    "client_secret": "c915on174ls8dq9el5ljuqi696fckntqgqn0k4t1p753ursfrac",
    "scope": "delivery"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());
import requests
import json

url = 'https://api-sandbox.abyan.ph/api/partners/v1/oauth2/token'
payload = {
    "grant_type": "client_credentials",
    "client_id": "6j3mj13bmntioepd0o622ed2g4",
    "client_secret": "c915on174ls8dq9el5ljuqi696fckntqgqn0k4t1p753ursfrac",
    "scope": "delivery"
}
headers = {
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('POST', url, headers=headers, json=payload)
response.json()
$client = new \GuzzleHttp\Client();
$url = 'https://api-sandbox.abyan.ph/api/partners/v1/oauth2/token';
$response = $client->post(
    $url,
    [
        'headers' => [
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
        'json' => [
            'grant_type' => 'client_credentials',
            'client_id' => '6j3mj13bmntioepd0o622ed2g4',
            'client_secret' => 'c915on174ls8dq9el5ljuqi696fckntqgqn0k4t1p753ursfrac',
            'scope' => 'delivery',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));

Example response (200):


{
    "message": "Request was successful.",
    "details": {
        "access_token": "eyJraWQiOiJJNnYxOTZKVUFncVl...",
        "expires_in": 3600,
        "token_type": "Bearer"
    }
}

Request      

POST api/partners/v1/oauth2/token

Headers

Content-Type      

Example: application/json

Accept      

Example: application/json

Body Parameters

grant_type   string   

client_credentials. Example: client_credentials

client_id   string   

Your client id. Example: 6j3mj13bmntioepd0o622ed2g4

client_secret   string   

Your client secret. Example: c915on174ls8dq9el5ljuqi696fckntqgqn0k4t1p753ursfrac

scope   string   

Your scope. Example: delivery

Delivery

Inquire delivery order

requires authentication

Use this endpoint to inquire deliver order

Example request:
curl --request POST \
    "https://api-sandbox.abyan.ph/api/partners/v1/delivery/inquire" \
    --header "Authorization: Bearer {YOUR_ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"sender\": \"\",
    \"receiver\": \"\"
}"

const url = new URL(
    "https://api-sandbox.abyan.ph/api/partners/v1/delivery/inquire"
);

const headers = {
    "Authorization": "Bearer {YOUR_ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "sender": "",
    "receiver": ""
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());
import requests
import json

url = 'https://api-sandbox.abyan.ph/api/partners/v1/delivery/inquire'
payload = {
    "sender": "",
    "receiver": ""
}
headers = {
  'Authorization': 'Bearer {YOUR_ACCESS_TOKEN}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('POST', url, headers=headers, json=payload)
response.json()
$client = new \GuzzleHttp\Client();
$url = 'https://api-sandbox.abyan.ph/api/partners/v1/delivery/inquire';
$response = $client->post(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_ACCESS_TOKEN}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
        'json' => [
            'sender' => '',
            'receiver' => '',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));

Example response (200):


{
    "message": "Request was successful.",
    "details": {
        "courier_fee": 150
    }
}

Request      

POST api/partners/v1/delivery/inquire

Headers

Authorization      

Example: Bearer {YOUR_ACCESS_TOKEN}

Content-Type      

Example: application/json

Accept      

Example: application/json

Body Parameters

sender   Sender Details   
latitude   number   

Must be between -90 and 90. Example: -90

longitude   number   

Must be between -180 and 180. Example: -180

full_address   string   

Must not be greater than 255 characters. Example: jpbyinwtvpciuyfyuorc

receiver   Receiver Details   
latitude   number   

Must be between -90 and 90. Example: -89

longitude   number   

Must be between -180 and 180. Example: -180

full_address   string   

Must not be greater than 255 characters. Example: yqqyccqxjacodlwztej

Create delivery order

requires authentication

Use this endpoint to create deliver order

Example request:
curl --request POST \
    "https://api-sandbox.abyan.ph/api/partners/v1/delivery/create" \
    --header "Authorization: Bearer {YOUR_ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"client_reference_number\": \"P143-36EG-DY01\",
    \"sender\": \"\",
    \"receiver\": \"\",
    \"webhook_url\": \"https:\\/\\/partnersite.com\\/webhook\\/notify\"
}"

const url = new URL(
    "https://api-sandbox.abyan.ph/api/partners/v1/delivery/create"
);

const headers = {
    "Authorization": "Bearer {YOUR_ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "client_reference_number": "P143-36EG-DY01",
    "sender": "",
    "receiver": "",
    "webhook_url": "https:\/\/partnersite.com\/webhook\/notify"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());
import requests
import json

url = 'https://api-sandbox.abyan.ph/api/partners/v1/delivery/create'
payload = {
    "client_reference_number": "P143-36EG-DY01",
    "sender": "",
    "receiver": "",
    "webhook_url": "https:\/\/partnersite.com\/webhook\/notify"
}
headers = {
  'Authorization': 'Bearer {YOUR_ACCESS_TOKEN}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('POST', url, headers=headers, json=payload)
response.json()
$client = new \GuzzleHttp\Client();
$url = 'https://api-sandbox.abyan.ph/api/partners/v1/delivery/create';
$response = $client->post(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_ACCESS_TOKEN}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
        'json' => [
            'client_reference_number' => 'P143-36EG-DY01',
            'sender' => '',
            'receiver' => '',
            'webhook_url' => 'https://partnersite.com/webhook/notify',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));

Example response (200):


{
    "message": "Request was successful.",
    "details": {
        "client_reference_number": "P143-36EG-DY11",
        "reference_number": "DLS1724406945",
        "status": "02 booked",
        "tracking_url": "https://delivery.dev.abyan.ph/track/DLS1724406945",
        "waybill_url": "https://sls-laravel-lto-delivery-api-dev-storage-private.s3.ap-southeast-1.amazonaws.com/waybill/P143-36EG-DY11.pdf"
    }
}

Request      

POST api/partners/v1/delivery/create

Headers

Authorization      

Example: Bearer {YOUR_ACCESS_TOKEN}

Content-Type      

Example: application/json

Accept      

Example: application/json

Body Parameters

client_reference_number   string   

The client reference number provided by the partner corresponds to this transaction. Must not be greater than 100 characters. Must not be greater than 100 characters. Example: P143-36EG-DY01

sender   Sender Details   
latitude   number   

Must be between -90 and 90. Example: -90

longitude   number   

Must be between -180 and 180. Example: -180

full_address   string   

Must not be greater than 255 characters. Example: tuogkryuwemmbbc

remarks   string  optional  

Must not be greater than 255 characters. Example: nlx

details   Other Details  optional  
office_code   string  optional  

Must not be greater than 255 characters. Example: kbvti

contact   Contact Details   
full_name   string   

Must not be greater than 255 characters. Example: odbyukftjsrdhoaudbgkbuvde

number   string   

Must match the regex /^(09|+639)\d{9}$/. Example: +639310871501

receiver   Receiver Details   
latitude   number   

Must be between -90 and 90. Example: -90

longitude   number   

Must be between -180 and 180. Example: -180

full_address   string   

Must not be greater than 255 characters. Example: hkgaefodshqaumrpqumxm

remarks   string  optional  

Must not be greater than 255 characters. Example: jwumxfmxeghuuzmsnomqtcrm

contact   Contact Details   
full_name   string   

Must not be greater than 255 characters. Example: tcal

number   string   

Must match the regex /^(09|+639)\d{9}$/. Example: 09945609422

webhook_url   string   

The partner server's URL that is called for this webhook. Must not be greater than 255 characters. Example: https://partnersite.com/webhook/notify

Check delivery order

requires authentication

Use this endpoint to check the status of a transaction given a reference number.

Example request:
curl --request GET \
    --get "https://api-sandbox.abyan.ph/api/partners/v1/delivery/status/DLS1724406945" \
    --header "Authorization: Bearer {YOUR_ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://api-sandbox.abyan.ph/api/partners/v1/delivery/status/DLS1724406945"
);

const headers = {
    "Authorization": "Bearer {YOUR_ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
import requests
import json

url = 'https://api-sandbox.abyan.ph/api/partners/v1/delivery/status/DLS1724406945'
headers = {
  'Authorization': 'Bearer {YOUR_ACCESS_TOKEN}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()
$client = new \GuzzleHttp\Client();
$url = 'https://api-sandbox.abyan.ph/api/partners/v1/delivery/status/DLS1724406945';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_ACCESS_TOKEN}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));

Example response (200):


{
    "message": "Request was successful.",
    "details": {
        "client_reference_number": "P143-36EG-DY11",
        "reference_number": "DLS1724406945",
        "status": "02 booked",
        "tracking_url": "https://delivery.dev.abyan.ph/track/DLS1724406945",
        "waybill_url": "https://sls-laravel-lto-delivery-api-dev-storage-private.s3.ap-southeast-1.amazonaws.com/waybill/P143-36EG-DY11.pdf"
    }
}

Request      

GET api/partners/v1/delivery/status/{reference_number}

Headers

Authorization      

Example: Bearer {YOUR_ACCESS_TOKEN}

Content-Type      

Example: application/json

Accept      

Example: application/json

URL Parameters

reference_number   Tracking reference number, corresponding to the create order transaction.   

Example: DLS1724406945

For Pickup Notification

requires authentication

Allows partner to notify the system when an item is ready for pickup.

Example request:
curl --request POST \
    "https://api-sandbox.abyan.ph/api/partners/v1/delivery/notify" \
    --header "Authorization: Bearer {YOUR_ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"reference_numbers\": [
        \"reprehenderit\"
    ]
}"

const url = new URL(
    "https://api-sandbox.abyan.ph/api/partners/v1/delivery/notify"
);

const headers = {
    "Authorization": "Bearer {YOUR_ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "reference_numbers": [
        "reprehenderit"
    ]
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());
import requests
import json

url = 'https://api-sandbox.abyan.ph/api/partners/v1/delivery/notify'
payload = {
    "reference_numbers": [
        "reprehenderit"
    ]
}
headers = {
  'Authorization': 'Bearer {YOUR_ACCESS_TOKEN}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('POST', url, headers=headers, json=payload)
response.json()
$client = new \GuzzleHttp\Client();
$url = 'https://api-sandbox.abyan.ph/api/partners/v1/delivery/notify';
$response = $client->post(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_ACCESS_TOKEN}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
        'json' => [
            'reference_numbers' => [
                'reprehenderit',
            ],
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));

Example response (204):

Empty response

Request      

POST api/partners/v1/delivery/notify

Headers

Authorization      

Example: Bearer {YOUR_ACCESS_TOKEN}

Content-Type      

Example: application/json

Accept      

Example: application/json

Body Parameters

reference_numbers   string[]   

Each reference number within the array. Must be a string.

Test Webhook Call

requires authentication

Allows partner to test the webhook call

Example request:
curl --request POST \
    "https://api-sandbox.abyan.ph/api/partners/v1/delivery/test-webhook" \
    --header "Authorization: Bearer {YOUR_ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"webhook_url\": \"https:\\/\\/partnersite.com\\/webhook\\/notify\",
    \"payload\": [
        {
            \"client_reference_number\": \"12345\",
            \"reference_number\": \"ABCDE12345\",
            \"status\": \"30 delivered\",
            \"tracking_url\": \"https:\\/\\/tracking.com\\/track\\/ABCDE12345\",
            \"waybill_url\": \"https:\\/\\/waybill.com\\/waybill\\/ABCDE12345.pdf\"
        },
        {
            \"client_reference_number\": \"67890\",
            \"reference_number\": \"FGHIJ67890\",
            \"status\": \"30 delivered\",
            \"tracking_url\": \"https:\\/\\/tracking.com\\/track\\/FGHIJ67890\",
            \"waybill_url\": \"https:\\/\\/waybill.com\\/waybill\\/FGHIJ67890.pdf\"
        }
    ]
}"

const url = new URL(
    "https://api-sandbox.abyan.ph/api/partners/v1/delivery/test-webhook"
);

const headers = {
    "Authorization": "Bearer {YOUR_ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "webhook_url": "https:\/\/partnersite.com\/webhook\/notify",
    "payload": [
        {
            "client_reference_number": "12345",
            "reference_number": "ABCDE12345",
            "status": "30 delivered",
            "tracking_url": "https:\/\/tracking.com\/track\/ABCDE12345",
            "waybill_url": "https:\/\/waybill.com\/waybill\/ABCDE12345.pdf"
        },
        {
            "client_reference_number": "67890",
            "reference_number": "FGHIJ67890",
            "status": "30 delivered",
            "tracking_url": "https:\/\/tracking.com\/track\/FGHIJ67890",
            "waybill_url": "https:\/\/waybill.com\/waybill\/FGHIJ67890.pdf"
        }
    ]
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());
import requests
import json

url = 'https://api-sandbox.abyan.ph/api/partners/v1/delivery/test-webhook'
payload = {
    "webhook_url": "https:\/\/partnersite.com\/webhook\/notify",
    "payload": [
        {
            "client_reference_number": "12345",
            "reference_number": "ABCDE12345",
            "status": "30 delivered",
            "tracking_url": "https:\/\/tracking.com\/track\/ABCDE12345",
            "waybill_url": "https:\/\/waybill.com\/waybill\/ABCDE12345.pdf"
        },
        {
            "client_reference_number": "67890",
            "reference_number": "FGHIJ67890",
            "status": "30 delivered",
            "tracking_url": "https:\/\/tracking.com\/track\/FGHIJ67890",
            "waybill_url": "https:\/\/waybill.com\/waybill\/FGHIJ67890.pdf"
        }
    ]
}
headers = {
  'Authorization': 'Bearer {YOUR_ACCESS_TOKEN}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('POST', url, headers=headers, json=payload)
response.json()
$client = new \GuzzleHttp\Client();
$url = 'https://api-sandbox.abyan.ph/api/partners/v1/delivery/test-webhook';
$response = $client->post(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_ACCESS_TOKEN}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
        'json' => [
            'webhook_url' => 'https://partnersite.com/webhook/notify',
            'payload' => [
                [
                    'client_reference_number' => '12345',
                    'reference_number' => 'ABCDE12345',
                    'status' => '30 delivered',
                    'tracking_url' => 'https://tracking.com/track/ABCDE12345',
                    'waybill_url' => 'https://waybill.com/waybill/ABCDE12345.pdf',
                ],
                [
                    'client_reference_number' => '67890',
                    'reference_number' => 'FGHIJ67890',
                    'status' => '30 delivered',
                    'tracking_url' => 'https://tracking.com/track/FGHIJ67890',
                    'waybill_url' => 'https://waybill.com/waybill/FGHIJ67890.pdf',
                ],
            ],
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));

Example response (200):

Request      

POST api/partners/v1/delivery/test-webhook

Headers

Authorization      

Example: Bearer {YOUR_ACCESS_TOKEN}

Content-Type      

Example: application/json

Accept      

Example: application/json

Body Parameters

webhook_url   string   

The partner server's URL that is called for this webhook. Must be a valid URL. Example: https://partnersite.com/webhook/notify

payload   object[]   

An array of objects, each containing details about a specific transaction or update.
client_reference_number   string   

A unique identifier provided by the client for each transaction. Must not be greater than 255 characters. Example: 12345

reference_number   string   

The internal reference number associated with the transaction. Must not be greater than 255 characters. Example: ABCDE12345

status   string   

The current status of the transaction. Example: 30 delivered

Must be one of:
  • 08 assigned
  • 09 received
  • 10 not received
  • 11 picked up
  • 12 not picked up
  • 20 out for delivery
  • 30 delivered
  • 40 not delivered
  • 41 return to dispatcher
  • 42 return to lto
tracking_url   string  optional  

The URL where the client can track the shipment. Example: https://tracking.com/track/ABCDE12345

waybill_url   string  optional  

The URL to access the waybill associated with the shipment. Example: https://waybill.com/waybill/ABCDE12345.pdf

Webhook

Overview

Abyan employs webhooks to notify your application of changes in delivery statuses. These notifications keep you informed about updates in delivery status, ensuring your application can promptly respond to changes like customer-paid deliveries.

Webhooks deliver real-time updates, eliminating the need for constant polling and enabling your application to remain synchronized with the latest delivery statuses.

Setup

You need to provide an endpoint in your system to receive webhook from us. The webhook notification will be sent over POST request to your webhook URL that you have set in Create delivery order.

Ensure that your webhook server responds with an HTTP status code 200, and returns the following JSON format to acknowledge receipt: {"success": "ok"}.

Security

Ensuring the security of your endpoints is crucial for safeguarding your system. Abyan offers multiple methods to verify that events originate securely from Abyan.

Receive events with an HTTPS server By default, Abyan verifies that the SSL certificate of the webhook destination is valid when you use an HTTPS URL for your webhook endpoint. This ensures that the connection to your server is secure and the data sent via webhook remains protected during transmission. To enable this verification, your server must be properly configured to support HTTPS with a valid server certificate.

Verify events are sent from Abyan Abyan enhances security by signing the webhook events it sends to your endpoints. Each event includes a hash value in the x-webhook-signature header, enabling you to verify that the events originate from Abyan and have not been tampered with by a third party. This ensures the authenticity and integrity of the data received through webhooks.

To clarify, the Signature provided by Abyan in webhook events is a SHA-256 hash. This hash is generated by encoding the request body into JSON format and then using your clientId as the key. This hash allows you to verify the authenticity of the webhook events received from Abyan, ensuring they have not been altered and originate from Abyan's servers. This mechanism strengthens the security of your webhook integration by providing a means to validate the source and integrity of incoming data.

Header Parameters

Header Description
x-webhook-signature string. Your hash value to verify the origin of the webhook

Response Body Schema

[
    {
        "client_reference_number": "string",
        "reference_number": "string",
        "status": "string",
        "tracking_url": "string",
        "waybill_url": "string"
    }
]

Order Status Codes Documentation

This document outlines the various status codes used in the order processing system. Each status is associated with a unique code and a description of what the status represents.

Status Codes

Common Response Codes

Our API provides detailed delivery status updates for orders. Below are the status codes and their descriptions:

Status Description
200 OK The request was successful.
201 Created A new resource has been successfully created.
400 Bad Request The request could not be understood or was missing required parameters.
401 Unauthorized Authentication failed or user does not have permissions for the requested operation.
403 Forbidden You do not have permission to access the requested resource.
404 Not Found The requested resource could not be found.
429 Too Many Requests You have exceeded the allowed number of requests. Please try again later.
500 Internal Server Error An error occurred on the server.