POST /api/legals/agreements

Records the user's acceptance of a legal agreement document for the platform.

Authorization Roles/Permissions: This operation is generally part of the signup process, following the POST /api/users/signupUser[/{InvitationCode}] operation.

Once the user has signed up to the platform, this operation might need to be invoked to complete the login process any time there is a new legal agreement. Any pending legal agreements must be accepted before login is complete. For more information about logging in, refer to the POST /api/login operation.

This operation is also used for the user's acceptance of a legal agreement as part of an API access request.

This topic includes the following sections:

HTTP Method

POST

URL

https://{hostname}/api/legals/agreements

Sample Request

The example below shows the user's acceptance of a specific legal agreement.

Sample Request URL

https://{hostname}/api/legals/agreements

Sample request headers

POST /api/legals/agreements HTTP/1.1
Host: {hostname}
Accept: text/plain, */*; q=0.01
Content-Type: application/json; charset=UTF-8
X-Csrf-Token_acmepaymentscorp: TokenID%3D8ed70a13-8469-11e8-b37a-b155e4eabeb8%2CexpirationTime%3D153...

Sample request body

{
  "DocumentID":"api200eula2.acmepaymentscorp",
  "UserID":"user10015.acmepaymentscorp"
}

Sample request body, API access request:

{
  "DocumentID":"21520059-8277-4521-a8cd-d0ff7b2393e8.acmepaymentscorp",
  "AgreementScopeID":"8hTMKdcZnkA77WsNXmobgG9C.acmepaymentscorp"
}

Request Headers

For general information on request header values, refer to HTTP Request Headers.

Header Description
Accept Any Accept header value that supports a response Content-Type of text/plain is valid; for example, */*.
Content-Type

Any one of the following media types is valid for the request Content-Type:

application/json, application/vnd.soa.v71+json, application/vnd.soa.v72+json, application/vnd.soa.v80+json, application/vnd.soa.v81+json

application/vnd.soa.v81+xml

Cookie AtmoAuthToken_{fedmemberid}={cookie value, which usually starts with TokenID}—The platform cookie. This is the Akana API Platform authorization token, and must be sent with every API request that requires login. For more information and an example, see Session cookies.
X-Csrf-Token_{fedmemberID} The CSRF prevention header; may or may not be required, depending on platform settings. See CSRF Prevention on the Platform. By default, the CSRF header is not required for GET operations and is required for all others, with a few exceptions relating to user login.

Request Parameters

Parameter Parm Type Data Type Required Description
UserAgreement Body UserAgreement Required Information about a user's acceptance of a legal document.

Response

If successful, this operation returns HTTP status code 200. There is no response body.

Sample Response

The sample response below shows that the operation completed successfully.

Sample response headers

HTTP/1.1 200 OK
Date: Wed, 01 Aug 2012 19:00:26 GMT

Sample response body

None.

Response Headers

For general information on response header values, refer to HTTP Response Headers.

Header Description
Content-Type text/plain

Response Body

None.

Error Codes/Messages

If the call is unsuccessful an error code/message is returned. One or more examples of possible errors for this operation are shown below.

Item Value
500 An error occurred processing the call.

More information about Akana API Platform API error messages.