π Introduction#
Welcome to the CSQ API documentation β your official guide to understanding and integrating CSQ's digital services. This resource is tailored for developers and technical teams, covering everything from the basics to advanced features so you can confidently implement, optimize, and scale your use of CSQβs capabilities.
βοΈ Legal Disclaimer#
This document provides technical guidance on using CSQβs web service APIs. While it outlines expected behaviors and integration rules, any commercial agreement signed with CSQ takes precedence. In other words:Formal contracts override any conflicting technical details in this guide.
However, unless explicitly stated otherwise in your contract, the guidelines here are considered valid and applicable by default.
π It is the API consumerβs responsibility to:Follow proper integration practices.
Keep all provided credentials, encryption keys, and access secrets confidential and secure.
CSQ reserves the right to suspend or revoke API access if bad coding practices, security risks, or system misuse are detected.
π Communications#
π Access Credentials#
Production and sandbox URLs, as well as your credentials and encryption keys, will be provided once your NDA or contract with CSQ is signed and validated by your agent.β
Always access environments using DNS names β never use direct IP addresses.
π Communication Security#
eVSB supports multiple connection options:HTTPS (SSL/TLS 1.1 or 1.2) β recommended for secure communication.
HTTP β allowed if bandwidth is a concern. If used, we strongly advise setting the Accept
header to application/encrypt
to ensure payload encryption.
Optional security enhancements are available on request:VPN tunnel β subject to firewall compatibility.
IP whitelisting β restricts access to your defined IPs.
Regardless of your transport method, every request is cryptographically protected using a timestamped salted hash.β The API consumer is solely responsible for managing credential confidentiality and applying security best practices on their systems.
β Communication Failure Handling#
Typical response times are within seconds. However:If no response is received after 60 seconds, you can consider the request timed out.
Timeout β failure: The operation may have succeeded on the server. This is especially important for payment operations.
To avoid duplicate charges or inconsistent states, always:1.
Use the appropriate query method to confirm the status of a delayed operation.
2.
Avoid auto-retry mechanisms: eVSB is not idempotent. Even identical requests will be processed independently.
π Service Overview#
eVSB is a robust REST/JSON API that intentionally deviates from strict REST conventions to prioritize:Each method has its own structure, parameters, and return object (always wrapped inside the items
array of the JSON response). While not REST-pure, the API remains clean, consistent, and easy to work with.π Summary#
Mastering this API involves understanding:rc
values (internal result codes)
The unified JSON structure used across all endpoints
With this knowledge, you can integrate and troubleshoot the eVSB platform effectively.
We're here to support you throughout your integration and operation phases:Modified atΒ 2025-07-03 18:43:26