SPORT ACTIVITIES API
Introduction
The Sport Activities API allows creation and organisation of events (conjunction of a place, a date, and people). It's internationally available.
In France, a frontend is bound to this API on : https://activites.decathlon.fr
Swagger
You can find a Swagger UI of our API on the endpoint below, where you can see and try all the endpoints.
https://api-eu.decathlon.net/activities/api/swagger
Security
API Key
curl -X GET \
"https://api-eu.decathlon.net/activities/v1/events?latitude=50.617922&longitude=3.081998"
-H 'x-api-key: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXXX'
Get geolocalised events list based on API Key
An Api Key is required for all api calls and an Auth0 account is required. Currently, to obtain an api key and an Auth0 account, you must contact us on this form.
Once you've retrieved a key, just add it to your request's headers for every API call.
Access secured resource
In addition to the mandatory API Key, secured endpoint must be called with one of following methods :
JWT Token
curl -X GET \
"https://api-eu.decathlon.net/activities/auth/me"
-H 'Accept: application/json' \
-H 'x-api-key: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXXX'
-H 'Authorization: Bearer XXXXXXX' \
Get logged user informations via JWT
The first method to consume our API is through the use of personal JWT Token.
For security purpose, your JWT is verified at each call and we support token from two providers :
| Provider | Info | Link |
|---|---|---|
| Connect API | Oauth2 Decathlon Connect for sportsman | Documentation |
| Decathlon Federated Identity | Oauth2 provider for employees | Documentation |
Once the choosen provider send you back a token, just pass it to every secured endpoint using the following header:
Authorization: Bearer XXXXXXXXX
Facebook Access Token
curl -X GET \
"https://api-eu.decathlon.net/activities/auth/me"
-H 'Accept: application/json' \
-H 'x-api-key: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXXX'
-H 'x-facebook-token: XXXXXXXXX' \
Get logged user informations via facebook access token
This method allows you to consume our API using a Facebook access token. Each time you call the API with a valid access token, we'll call the /me of facebook connect to retrieve user's information. Using this method, the API can accept token from any facebook applications.
Once you've retrieved your access token, just pass it to every secured endpoint using the following header:
x-facebook-token: XXXXXXXXX
Service Account
curl -X POST \
https://decathlon-events.eu.auth0.com/oauth/token \
-H 'content-type: application/json' \
-d '{
"client_id":"XXXXXXXXX",
"client_secret":"XXXXXXXXX",
"audience":"API_URL",
"grant_type":"client_credentials"
}'
Get service account access token
This method can be used to consume the API in a machine to machine way.
Please contact us at sportactivitiesapi@decathlon.com to ask for your credentials.
Policies
Some endpoint might return some different values or cannot be accessed depending on different rules.
Here you can find a list of access policies implement by Sports Events API.
Global Policy
A user that is flagged as a "super admin" on a/some tenant(s) can handle/manage everything on the API, as long as it only affect this/these tenant(s).
Events' Policies
| Action | Who can do it ? |
|---|---|
| List | Everyone |
| Create | Everyone |
| Cancel | Organizer |
| Update | Organizer |
| Show | Everyone / Organizer if eventStatus = PENDING |
Subscribers' Policies
| Action | Who can do it ? |
|---|---|
| List subscribers | Organizer |
| List subscription | Subscriber |
| Subscribe | Everyone |
| Unsubscribe | Subscriber |
| Update subscription | Organizer / Subscriber |
Users' Policies
| Action | Who can do it ? |
|---|---|
| Show | Organizer / Subscriber |
| Update | Subscriber |
Group' Policies
| Action | Who can do it ? |
|---|---|
| Show | Everyone |
| Create | Everyone |
| Update | Creator |
| Delete | Creator |
Response
HTTP code
The Sports Events API uses the following HTTP code :
| CODE | MEANING |
|---|---|
| 200 | Ok |
| 201 | Created |
| 204 | No Content |
| 206 | Partial Content |
| 400 | Bad Request |
| 401 | Unauthorized |
| 403 | Forbidden |
| 404 | Not Found |
| 405 | Method Not Allowed |
| 422 | Unprocessable Entity |
| 500 | Server Error |
| 503 | Maintenance |
Error code
While using our API, some endpoints might return you some error code.
Here is the full explanation of each code.
| CODE | MEANING |
|---|---|
| SE01 | The limit of slots has been reached |
| SE02 | Not enough slots available |
| SE03 | No subscribers |
| SE04 | No children allowed. Adults only event |
| SE05 | No subscription allowed. Subscriptionless event |
| SE06 | No adults allowed. Children only event |
| SE07 | Cannot subscribe to a recurrence parent activity. |
| SU01 | The user has already subscribed |
| SU02 | The user has not been found |
| SU03 | The user is not registered to this event |
| SY01 | No API Key received |
| SY02 | No application has been configured for your API_KEY. |
| SY03 | Missing scopes |
Resource format
Here you can find the format of each resource response on Sports Events API.
Our response format are Schema.org compliant. (Actually, we're almost compliant... some fields doesn't exists in Schema.org structure but we strive to be as more Schema.org alike as we can).
Every resources that need a language will expect valid, case-sensitive language code. You can find the entire list here.
A single resource may possibly not always have the same attributes, depending on which API renders it. For example, a Person can be:
- Embedded as an event organizer
- Embedded as an event subscriber
- Embedded as a reservation creator
- Returned fully when requesting information about oneself
For each of these cases, some attributes as the phone number or the payment provider identifier may be present or not. This is most of the time due to privacy purposes. The Swagger UI details clearly the presence rules for each attribute.
Event
See https://schema.org/Event for the standard field list.
Additional fields that are not in Schema.org structure are :
| Field | Type | Infos |
|---|---|---|
| organizerMessage | string | Message from the event's organizer |
| equipmentProvided | string | What kind of equipment is provided by organizer |
| equipmentRequired | string | What kind of equipment you need to bring to the event |
| equipmentLinked | array | Array useful if you want to store product's id to display it on your front |
| visibility | string | Visibility of the event. See Visibility |
| recurrencePattern | string | Allow to repeat your event each daily, weekly or monthly. By RFC 5545 https://icalendar.org/iCalendar-RFC-5545/3-8-5-3-recurrence-rule.html |
Event
{
"@context": "http://schema.org",
"@type": "Event",
"identifier": 8,
"name": "Miss",
"description": "Ullam consequatur exercitationem quia culpa autem. Neque numquam similique deserunt ut eum explicabo commodi vero. Ut cum amet voluptates est.",
"eventStatus": "PUBLISHED",
"datePublished": "2018-11-20T11:05:38Z",
"performer": {
"@context": "http://schema.org",
"@type": "Performer",
"name": "Jean Pile",
"type": "ORGANIZATION"
},
"sponsor": "Rerum dolore voluptates aut. Sit nesciunt qui temporibus nihil. Aut itaque id omnis placeat corrupti assumenda at molestiae. Sed libero aut enim cumque similique et consectetur quia.",
"image": null,
"sport": 51,
"proficiencyLevel": [
10,
20
],
"startDate": "2018-11-10T12:26:16Z",
"endDate": "2018-12-13T04:56:33Z",
"location": {
"@context": "http://schema.org",
"@type": "Place",
"name": "Decathlon Croix",
"address": {
"@context": "http://schema.org",
"@type": "PostalAddress",
"streetAddress": "12 Rue de la Centenaire",
"postalCode": "59170",
"addressLocality": "Croix",
"addressCountry": "France"
},
"geo": {
"@context": "http://schema.org",
"@type": "GeoCoordinates",
"latitude": 50.67253,
"longitude": 3.148918
}
},
"inLanguage": ["fr"],
"isAccessibleForFree": false,
"acceptsReservations": true,
"typicalAgeRange": "1-13",
"maximumAttendeeCapacity": 15,
"remainingAttendeeCapacity": 15,
"offers": {
"@context": "http://schema.org",
"@type": "Offer",
"price": "13.7",
"priceCurrency": "EUR",
"availability": "InStock",
"validFrom": "2018-11-10T12:26:16Z"
},
"organizer": {
"@context": "http://schema.org",
"@type": "Person",
"identifier": "15da566a-a84a-48b5-a537-ac7c40acaad9",
"name": "Michele H",
"email": "pfeffer.parker@mayert.com",
"additionalType": "FED",
"externalId": "041a0a46-ea34-3a1a-a9ec-4b0244865eba"
},
"organizerMessage": "Sed cumque in natus quisquam quam eaque. Quod possimus aut ut ab cum voluptas cupiditate.",
"equipmentProvided": "Corrupti iusto accusantium omnis voluptate. Est consequatur quia nam quo fuga omnis. Voluptatem quia eaque vel vel eum. Optio repudiandae eos qui eum saepe.",
"equipmentRequired": "Adipisci accusamus sit dolores similique nostrum. Soluta vel cupiditate mollitia repellendus dolor sed molestiae. Aut eius repellendus aliquid deleniti vel.",
"equipmentLinked": [],
"visibility": "PUBLIC",
"isSupervised": true,
"isAccessibleForDisabled": true,
"validUntil": {
"date": "2018-10-30 09:51:54.000000",
"timezone_type": 2,
"timezone": "Z"
},
"doorTime": {
"date": "2018-10-30 09:51:54.000000",
"timezone_type": 2,
"timezone": "Z"
},
"minimumAttendeeCapacity": 10,
"intensity": "HIGH",
"environment": [
"INDOOR",
"OUTDOOR"
],
"weatherCompatibility": [
"RAIN",
"CLOUD"
],
"goodFor": [
"FAMILY",
"RELAXATION"
],
"keywords": [
"fun",
"happy"
],
"superEvents": [
"/v1/groups/2",
"/v1/groups/3",
]
}
Event Subscriber
See https://schema.org/Person for the standard field list.
Additional fields that are not in Schema.org structure are :
| Field | Type | Infos |
|---|---|---|
| hasAttendedEvent | boolean | Boolean to see if the user has attended the event |
EventSubscriber
{
"@context": "http://schema.org",
"@type": "Person",
"identifier": "685031af-583d-4623-a569-be2ed786f655",
"name": "John Doe",
"email": "john.doe@decathlon.com",
"additionalType": "FED",
"externalId": "XXX",
"phone": "0701020304",
"numChildren": 2,
"children": [
{
"@context": "http://schema.org",
"@type": "Person",
"name": "titi"
},
{
"@context": "http://schema.org",
"@type": "Person",
"name": "toto"
}
],
"adults": [
{
"@context": "http://schema.org",
"@type": "Person",
"name": "my-self"
},
{
"@context": "http://schema.org",
"@type": "Person",
"name": "riri"
}
],
"hasAttentedEvent": false
}
Reservation
See https://schema.org/Reservation for the standard field list.
Reservation
{
"@context": "http://schema.org",
"@type": "Reservation",
"reservationId": 1,
"reservationFor": 1,
"underName": {
"@context": "http://schema.org",
"@type": "Person",
"identifier": "685031af-583d-4623-a569-be2ed786f655",
"name": "John Doe",
"email": "john.doe@decathlon.com",
"additionalType": "FED",
"externalId": "XXX"
},
"bookingTime": {
"date": "2018-11-20 14:07:30.000000",
"timezone_type": 3,
"timezone": "UTC"
},
"partySize": 10,
"totalPrice": 343,
"priceCurrency": "EUR"
}
Sport
It's sports' list. It's not limited.
Sports
[
{
"sport_id": 253,
"level_id": 1,
"is_active": "Y",
"language": "fr-fr",
"country": "FR",
"label": "LUGE",
"short_label": "LUGE"
},
{
"sport_id": 45,
"level_id": 1,
"is_active": "Y",
"language": "fr-fr",
"country": "FR",
"label": "ALPINISME",
"short_label": "ALPINISME"
}
]
User
See https://schema.org/Person for the standard field list.
Additional fields that are not in Schema.org structure are :
| Field | Type | Infos |
|---|---|---|
| externalId | uuid | External user ID |
User
{
"@context": "http://schema.org",
"@type": "Person",
"identifier": "685031af-583d-4623-a569-be2ed786f655",
"name": "John Doe",
"email": "john.doe@decathlon.com",
"additionalType": "FED",
"externalId": "XXX",
"paymentProviderIdentifier": "acct_1FJcLjIvXDPMPh6a",
"phone": "0701020304"
}
Group
Groups are "Super Events". You can directly assign events you want to put in it during POST or `PATCH request.
Groups are a light version of https://schema.org/Event.
{
"data": {
"@context": "http://schema.org",
"@type": "Event",
"identifier": 2,
"name": "Leffler, Luettgen and Braun",
"description": "Est illo perspiciatis et quia neque iusto consectetur.",
"subEvents": [
"/v1/events/2",
"/v1/events/3",
]
}
}
Mails
{
"type":"subscriber/event_updated",
"event":{
"id":1,
"sport_id":1,
"title":"EVENT NAME",
"start_date":"2018-10-26T18:15:13Z",
"end_date":"2018-10-26T20:00:13Z",
"location":{
"place_id":"ChIJ8Yg1bgsdDkgRBjcL1Kc4lIk",
"formatted_address":"1 Rue Claude Sautet, 22950 Trégueux, France",
"autocomplete_name":"Decathlon Saint Brieuc, Rue Claude Sautet, Trégueux, France",
"custom_address":{
"name":"Decathlon Saint Brieuc",
"address":"1 Rue Claude Sautet",
"address_zip":"22950 Trégueux, France"
}
},
"equipment_required":"Shoes & Water",
"equipment_provided":"Chasuble",
"subscribers_limit":45,
"owner":{
"id":"3f8fe370-5e17-422f-a929-27f744a6f4ce",
"name":"Florian V",
}
},
"user":{
"id":"1",
"type":"DKTCONNECT",
"name":"John D"
}
}
Example of json message pushed into SQS
Flexibility is our motto ...
In order to allow you to send your own personal emails to your users, we've implemented a simple queue system. We're using Amazon SQS service to provide you a simple personal queue that allows you to consume, process and send mail/notifications to your users based on changes made on the API.
Different types of message will be dropped on your personal queue, based on which events has fired the notification. Here is the list :
| Message | Reason |
|---|---|
| owner/event_created | Create confirmation for the organizer |
| owner/event_canceled | Cancel confirmation for the organizer |
| owner/event_full | Event is full for the organizer |
| owner/event_subscribed | A subscription confirmation for the organizer |
| owner/event_unsubscribed | A unsubscription confirmation for the organizer |
| subscriber/event_canceled | Cancel notification for subscribers |
| subscriber/event_reminder | Reminder two days before event for subscribers |
| subscriber/event_subscribed | Subscription confirmation for subscribers |
| subscriber/event_unsubscribed | Unsubscribe confirmation for subscribers |
| subscriber/event_updated | Event update notification for subscribers |
| subscriber/contact | Organizer message for all subscribers of the event |
Visibility
When publishing or retrieving events, you can choose if you want to retrieve the public or private events.
WHAT DOES IT MEANS ?
An event that has been created as PUBLIC will be retrieve for every consumer of the API. Useful if you want your events to be globally available.
If your event is flagged as PRIVATE, only you will be able to retrieve it. (this restriction is based on your API KEY).
Support
SLA (Service-Level Agreement)
API Support is available with a simple request by email to sportactivitiesapi@decathlon.com. The procedure is the same to get your authentification/login.
Please explain your issue with details and example so we can better understand and answer
directly.
Our team will answer you as soon as possible. We will give you an answer in the following 48 hours (Monday to Friday, 9am to 6pm).
Resolution Time
| Bugs Type | Resolution Time |
|---|---|
| Blocking Bug | Hot fix in 48 hours & Complete resolution in 7 days |
| Major Bug | 10 days |
| Minor Bug | 30 days |
Contributing
Everyone is encouraged to help improve this project. We're open to feature requests, suggestions and new implementations.
How to
General public
You can send us your suggestions, bug reports and feature requests to:
Email: sportactivitiesapi@decathlon.com
Core team
Contributions are made using the Git Flow workflow.
We want to respect the commit message format of Angular
Once code is reviewed and approved, the changes are then merged into our develop branch.
- Fork the Repository
- Create a
[new-feature]branch. - Implement your feature or bug fix.
- Add, commit, and push your changes.
git add -Agit commit -m "feat(...) : add brief explanation of the implementation"git push
- Submit a Merge Request
Contribution examples
- Reporting bugs, typos and missing docs
- Suggesting new features
- Writing or editing documentation
- Writing specifications
- Writing code ( no patch is too small: fix typos, add comments, clean up inconsistent whitespace )
- Refactoring sample code
Terms of Services
By using our API you're accepting our terms of services.