API is implemented as a set of "resources" (domain models) and "methods" (operations with resources) which is somewhat similar to the REST API design. The core difference is that in MyTarget API, many methods can operate with complex resources that may include other resources with various numbers of nesting levels and/or lists of other resources. Many methods also support operations with several resources of the same type.

Every resource has one or more types of URL addresses. Operations with resources are performed by various HTTP methods. For example, the following request retrieves a list of campaigns:

The following request creates a campaign:

The following request retrieves parameters of a certain campaign:

Most methods use the JSON format for both input and output data. Consequently, the HTTP requests and responses are of the application/json type. For the GET and DELETE requests that do not have a request body, specifying the type is optional.

Validation of the input data and generation of the output for each resource is performed according to one or more "data structures". Every method description specifies the structures used by the method.

Authentication and authorization in the API is done with the OAuth2 protocol. Its implementation is described in this article. To access the API via OAuth2, you need to submit a corresponding request from the support contact form in the interface. To get access to the API, follow these instructions.

API uses the following basic data types:

Complex data types based on the above types are described in the methods and resources documentation.

Error messages have standard HTTP response statuses. The response body contains detailed information about error in the JSON format; the response type is application/json.

• 400 — the request contains invalid data
• 401 — the signature used for authentication is invalid or missing (the Authorization heading must contain a valid access_token value)
• 403 — the operation cannot be performed under the account whose secret key (access_token) was used to sign the request
• 404 — the requested resource cannot be found
• 405 — the resource does not support the current HTTP method
• 413 — the request body is too long
• 429 — the requests-per-time unit limit was exceeded
• 500 — unexpected error

If your client supports response compression, you can use the following heading in the request:

The service has limitations for the number of requests user can send during a time interval (calendar day, hour, second).

User limits are calculated for each user individually. For example, if the system has a limit of 10 requests per minute for a particular method, it means that each user can make up to 10 requests in a minute.

Limits may be adjusted for each user or user group. That is why it is recommended to analyse only real-time data.

Current limits are returned in the HTTP headings of every response. Note that values may differ from method to method.

The responses also contain headings with the number of requests user can send before exceeding the threshold:

There is a stand-alone service instance that is used as a testing environment for testing and debugging the API integration: https://target-sandbox.my.com. To use it, you will need another ID and secret key (not the ones used for accessing the production environment). Follow these instructions to get access to the environment.