Skip to content

Easyflow (1.0)

Easyflow API Document

This is the API documentation and must be used by everyone who wants to integrate with the Easyflow platform.

Download OpenAPI description
openapi.json
openapi.yaml
Overview
License

Languages
Servers
Mock server

https://mobile-docs.easyflow.digital/_mock/openapi/

Production environment URL

https://wz0ppvhzw7.execute-api.sa-east-1.amazonaws.com/

Authentication

Operations

Sign In

Request

Headers
x-fingerprint-idstringrequired

Unique device or session fingerprint identifier used for security and fraud prevention.

Bodyapplication/json
usernamestringrequired

User email or username.

passwordstring(password)required

User password.

curl -i -X POST \
  https://mobile-docs.easyflow.digital/_mock/openapi/identity/sign-in \
  -H 'Content-Type: application/json' \
  -H 'x-fingerprint-id: string' \
  -d '{
    "username": "string",
    "password": "pa$$word"
  }'

Responses

If the request is successful, the response will include the access and refresh tokens along with account data.

Bodyapplication/json
statusCodeinteger
Example: 200
dataobject
Response
application/json
{
  "statusCode": 200,
  "data": {
    "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2NvdW50SWQiOiI1MDU0MGJlMi0xYmRhLTQxYjktYTY2NC0zNDUzMGExYTc1Y2IiLCJ1c2VySWQiOiI1MDU3OGE4Zi1iOTU4LTRlNTgtOTI3Ni05NDMzNzBhZjMyNTciLCJuYW1lIjoiR3VpbGhlcm1lIEdvbmNhbHZlcyBMaXNib2EiLCJhY2Vzc1JvbGVzIjpbImJhc2ljIiwiYWRtaW4iXSwiZW1haWwiOiJndWltZTAxNjJAZ21haWwuY29tIiwiaWF0IjoxNzU3NzA0NjU4LCJleHAiOjE3NTc3NDc4NTh9.mp3k9Wvenqspw_7VLK_lrnj4x4np9clU8yFpGugy9Ic",
    "refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2NvdW50SWQiOiI1MDU0MGJlMi0xYmRhLTQxYjktYTY2NC0zNDUzMGExYTc1Y2IiLCJ1c2VySWQiOiI1MDU3OGE4Zi1iOTU4LTRlNTgtOTI3Ni05NDMzNzBhZjMyNTciLCJuYW1lIjoiR3VpbGhlcm1lIEdvbmNhbHZlcyBMaXNib2EiLCJhY2Vzc1JvbGVzIjpbImJhc2ljIiwiYWRtaW4iXSwiZW1haWwiOiJndWltZTAxNjJAZ21haWwuY29tIiwiaWF0IjoxNzU3NzA0NjU4LCJleHAiOjE3NTgzMDk0NTh9.BXPxcCPRuikJ-ettzJqNhvimUexlQaCAw-DMbrhkaJY",
    "authenticationType": "Bearer",
    "account": { … },
    "user": { … },
    "loggedAt": "2025-09-12T19:17:38.346Z",
    "observation": { … }
  }
}

Verify 2FA

Request

Security
bearerAuth
Bodyapplication/json
codestringrequired

The 2FA code sent to the user.

curl -i -X POST \
  https://mobile-docs.easyflow.digital/_mock/openapi/accounts/verify-2fa \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "code": "string"
  }'

Responses

If the 2FA code is valid, returns new access and refresh tokens.

Bodyapplication/json
statusCodeinteger
Example: 200
dataobject
Response
application/json
{
  "statusCode": 200,
  "data": {
    "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
    "refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
    "code": "123456"
  }
}

Refresh access token

Request

Refresh the user's access token using a valid refresh token. Requires authentication via bearer token and device fingerprint. The refresh-token header must contain the current refresh token.

Security
bearerAuth
Headers
x-fingerprint-idstringrequired

Unique device or session fingerprint identifier used for security and fraud prevention.

refresh-tokenstringrequired

Bearer token used to refresh the access token when it expires.

curl -i -X POST \
  https://mobile-docs.easyflow.digital/_mock/openapi/identity/refresh \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'refresh-token: string' \
  -H 'x-fingerprint-id: string'

Responses

Successfully refreshed the access and refresh tokens.

Bodyapplication/json
statusCodeinteger

HTTP status code of the response.

dataobject
Response
application/json
{
  "statusCode": 0,
  "data": {
    "newTokens": { … }
  }
}

Register new device

Request

Security
bearerAuth
Headers
x-fingerprint-idstringrequired

Unique device or session fingerprint identifier used for security and fraud prevention.

Bodyapplication/jsonrequired
namestringrequired
curl -i -X POST \
  https://mobile-docs.easyflow.digital/_mock/openapi/identity/devices \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -H 'x-fingerprint-id: string' \
  -d '{
    "name": "Testando"
  }'

Responses

Returns device created

Bodyapplication/json
statusCodeinteger
Example: 200
dataobject
Response
application/json
{
  "statusCode": 200,
  "data": {
    "fingerprint": "123456",
    "ip": "15.229.40.42",
    "userAgent": "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Mobile Safari/537.36",
    "status": "enabled",
    "name": "testando",
    "id": "4300d253-0b23-44e5-81dc-7c79784bb510"
  }
}

Approve new device

Request

Security
bearerAuth
Headers
x-fingerprint-idstringrequired

Unique device or session fingerprint identifier used for security and fraud prevention.

Bodyapplication/jsonrequired
codestringrequired
curl -i -X PATCH \
  https://mobile-docs.easyflow.digital/_mock/openapi/identity/devices/approve \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -H 'x-fingerprint-id: string' \
  -d '{
    "code": "311981"
  }'

Responses

returns the approved device

Bodyapplication/json
statusCodeinteger
Example: 200
dataobject
Response
application/json
{
  "statusCode": 200,
  "data": {
    "id": "b5ebe444-732e-4aba-8923-e06eb5d51053",
    "name": "testando",
    "status": "enabled",
    "fingerprint": "12345678",
    "userAgent": "PostmanRuntime/7.46.0",
    "createdAt": "2025-09-15T18:45:00.674Z",
    "accountId": "50540be2-1bda-41b9-a664-34530a1a75cb"
  }
}

Validate account

Request

Security
bearerAuth
Headers
x-fingerprint-idstringrequired

Unique device or session fingerprint identifier used for security and fraud prevention.

Bodyapplication/jsonrequired
codestringrequired
curl -i -X PATCH \
  https://mobile-docs.easyflow.digital/_mock/openapi/identity/accounts/validate \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -H 'x-fingerprint-id: string' \
  -d '{
    "code": "149475"
  }'

Responses

Bodyapplication/json
statusCodeinteger
Example: 200
dataobject
Response
application/json
{
  "statusCode": 200,
  "data": {
    "accountStatus": "activated",
    "channelsPendingValidation": []
  }
}

Resend EMAIL OTP

Request

Security
bearerAuth
Headers
x-fingerprint-idstringrequired

Unique device or session fingerprint identifier used for security and fraud prevention.

curl -i -X POST \
  https://mobile-docs.easyflow.digital/_mock/openapi/identity/otps/email \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'x-fingerprint-id: string'

Responses

Bodyapplication/json
statusCodeinteger
Example: 200
dataobject
Response
application/json
{
  "statusCode": 200,
  "data": {
    "otpHasBeenSentToEmail": true
  }
}

Resend SMS OTP

Request

Security
bearerAuth
Headers
x-fingerprint-idstringrequired

Unique device or session fingerprint identifier used for security and fraud prevention.

curl -i -X POST \
  https://mobile-docs.easyflow.digital/_mock/openapi/identity/otps/sms \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'x-fingerprint-id: string'

Responses

Bodyapplication/json
statusCodeinteger
Example: 200
dataobject
Response
application/json
{
  "statusCode": 200,
  "data": {
    "otpHasBeenSentToPhone": true
  }
}

Users

Operations

Organizations

Operations

Sales

Operations

Commissions

Operations

Financial

Operations

Subscriptions

Operations