Skip to content
Getting Started
/
API v1.5 Documentation
/
/WEBHOOKS

API Endpoint Reference (1.5)

Tenovos has introduced version 1.5 to provide non-breaking improvements over previous versions.

Key Changes:

  • Authentication Standards now include OAuth2 code flow.
  • Client ID is no longer required to be passed when requesting an Authorization token using our Standard Auth from v1.4
  • New endpoints have been added and will continue to be added until v2 is generally available to all customers.
    • Adaptive Template endpoints
    • A new Get Asset endpoint with a simplified Response
    • A new Create Asset endpoint with simplified payloads for the Request and Response
    • A new Update Asset endpoint with simplified payloads for the Request and Response
  • We've made some performance improvements to most endpoints
Find out more about Tenovos
Download OpenAPI description
v1.5.json
v1.5.yaml
Overview
E-mail
product@tenovos.com
License
Tenovos Active Story Management
Terms of Service
Languages
Servers
https://api.uat.tenovos.io/v1
https://api.tenovos.io/v1

ACTIONS

Invoke the Action API to retrieve information about invoked Actions.

Operations

ADAPTIVE TEMPLATES

Invoke the API to retrieve information about invoked Actions.

Operations

ASSETS

Invoke the Asset API to create, retrieve, manipulate, and share Assets. This API also provides operations to manage Asset relationships and download Asset content.

Operations

AUTHENTICATION

Invoke the Authentication API to generate, refresh, and revoke access tokens. An access token is required to perform any authorized API operation.

Operations

CDN (Coming Soon!)

Tenovos Content Delivery Network (CDN) - Coming Soon!

Tenovos CDN: Pull Zone Overview

Tenovos CDN provides global content acceleration and optimization through a pull zone architecture, ensuring that your assets are delivered to end users with maximum speed, reliability, and efficiency. A Content Delivery Network (CDN) works by caching static content—such as images, videos, and other media—on servers distributed across the globe. When an asset is requested, the CDN serves it from the nearest edge location, reducing load times and offloading traffic from the origin server, which in this case is Tenovos DAM.

A pull zone is the core mechanism that powers this system. It automatically fetches content from the origin the first time it is requested, then caches it at the edge. Subsequent requests are served directly from the CDN cache, improving response times and reducing bandwidth consumption.

Through the Tenovos CDN API, you can create, update, and manage pull zones programmatically. Pull zones support advanced features such as global edge caching, cache purging, bandwidth controls, and real-time performance statistics like cache hit rate and geographic request distribution. Optional optimization settings allow you to enhance performance further by enabling image compression, WebP and AVIF support, and content minification.

With just a few API calls, you can fully integrate high-performance content delivery into your Tenovos workflows—no complex infrastructure required.

Operations

COLLECTIONS

Invoke the Collection API to create, retrieve, edit, and delete Collections. Collections are used to group and catalog related Assets for quick access and consumption. Collections can be configured as:

  • private: Visible only to the user who created the Collection.
  • secured: Visible to users with.

When retrieving the Assets within a Collection, the requesting user will only see the Assets that the user has access to view. For example, a librarian may see all Assets within a Collection, but a general consumer user may only see a portion of those Assets, due to limited security access.

Operations

METADATA

Invoke the Metadata API to retrieve Metadata Template to be applied to Assets during Asset creation. A Metadata Template defines a set of Metadata Attributes of varying types, including Text, Date, Controlled Vocabulary, Tabular, and Cascading Attributes. When a Metadata Template is assigned to a new Asset, the corresponding Metadata Attributes will be available for population on the Asset.

Operations

REQUESTS

Invoke these API's to create new Requests and manage existing Requests.

Operations

SECURITY

Invoke the Metadata API to retrieve Security Template information to be applied to Assets during Asset creation or edit.

Operations

PEOPLE

Invoke the User API to retrieve User profile information.

Operations

WEBHOOKS

Tenovos Webhook Subscriptions

For more information about our Webhooks, see the Webhook section of our Developer Portal

Operations

Create Endpoint

Request

Create a subscription based on the topic and event type in order to be notified at your target URL when events about that topic occur.

Security
ApiKeyAuth or BasicAuth
Headers
content-typestring
Example: application/json
Authorizationstring
Example: Bearer <token>
Bodyapplication/json
descriptionstring[ 5 .. 100 ] characters

You must provide a description for the subscription.

Example: "Notify System X for All Assets Created"
eventTypesArray of arrays

One of the available event types listed

Example: ["asset.created","asset.updated","asset.downloaded","asset.deleted"]
urlstring(url)

A webhook target is usually an open and public url that listens for webhook notification messages. Tenovos signs every webhook message to ensure the security and authenticity of all webhooks being sent. In addition, Tenovos supports HTTP Basic Authentication and using an authentication token in headers. Choose one of these authentication methods as part of your target payload.

Example: "https://yourendpoint.com"
rateLimitinteger
Example: 200
curl -i -X POST \
  https://api.uat.tenovos.io/v1/webhooks/endpoint \
  -H 'Authorization: Bearer <token>' \
  -H 'X-API-Key: YOUR_API_KEY_HERE' \
  -H 'content-type: application/json' \
  -d '{
    "description": "Notify System X for All Assets Created",
    "eventTypes": [
      "asset.created",
      "asset.updated",
      "asset.downloaded",
      "asset.deleted"
    ],
    "url": "https://yourendpoint.com",
    "rateLimit": 200
  }'

Responses

Successful Request. Webhook Subscriptions Created Successfully.

Bodyapplication/json
idstring(uuid)

Identifier of the event

Response
application/json
{
  "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08"
}

List Endpoints

Request

This endpoint returns an array (List) of all endpoints (your endpoints) and the event types subscribed.

Security
ApiKeyAuth or BasicAuth
Query
beforestring or null[ 12 .. 36 ] characters

The cursor value returned by Tenovos to retrieve the previous page of results. If the before parameter is used, the after parameter cannot be used.

Example: before=196100ac-4ee
afterstring or null[ 12 .. 36 ] characters

The cursor value returned by Tenovos to retrieve the next page of results. If the after parameter is used, the before parameter cannot be used.

Example: after=16969100ac-4ef
Headers
content-typestring
Example: application/json
Authorizationstring
Example: Bearer <token>
curl -i -X GET \
  'https://api.uat.tenovos.io/v1/webhooks/endpoint/list?before=196100ac-4ee&after=16969100ac-4ef' \
  -H 'Authorization: Bearer <token>' \
  -H 'X-API-Key: YOUR_API_KEY_HERE' \
  -H 'content-type: application/json'

Responses

Successful Request. Endpoints Retrieved Successfully.

Bodyapplication/jsonArray [
idstring(uuid)

Identifier of the event

descriptionstring[ 5 .. 100 ] characters

You must provide a description for the subscription.

Example: "Notify System X for All Assets Created"
disabledboolean

Indicates whether or not the endpoint subscription is disabled or not

Example: false
urlstring(url)

A webhook target is usually an open and public url that listens for webhook notification messages. Tenovos signs every webhook message to ensure the security and authenticity of all webhooks being sent. In addition, Tenovos supports HTTP Basic Authentication and using an authentication token in headers. Choose one of these authentication methods as part of your target payload.

Example: "https://yourendpoint.com"
eventTypesArray of arrays

One of the available event types listed

Example: ["asset.created","asset.updated","asset.downloaded","asset.deleted"]
rateLimitinteger
Example: 200
]
Response
application/json
[
  {
    "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
    "description": "Notify System X for All Assets Created",
    "disabled": false,
    "url": "https://yourendpoint.com",
    "eventTypes": [ … ],
    "rateLimit": 200
  }
]

List Event Types

Request

This endpoint returns an array (List) of all event types.

Security
ApiKeyAuth or BasicAuth
Query
beforestring or null[ 12 .. 36 ] characters

The cursor value returned by Tenovos to retrieve the previous page of results. If the before parameter is used, the after parameter cannot be used.

Example: before=196100ac-4ee
afterstring or null[ 12 .. 36 ] characters

The cursor value returned by Tenovos to retrieve the next page of results. If the after parameter is used, the before parameter cannot be used.

Example: after=16969100ac-4ef
Headers
content-typestring
Example: application/json
Authorizationstring
Example: Bearer <token>
curl -i -X GET \
  'https://api.uat.tenovos.io/v1/webhooks/event-type/list?before=196100ac-4ee&after=16969100ac-4ef' \
  -H 'Authorization: Bearer <token>' \
  -H 'X-API-Key: YOUR_API_KEY_HERE' \
  -H 'content-type: application/json'

Responses

Successful Request. Event Types Retrieved Successfully.

Bodyapplication/jsonArray [
namestring

The name of the Event Type. Determined by Tenovos.

Example: "asset.created"
descriptionstring[ 5 .. 100 ] characters

You must provide a description for the event type.

Example: "Event when a new asset in Tenovos is created."
createdDatestring(date)

The Date and time the Event Type was created.

]
Response
application/json
[
  {
    "name": "asset.created",
    "description": "Event when a new asset in Tenovos is created.",
    "createdDate": "2019-08-24"
  }
]

Endpoint by ID

Request

This endpoint returns a single endpoint and its configuration by ID.

Security
ApiKeyAuth or BasicAuth
Path
idstring(uuid)= 36 charactersrequired

The Identifier of the subscription, active or not, that you wish to delete.

Example: 4d4d835b-c188-4120-87f9-1208c001e170
Headers
content-typestring
Example: application/json
Authorizationstring
Example: Bearer <token>
curl -i -X GET \
  https://api.uat.tenovos.io/v1/webhooks/endpoint/4d4d835b-c188-4120-87f9-1208c001e170 \
  -H 'Authorization: Bearer <token>' \
  -H 'X-API-Key: YOUR_API_KEY_HERE' \
  -H 'content-type: application/json'

Responses

Successful Request. Endpoint Retrieved Successfully.

Bodyapplication/json
idstring(uuid)

Identifier of the event

descriptionstring[ 5 .. 100 ] characters

You must provide a description for the subscription.

Example: "Notify System X for All Assets Created"
disabledboolean

Indicates whether or not the endpoint subscription is disabled or not

Example: false
urlstring(url)

A webhook target is usually an open and public url that listens for webhook notification messages. Tenovos signs every webhook message to ensure the security and authenticity of all webhooks being sent. In addition, Tenovos supports HTTP Basic Authentication and using an authentication token in headers. Choose one of these authentication methods as part of your target payload.

Example: "https://yourendpoint.com"
eventTypesArray of arrays

One of the available event types listed

Example: ["asset.created","asset.updated","asset.downloaded","asset.deleted"]
rateLimitinteger
Example: 200
Response
application/json
{
  "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  "description": "Notify System X for All Assets Created",
  "disabled": false,
  "url": "https://yourendpoint.com",
  "eventTypes": [
    "asset.created",
    "asset.updated",
    "asset.downloaded",
    "asset.deleted"
  ],
  "rateLimit": 200
}

Update Endpoint

Request

This endpoint updates a single endpoint and its configuration by ID.

Security
ApiKeyAuth or BasicAuth
Path
idstring(uuid)= 36 charactersrequired

The Identifier of the subscription, active or not, that you wish to delete.

Example: 4d4d835b-c188-4120-87f9-1208c001e170
Headers
content-typestring
Example: application/json
Authorizationstring
Example: Bearer <token>
Bodyapplication/json
descriptionstring[ 5 .. 100 ] characters

You must provide a description for the subscription.

Example: "Notify System X for All Assets Created"
eventTypesArray of arrays

One of the available event types listed

Example: ["asset.created","asset.updated","asset.downloaded","asset.deleted"]
urlstring(url)

A webhook target is usually an open and public url that listens for webhook notification messages. Tenovos signs every webhook message to ensure the security and authenticity of all webhooks being sent. In addition, Tenovos supports HTTP Basic Authentication and using an authentication token in headers. Choose one of these authentication methods as part of your target payload.

Example: "https://yourendpoint.com"
rateLimitinteger
Example: 200
curl -i -X PATCH \
  https://api.uat.tenovos.io/v1/webhooks/endpoint/4d4d835b-c188-4120-87f9-1208c001e170 \
  -H 'Authorization: Bearer <token>' \
  -H 'X-API-Key: YOUR_API_KEY_HERE' \
  -H 'content-type: application/json' \
  -d '{
    "description": "Notify System X for All Assets Created",
    "eventTypes": [
      "asset.created",
      "asset.updated",
      "asset.downloaded",
      "asset.deleted"
    ],
    "url": "https://yourendpoint.com",
    "rateLimit": 200
  }'

Responses

Successful Request. Endpoint Updated Successfully.

Delete Endpoint

Request

Delete a subscription you have to a Webhook based on the ID of the Webhook Subscription

Security
ApiKeyAuth or BasicAuth
Path
idstring(uuid)= 36 charactersrequired

The Identifier of the subscription, active or not, that you wish to delete.

Example: 4d4d835b-c188-4120-87f9-1208c001e170
Headers
content-typestring
Example: application/json
Authorizationstring
Example: Bearer <token>
curl -i -X DELETE \
  https://api.uat.tenovos.io/v1/webhooks/endpoint/4d4d835b-c188-4120-87f9-1208c001e170 \
  -H 'Authorization: Bearer <token>' \
  -H 'X-API-Key: YOUR_API_KEY_HERE' \
  -H 'content-type: application/json'

Responses

Successful Request. Webhook Subscription Deleted Successfully.

Add OAuth

Request

Add an authorized OAuth client to an existing endpoint.

Security
ApiKeyAuth or BasicAuth
Path
endpointIdstring

The Id of the endpoint configured for subscription to specified events. Required only for DELETE operations.

Example: ep_2gEymWwsWu5H5EpwbwoOwBnRQBi
Bodyapplication/json
clientIdstring

Customer generated clientId from OAuth server/provider

Example: "FbhKdCwuiItoSSRJpKXc6cjhpJFVy7JbB"
clientSecretstring

Customer generated client secret from OAuth server/provider

Example: "ZtjtpXP7p5SdUwNYu1JT9xfQobecM0i5UGOu_F5BU6DdAOPFLZDz7r0xObogttPG"
tokenUrlstring(url)

Customer provided https url for obtaining access tokens from the customers OAuth server/provider

Example: "https://yourdomain.provider/oauth/token"
extraParamsobject

Optional collection of key value pair parameters which may be required depending on OAuth provider.

Example: {"audience":"https://api.tenovos.io/v1"}
scopeArray of arrays

Optional array of strings for included scopes if configured by the customer on their OAuth server/provider for the generated client

Example: ["Assets, Users"]
curl -i -X PUT \
  https://api.uat.tenovos.io/v1/webhooks/endpoint/oauth/ep_2gEymWwsWu5H5EpwbwoOwBnRQBi \
  -H 'Content-Type: application/json' \
  -H 'X-API-Key: YOUR_API_KEY_HERE' \
  -d '{
    "clientId": "FbhKdCwuiItoSSRJpKXc6cjhpJFVy7JbB",
    "clientSecret": "ZtjtpXP7p5SdUwNYu1JT9xfQobecM0i5UGOu_F5BU6DdAOPFLZDz7r0xObogttPG",
    "tokenUrl": "https://yourdomain.provider/oauth/token",
    "extraParams": {
      "audience": "https://api.tenovos.io/v1"
    },
    "scope": [
      "Assets, Users"
    ]
  }'

Responses

Successful Request. OAuth Added Successfully.

Remove OAuth

Request

Remove an authorized OAuth client from an existing endpoint.

Security
ApiKeyAuth or BasicAuth
Path
endpointIdstring

The Id of the endpoint configured for subscription to specified events. Required only for DELETE operations.

Example: ep_2gEymWwsWu5H5EpwbwoOwBnRQBi
curl -i -X DELETE \
  https://api.uat.tenovos.io/v1/webhooks/endpoint/oauth/ep_2gEymWwsWu5H5EpwbwoOwBnRQBi \
  -H 'X-API-Key: YOUR_API_KEY_HERE'

Responses

Successful Request. Webhook Subscription Deleted Successfully.

PROOFING

Operations