Always use User-Agent: Appie/8.22.3
and Content-Type: application/json
Technically there is more information about your device and user ID after it, but the server does not seem to care
If you have a valid access_token
, add it as a header in request
Authorization: Bearer access_token
Get a token:
POST https://api.ah.nl/mobile-auth/v1/auth/token/anonymous
{
"clientId": "appie"
}
Returns:
{
"access_token": "USERID_ACCESSTOKEN",
"refresh_token": "REFRESHTOKEN",
"expires_in": 7199
}
Sign in via browser (set User-Agent
)
Visit https://login.ah.nl/secure/oauth/authorize?client_id=appie&redirect_uri=appie://login-exit&response_type=code
Login, page should reply with 303 See Other
and something like Location: appie://login-exit?code=CODE
Take CODE
and
POST https://api.ah.nl/mobile-auth/v1/auth/token
{
"clientId": "appie",
"code": "CODE"
}
Returns:
{
"access_token": "USERID_ACCESSTOKEN",
"refresh_token": "REFRESHTOKEN",
"expires_in": 7199
}
POST https://api.ah.nl/mobile-auth/v1/auth/token/refresh
{
"clientId": "appie",
"refreshToken": "REFRESHTOKEN"
}
Returns:
{
"access_token": "USERID_ACCESSTOKEN",
"refresh_token": "REFRESHTOKEN",
"expires_in": 7199
}
GET https://api.ah.nl/mobile-services/product/search/v2?query=QUERY&sortOn=RELEVANCE
See reply example in search.json
GET https://api.ah.nl/mobile-services/v1/receipts
See reply example in receipts.json
GET https://api.ah.nl/mobile-services/v2/receipts/TRANSACTIONID
See reply example in receipt.json
If you want to use this to crossmatch transactions from your bank statement, look for the text in "first": "Authorization code"
(and for old receipts it's "third":"Autorisatiecode"
)
Anyone here knows how to retrieve a AH product with all its information with the bar code? This one 5410013116646 is the code from SPA sparkling water. Would like to get all product details of it using iOS shortcuts and the bar code scan step.