Introduction
Welcome to the TapResearch Survey API V3 documentation!
There are some notable changes to how our API handles security and postbacks. See our versions section for more details.
Getting Started
Sign up for a publisher account at https://www.tapresearch.com/suppliers/sign_up.
Before you can begin consuming our API, you will need an api token. This token will be used for authentication purposes. You can generate an api token by creating an app in the dashboard.
Please let us know when you are ready to go live. We will need to make changes to your account before your users can see real surveys.
Surveys
Get survey offer
Sample Request
{
"api_token": "9b99ccc0062035544a5b6579b0cfc954",
"user_identifier": "tapresearch_user1",
"offer_identifier": "05700f12180cdde5b131a0f8"
}
Sample Response
{
"has_offer": true,
"offer_url": "https://www.tapresearch.com/router/device_players/12bf83763d41d1d626fd54d2ada76a78?oid=e4f897d8820b6db278b470bb7ba5fa505686c3d8\u0026sdk=false",
"message_hash": {
"min": "191",
"max": "764",
"currency": "bombs"
},
"abandon_url": "https://www.tapresearch.com/router/offers/d1105fad890c931188905ab8198f308a?tid=f5807f26ff3c57426d0749fdc381ed4e&uid=tapresearch_user1"
}
Get survey offer for a user based on user identifier. Placement must first be created for your app using the supplier dashboard.
HTTP Request
POST https://www.tapresearch.com/supply_api/v3/surveys/offer
Required Parameters
Parameter | Type | Description |
---|---|---|
user_identifier | String | Unique alphanumeric string that you use to identify your user. |
api_token | String | This is the unique identifier we generate when you create an app in our dashboard. |
offer_identifier | String | This is the placement identifier that is created in the supplier dashboard. |
client_ip (Optional) | String | This the IP address of the end user. This attribute is required if you're checking survey availability through a backend service. |
Response
Parameter | Type | Description |
---|---|---|
has_offer | Boolean | Send users into the survey only when this value is true. |
offer_url | String | Offer entry URL |
abandon_url | String | Use this URL to redirect users back to our site after they decide to skip a survey. |
message_hash | Hash | This contains information that you can show the user before you redirect them to the offer_url. |
Postbacks
Survey complete postback
# Sample postback request
"https://www.your_postback_url.com/postback?api_token=9b99ccc0062035544a5b6579b0cfc954&cpid=tap_37939e4ede350f3a8d5149d2fcaa025e&payout_amount=191&payout_currency=gold&revenue=0.5&tid=777ca23551a4a9173920c22e1ed7f4f3&uid=developers%40tapresearch.com&sig=ea354b408a1183fa27606ece2c3cf8d1"
Notify your web service on survey complete through a pre-defined postback URL
HTTP Request
GET http://your_postback_url.com
Payload
Parameter | Type | Description |
---|---|---|
uid | String | Persistent unique identifier for this user. |
tid | String | Transaction ID or click ID. This value will not be unique if the user completed multiple surveys in a single session. Use cpid for deduping purposes. |
cpid | String | Unique survey complete identifier. We recommend that you store and check against this value to ensure you reward the user only once per survey complete. |
api_token | String | This is the unique identifier we generate when you create an app in our dashboard. |
payout_amount | Integer | Amount of currency earned by this user |
payout_currency | String | The type of Currency the user earned. |
revenue | Decimal | Amount you will be paid for this survey complete in USD. |
payout_type | Integer | The action that the user was rewarded for. 0 - Profile Complete, 3 - Survey Complete. |
ip_address | String | This is the IP address of the respondent when the transaction occurred. |
sig | String | This is the URL signature, which is an HMAC-MD5 generated using the query string, minus the sig parameter. See the security section for more details. |
Response
We expect a 200 if the request was successful
Security
# Sample request URL
url = "https://www.tapresearch.com/postback?api_token=9b99ccc0062035544a5b6579b0cfc954&cpid=tap_37939e4ede350f3a8d5149d2fcaa025e&payout_amount=191&revenue=0.5&tid=777ca23551a4a9173920c22e1ed7f4f3&uid=developers%40tapresearch.com&sig=ea354b408a1183fa27606ece2c3cf8d1"
# Isolate query string
query_string = url.gsub(/^(.*?)\?/, "")
# Strip out the sig parameter
stripped_query_string = query_string.gsub(/&sig.*/, "")
# Decode URL
decoded = URI.decode(stripped_query_string)
# Generate HMAC-MD5
api_secret = "26dcc0fc7b6208fdfeffaf19f627cb4a"
digest = OpenSSL::Digest.new("md5")
md5 = OpenSSL::HMAC.hexdigest(digest, api_secret, decoded)
puts md5 # ea354b408a1183fa27606ece2c3cf8d1
For security purposes, every postback request will include an HMAC-MD5, which is generated using the query string.
Using the example request in the postback section, here are the steps to generate the HMAC-MD5.
Grab your api secret. This value is located in your main dashboard.
Example: 26dcc0fc7b6208fdfeffaf19f627cb4a
A postback request will look similar to the example shown below.
Example: https://www.tapresearch.com/postback?api_token=9b99ccc0062035544a5b6579b0cfc954&cpid=tap_37939e4ede350f3a8d5149d2fcaa025e&payout_amount=191&revenue=0.5&tid=777ca23551a4a9173920c22e1ed7f4f3&uid=developers%40tapresearch.com&sig=ea354b408a1183fa27606ece2c3cf8d1
Isolate the query string, leaving out the question mark.
Example: api_token=9b99ccc0062035544a5b6579b0cfc954&cpid=tap_37939e4ede350f3a8d5149d2fcaa025e&payout_amount=191&revenue=0.5&tid=777ca23551a4a9173920c22e1ed7f4f3&uid=developers%40tapresearch.com&sig=ea354b408a1183fa27606ece2c3cf8d1
Strip out the sig parameter, including the ampersand (&) symbol.
Example: api_token=9b99ccc0062035544a5b6579b0cfc954&cpid=tap_37939e4ede350f3a8d5149d2fcaa025e&payout_amount=191&revenue=0.5&tid=777ca23551a4a9173920c22e1ed7f4f3&uid=developers%40tapresearch.com
Decode the query string.
Example: api_token=9b99ccc0062035544a5b6579b0cfc954&cpid=tap_37939e4ede350f3a8d5149d2fcaa025e&payout_amount=191&revenue=0.5&tid=777ca23551a4a9173920c22e1ed7f4f3&uid=developers@tapresearch.com
Run the api secret and the modified payload through your favorite HMAC-MD5 generator. Using the example values in steps 1 and 2, the resulting string will be
ea354b408a1183fa27606ece2c3cf8d1
.Check your generated HMAC against the sig param value. If they match, then record a complete and reward the user.
IP Whitelist
The postbacks will be send from the following addresses. Any other connections should be blocked.
3.88.121.21, 3.92.129.242, 3.89.214.250, 54.92.201.189, 3.84.132.120, 34.226.244.76, 52.6.75.91, 52.206.204.41, 35.168.113.51, 34.229.18.35, 35.175.253.126, 3.80.4.1, 18.212.246.233
Reporting
Get supplier Stats
# Sample stats request
"https://www.tapresearch.com/supply_api/suppliers/stats?access_token=83742aa7dc154c1a84d03213ac1228b5&from=2018-09-20T12:00:00-07:00&to=2018-09-20T13:00:00-07:00"
Sample Response
[
{
"datetime": "2018-09-20T12:00:00-07:00",
"app_name": "Sample App - iOS",
"id": 42,
"app_store_identifier": "com.sample.app",
"placement_name": "Main Placement",
"placement_identifier":"fb15ebe9c89c3fc4256c33a8e0eabcff",
"country_abbr": "US",
"impressions": 10,
"conversions": 5,
"revenue": "1.32",
"platform": "iOS"
},
{
"datetime": "2018-09-20T12:00:00-07:00",
"app_name": "Sample App - iOS",
"id": 42,
"app_store_identifier": "com.sample.app",
"placement_name": "Secondary Placement",
"placement_identifier":"ab13eabbc89c3fc1956c83a8e0efbbfa",
"country_abbr": "US",
"impressions": 1582,
"conversions": 366,
"revenue": "63.54",
"platform": "iOS"
},
{
"datetime": "2018-09-20T12:00:00-07:00",
"app_name": "Sample App - Android",
"id": 43,
"app_store_identifier": "com.sample.app",
"placement_name": "Main Placement",
"placement_identifier": "fb15eabbc89c3fc1466c83a8e0adbbcf",
"country_abbr": "US",
"impressions": 45,
"conversions": 19,
"revenue": "3.56",
"platform": "Android"
},
]
HTTP Request
GET https://www.tapresearch.com/supply_api/suppliers/stats
Payload
Parameter | Type | Description |
---|---|---|
access_token | String | Unique token used for authorization purposes. |
from | Date | The start date Date Format: I.E. "2018-04-05T17:00:00-07:00" |
to | Date | The end date Date Format: I.E. "2018-04-05T17:00:00-07:00" |
Response
Parameter | Type | Description |
---|---|---|
datetime | date | The hour that the stats reflect |
app_name | String | The App name |
app_store_identifier | String | App store identifier |
placement_name | String | The placement name |
country_abbr | String | The country abbreviation |
impressions | Integer | The number of entries to TapResearch experience |
conversions | Integer | The number of entries with at least one survey complete |
revenue | Float | The revenue in the given hour |
Errors
The TapResearch API uses the following error codes:
Error Code | Meaning |
---|---|
400 | Bad Request -- Double check to make sure you are making a proper request. |
401 | Unauthorized -- You do not have access to the resource you requested. Please make sure your authorization header is set correctly. |
404 | Not Found -- The resource you have requested cannot be found. |
422 | Unprocessable Entity - There was an error with your request. The response should always have a message detailing why an error has occurred. |
500 | Internal Server Error -- We had a problem with our server. Please contact api_support@tapresearch.com if this problem persists. |
503 | Service Unavailable -- We're temporarily offline for maintenance. Please try again later. |
Versions
v3.00
- /supply_api/v3/surveys/offer
- This is the new endpoint to get the offer url.
- Removed attribute - device_identifier
2.12
- /surveys/offer
- New attribute - client_ip
2.11
- /surveys/offer
- Response now includes an abandon URL. Use it to redirect users back to our site after they decide to skip a survey.
v2.10
- Audience API
- Get all supported countries
- Get country specific qualifications
- Get user attributes for a given set of device IDs or user identifiers
v2.00
- Changes compared to v1
- Our postbacks are now an HTTP GET as opposed to a POST.
- All request parameters will be appended to the postback URL.
- Added the sig parameter, which is the postback URL signature. See the security section for more details.
- The sech parameter has been removed.
- Postback Content-Type and Accept headers will no longer be application/json.
v2.01
- Postbacks
- New attribute - payout_type. 0 - Profile complete, 1 - Disqualified, 2 - Survey complete
- New attribute - currency_name.
Contact Us
Please email developers@tapresearch.com for any questions or concerns.