Overview
The Data API is a REST API that retrieves or writes data stored on Kameleoon's remote servers. Use the available endpoints to:
- Retrieve visit events for a given visitor.
- Send additional visit events for a given visitor, such as offline conversion events.
- Send and retrieve product data for a given sitecode.
- Store additional data for a given visitor, such as CRM or segmentation data.
Data API endpoints
Endpoints fall into three main categories of data:
Visit endpoints
The Visit endpoints retrieve and send events (conversions, custom data, segments, and more) for a given visitor code. Use these endpoints to import offline purchase data, such as physical store purchases, to Kameleoon.
- GET /visit/visitor: This endpoint retrieves visits data collected by Kameleoon, such as experiments and personalizations triggered for the user or targeted segments.
Access to this endpoint requires the Kameleoon Feature Experimentation solution. For further details, contact the Customer Success Manager.
- POST /visit/forget: This endpoint removes data for several visitors.
- POST /visit/events: This endpoint posts data for a given visitor, such as conversion and page view events.
Product endpoints
The Product endpoints retrieve and send product data for a given sitecode. Use these endpoints to register product events such as view, add to cart, or purchase events, or to obtain statistics about specific products (e.g., historical buy or view counts).
- POST /product/events: This endpoint posts attributes (name, price, etc.) and events (view, add to cart, purchase) for several products. The Activation API uses the
obtainProductDataandobtainProductInteractionsmethods to retrieve and use this data for targeting or recommendations. - GET /product/productCounters: This endpoint retrieves counts (number of views, add to cart quantities, transaction quantities) for several products.
- GET /product/productData: This endpoint retrieves attributes for several products.
Access to the Product Recommendation module or the Product Targeting add-on is required. Both integrate with the Web Experimentation solution. For more information, contact the Customer Success Manager.
Map endpoints
The Map endpoints store additional data for a given key (usually a visitor code or an internal User ID). The Activation API and all SDKs use the retrieveDataFromRemoteSource method to retrieve and use this data for targeting and segmentation. Use the map endpoint to retrieve stored data for a specific key.
- GET /map/map: This endpoint retrieves data for a given key.
- GET /map/maps: This endpoint retrieves data for several keys.
- POST /map/maps: This endpoint posts data for several keys.
Authentication and Rate Limiting
Authentication
The Data API uses the same authentication flow as the Automation API utilizing JSON web tokens.
Maintain security and protect API credentials by using authentication for specific types of requests:
- Server-side sources: For requests originating from your servers, authentication is highly recommended and increases rate limits. Authenticate when using server-side SDKs with Feature Experimentation.
- Client-side sources: For requests originating from a client application, such as a web browser, where API credentials could be exposed, do not authenticate. This configuration is not recommended when using Kameleoon Web Experimentation.
Any request providing an API token with an incorrect format, an expired token, or an invalid signature results in an HTTP 401 "Unauthorized" response.
To learn more about the authentication process, refer to the Automation API Authentication Flow documentation.
By default, authentication is not required because the Data API supports the web experimentation engine in retrieving historical data. If using Feature Experimentation and server-side SDKs exclusively, contact the Customer Success Manager to enable authentication for specific endpoints. Kameleoon offers a flexible setup to secure endpoints and restrict authentication to GET or POST requests.
Rate Limits
The Data API enforces rate limits based on your Contractual Monthly Unique Visitors (MUV) and the IP address of the requester. If your application exceeds either of these limits, the API will return an HTTP 429 - "Too Many Requests" response. These rate limits are in place to ensure that the Kameleoon service remains performant and reliable for all customers.
For server-side sources, the IP-based limits can be lifted by authenticating.
| Request Type | Limits applied to all requests | Additional limits applied to unauthenticated requests only |
|---|---|---|
| GET Requests | (500,000 + number of MUV) / 500 requests per minute per customer account | 120 requests per minute per IP |
| Other HTTP Methods | (500,000 + number of MUV) / 50 requests per minute per customer account (per method) | 1,200 requests per minute per IP (per method) |
If you require higher rate limits for your use case, please contact your Account Manager for more information.