Merchant Finder
super.AI mercahnt finder, high performance, high precision, easy to use, ready for production
Swagger API: https://merchant-prod.super.ai/swagger
Submitting Batches for Processing¶
This section provides an overview of how to submit batches for processing to the /api/v1/ipv/batches/
endpoint. It includes input requirements and a detailed explanation of the expected output.
Input Requirements¶
When submitting data for processing, ensure that your input is in JSON Lines format and includes the following keys. If the keys are not exactly as specified, the input will be rejected:
{
"ID": "SEFD1423233",
"MerchantName": "STARBUCKS 3211",
"MerchantCity": "Berlin",
"MerchantState": "",
"MerchantZip": "13088",
"MerchantCountry": "GERMANY",
"MerchantNameSecondary": "",
"MerchantCitySecondary": "",
"MerchantStreetAddress": "",
"MerchantStateSecondary": "",
"MerchantZipSecondary": "",
"MerchantCountrySecondary": "GERMANY",
"filename": "1.csv"
}
Output Explanation¶
Once the batch is processed, the output will be a JSON object containing detailed information about the submitted merchant data. Below is an explanation of the various fields present in the output:
General Merchant Information¶
JSON lines Key | Description | Type |
---|---|---|
input_ID | Customer provided input ID | String |
input_MerchantName | Customer provided primary merchant name | String |
input_MerchantCity | Customer provided city where the merchant is located | String |
input_MerchantState | Customer provided state where the merchant is located | String |
input_MerchantZip | Customer provided postal code of the merchant | String |
input_MerchantCountry | Customer provided country of the merchant | String |
input_MerchantNameSecondary | Customer provided secondary name of the merchant if available | String |
input_MerchantCitySecondary | Customer provided secondary city of the merchant if available | String |
input_MerchantStreetAddress | Customer provided street address of the merchant | String |
input_MerchantStateSecondary | Customer provided secondary state of the merchant if available | String |
input_MerchantZipSecondary | Customer provided secondary postal code of the merchant if available | String |
input_MerchantCountrySecondary | Customer provided secondary country of the merchant if available | String |
Specific Store Matching Information¶
JSON Key | Description | Type |
---|---|---|
name_address_match_value | True/False indicator. True only if the address is within 100 meters of the provided address and there is a high semantic match between the provided name and the specific_store_name_value field. | Boolean |
name_address_match_confidence | Confidence that the specificstore* fields are accurately matched to the provided merchant name and address. A score near 1 suggests a high likelihood of accuracy, while a score near 0 suggests a low likelihood. | Float |
name_address_match_explanation | Detailed explanation of how the name and address match was assessed, detailing contributions from each field and the computation of the match score. | String |
name_address_match_reference | Deprecated. This field references the specific store address that was matched to the provided merchant name and address. This field is deprecated and will be removed in a future release. Use specific_store_formatted_address instead. | String |
name_address_match_place_id | Unique identifier for the matched place from an external database. | String |
nearby_matches_samebrand_count | Count of nearby locations matching the same brand as the primary merchant. | Integer |
nearby_matches | Detailed list of nearby merchant locations that match the primary merchant, including distances and addresses. | String |
specific_store_name_value | Name of the specific store that matches the provided merchant information. | String |
specific_store_formatted_address | Complete and formatted address of the matched specific store. | String |
specific_store_street_address | Street address of the matched specific store. | String |
specific_store_zip_code | Postal code of the matched specific store. | String |
specific_store_country | Country of the matched specific store. | String |
specific_store_latitude | Latitude coordinate of the specific store. | Float |
specific_store_longitude | Longitude coordinate of the specific store. | Float |
specific_store_website | Website URL of the specific store. | String |
specific_store_phone | Contact phone number of the specific store. | String |
specific_store_type | Type or category of business conducted at the specific store. | String |
specific_store_thumbnail | Thumbnail image URL representing the specific store. | String |
Brand and Enterprise Information¶
JSON lines Key | Description | Type |
---|---|---|
brand_name_value | Brand name associated with the merchant as identified in the input. | String |
brand_name_confidence | Confidence score reflecting the likelihood that the identified brand name is correct. | Float |
brand_name_reference | External reference confirming the identified brand name. | String |
brand_name_explanation | Explanation of how the brand name was matched or associated with the provided merchant name. | String |
regional_enterprise_name_value | Name of the regional enterprise associated with the merchant if applicable. | String |
regional_enterprise_name_confidence | Confidence score reflecting the likelihood that the identified regional enterprise name is correct. | Float |
regional_enterprise_name_explanation | Explanation of how the regional enterprise name relates to the provided merchant data. | String |
User Management¶
This section covers the essential user management processes within our system, including user creation, password changes, and authentication. User accounts are currently created by super.ai, and users are notified via email which includes initial login details. For security, users must change their initial password using specific AWS commands. Once the password is updated, users can authenticate to receive an access token, enabling them to manage API keys and access other system endpoints.
User Creation Process¶
Currently, user accounts are set up exclusively by super.ai. Once an account is created:
- Confirmation Email: The user will receive a confirmation email at the address provided during registration.
- Password Setup: The email contains initial login credentials and instructions for setting a new password.
Password Change Process¶
To change your password, follow these steps:
- Initiate Password Change:
Open your terminal, and run the following command. Replace
<EMAIL>
and<INITIAL PASSWORD>
with the credentials from your invitation email.
aws cognito-idp initiate-auth --client-id 3873a1pma19r4f2oug9actik46 --auth-flow USER_PASSWORD_AUTH --auth-parameters USERNAME=<EMAIL>,PASSWORD=<INITIAL_PASSWORD> --region eu-central-1
This command will return a session hash.
- Complete Password Change:
Copy the session hash from the previous step. Run the following command, replacing
<SESSION_FROM_THE_PREVIOUS_STEP>
,<EMAIL>
, and<NEW_PASSWORD>
:Once executed, your password will be successfully updated.aws cognito-idp respond-to-auth-challenge --client-id 3873a1pma19r4f2oug9actik46 --challenge-name NEW_PASSWORD_REQUIRED --session <SESSION_FROM_THE_PREVIOUS_STEP> --challenge-responses USERNAME=<EMAIL>,NEW_PASSWORD=<NEW_PASSWORD> --region=eu-central-1
Authentication and API Access¶
After setting or changing your password, you can authenticate to access the system:
- Authentication Command:
aws cognito-idp initiate-auth --client-id 3873a1pma19r4f2oug9actik46 --auth-flow USER_PASSWORD_AUTH --auth-parameters USERNAME=<EMAIL>,PASSWORD=<PASSWORD> --region eu-central-1
This will provide you with a response containing your RefreshToken
and AccessToken
.
- Using the AccessToken:
- Validity: The access token is valid for up to 24 hours.
- API Key Management: Use the access token to create, list, or delete API keys through the
/auth
endpoint. - Accessing Other Endpoints: All other API endpoints must be accessed using the API key generated from the
/auth
endpoint.
Note
- The
/auth
endpoints require an AccessToken for all operations. - Ensure that all commands are executed in the correct AWS region (
eu-central-1
) as specified.
This documentation aims to guide you through the initial setup and routine operations required to effectively utilize our API services. For additional support, please refer to the contact details provided in our documentation site.
Security Overview¶
This section provides an in-depth look at the security measures and concepts implemented within our system. The primary focus is on user authentication, data protection, and secure access to API endpoints.
User Authentication and Session Management¶
-
AWS Cognito: We utilize AWS Cognito for handling all aspects of user authentication. This includes initial authentication during login and subsequent token-based session management.
-
Secure Authentication Flow: The user initiates authentication by submitting their credentials via a command-line interface, ensuring that sensitive information is not exposed through less secure methods like browser-based forms.
-
Session Tokens: Upon successful authentication, AWS Cognito issues JSON Web Tokens (JWTs), including an ID Token, Access Token, and a Refresh Token. These tokens are encrypted and designed to ensure that they are tamper-resistant.
-
Password Management:
-
Initial Passwords: Initial passwords provided in the user invitation email are temporary and require immediate change upon first login. This process is enforced through a Cognito authentication challenge.
-
Password Policies: We enforce strong password policies requiring a mix of upper and lower case letters, numbers, and symbols. Passwords must be changed regularly, and previous passwords are disallowed on reset.
Data Encryption¶
-
Data at Rest: All sensitive data stored within our databases and storage solutions are encrypted using industry-standard encryption protocols, such as AES-256.
-
Data in Transit: We use TLS 1.2 and above for all data transmitted between client devices and our servers. This ensures that data remains encrypted as it travels across the network, protecting against eavesdropping and man-in-the-middle attacks.
API Security¶
-
API Authentication: Access to our API is secured using the OAuth 2.0 framework. Users must authenticate via AWS Cognito to receive an Access Token, which is then used to make API requests.
-
Scoped Access: Tokens are scoped to limit permissions based on the user's role and the specific requirements of the application. This minimizes the potential impact of a compromised token.
-
Token Expiry: Access tokens have a short expiry time (24 hours), reducing the risk of token theft and reuse.
-
API Gateway Security:
-
Throttling and Rate Limiting: We implement rate limiting to protect against denial-of-service (DoS) attacks and to manage the load on our backend services.
-
Endpoint Monitoring: All API endpoints are monitored for unusual access patterns or potential security breaches. Alerts are generated for rapid response by our security team.
Incident Response¶
-
Rapid Response: We have an established incident response plan that includes immediate isolation of affected systems, detailed investigations, and communication with affected users and regulatory bodies as necessary.
-
Continuous Improvement: Findings from incidents are used to further strengthen our security posture and refine our response strategies.
This security architecture is designed to protect against a wide range of digital threats while ensuring the confidentiality, integrity, and availability of our users' data. Our commitment to security is integral to our operations, and we continuously strive to enhance our security measures in response to evolving threats.