API structure

API Structure

The N2N DL APIs are organized around REST and have a predictable, resource-oriented URLs, and uses HTTP response codes to indicate API errors. JSON is returned by all API responses, including errors.

The APIs are designed to be easy to integrate with so we currently do not provide API client libraries. This may change in the future.


Currently 2 different authentication models are supported: client credentials and API key

Client Credentials

This method is targetted to web or mobile applications integrating directly with our APIs

Every successful call to the /login endpoint returns a token with a limited time validity which needs to be passed as a bearer token in any subsequent call like in the following example

curl -X POST \
  https://www.nnnco.io/v3/api/core/login \
  -H 'Content-Type: application/json' \
  -H 'cache-control: no-cache' \
  -d '{
	"password": "testPass"


    "token": "5a23075544e45ab24a4846ae87762854c95f1398",
    "groupIdList": [
    "email": "test@test.com",
    "level": "admin",
    "createdAt": 1539920012,
    "expiresAt": 1540524812

The token can then be used as follows

curl -X GET \
  https://www.nnnco.io/v3/api/core/devices \
  -H 'Authorization: Bearer 5a23075544e45ab24a4846ae87762854c95f1398'

API Keys

The API key method is intended for machine to machine integration and uses HTTP Basic Auth. Provide your API key as the basic auth password value. You do not need to provide a username.

curl -X GET \
  https://www.nnnco.io/v3/api/core/devices \
  -H 'Authorization: Basic YWRtaW46OGEwODkyZTNhZWRiZTJmMmFkZTRiZDcyN2Q0NzI1ZTBjNjM5ZDAyMQ'

where: YWRtaW46OGEwODkyZTNhZWRiZTJmMmFkZTRiZDcyN2Q0NzI1ZTBjNjM5ZDAyMQis the base64 encoded version of admin:8a0892e3aedbe2f2ade4bd727d4725e0c639d021

You can manage your API keys using the Core APIs with the credentials you have been supplied with by NNNCo.

Your API keys carry many privileges, so be sure to keep them secure!

Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.

All API requests must be made over HTTPS. Calls made over plain HTTP will automatically redirect to HTTPS.

API requests without authentication will also fail.


N2N DL uses conventional HTTP response codes to indicate the success or failure of an API request.

In general:

  • Codes in the 2xx range indicate success.
  • Codes in the 4xx range indicate an error that failed given the information provided (e.g., a required parameter was omitted, a charge failed, etc.).
  • Codes in the 5xx range indicate an error with N2N DL’s servers (these should be rare :) ).

All 4xx and 5xx errors include an error code and description in plain english of the issue:

    "httpCode": 403,
    "error": "UNAUTHORIZED"


    "httpCode": 400,
    "error": "BAD_REQUEST",
    "message": "Invalid request: Current user/apiKey doesn't have access to enterprise 'nnn.hello'"


Some API calls are paginated using the limit and skip GET parameters.

Negativeskip parameter values are not accepted whereas valid limit values are between 10 and 1000 items, with a default value of 200.

Invalid skip or limit parameters result in HTTP error code 400.


The N2N-DL APIs use URL versioning.

The current version of the APIs is v3.

We bump the version number for breaking changes whereas new fields can be added at any time and your client code should be able to handle unknown fields gracefully.


API keys are issued with both TPS (Transactions per second) and TPD (Transactions per day) values with obvious meaning.

Issuing more calls that the TPS and TPD limits allow will result in your API calls to fail with HTTP Error 429.

The TPS counter resets every 5 seconds whereas the TPD counter resets every day at 12am UTC.

Bearer token calls are throttled too but we don’t publish the limits for security reasons :)

API Specifications

The API documentation is available via Swagger/ OpenAPI 3.0 specifications at this address

They all share the same base URL: https://www.nnnco.io/v3/