TWIPLA logo
API docs by Redocly

TWIPLA 3AS API (3.0.0)

Download OpenAPI specification:

TWIPLA Dev Team: contact@twipla.com Terms of Service

Concepts

Terms

  • INTP (Integration Partner) The company that is integrating the analytics as a service solution (3AS)
  • STPs (Server Touchpoints) Credits used to measure data usage for a given website
  • Customer (INTPC integration partner customer) One user of the INTP, can have many websites
  • Website The website where data will be tracked. It has a subscription with a package with a certain limit of STPs. This subscription can be upgraded or downgraded. When the website is created a tracking code snippet is returned that must be embedded within the websites HTML.
  • Package A package has a price and contains a certain number of STPs. They are used when upgrading/downgrading the subscription of a website.

General

The Twipla 3AS approach relies on a straightforward flow of data that can be easily integrated into any backend system.

  1. First thing in the integration process a public/private key must be created. The resulting public key is shared with TWIPLA
  2. The INTP account is created resulting in an intpId (that can be used to create tokens) and a default set of packages
  3. The INTP is then free to create customers and websites with any package

Most endpoints that deal with customers or websites support an external ID which can be provided and then used for all following requests.

For example creating a new customer with a website requires an intpCustomerId and an intpWebsiteId. These must be provided by the INTP and are intended to make integrations easier because there is no need to save any external IDs. Then when getting data about a customer the request is done using the same intpCustomerId provided on creation.

Example implementation flow

  1. Create a new customer with a website
  2. Inject the resulting tracking code in the website's HTML
  3. Create the TWIPLA Dashboard url
  4. Show an iframe to the user with the url created previously
  5. Show a modal to the user to upgrade his subscription
  6. Display all the available packages using the API
  7. After the payment is complete, use the API to upgrade the subscription of the website

Getting started

  1. Create an RSA Key Pair (PEM format)
  2. Send the resulting public key (jwtRS256.key.pub) to the TWIPLA Dev Team
  3. Use the resulting private key to sign an INTP JWT Token which will authenticate all API requests
  4. Use the resulting private key to sign an INTPC JWT Token which will authenticate the TWIPLA Dashboard IFrame request

Authentication

Overview

All authentication is done based on JWT Tokens. These are created and signed by the INTP and validated by the TWIPLA API for each request using the public key provided in the on-boarding.

The token must be sent with every request as a Bearer token in the Authentication header Example:

Authentication: bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

JWT tokens can be easily created in most programming languages using an appropriate library from jwt.io

INTP and INTPC Tokens

INTP Token: Integration partner token used for endpoints that deal with modifying customers or websites
INTPC Token: Integration partner customer token used to give access to the dashboard and data of a particular customer

Signing JWTs

Creating an RSA Key pair

  1. Create the keypair: ssh-keygen -t rsa -b 2048 -m PEM -f jwtRS256.key
  2. Convert the public key to PEM: openssl rsa -in jwtRS256.key -pubout -outform PEM -out jwtRS256.key.pub

Structure of an INTP 3AS JSON Web Token

  1. Header
{
  "alg": "RS256",
  "typ": "JWT",
  "kid": "UUID" // the id issued by TWIPLA for an INTP, in exchange for `jwtRS256.key.pub`
}
  1. Payload
{
  "roles": [
    "intp"
  ],
  "intp_id": "UUID" // the id issued by TWIPLA for an INTP, in exchange for `jwtRS256.key.pub`
  "exp": 1667215913, // expires at
  "iat": 1667215313 // issued at
}
  1. Signature

To create the signature, you have to use the encoded header, the encoded payload, the generated private key and the algorithm specified in the header (e.g., "RS256").

Structure of an INTPC 3AS JSON Web Token

  1. Header
{
  "alg": "RS256",
  "typ": "JWT",
  "kid": "UUID" // the id issued by TWIPLA for an INTP, in exchange for `jwtRS256.key.pub`
}
  1. Payload
{
  "roles": [
    "intpc"
  ],
  "intp_id": "UUID" // the id issued by TWIPLA for an INTP, in exchange for `jwtRS256.key.pub`
  "intpc_id": "string" // the id issued by the INTP for a customer (INTPC)
  "exp": 1667215913,
  "iat": 1667215313
}
  1. Signature

To create the signature, you have to use the encoded header, the encoded payload, the generated private key and the algorithm specified in the header (e.g., "RS256").

TWIPLA Dashboard IFrame URL

https://app-3as.visitor-analytics.io/?intpcToken=value&externalWebsiteId=value

  1. intpcToken / intpc_token - a token for INTPC authentication
  2. externalWebsiteId - the website id issued by the INTP (intpWebsiteId), the target website in the IFrame Dashboard
  3. upgradePackageId - the ID of a 3AS pricing plan. When the upgrade page is open, this parameter will enforce a redirect to the checkout page with the pricing plan selected. It only works for INTPs with platform_managed billing mode.
  4. locale - sets the UI language/locale. It uses a simple two-letter ISO 639-1 language code. Format: lowercase 2-char code — e.g. en, de, fr
  5. timezone - sets the user's timezone. This parameter expects an IANA timezone identifier (also known as "tz database" / "Olson" names). Format: Area/City — e.g. Europe/Berlin, America/New_York, Pacific/Honolulu
  6. startDate - sets the start of the date range filter. Format: YYYY-MM-DD
  7. endDate - sets the end of the date range filter. Format: YYYY-MM-DD

Website API Keys

The TWIPLA API key system operates on a per-website basis. Each website can have multiple API keys. API keys are used to:

  • Authenticate requests to the TWIPLA API
  • Enable access to the TWIPLA dashboard for the associated website

Authentication via API key

The API Key can be used to create a short-lived dashboard token which can be used to login the user into the TWIPLA dashboard safely without exposing the API Key client-side.

Dashboard Access via API Key

After the website and API key have been successfully created and securely stored server-side, follow these steps to access the TWIPLA dashboard.

Step 1 — Login via API Key

Call the Login via API Key endpoint. A successful response returns a set of access tokens required to build the dashboard URL and verify the user's identity.

Step 2 — Build the Dashboard URL

Using the refreshToken from the login response, construct the dashboard URL in the following format:

https://app-3as.visitor-analytics.io?websiteToken={refreshToken}

API access via API key

The TWIPLA API can be accessed using the X-API-Key request header. Exposed endpoints only provide access to data for the connected website with read-only capabilities.

This method is safe as long as the connection uses HTTPS and the API key is stored server-side and not exposed in client-side code.

Request Header:

{ "X-Api-Key": "twpl-bFHhQukkcKA9omBqRukM" }

Relevant API Endpoints for Website Analytics:

Endpoint Description
Raw Sessions Retrieves a comprehensive list of visitor sessions with advanced filtering, sorting, and dimension selection capabilities.
Session Analytics Ideal for advanced analytics and reporting dashboards, allowing full control over which dimensions and metrics are returned, and how data is aggregated and compared over time.

Additional endpoints are available depending on future requirements.

Key Rotation

The API Key can be rotated using the endpoints in 3 steps:

  • Create a new key with a new expiry
  • Replace usage of the key with the new one
  • Allow the old key to expire or delete it

Create API key

Generate an API key to grant access to a specific website.

Authorizations:
jwt_intp
path Parameters
intpWebsiteId
required
string

ID of the website within the integration partner’s system

Request Body schema: application/json
required
name
required
string

A name for the API key.

comment
string

An optional comment or note about the API key.

expiresAt
string <date-time>

The date and time when the API key will expire. If not specified, the key will have no expiration.

Responses

Response Schema: application/json
object

Request samples

Content type
application/json
{
  • "name": "string",
  • "comment": "string",
  • "expiresAt": "2026-08-22T08:14:03+00:00"
}

Response samples

Content type
application/json
{
  • "payload": {
    }
}

List all API keys for a website

Authorizations:
jwt_intp
path Parameters
intpWebsiteId
required
string

ID of the website within the integration partner’s system

Responses

Response Schema: application/json
Array of objects

Response samples

Content type
application/json
{
  • "payload": [
    ]
}

Delete API key

Deletes an existing API key. Once an API key is deleted, it becomes permanently invalid and cannot be used for authentication or accessing the API. Use this operation to revoke access for security or management purposes.

Authorizations:
jwt_intp
path Parameters
intpWebsiteId
required
string

ID of the website within the integration partner’s system

apiKeyId
required
string

ID of the API key

Responses

Response samples

Content type
application/json
{
  • "error": "string"
}

Login via API key

Generate short-lived access tokens which can be used to login the user into the TWIPLA dashboard safely without exposing the API Key client-side.

Request Body schema: application/json
required
apiKey
required
string

The API key generated by twipla

websiteId
required
string <uuid>

TWIPLA websiteId, returned at website creation as id

Responses

Response Schema: application/json
object

Request samples

Content type
application/json
{
  • "apiKey": "twpl-bFHhQukkcKA9omBqRukM",
  • "websiteId": "eee0b185-ac19-4fd6-bb45-58b59a8988e9"
}

Response samples

Content type
application/json
{
  • "payload": {
    }
}

Website Subscriptions

An INTP can operate under two subscription models: website-based or account-based.

Use these endpoints if your company:

  • Uses website-based subscriptions
  • Is responsible for managing billing directly

Upgrade website subscription

Increase the number of credits for a specific website. The upgrade takes effect immediately, and the billing cycle and credit consumption resets.

Note: This endpoint should be used only if your company is responsible for managing billing. Otherwise, the subscription will be managed directly by the user through the dashboard.

Authorizations:
jwt_intp
Request Body schema: application/json
required
intpWebsiteId
required
string (intpWebsiteId)

ID of the website within the integration partner’s system

packageId
required
string <uuid> (packageId)

Package ID issued by TWIPLA

trial
boolean
Default: false
proRate
boolean
Default: false

Responses

Response Schema: application/json
object (Subscription)

Request samples

Content type
application/json
{
  • "intpWebsiteId": "string",
  • "packageId": "471cc1d4-ec27-4504-b7c2-949af95662bc",
  • "trial": false,
  • "proRate": false
}

Response samples

Content type
application/json
{
  • "payload": {
    }
}

Downgrade an active website subscription

Plan a subscription downgrade for a website; it will automatically apply when the current billing period ends.

This endpoint should be used only if your company is responsible for managing billing. Otherwise, the subscription will be managed directly by the user through the dashboard.

Authorizations:
jwt_intp
Request Body schema: application/json
required
intpWebsiteId
required
string (intpWebsiteId)

ID of the website within the integration partner’s system

packageId
required
string <uuid> (packageId)

Package ID issued by TWIPLA

Responses

Response Schema: application/json
object (Subscription)

Request samples

Content type
application/json
{
  • "intpWebsiteId": "string",
  • "packageId": "471cc1d4-ec27-4504-b7c2-949af95662bc"
}

Response samples

Content type
application/json
{
  • "payload": {
    }
}

Cancel website subscription

Schedule subscription cancellation for the end of the current billing cycle. The website will then revert to the free plan. Cancellation can be reversed by resuming the subscription until it takes effect. Note: This endpoint should be used only if your company is responsible for managing billing. Otherwise, the subscription will be managed directly by the user through the dashboard.

Authorizations:
jwt_intp
Request Body schema: application/json
required
intpWebsiteId
required
string (intpWebsiteId)

ID of the website within the integration partner’s system

Responses

Response Schema: application/json
object (Subscription)

Request samples

Content type
application/json
{
  • "intpWebsiteId": "string"
}

Response samples

Content type
application/json
{
  • "payload": {
    }
}

Resume a website subscription

Resume a canceled subscription. This can be done until the cancellation takes effect, and the action applies immediately.

Note: This endpoint should be used only if your company is responsible for managing billing. Otherwise, the subscription will be managed directly by the user through the dashboard.

Authorizations:
jwt_intp
Request Body schema: application/json
required
intpWebsiteId
required
string (intpWebsiteId)

ID of the website within the integration partner’s system

Responses

Response Schema: application/json
object (Subscription)

Request samples

Content type
application/json
{
  • "intpWebsiteId": "string"
}

Response samples

Content type
application/json
{
  • "payload": {
    }
}

Deactivate website subscription

Deactivate the subscription; the website will also be deleted.

Authorizations:
jwt_intp
Request Body schema: application/json
required
intpWebsiteId
required
string (intpWebsiteId)

ID of the website within the integration partner’s system

Responses

Response Schema: application/json
object (Subscription)

Request samples

Content type
application/json
{
  • "intpWebsiteId": "string"
}

Response samples

Content type
application/json
{
  • "payload": {
    }
}

Account Subscriptions

An INTP can operate under two subscription models: website-based or account-based.

Use these endpoints if your company:

  • Uses account-based subscriptions
  • Is responsible for managing billing directly

Upgrade account subscription

Increase the number of credits for a specific account. The upgrade takes effect immediately, and the billing cycle and credit consumption resets.

Note: This endpoint should be used only if your company is responsible for managing billing. Otherwise, the subscription will be managed directly by the user through the dashboard.

Authorizations:
jwt_intp
Request Body schema: application/json
required
intpcId
required
string

ID of the customer within the integration partner’s system

packageId
required
string <uuid> (packageId)

Package ID issued by TWIPLA

trial
boolean
Default: false

Indicates whether the subscription should start in a trial period.

proRate
boolean
Default: false

Responses

Response Schema: application/json
object (Subscription)

Request samples

Content type
application/json
{
  • "intpcId": "string",
  • "packageId": "471cc1d4-ec27-4504-b7c2-949af95662bc",
  • "trial": false,
  • "proRate": false
}

Response samples

Content type
application/json
{
  • "payload": {
    }
}

Downgrade account subscription

Plan a subscription downgrade for an account; it will automatically apply when the current billing period ends.

Note: This endpoint should be used only if your company is responsible for managing billing. Otherwise, the subscription will be managed directly by the user through the dashboard.

Authorizations:
jwt_intp
Request Body schema: application/json
required
intpcId
required
string

ID of the customer within the integration partner’s system

packageId
required
string <uuid> (packageId)

Package ID issued by TWIPLA

Responses

Response Schema: application/json
object (Subscription)

Request samples

Content type
application/json
{
  • "intpcId": "string",
  • "packageId": "471cc1d4-ec27-4504-b7c2-949af95662bc"
}

Response samples

Content type
application/json
{
  • "payload": {
    }
}

Cancel account subscription

Schedule subscription cancellation for the end of the current billing cycle. The account will then revert to the free plan. Cancellation can be reversed by resuming the subscription until it takes effect.

Note: This endpoint should be used only if your company is responsible for managing billing. Otherwise, the subscription will be managed directly by the user through the dashboard.

Authorizations:
jwt_intp
Request Body schema: application/json
required
intpcId
required
string

ID of the customer within the integration partner’s system

Responses

Response Schema: application/json
object (Subscription)

Request samples

Content type
application/json
{
  • "intpcId": "string"
}

Response samples

Content type
application/json
{
  • "payload": {
    }
}

Resume account subscription

Resume a canceled subscription. This can be done until the cancellation takes effect, and the action applies immediately.

Note: This endpoint should be used only if your company is responsible for managing billing. Otherwise, the subscription will be managed directly by the user through the dashboard.

Authorizations:
jwt_intp
Request Body schema: application/json
required
intpcId
required
string

ID of the customer within the integration partner’s system

Responses

Response Schema: application/json
object (Subscription)

Request samples

Content type
application/json
{
  • "intpcId": "string"
}

Response samples

Content type
application/json
{
  • "payload": {
    }
}

Deactivate account subscription

Deactivate the subscription; the account will also be deleted.

Authorizations:
jwt_intp
Request Body schema: application/json
required
intpcId
required
string

ID of the customer within the integration partner’s system

Responses

Response Schema: application/json
object (Subscription)

Request samples

Content type
application/json
{
  • "intpcId": "string"
}

Response samples

Content type
application/json
{
  • "payload": {
    }
}

Website Contributors

Manage contributors for a website and control their level of access.

Any existing customer can be added as a contributor. If the customer doesn't exist yet, create them first before adding them as a contributor — no website is required at creation time.

Once added, the contributor can access the dashboard normally via the dashboard iframe URL, where the website ID is the ID of the website they contribute to.

If the website selector is enabled within the dashboard, the contributor will also see the website listed there, alongside any websites they own.

Each contributor is assigned one of the following roles:

Role Access
Editor Full edit access, including content updates and structural changes.
Watcher View-only access to website data. Cannot make any edits.
Custom Dashboard Contributor View-only access to custom dashboards explicitly shared with them. No access to any other platform content or settings. Access to specific dashboards is granted by the website owner from within the dashboard.

Remove contributor

Remove a contributor from a website.

The contributor will immediately lose access to the dashboard and all associated resources.

Authorizations:
jwt_intp
path Parameters
intpWebsiteId
required
string

Represents the website from which the contributor will be removed.

ID of the website within the integration partner’s system.

intpCustomerId
required
string

Represents the user who is being removed as a contributor.

ID of the customer within the integration partner’s system.

Responses

Response samples

Content type
application/json
{
  • "error": "string"
}

Add contributor

Add a contributor to a website.

The contributor will gain access to the dashboard with restricted permissions. The level of access and available actions depend on the assigned role.

A contributor can be assigned only one role at a time.

Roles follow a permission hierarchy, where higher-level roles automatically include the permissions granted by lower-level roles.

This endpoint can also be used to update a contributor's role. If the same contributor is added again with a different role, the previous role will be replaced with the new one.

Authorizations:
jwt_intp
path Parameters
intpWebsiteId
required
string

Represents the website where contributor access will be granted.

ID of the website within the integration partner’s system.

Request Body schema: application/json
required
intpCustomerId
required
string

Represents the user who is being added as a contributor.

ID of the customer within the integration partner’s system.

role
required
string
Enum: "editor" "watcher" "dashboard"

Defines the role assigned to the contributor.

Available roles:

  • editor — Full edit access, including content updates and structural changes.
  • watcher — View-only access to website data. Cannot make any edits.
  • dashboard — View-only access to custom dashboards explicitly shared with them. No access to any other platform content or settings. Access to specific dashboards is granted by the website owner from within the dashboard.

Responses

Request samples

Content type
application/json
{
  • "intpCustomerId": "string",
  • "role": "editor"
}

Response samples

Content type
application/json
{
  • "error": "string"
}

List website contributors

List all contributors of a website

Authorizations:
jwt_intp
path Parameters
intpWebsiteId
required
string

ID of the website within the integration partner’s system

Responses

Response Schema: application/json
object

Response samples

Content type
application/json
{
  • "payload": {
    }
}

Customers

Create INTPC

Create a new INTP Customer

Authorizations:
jwt_intp
Request Body schema: application/json
required

Data about the INTPC

intpCustomerId
required
string (intpCustomerId)

ID of the customer within the integration partner’s system

email
required
string <email>

Must be unique within the company

object

Optional. Creates a website for the customer at the same time as the account.

Since dashboards are website-scoped, the customer will have no dashboard access until either: (a) a website is created for them, or (b) they are added as a contributor to an existing website.

Responses

Response Schema: application/json
object

Request samples

Content type
application/json
{
  • "intpCustomerId": "string",
  • "email": "support@twipla.com",
  • "website": {
    }
}

Response samples

Content type
application/json
{
  • "payload": {
    }
}

Get all INTPCs

Authorizations:
jwt_intp
query Parameters
page
required
number

Use 0 for the first page

pageSize
required
number

Responses

Response Schema: application/json
Array of objects (INTPC)
object (paginationMeta)

Response samples

Content type
application/json
{
  • "payload": [
    ],
  • "meta": {
    }
}

Get INTPC

Authorizations:
jwt_intp
path Parameters
intpCustomerId
required
string

ID of the customer within the integration partner’s system

Responses

Response Schema: application/json
object (INTPC)

Response samples

Content type
application/json
{
  • "payload": {
    }
}

Delete INTPC

Authorizations:
jwt_intp
path Parameters
intpCustomerId
required
string

ID of the customer within the integration partner’s system

Responses

Response Schema: application/json
object (INTPC)

Response samples

Content type
application/json
{
  • "payload": {
    }
}

Packages

Get packages

Returns all packages available within the company.

Authorizations:
jwt_intp
query Parameters
intpWebsiteId
string

Filters the response to return only packages visible to this website — all public packages plus any custom ones assigned to it.

ID of the customer within the integration partner’s system.

intpCustomerId
string

Filters the response to return only packages visible to this customer — all public packages plus any custom ones assigned to it.

ID of the website within the integration partner’s system.

Responses

Response Schema: application/json
Array of objects (Package)

Response samples

Content type
application/json
{
  • "payload": [
    ]
}

Get Package by INTP issued ID

Authorizations:
jwt_intp
path Parameters
packageId
required
string

Package ID issued by TWIPLA

Responses

Response Schema: application/json
object (Package)

Response samples

Content type
application/json
{
  • "payload": {
    }
}

Assign custom package to client

Assign a custom package to a specific client.
Note: Only packages with visibility = restricted can be used.

Steps:

  1. Create the customer or website (if they don't already exist). They will initially use the free or unlimited free plan.
  2. Choose a package with visibility = restricted.
  3. Assign the package to the specific customer or website using this endpoint.
  4. Upgrade the subscription to this custom package.
Authorizations:
jwt_intp
path Parameters
packageId
required
string

Package ID issued by TWIPLA

targetId
required
string

ID of the target entity in the integration partner system. This is a website ID or a customer ID depending on your subscription type.

Responses

Response samples

Content type
application/json
{
  • "error": "string"
}

Unassign custom package from client

Unassign a custom package from a specific client.

Note: If an active subscription exists for this package, unassigning it will not cancel the subscription — it will continue to run as normal until the package is explicitly changed.

Authorizations:
jwt_intp
path Parameters
packageId
required
string

Package ID issued by TWIPLA

targetId
required
string

ID of the target entity in the integration partner system. This is a website ID or a customer ID depending on your subscription type.

Responses

Response samples

Content type
application/json
{
  • "error": "string"
}

Websites

Create website (v3)

Authorizations:
jwt_intp
Request Body schema: application/json
required
object
required
object
object

Responses

Response Schema: application/json
object (Website)

Request samples

Content type
application/json
{
  • "website": {
    },
  • "intpc": {
    },
  • "opts": {
    }
}

Response samples

Content type
application/json
{
  • "payload": {
    }
}

Create website (v2) Deprecated

Authorizations:
jwt_intp
Request Body schema: application/json
intpWebsiteId
required
string (intpWebsiteId)

ID of the website within the integration partner’s system

intpCustomerId
required
string (intpCustomerId)

ID of the customer within the integration partner’s system

packageId
string <uuid>

Package ID issued by TWIPLA. Leave empty to create the website on the default free plan. Provide this ID only if your company is responsible for billing; otherwise, leave it blank, as the subscription will be managed directly by the user in the dashboard.

domain
required
string (websiteDomain)

The website domain

billingDate
string <date-time> (date)

Responses

Response Schema: application/json
object (Website)

Request samples

Content type
application/json
{
  • "intpWebsiteId": "string",
  • "intpCustomerId": "string",
  • "packageId": "471cc1d4-ec27-4504-b7c2-949af95662bc",
  • "domain": "domain.example.com",
  • "billingDate": "2023-08-22T08:14:03+00:00"
}

Response samples

Content type
application/json
{
  • "payload": {
    }
}

Get websites

Authorizations:
jwt_intp

Responses

Response Schema: application/json
Array of objects (Website)

Response samples

Content type
application/json
{
  • "payload": [
    ]
}

Get Website

Authorizations:
jwt_intp
path Parameters
intpWebsiteId
required
string

ID of the website within the integration partner’s system

Responses

Response Schema: application/json
object (Website)

Response samples

Content type
application/json
{
  • "payload": {
    }
}

Delete Website

Authorizations:
jwt_intp
path Parameters
intpWebsiteId
required
string

ID of the website within the integration partner’s system

Responses

Response Schema: application/json
object (Website)

Response samples

Content type
application/json
{
  • "payload": {
    }
}