An API to deal with the Flexisip server.
The API is available under /api
A content-type and accept HTTP headers are REQUIRED to use the API properly
> GET /api/{endpoint}
> content-type: application/json
> accept: application/json
Restricted endpoints are protected using a DIGEST authentication or an API Key mechanisms.
The endpoints are accessible using three different models:
Super Admin can configure and expiration date on Spaces (expire_at). If the Space is expired all the authenticated endpoint of the API will return 403.
You can add an Accept-Language header to your request to translate the responses, and especially errors messages, in a specific language.
Currently supported languages: en, fr
> GET /api/{endpoint}
> Accept-Language: fr
> …
< HTTP 422
< {
< "message": "Le champ pseudo est obligatoire.",
< "errors": {
< "username": [
< 0 => "Le champ pseudo est obligatoire."
< ]
< }
< }
You can retrieve an API Key from your account panel or using the dedicated API endpoint.
When generated by a User account the generated API Key will be restricted to the IP that generates it and will be destroyed if not used after some times.
If you want a stable API Key, to integrate with another server component for example, you can generate one in the Administration Panel.
You can then use your freshly generated key by adding a new x-api-key header to your API requests:
> GET /api/{endpoint}
> x-api-key: {your-api-key}
> …
Or using a cookie:
> GET /api/{endpoint}
> Cookie: x-api-key={your-api-key}
> …
You can use a JWT token to authenticate on the API.
To do so you MUST inject it as an Authorization: Bearer header and configure the API with the public key of the token emitter.
> GET /api/{endpoint}
> Authorization: Bearer {your-jwt-token}
> …
The API will then check if the token was signed properly, is still valid and authenticate a user that is actually available in the system.
To discover the available hashing algorythm you MUST send an unauthenticated request to one of the restricted endpoints.
Only DIGEST-MD5 and DIGEST-SHA-256 are supported through the authentication layer.
A from (consisting of the user SIP address, prefixed with sip:) header is required to initiate the DIGEST flow.
> GET /api/{restricted-endpoint}
> from: sip:foobar@sip.example.org
> …
< HTTP 401
< content-type: application/json
< www-authenticate: Digest realm=test,qop=auth,algorithm=MD5,nonce="{nonce}",opaque="{opaque}"
< www-authenticate: Digest realm=test,qop=auth,algorithm=SHA-256,nonce="{nonce}",opaque="{opaque}"
You can find more documentation on the related IETF RFC-7616.
GET /ping¶Public
Returns pong
Manage the list of allowed spaces. The admin accounts declared with a domain that is a super sip_domain will become Super Admin.
GET /spaces¶Super Admin
Get the list of declared Spaces.
GET /spaces/{domain}¶Super Admin
Get a Space.
POST /spaces¶Super Admin
Create a new space.
JSON parameters:
name required, the space namedomain required, the SIP domain to use, must be uniquehost required, the space hostaccount_proxy_registrar_address, the account proxy registrar addressaccount_realm, the default realm for the accounts, fallback to the domain if not setassistant_disable_qr_code boolean, disable the QR code feature in the assistant, default to falseassistant_hide_create_account boolean, disable the account creation assistant, default to falseassistant_hide_third_party_account boolean, disable the call recording feature, default to falsecarddav_user_credentials boolean, enable credentials for CardDav serverscopyright_text text, the copyright textcustom_provisioning_entries text, the custom configuration used for the provisioningcustom_provisioning_overwrite_all boolean, allow the custom configuration to overwrite the default onecustom_theme boolean, allow a custom CSS file to be loadeddisable_broadcast_feature boolean, disable the broadcast feature, default to truedisable_call_recordings_feature boolean, disable the call recording feature, default to falsedisable_chat_feature boolean, disable the chat feature, default to falsedisable_meetings_feature boolean, disable the meeting feature, default to falseexpire_at date, the moment the space is expiring, default to null (never expire)hide_account_settings boolean, disable the account settings, default to falsehide_settings boolean, hide the app settings, default to falseintercom_features boolean, the intercom features switchintro_registration_text Markdown text, the main registration page textmax_account integer, the maximum number of accounts configurable in the app, default to 0 (infinite)max_accounts integer, the maximum number of accounts that can be created in the space, default to 0 (infinite), cannot be less than the actual amount of accountsnewsletter_registration_address, the newsletter registration email addressonly_display_sip_uri_username boolean, hide the SIP uris in the app, default to falsephone_registration boolean, the phone registration switchprovisioning_use_linphone_provisioning_header booleanpublic_registration boolean, the public registration switchsuper boolean, set the domain as a Super Domainweb_panel boolean, the web panel switchPUT /spaces/{domain}¶Super Admin
Update an existing sip_domain.
JSON parameters:
account_proxy_registrar_address, required, the account proxy registrar addressaccount_realm, required, the default realm for the accounts, fallback to the domain if not setassistant_disable_qr_code required, booleanassistant_hide_create_account required, booleanassistant_hide_third_party_account required, booleancarddav_user_credentials required boolean, enable credentials for CardDav serverscopyright_text required, text, the copyright textcustom_provisioning_entries required, text, the custom configuration used for the provisioningcustom_provisioning_overwrite_all required, boolean, allow the custom configuration to overwrite the default onecustom_theme required, boolean, allow a custom CSS file to be loadeddisable_broadcast_feature required, booleandisable_call_recordings_feature required, booleandisable_chat_feature required, booleandisable_meetings_feature required, booleanexpire_at required, date, the moment the space is expiring, set to null to never expirehide_account_settings required, booleanhide_settings required, booleanintercom_features required, boolean, the intercom features switchintro_registration_text required, Markdown text, the main registration page textmax_account required, integermax_accounts required,integer, the maximum number of accounts that can be created in the space, default to 0 (infinite), cannot be less than the actual amount of accountsname required, the space namenewsletter_registration_address, required, the newsletter registration email addressonly_display_sip_uri_username required, booleanphone_registration required, boolean, the phone registration switchprovisioning_use_linphone_provisioning_header required, booleanpublic_registration required, boolean, the public registration switchsuper required, boolean, set the domain as a Super Domainweb_panel required, boolean, the web panel switchDELETE /spaces/{domain}¶Super Admin
Delete a domain, be careful, all the related accounts will also be destroyed.
GET /spaces/{domain}/carddavs¶Super Admin
List current CardDavs servers.
GET /spaces/{domain}/carddavs/{id}¶Super Admin
Get a specific CardDav server.
POST /spaces/{domain}/carddavs¶Super Admin
Create a CardDav server configuration.
JSON parameters:
uri required, HTTP address of the serverport required, integer, the portenabled, booleanuse_exact_match_policy, boolean, whether match must be exact or approximatemin_characters, integer, min characters to searchresults_limit, integer, limit the number of results, 0 to infinitetimeout, integer, request timeout in secondsdelay, integer, delay in milliseconds before submiting the requestfields_for_user_input, comma separated list of vcard fields to match with user inputfields_for_domain, comma separated list of vcard fields to match for SIP domainPUT /spaces/{domain}/carddavs/{id}¶Super Admin
Update a CardDav server configuration.
JSON parameters:
uri required, HTTP address of the serverport required, integer, the portenabled, booleanuse_exact_match_policy, boolean, whether match must be exact or approximatemin_characters, integer, min characters to searchresults_limit, integer, limit the number of results, 0 to infinitetimeout, integer, request timeout in secondsdelay, integer, delay in milliseconds before submiting the requestfields_for_user_input, comma separated list of vcard fields to match with user inputfields_for_domain, comma separated list of vcard fields to match for SIP domainDELETE /spaces/{domain}/carddavs/{id}¶Super Admin
Delete a specific CardDav server configuration.
GET /spaces/{domain}/email¶Super Admin
Get a space email server configuration
POST /spaces/{domain}/email¶Super Admin
Update an existing a space email server configuration.
JSON parameters:
host required, the email server hostnameport required, integer, the portusername, the usernamepassword, the passwordfrom_address, email address, the sender email addressfrom_name, the sender namesignature, a text that will end every emails sentDELETE /spaces/{domain}/email¶Super Admin
Delete the a space email server configuration.
An account_creation_request_token is a unique token that can be validated and then used to generate a valid account_creation_token.
POST /account_creation_request_tokens¶Public
Create and return an account_creation_request_token that should then be validated to be used, often using a browser CAPTCHA.
An account_creation_token is a unique token that allow the creation or the validation of a unique account.
POST /account_creation_tokens/send-by-push¶Public
Create and send an account_creation_token using a push notification to the device.
Return 403 if a token was already sent, or if the tokens limit is reached for this device.
Return 503 if the token was not successfully sent.
JSON parameters:
pn_provider required, the push notification provider, must be in apns.dev, apns or fcmpn_param the push notification parameter, can be null or contain only alphanumeric and underscore characterspn_prid the push notification unique id, can be null or contain only alphanumeric, dashes, underscore and colon charactersPOST /account_creation_tokens/using-account-creation-request-token¶Public
Create an account_creation_token using an account_creation_request_token.
Return an account_creation_token.
Return 404 if the account_creation_request_token provided is not valid or expired otherwise.
JSON parameters:
account_creation_request_token requiredPOST /account_creation_tokens/consume¶User
Consume an account_creation_token and link it to the authenticated account.
Return an account_creation_token.
Return 404 if the account_creation_token provided is not valid.
JSON parameters:
account_creation_token requiredPOST /account_creation_tokens¶Admin
Create and return an account_creation_token.
An account_recovery_token is a unique token that allow the recovery of an account.
It can be used on the following page that also accepts a phone optional parameter to prefil the recovery form:
https://flexiapi.heritage100.dev/recovery/phone/_the_token_
https://flexiapi.heritage100.dev/recovery/phone/_the_token_?phone=%2B3312341234
POST /account_recovery_tokens/send-by-push¶Public
Create and send an account_recovery_token using a push notification to the device.
Return 403 if a token was already sent, or if the tokens limit is reached for this device.
Return 503 if the token was not successfully sent.
JSON parameters:
pn_provider required, the push notification provider, must be in apns.dev, apns or fcmpn_param the push notification parameter, can be null or contain only alphanumeric and underscore characterspn_prid the push notification unique id, can be null or contain only alphanumeric, dashes, underscore and colon charactersPOST /accounts/auth_token¶Public
Generate an auth_token. To attach the generated token to an account see auth_token attachement endpoint.
Return the auth_token object.
GET /accounts/auth_token/{auth_token}/attach¶User
Attach a publicly generated authentication token to the currently authenticated account.
Return 404 if the token is non existing or invalid.
POST /accounts/with-account-creation-token¶Public
Create an account using an account_creation_token.
Return 422 if the parameters are invalid or if the token is expired.
Return 403 if the max_accounts limit of the corresponding Space is reached.
JSON parameters:
username unique username, minimum 6 characterspassword required minimum 6 charactersalgorithm required, values can be SHA-256 or MD5account_creation_token the unique account_creation_tokendtmf_protocol optional, values must be sipinfo, sipmessage or rfc2833GET /accounts/{sip}/info¶Public
Retrieve public information about the account.
Return 404 if the account doesn't exists.
GET /accounts/me/api_key/{auth_token}¶Public
Generate and retrieve a fresh API Key from an auth_token. The auth_token must be attached to an existing account, see auth_token attachement endpoint to do so.
Return 404 if the token is invalid or not attached.
This endpoint is also setting the API Key as a Cookie.
GET /accounts/me/api_key¶User
Generate and retrieve a fresh API Key. This endpoint is also setting the API Key as a Cookie.
GET /accounts/me¶User
Retrieve the account information.
GET /accounts/me/services/turn¶User
If configured, returns valid TURN credentials following the draft-uberti-behave-turn-rest-00 IEFT Draft.
GET /accounts/me/provision¶User
Provision the account by generating a fresh provisioning_token.
Return the account object.
DELETE /accounts/me¶User
Delete the account.
POST /accounts/me/password¶User
Change the account password.
JSON parameters:
algorithm required, values can be SHA-256 or MD5old_password required if the password is already set, the old passwordpassword required, the new passwordPOST /accounts¶Admin
To create an account directly from the API.
Return 403 if the max_accounts limit of the corresponding Space is reached.
JSON parameters:
username unique username, minimum 6 characterspassword required minimum 6 charactersalgorithm required, values can be SHA-256 or MD5domain not configurable by default, must exist in one of the configured Spaces. Only configurable if the admin is a super admin. Otherwise the SIP domain of the corresponding space is used.activated optional, a boolean, set to false by defaultdisplay_name optional, stringemail optional, must be an email, must be unique if ACCOUNT_EMAIL_UNIQUE is set to trueadmin optional, a boolean, set to false by default, create an admin accountphone optional, a valid phone number, set a phone number to the accountdtmf_protocol optional, values must be sipinfo, sipmessage or rfc2833dictionary optional, an associative array attached to the account, see also the related endpoints.PUT /accounts/{id}¶Admin
Update an existing account. Ensure to resend all the parameters to not reset them.
JSON parameters:
username unique username, minimum 6 charactersdomain not configurable by default, must exist in one of the configured Spaces. Only configurable if the admin is a super admin. Otherwise the SIP domain of the corresponding space is used.password required minimum 6 charactersalgorithm required, values can be SHA-256 or MD5display_name optional, stringemail optional, must be an email, must be unique if ACCOUNT_EMAIL_UNIQUE is set to trueadmin optional, a boolean, set to false by defaultphone optional, a valid phone number, set a phone number to the accountdtmf_protocol optional, values must be sipinfo, sipmessage or rfc2833Using this endpoint you can also set a fresh dictionnary if the parameter is set. The existing dictionary entries will be destroyed.
dictionary optional, an associative array attached to the account, see also the related endpoints.This endpoint also return the current phone_change_code and email_change_code if they are available.
GET /accounts¶Admin
Retrieve all the accounts, paginated.
GET /accounts/{id}¶Admin
Retrieve a specific account.
GET /accounts/{sip}/search¶Admin
Search for a specific account by sip address.
GET /accounts/{email}/search-by-email¶Admin
Search for a specific account by email.
DELETE /accounts/{id}¶Admin
Delete a specific account and its related information.
POST /accounts/{id}/activate¶Admin
Activate an account.
POST /accounts/{id}/deactivate¶Admin
Deactivate an account.
POST /accounts/{id}/block¶Admin
Block an account.
POST /accounts/{id}/unblock¶Admin
Unblock an account.
GET /accounts/{id}/provision¶Admin
Provision an account by generating a fresh provisioning_token.
POST /accounts/{id}/send_provisioning_email¶Admin
Send a provisioning email to the account.
POST /accounts/{id}/send_reset_password_email¶Admin
Send a password reset email to the account.
The following endpoints will return 403 Forbidden if the requested account doesn't have a DTMF protocol configured.
GET /accounts/{id}/actions¶Admin
Show an account related actions.
GET /accounts/{id}/actions/{action_id}¶Admin
Show an account related action.
POST /accounts/{id}/actions/¶Admin
Create an account action.
JSON parameters:
key required, alpha numeric with dashes, lowercasecode required, alpha numeric, lowercasePUT /accounts/{id}/actions/{action_id}¶Admin
Create an account action.
JSON parameters:
key required, alpha numeric with dashes, lowercasecode required, alpha numeric, lowercaseDELETE /accounts/{id}/actions/{action_id}¶Admin
Delete an account related action.
The following endpoints will return 403 Forbidden if the requested account Space doesn't have carddav_user_credentials set to true.
GET /accounts/{id}/carddavs¶Admin
Show an account CardDav servers credentials.
GET /accounts/{id}/carddavs/{carddav_id}¶Admin
Show an account CardDav server credentials.
PUT /accounts/{id}/carddavs/{carddav_id}¶Admin
Create an account CardDav server credentials.
JSON parameters:
username required the usernamepassword required the password in plain textalgorithm required, values can be SHA-256 or MD5realm required the realmDELETE /accounts/{id}/carddavs/{carddav_id}¶Admin
Delete an account related action.
GET /contacts_lists¶Admin
Show all the contacts lists.
GET /contacts_lists/{id}¶Admin
Show a contacts list.
POST /contacts_lists¶Admin
Create a contacts list.
JSON parameters:
title requireddescription requiredPUT /contacts_lists/{id}¶Admin
Update a contacts list.
JSON parameters:
title requireddescription requiredDELETE /contacts_lists/{id}¶Admin
Delete a contacts list.
POST /contacts_lists/{contacts_list_id}/contacts/{contact_id}¶Admin
Add a contact to the contacts list.
DELETE /contacts_lists/{contacts_list_id}/contacts/{contact_id}¶Admin
Remove a contact from the contacts list.
POST /accounts/{id}/contacts_lists/{contacts_list_id}¶Admin
Add a contacts list to the account.
DELETE /accounts/{id}/contacts_lists/{contacts_list_id}¶Admin
Remove a contacts list from the account.
GET /accounts/{id/me}/contacts¶User Admin
Return the user contacts.
GET /accounts/me/contacts/{sip}¶User
Return a user contact.
POST /accounts/{id}/contacts/{contact_id}¶Admin
Add a contact to the list.
DELETE /accounts/{id}/contacts/{contact_id}¶Admin
Remove a contact from the list.
GET /accounts/{id}/dictionary¶Admin
Get all the account dictionary entries.
DELETE /accounts/{id}/dictionary/clear¶Admin
Clear all the account dictionary entries.
GET /accounts/{id}/dictionary/{key}¶Admin
Get an account dictionary entry.
POST /accounts/{id}/dictionary/{key}¶Admin
Add or update a new entry to the dictionary
JSON parameters:
value required, the entry valueDELETE /accounts/{id}/dictionary/{key}¶Admin
Delete an account dictionary entry.
POST /accounts/me/email/request¶User
Request to change the account email. An email will be sent to the new email address to confirm the operation.
Will return 403 if the account doesn't have a validated Account Creation Token attached to it.
JSON parameters:
email the new email address, must be unique if ACCOUNT_EMAIL_UNIQUE is set to truePOST /accounts/me/email¶User
Confirm the code received and change the email. Activate the account.
JSON parameters:
code the code received by emailReturn the updated account.
GET /accounts/{id}/external¶Admin
Get the external account.
POST /accounts/{id}/external¶Admin
Create or update the external account.
JSON parameters:
username requireddomain requiredpassword requiredrealm must be different than domainregistrar must be different than domainoutbound_proxy must be different than domainprotocol required, must be UDP, TCP or TLSDELETE /accounts/{id}/external¶Admin
Delete the external account.
POST /accounts/me/phone/request¶User
Request a specific code by SMS to change the phone number.
Will return 403 if the account doesn't have a validated Account Creation Token attached to it.
JSON parameters:
phone the phone number to send the SMSPOST /accounts/me/phone¶User
Confirm the code received and change the phone number. Activate the account.
JSON parameters:
code the received SMS codeReturn the updated account.
GET /accounts/{id/me}/devices¶Admin User
Return the user registered devices.
DELETE /accounts/{id/me}/devices/{uuid}¶Admin User
Remove one of the user registered devices.
GET /account_types¶Admin
Show all the account types.
GET /account_types/{id}¶Admin
Show an account type.
POST /account_types¶Admin
Create an account type.
JSON parameters:
key required, alpha numeric with dashes, lowercasePUT /account_types/{id}¶Admin
Update an account type.
JSON parameters:
key required, alpha numeric with dashes, lowercaseDELETE /account_types/{id}¶Admin
Delete an account type.
POST /accounts/{id}/types/{type_id}¶Admin
Add a type to the account.
DELETE /accounts/{id}/contacts/{type_id}¶Admin
Remove a type from the account.
POST /accounts/{id/me}/vcards-storage¶Admin User
Store a vCard.
JSON parameters:
vcard, mandatory, a valid vCard having a mandatory UID parameter that is uniquelly identifying it. This UID parameter will then be used to manipulate the vcard through the following endpoints as uuid.PUT /accounts/{id/me}/vcards-storage/{uuid}¶Admin User
Update a vCard.
JSON parameters:
vcard, mandatory, a valid vCard having a mandatory UID parameter that is uniquelly identifying it and is the same as the uuid parameter.GET /accounts/{id/me}/vcards-storage¶Admin User
Return the list of stored vCards
GET /accounts/{id/me}/vcards-storage/{uuid}¶Admin User
Return a stored vCard
DELETE /accounts/{id/me}/vcards-storage/{uuid}¶Admin User
Delete a stored vCard
GET /accounts/{id/me}/voicemails¶Admin User
Return the currently stored voicemails
GET /accounts/{id/me}/voicemails/{uuid}¶Admin User
{
id: '{uuid}',
sip_from: '{sip_address}',
get_url: 'https://{the file_url}',
file_size: 2451400, // the file size, in bytes
content_type: 'audio/{format}',
created_at: '2025-10-09T12:59:32Z',
uploaded_at: '2025-10-09T12:59:40Z'
}
Return a stored voicemail
POST /accounts/{id/me}/voicemails¶Admin User
Create a new voicemail slot
JSON parameters:
sip_from, mandatory, a valid SIP addresscontent_type, mandatory, the content type of the audio file to upload, must be audio/opus or audio/wavThis endpoint will return the following JSON:
{
id: '{uuid}',
sip_from: '{sip_address}',
upload_url: 'https://{upload_service_unique_url}', // unique URL generated to upload the audio file
download_url: 'https://{download_service_unique_url}', // unique URL generated to download the audio file, null before upload
max_upload_size: 3000000, // here 3MB file size limit, in bytes
content_type: 'audio/{format}',
created_at: '2025-10-09T12:59:32Z', // time of the slot creation
uploaded_at: null // time when the slot was filled with the audio file
}
DELETE /accounts/{id/me}/voicemails/{uuid}¶Admin User
Delete a stored voicemail, if the file is managed by the platform it will be deleted as well
POST /files/{uuid}¶User
Upload a file to a previously created slot. This endpoint will directly be returned when creating the upload slot in the upload_url parameter.
Related endpoints:
HTTP Form-Data parameters:
file required, the file to upload, must have the same content_type as requested in the slotPOST /messages¶Admin
Send a message over SIP.
JSON parameters:
to required, SIP address of the receiverbody required, content of the messagePOST /push_notification¶User
Send a push notification using the Flexisip Pusher.
JSON parameters:
pn_provider required, the push notification provider, must be in apns.dev, apns or fcmpn_param the push notification parameter, can be null or contain only alphanumeric and underscore characterspn_prid the push notification unique id, can be null or contain only alphanumeric, dashes, underscore and colon characterstype required, must be in background, message or callcall_id a Call ID, must have only alphanumeric, tilde and dashes charactersThe phone numbers managed by FlexiAPI are validated against a list of countries that can be managed in the admin web panels.
GET /phone_countries¶Public
Return the list of Phone Countries and their current status.
If a country is deactivated all the new submitted phones submitted on the platform will be blocked.
POST /phone_countries/{code}/activate¶Super Admin
Activate a Phone Country
POST /phone_countries/{code}/deactivate¶Super Admin
Deactivate a Phone Country
FlexiAPI can record logs generated by the FlexiSIP server and compile them into statistics.
POST /statistics/messages¶Admin
Announce the creation of a message.
JSON parameters:
id required, stringfrom required, string the sender of the messagesent_at required, string, format ISO8601, when the message was actually sentencrypted required, booleanconference_id stringPATCH /statistics/messages/{message_id}/to/{to}/devices/{device_id}¶Admin
Complete a message status.
JSON parameters:
last_status required, an integer containing the last status codereceived_at required, format ISO8601, when the message was receivedPOST /statistics/calls¶Admin
Announce the beginning of a call.
JSON parameters:
id required, stringfrom required, string the initier of the callto required, string the destination of the callinitiated_at required, string, format ISO8601, when the call was startedended_at string, format ISO8601, when the call finishedconference_id stringPATCH /statistics/calls/{call_id}/devices/{device_id}¶Admin
Complete a call status.
JSON parameters:
rang_at format ISO8601, when the device ranginvite_terminated
at format ISO8601, when the invitation endedstate the termination statePATCH /statistics/calls/{call_id}¶Admin
Update a call when ending. JSON parameters:
ended_at required, string, format ISO8601, when the call finishedThe following URLs are not API endpoints they are not returning JSON content and they are not located under /api but directly under the root path.
GET /contacts/vcard¶User
Return the authenticated user contacts list, in vCard 4.0 format.
Here is the format of the vCard list returned by the endpoint:
BEGIN:VCARD
VERSION:4.0
KIND:individual
IMPP:sip:schoen.tatyana@sip.linphone.org
FN:schoen.tatyana@sip.linphone.org
X-LINPHONE-ACCOUNT-DTMF-PROTOCOL:sipinfo
X-LINPHONE-ACCOUNT-TYPE:phone
X-LINPHONE-ACCOUNT-ACTION:action_key;123
END:VCARD
BEGIN:VCARD
VERSION:4.0
KIND:individual
IMPP:sip:dhand@sip.linphone.org
FN:dhand@sip.linphone.org
X-LINPHONE-ACCOUNT-DTMF-PROTOCOL:sipinfo
END:VCARD
GET /contacts/vcard/{sip}¶User
Return a specific user authenticated contact, in vCard 4.0 format.
GET /vcards-storage¶User
Return the list of stored vCards
GET /vcards-storage/{uuid}¶User
Return a stored vCard