About
This is the reference for the Blackpearl Group Pearl Diver REST API. This API is the primary way to get Pearl Diver data outside of the web application. Use it to integrate your Pearl Diver data with CRMs, marketing automation tools, analytics and reporting tools, social media platforms and much more.
Authentication and authorization
Authentication
Authentication for the Blackpearl Group Pearl Diver REST API is implemented using OAuth 2.0, a widely adopted protocol for securing web APIs. OAuth 2.0 provides a secure and standardized way to allow third-party applications to access user data without exposing user credentials. The authentication process in OAuth 2.0 consists of a series of steps, often referred to as the "3-legged OAuth" process, which includes the following:
1. Authorization Request: The client application initiates the authentication process by requesting authorization from the user. This typically involves redirecting the user to the Blackpearl Group Pearl Diver authorization endpoint and specifying the desired scopes, including openid
, profile
, email
, and offline_access
.
Example Authorization Request (in your code, the actual URL and parameters may vary):
2. User Authentication: The user is presented with a login screen and is prompted to grant or deny access to their data. If the user grants access, they are redirected back to the client application's specified redirect URI with an authorization code.
Example Redirect URL:
- YOUR_REDIRECT_URI?code=AUTHORIZATION_CODE&state=csrf_token
3. Token Exchange: The client application exchanges the authorization code for an access token. This exchange is made directly with the Blackpearl Group Pearl Diver token endpoint.
Example Token Exchange Request:
In this request, the client provides the authorization code received in step 2, along with its client ID and client secret for authentication.
4. Access API: With a valid access token, the client application can now access the Blackpearl Group Pearl Diver REST API on behalf of the user. Include the access token in the Authorization
header of your API requests.
Example API Request (using the access token):
5. Refreshing the Access Token: Access tokens may expire after a certain period. To maintain ongoing access without requiring the user to reauthenticate, the client can use the refresh token to obtain a new access token. This is done by making a request to the token endpoint with the refresh token.
Example Token Refresh Request:
- POST https://auth.pearldiver.io/oauth/token?audience=pearldiverapi
- Content-Type: application/x-www-form-urlencoded
- grant_type=refresh_token
- refresh_token=REFRESH_TOKEN
- client_id=YOUR_CLIENT_ID
- client_secret=YOUR_CLIENT_SECRET
The client provides the refresh token it obtained in step 3, along with its client ID and client secret. In response, it receives a new access token and, a new refresh token.
Remember to store the new access token and, the new refresh token securely for continued API access. The use of refresh tokens allows your application to maintain access without user intervention even when access tokens expire.
Please replace placeholders such as YOUR_CLIENT_ID, YOUR_CLIENT_SECRET, YOUR_REDIRECT_URI, and desired_scope with your specific values when implementing OAuth 2.0 for the Blackpearl Group Pearl Diver REST API.
Authorization
Authorization is based on the user used in the authentication process. The user must have a valid Pearl Diver account to be authorized with the REST API.
Refresh Token Rotation
Refresh token rotation is a security measure used in authentication protocols, particularly OAuth 2.0, to enhance the security of long-lived refresh tokens. Refresh tokens are typically longer-lived and can be used to request new access tokens after the shorter-lived access tokens expire. With refresh token rotation, every time an application exchanges a refresh token to get a new access token, a new refresh token is also returned. Therefore, you no longer have a long-lived refresh token that, if compromised, could provide illegitimate access to resources. As refresh tokens are continually exchanged and invalidated, the threat is reduced.
Refresh Token Expiration
Refresh tokens can be a target for abuse if leaked because they can be used to acquire new access tokens. Refresh Token Rotation issues a refresh token that expires after a preset lifetime. After expiration, the user gets a new refresh token or a new access token/refresh token pair.
Pearl Diver rest API have the following refresh token expiration settings
Lifetime | 31,557,600 seconds (1 year) |
Lifetime | 2,592,000 seconds (30 days) |
Using the REST API
Audience
GET List Audiences
Returns all Audiences for an account
Permissions required: Authenticated
Request
Headers Content-Type: application/json The API only responds with JSON payloads
Accept: application/json The API only accepts JSON body requests
Authorization: Bearer token REQUIRED
Path parameters No path parameters
Query parameters No query parameters
Responses200 OK Returned if the requested audiences are returned. application/json
AudienceArray Properties audiences array<Audience> REQUIRED
Child properties
key integer REQUIRED
name string. REQUIRED
400 Bad Request Returned if the audience list could not be returned.
| GET /v1/audience |
---|
javascript - // Make sure to install Axios if you haven't already.
- const axios = require('axios');
- const options = {
- url: 'https://api.pearldiver.io/v1/audience',
- method: 'GET',
- headers: {
- 'Content-Type': 'application/json',
- 'Accept': 'application/json',
- 'Authorization': `Bearer ${access_token}`
- }
- };
- axios(options)
- .then((response) => {
- if (response.status !== 200) {
- throw new Error(`HTTP Error: ${response.status}`);
- }
- return response.data;
- })
- .then((results) => {
- // You can do any parsing you need for results here before returning them
- console.log(results);
- return results;
- })
- .catch((error) => {
- console.error(error);
- });
200 Response- {
- "audiences": [
- {
- "key": 2,
- "name": "Hot leads"
- },
- {
- "key": 0,
- "name": "Pearls"
- }
- ]
- }
|
|
GET Get Audience
Returns an audience. This includes information about the audience and the corresponding record data set.
Permissions required: Authenticated RequestHeaders Content-Type: application/json
The API only responds with JSON payloads
Accept: application/json The API only accepts JSON body requests
Authorization: Bearer token REQUIRED
Path parameters audienceKey: integer REQUIRED
The key of the audience to be returned
Query parameters The period in days that the data will be retrieved against. If the range parameter is not specified, record data for 90 days will be returned.
Default: 90
Minimun: 1
Maximum: 90
The datetime stamp that the data will be retrieved from. Cannot be used in combination with range parameter. If the range and since parameters are not specified, record data for 90 days will be returned. Default: date time 90 days ago
Maximum: date time 90 days ago
Format: ISO 8601
pageToken string OPTIONAL The token for the next page of record data of the given audience. If the pageToken parameter is not specified, up to the first 1000 record data items will be returned. The pageToken can be retrieved from the payload of the first and subsequent audience request that has more the 1000 data records.
Responses200 OK Returned if the requested audience is returned. application/json
Audience Properties key integer REQUIRED
name string REQUIRED pageToken string OPTIONAL
data array<Record> OPTIONAL
Child properties id integer REQUIRED
firstName string OPTIONAL
lastName string OPTIONAL
email string OPTIONAL
jobTitle string OPTIONAL
seniorityLevel string OPTIONAL
department string. OPTIONAL
gender string. OPTIONAL
ageRange string. OPTIONAL
incomeRange string OPTIONAL
linkedIn string OPTIONAL
emailValidationStatus string. OPTIONAL
emailLastSeen datetime. OPTIONAL
count int OPTIONAL
latestActivityDate date. OPTIONAL
hotlistType string. OPTIONAL
phones array<Phone> OPTIONAL
addresses array<Address> OPTIONAL
company object OPTIONAL
websites array<string> OPTIONAL
400 Bad Request Returned if the audience list could not be returned. 404 Not Found Returned if the specified audience key could not be found.
| GET /v1/audience/{audienceKey} |
---|
javascript |
- const axios = require('axios'); // Make sure to install Axios if you haven't already.
- const options = {
- url: `https://api.pearldiver.io/v1/audience/${audienceKey}`,
- method: 'GET',
- headers: {
- 'Content-Type': 'application/json',
- 'Accept': 'application/json',
- 'Authorization': `Bearer ${access_token}`
- },
- params: {}
- };
- let results = {};
- let nextPage = null; // Initialize the page number or pagination token
- async function fetchPage() {
- if (nextPage !== null) {
- // Include the 'pageToken' parameter in the URL if 'nextPage' is not null
- options.params.pageToken = nextPage;
- }
- try {
- const response = await axios(options);
-
- if (response.status !== 200) {
- throw new Error(`HTTP Error: ${response.status}`);
- }
- const data = response.data;
- // Process the data from the API response
- // Add the relevant data to the 'results' object
- if (nextPage === null) {
- results = data;
- } else {
- results.data.push(...data.data);
- }
- if (data.pageToken) {
- nextPage = data.pageToken;
- await fetchPage();
- }
- } catch (error) {
- console.error(error);
- }
- }
- await fetchPage();
- // You can do any parsing you need for results here before returning them
- console.log(results);
- return results;
200 Response
- {
- "name": "Hotlist",
- "key": 0,
- "pageToken": "6AMAAA"
- "data": [
- {
- "id": 21152,
- "firstName": "Anthony",
- "lastName": "Everett",
- "email": "aeverett776@yahoo.com",
- "gender": "M",
- "ageRange": "35-44",
- "incomeRange": "$150,000 to $199,999",
- "phones": [
- {
- "type": "Mobile",
- "number": "2954183224",
- "order": 1
- }
- ],
- "addresses": [
- {
- "type": "Personal",
- "city": "Jonesfurt",
- "state": "NJ",
- "zip": "91424",
- "zip4": "2705"
- }
- ],
- "count": 3,
- "latestActivityDate": "2023-09-14",
- "hotlistType": "Visitor"
- },
- {
- "id": 21833,
- "email": "afleming@andrade.com",
- "phones": [],
- "addresses": [],
- "count": 3,
- "latestActivityDate": "2023-09-10",
- "hotlistType": "Visitor"
- },
- {
- "id": 27779,
- "email": "ahartman@yahoo.com",
- "phones": [],
- "addresses": [],
- "count": 2,
- "latestActivityDate": "2023-09-01",
- "hotlistType": "Visitor"
- }
- ]
- }
|
Modal references
Phone
phoneType string OPTIONAL
number string OPTIONAL
validationStatus string OPTIONAL
lastSeen datetime OPTIONAL
extension string OPTIONAL
order integer OPTIONAL
Address
addressType string OPTIONAL
address1 string OPTIONAL
address2 string OPTIONAL
city string OPTIONAL
state string OPTIONAL
zip string OPTIONAL
zip4 string OPTIONAL
Company
name string OPTIONAL
domain string OPTIONAL
industry string OPTIONAL
sic1 string OPTIONAL
sic2 string OPTIONAL
sic3 string OPTIONAL
companyCount integer OPTIONAL
linkedIn string OPTIONAL
revenue string OPTIONAL
employeeCount string OPTIONAL