Profile Management — API Reference

Manage Profiles, their attributes, agreements, and consents

89 endpoints across 6 tags.

Profile registration

`POST` `/sauth/clients/registered` — Register a Profile

/api-reference/profile-management#tag/Profile-registration/operation/RegisterAClient

Create a new account for a Profile. This account is owned by the Profile and can be accessed and edited by it. If you don't have some information about the profile, don't insert a null-value parameter - omit the parameter entirely.

API consumers: Anonymous Profile, Workspace (Business Profile)

API key permission required: SAUTH_REGISTER_CLIENT_CREATE

Request body (required)

application/json · sauth-RegisterAClientRequestBody

Field	Type	Required	Description
`email`	string	optional	Profile's email address
`password`	string	optional	Password for the Profile
`phone`	string	optional	Phone number of the Profile. Can only include digits, spaces, and an optional `+` at the beginning
`customId`	string	optional	Profile's custom ID
`firstName`	string	optional	Profile's first name
`lastName`	string	optional	Profile's last name
`displayName`	string	optional	Currently unused
`uuid`	string	optional	UUID of the Profile
`avatarUrl`	string	optional	URL of the Profile's avatar picture
`whatsAppId`	string	optional	WhatsApp identifier of the Profile
`birthDate`	string	optional	Profile's date of birth
`company`	string	optional	Profile's company
`city`	string	optional	Profile's city of residence
`address`	string	optional	Profile's street address
`zipCode`	string	optional	Profile's zip code
`province`	string	optional	Profile's province of residence
`countryCode`	string	optional	Code of Profile's country of residence (Alpha-2 code according to ISO 3166-1)
`sex`	enum<"FEMALE", "MALE", "NOT_SPECIFIED", "OTHER">	optional	Profile's sex
`agreements`	object	optional	Marketing agreements of the Profile. You can also pass the values as strings (`"true"`;`"TRUE"`;`"True"`/`"false"`;`"FALSE"`;`"False"`) or integers (`1` for true and `0` for false).
`attributes`	object	optional	Custom attributes (with any names) WARNING: Some attributes cannot be sent in this object and will be ignored. Some of these are reserved for system use, and others must be sent as properties of the profile in the root object of the request body instead of inside the `attributes` object. Click to expand the list of reserved attributes `emailidclientIdphonecustomIduuidfirstNamelastName` `displayNamecompanyaddresscityprovincezipCodecountryCode` `birthDatesexavatarUrlanonymousagreementstagsbusinessProfileId` `timeipsourcenewsletter_agreementcustom_identifyfirstname` `lastnamecreatedupdatedlast_activity_datebirthdateexternal_avatar_url` `displaynamereceive_smsesreceive_push_messagesreceive_webpush_messages` `receive_btooth_messagesreceive_rfid_messagesreceive_wifi_messagesreceive_whatsapp_messageswhatsapp_id` `zipCodeanonymous_typecountry_idgeo_loc_countrygeo_loc_isp` `geo_loc_latgeo_loc_lonclub_card_idtypeconfirmedfacebookIddeletedAtdeleted_uniquestatusrecognizedprevious_clientstestProfile` `apikeyapiKeyApiKeyApikeytrackersnr_sdk_version` `eventCreateTimecorrelationId`
`tags`	array<string>	optional	Tags can be used to group Profile accounts.

Responses

Status	Description
`202`	Request accepted
`400` `application/json`	Profile already exists or request body malformed
`401` `application/json`	JWT missing, expired, or invalid
`403` `application/json`	Insufficient permissions or wrong JWT scope (for example, profile token where a workspace token was required)
`424` `application/json`	Only if customId was obtained from loyalty card code pool: provided customId does not exist in loyalty card code pool

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/sauth/clients/registered \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"email":"string","password":"string","phone":"+48111222333","customId":"string","firstName":"string","lastName":"string","displayName":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","avatarUrl":"string","whatsAppId":"string","birthDate":"string","company":"string","city":"string","address":"string","zipCode":"string","province":"string","countryCode":"PL","sex":"FEMALE","agreements":{"email":true,"sms":true,"push":true,"bluetooth":false,"rfid":false,"wifi":false},"attributes":{"property1":null,"property2":null},"tags":["string"]}'

`POST` `/sauth/clients/activation/by-pin-code/confirmation` — Confirm registration with PIN code

/api-reference/profile-management#tag/Profile-registration/operation/confirmByPinCodeUsingPOST

Confirm account registration with PIN code received by email (code is sent automatically at registration).

API consumer: Anonymous Profile

Request body

application/json · sauth-PinCodeConfirmationRequest

Field	Type	Required	Description
`deviceId`	string	optional	Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled.
`email`	string	optional	Profile's email address
`pinCode`	string	optional	The PIN code received by email
`uuid`	string	optional	UUID of the Profile

Responses

Status	Description
`200`	OK, account confirmed
`400` `application/json`	Request failed, see error message for details
`401` `application/json`	JWT missing, expired, or invalid
`403` `application/json`	Request failed, see error message for details
`404`	Not Found

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/sauth/clients/activation/by-pin-code/confirmation \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"deviceId":"string","email":"string","pinCode":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f"}'

`POST` `/sauth/clients/activation/by-pin-code/request` — Re-send PIN code

/api-reference/profile-management#tag/Profile-registration/operation/resendByPinCodeUsingPOST

Re-send a PIN code to the Profile's email.

API consumer: Anonymous Profile

Request body

application/json · sauth-ClientPinActivationResendRequest

Field	Type	Required	Description
`email`	string	optional	Profile's email address
`deviceId`	string	optional	Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled.
`uuid`	string	optional	UUID of the Profile

Responses

Status	Description
`200`	OK
`400` `application/json`	Request failed, see error message for details
`401` `application/json`	JWT missing, expired, or invalid
`403` `application/json`	Request failed, see error message for details
`404`	Not Found

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/sauth/clients/activation/by-pin-code/request \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"email":"string","deviceId":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f"}'

`POST` `/sauth/clients/activation/confirmation` — Activate a Profile's account

/api-reference/profile-management#tag/Profile-registration/operation/ConfirmAClientAccount

Activate the Profile's account. This is used when registration is configured to keep the account inactive until the email is confirmed.

API consumers: Profile (Client), Anonymous Profile, Workspace (Business Profile)

API key permission required: SAUTH_CONFIRMATION_CLIENT_CREATE

Request body (required)

application/json · sauth-ConfirmAClientAccountRequestBody

Field	Type	Required	Description
`token`	string	optional	Activation token received by email

Responses

Status	Description
`200`	Request accepted
`400` `application/json`	Request failed, see error message for details
`401` `application/json`	JWT missing, expired, or invalid
`403` `application/json`	Request failed, see error message for details
`409` `application/json`	Conflict
`500` `application/json`	Internal Server Error

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/sauth/clients/activation/confirmation \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"token":"string"}'

`POST` `/sauth/clients/activation/request` — Re-send email confirmation

/api-reference/profile-management#tag/Profile-registration/operation/resendUsingPOST

Request a re-sending of the confirmation email.

API consumers: Profile (Client), Anonymous Profile, Workspace (Business Profile)

API key permission required: SAUTH_CONFIRMATION_CLIENT_CREATE

Request body (required)

application/json · sauth-ClientActivationResendRequest

Field	Type	Required	Description
`email`	string	optional	Email address
`deviceId`	string	optional	Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled.
`uuid`	string	optional	UUID of the Client

Responses

Status	Description
`200`	OK
`401` `application/json`	JWT missing, expired, or invalid
`403` `application/json`	Insufficient permissions or wrong JWT scope (for example, profile token where a workspace token was required)
`404`	Not Found

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/sauth/clients/activation/request \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"email":"string","deviceId":"string","uuid":"string"}'

Profile management

`POST` `/v4/clients` — Create or update a Profile

/api-reference/data-management#tag/Profile-management/operation/CreateAClientInCrm

Create a new profile in the Synerise application database or update an existing one. If you don't have some information about the profile, don't insert a null-value parameter - omit the parameter entirely.

This is an asynchronous operation. After the request body is validated, the request is added to the queue (HTTP 202).

API consumers: Synerise User, Workspace (Business Profile)

API key permission required: API_CLIENT_CREATE

User role permission required: client_management: create

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body

application/json · object

In the request body, you must provide at least one of those identifiers:

email
If non-unique emails are enabled, email is NOT an identifier.
phone
Phone is treated as an identifier only if no other identifier is provided. If this is the case and non-unique emails are disabled, an anonymous profile is created with a randomized email placeholder.
customId
uuid

Field	Type	Required	Description
`email`	string	optional	The profile's e-mail address. Must match the pattern (ECMA flavor): `/^(([^<>()[\]\\.,;:\s@\\"]+(\.[^<>()[\]\\.,;:\s@\\"]+))\|(\\".+\\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])\|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/` The value can't include any characters that match the pattern (ECMA flavor): `/([\uD800-\uDBFF][\uDC00-\uDFFF])\|([\r\n\u2028\u2029\u00AD]\|[\uFE00-\uFE0F]\|[\u0000])/` By default, email is a unique identifier. If non-unique emails are enabled, this field should not be used. It is no longer an identifier. The configuration of non-unique emails includes creating an email parameter for communication. Upcoming breaking change (effective July 6, 2026):* Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`phone`	string	optional	Phone number of the profile Must match the pattern (ECMA flavor): `/(^\+[0-9 \-()/]{6,19}$)\|(^[0-9 \-()/]{6,20}$)/` The value can't include any characters that match the pattern (ECMA flavor): `/([\uD800-\uDBFF][\uDC00-\uDFFF])\|([\r\n\u2028\u2029\u00AD]\|[\uFE00-\uFE0F]\|[\u0000])/` Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`customId`	string	optional	A custom ID for the Profile. It is a unique identifier. The value can't include any characters that match the pattern (ECMA flavor): `/([\uD800-\uDBFF][\uDC00-\uDFFF])\|([\r\n\u2028\u2029\u00AD]\|[\uFE00-\uFE0F]\|[\u0000])/` Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`firstName`	string	optional	Profile's first name. The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`lastName`	string	optional	Profile's last name The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`displayName`	string	optional	Currently unused
`uuid`	string	optional	UUID of the Profile. It is a unique identifier. The value can't include any characters that match the pattern (ECMA flavor): `/([\uD800-\uDBFF][\uDC00-\uDFFF])\|([\r\n\u2028\u2029\u00AD]\|[\uFE00-\uFE0F]\|[\u0000])/` Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`avatarUrl`	string	optional	URL of the profile's avatar picture The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`birthDate`	string	optional	Date of birth in the profile. Must be in `yyyy-mm-dd` format and later than `1900-01-01`. Must be a date in the past. IMPORTANT: Months and days must be zero-padded. For example: May 3, 1993 is `1993-05-03`.
`company`	string	optional	Profiles's company The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`city`	string	optional	Profile's city of residence. The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`address`	string	optional	Profile's street address. The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`zipCode`	string	optional	Profile's zip code The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`province`	string	optional	Profile's province of residence The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`countryCode`	string	optional	Code of profile's country of residence in accordance with the ISO 3166 format
`sex`	enum<"FEMALE", "MALE", "NOT_SPECIFIED", "OTHER">	optional	Profile's sex
`agreements`	object	optional	This object contains the marketing agreements of the Profile. You can also pass the values as strings (`"true"`;`"True"`/`"false"`;`"False"`) or integers (`1` for true and `0` for false).
`attributes`	object	optional	This object contains custom attributes that can have any name (except for reserved attributes, see warning below) and data type, as required by your integration. The attribute names can't include any characters that match the pattern (ECMA flavor): `/[\r\n\u2028\u2029\u00AD\u0000\uFE00-\uFE0F]/` String values: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`) If you want to send a date/time attribute for use in analytics, take the following into account: The date/time should be formatted according to ISO 8601. The time zone of the workspace affects dates/times in the attributes that DON'T have a defined timezone. Example: `2023-10-09T12:00:00` doesn't have a timezone indicator and will be considered as a time in the workspace's time zone. `2023-10-09T12:00:00+02:00` has a timezone indicator (`+02:00`), so the timezone of the workspace doesn't affect it. `2023-10-09T12:00:00Z` is a time in the UTC time zone (denoted by the `Z` at the end), so the timezone of the workspace doesn't affect it. WARNING: Some attributes cannot be sent in this object and will be ignored. Some of these are reserved for system use, and others must be sent as properties of the profile in the root object of the request body instead of inside the `attributes` object. Click to expand the list of reserved attributes `emailidclientIdphonecustomIduuidfirstNamelastName` `displayNamecompanyaddresscityprovincezipCodecountryCode` `birthDatesexavatarUrlanonymousagreementstagsbusinessProfileId` `timeipsourcenewsletter_agreementcustom_identifyfirstname` `lastnamecreatedupdatedlast_activity_datebirthdateexternal_avatar_url` `displaynamereceive_smsesreceive_push_messagesreceive_webpush_messages` `receive_btooth_messagesreceive_rfid_messagesreceive_wifi_messages` `zipCodeanonymous_typecountry_idgeo_loc_countrygeo_loc_isp` `geo_loc_latgeo_loc_lonclub_card_idtypeconfirmedfacebookIddeletedAtdeleted_uniquestatusrecognizedprevious_clientstestProfile` `apikeyapiKeyApiKeyApikeytrackersnr_sdk_versioneventCreateTimecorrelationId`
`tags`	array<string>	optional	Tags can be used to group profiles. Tag names (strings): can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)

Responses

Status	Description
`202`	Accepted, queued for processing
`400` `application/json`	Bad Request
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/clients \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"email":"string","phone":"+48111222333","customId":"string","firstName":"string","lastName":"string","displayName":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","avatarUrl":"string","birthDate":"1987-10-24","company":"string","city":"string","address":"string","zipCode":"string","province":"string","countryCode":"PL","sex":"FEMALE","agreements":{"email":false,"sms":false,"push":false,"webPush":false,"bluetooth":false,"rfid":false,"wifi":false},"attributes":{"property1":null,"property2":null},"tags":["string"]}'

`POST` `/v4/clients/merge/from/custom-ids/{sourceCustomIDs}/to/custom-id/{targetCustomID}` — Merge profiles by customId

/api-reference/data-management#tag/Profile-management/operation/MergeClientsByCustomId

Moves profile UUIDs to a single profile (which must already exist) and removes the profiles that were merged.

The event history of the source profiles is moved to the target profile.

The attributes (data from the attributes object) that don't exist in the target profile are copied to the target profile. If an attribute already exists in the target profile, the value from the source profile is lost.

The properties and tags of the source profiles are lost, even if they don't have a value in the target profile.

WARNING: This operation is irreversible. Use it carefully.

WARNING: You should not try to merge more than 10-20 profiles at once.

For more details, see the Developer Guide.

API consumer: Workspace (Business Profile)

API key permission required: API_MERGEBYCUSTOMID_CLIENT_UPDATE

Parameters

Name	In	Type	Required	Description
`sourceCustomIDs`	path	string	required	Comma-delimited string with custom IDs of the profiles to merge
`targetCustomID`	path	string	required	The custom ID of the profile to merge the `sourceCustomIDs` into
`Accept`	header	enum<"application/json">	required
`Content-Type`	header	enum<"application/json">	required
`Api-Version`	header	enum<"4.4">	required

Responses

Status	Description
`200` `application/json`	Request completed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`404` `application/json`	Source and/or target profile(s) not found.

Example request (cURL)

curl --request POST \
  --url 'https://api.synerise.com/v4/clients/merge/from/custom-ids/customIdExample,customIdExample2,customIdExample3,customIdExample4,customIdExample5/to/custom-id/customIdExample' \
  --header 'Accept: SOME_STRING_VALUE' \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'Content-Type: SOME_STRING_VALUE'

`POST` `/v4/clients/merge/from/ids/{fromClientIds}/to/id/{toClientId}` — Merge profiles by clientId

/api-reference/data-management#tag/Profile-management/operation/MergeClientsByClientId

Moves profile UUIDs to a single profile (which must already exist) and removes the profiles that were merged.

The event history of the source profiles is moved to the target profile.

The properties and tags of the source profiles are lost, even if they don't have a value in the target profile.

WARNING: This operation is irreversible. Use it carefully.

WARNING: You should not try to merge more than 10-20 profiles at once.

For more details, see the Developer Guide.

API consumer: Workspace (Business Profile)

API key permission required: API_MERGE_BY_ID_CLIENT_UPDATE

Parameters

Name	In	Type	Required	Description
`fromClientIds`	path	string	required	Comma-delimited string with client IDs of the profiles to merge
`toClientId`	path	integer	required	The ID of the profile to merge the `fromClientIds` into
`Accept`	header	enum<"application/json">	required
`Content-Type`	header	enum<"application/json">	required
`Api-Version`	header	enum<"4.4">	required

Responses

Status	Description
`200` `application/json`	Request completed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`404` `application/json`	Source and/or target profile(s) not found.

Example request (cURL)

curl --request POST \
  --url 'https://api.synerise.com/v4/clients/merge/from/ids/434428563,33322211,232212342/to/id/434428563' \
  --header 'Accept: SOME_STRING_VALUE' \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'Content-Type: SOME_STRING_VALUE'

`POST` `/v4/clients/batch` — Batch add or update profiles

/api-reference/data-management#tag/Profile-management/operation/BatchAddOrUpdateClients

Enqueue a number of add/update operations in the Synerise application database.

If you don't have some information about a profile, don't insert a null-value parameter - omit the parameter entirely. Sending a null value deletes an attribute (if it's a custom attribute) or sets it to null/default value (if the attribute is Synerise-native).

The body contains an array of objects to update. The objects are the same as in the Create a Profile and Update a Profile endpoints.

IMPORTANT: The request body cannot contain more than 1000 items or exceed 1 MB in size.

This is an asynchronous operation. After the request body is validated, the request is added to the queue (HTTP 202).

API consumers: Synerise User, Workspace (Business Profile)

API key permission required: API_BATCH_CLIENT_CREATE

User role permission required: client_management: create

Parameters

Name	In	Type	Required	Description
`Accept`	header	enum<"application/json">	required
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · array<object>

Each profile must have at least one of the following identifiers:

email
If non-unique emails are enabled, email is NOT an identifier.
phone
Phone number is treated as an identifier only if no other identifier is provided. Then, if a profile with this phone number does not exist and non-unique emails are disabled, an anonymous profile is created.
customId
uuid
clientId (can be used only when updating an existing profile)

Responses

Status	Description
`202`	Request accepted. IMPORTANT: this does not mean that all profiles were created/updated successfully. The data is sent for further processing in other elements of the infrastructure.
`207` `application/json`	Invalid data in some entries. Correct entries are sent for further processing, the invalid ones are rejected.
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/clients/batch \
  --header 'Accept: SOME_STRING_VALUE' \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '[{"clientId":0,"email":"string","phone":"+48111222333","customId":"string","firstName":"string","lastName":"string","displayName":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","avatarUrl":"string","birthDate":"1987-10-24","company":"string","city":"string","address":"string","zipCode":"string","province":"string","countryCode":"PL","sex":"FEMALE","agreements":{"email":false,"sms":false,"push":false,"webPush":false,"bluetooth":false,"rfid":false,"wifi":false},"attributes":{"property1":null,"property2":null},"tags":["string"]}]'

`GET` `/v4/clients/{clientId}` — Get profile data

/api-reference/data-management#tag/Profile-management/operation/GetClientData

Retrieve profile data by profile ID. If PII protection is enabled and your API key/user doesn't have the required permissions, this endpoint can only return test profiles; other profiles return error 404.

API consumers: Synerise User, Workspace (Business Profile)

API key permission required: API_BY_ID_CLIENT_READ

User role permission required: client_info: read

Parameters

Name	In	Type	Required	Description
`clientId`	path	integer	required	The ID of the profile Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`Content-Type`	header	enum<"application/json">	required
`Api-Version`	header	enum<"4.4">	required

Responses

Status	Description
`200` `application/json`	Details of a single profile
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`404` `application/json`	Profile not found or access blocked by PII protection settings

Example request (cURL)

curl --request GET \
  --url https://api.synerise.com/v4/clients/434428563 \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'Content-Type: SOME_STRING_VALUE'

`POST` `/v4/clients/{clientId}` — Update a profile (identify by ID)

/api-reference/data-management#tag/Profile-management/operation/UpdateAClient

Change the details of a profile in the Synerise application database.

Sending a null value deletes an attribute (if it's a custom attribute) or sets it to null/default value (if the attribute is Synerise-native).

The attributes object can be used to add custom attributes of your choice. For example, "hasDog":true.

The tags array contains custom tags of your choice.

This is an asynchronous operation. After the request body is validated, the request is added to the queue (HTTP 202).

API consumers: Synerise User, Workspace (Business Profile)

API key permission required: API_BY_ID_CLIENT_UPDATE

User role permission required: client_info: update

Parameters

Name	In	Type	Required	Description
`clientId`	path	integer	required	The ID of the profile Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · api-service-CreateClientRequestBody-apiv4

Field	Type	Required	Description
`email`	string	optional	The profile's e-mail address. Must match the pattern (ECMA flavor): `/^(([^<>()[\]\\.,;:\s@\\"]+(\.[^<>()[\]\\.,;:\s@\\"]+))\|(\\".+\\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])\|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/` The value can't include any characters that match the pattern (ECMA flavor): `/([\uD800-\uDBFF][\uDC00-\uDFFF])\|([\r\n\u2028\u2029\u00AD]\|[\uFE00-\uFE0F]\|[\u0000])/` By default, email is a unique identifier. If non-unique emails are enabled, this field should not be used. It is no longer an identifier. The configuration of non-unique emails includes creating an email parameter for communication. Upcoming breaking change (effective July 6, 2026):* Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`phone`	string	optional	Phone number of the profile Must match the pattern (ECMA flavor): `/(^\+[0-9 \-()/]{6,19}$)\|(^[0-9 \-()/]{6,20}$)/` The value can't include any characters that match the pattern (ECMA flavor): `/([\uD800-\uDBFF][\uDC00-\uDFFF])\|([\r\n\u2028\u2029\u00AD]\|[\uFE00-\uFE0F]\|[\u0000])/` Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`customId`	string	optional	A custom ID for the Profile. It is a unique identifier. The value can't include any characters that match the pattern (ECMA flavor): `/([\uD800-\uDBFF][\uDC00-\uDFFF])\|([\r\n\u2028\u2029\u00AD]\|[\uFE00-\uFE0F]\|[\u0000])/` Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`firstName`	string	optional	Profile's first name. The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`lastName`	string	optional	Profile's last name The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`displayName`	string	optional	Currently unused
`uuid`	string	optional	UUID of the Profile. It is a unique identifier. The value can't include any characters that match the pattern (ECMA flavor): `/([\uD800-\uDBFF][\uDC00-\uDFFF])\|([\r\n\u2028\u2029\u00AD]\|[\uFE00-\uFE0F]\|[\u0000])/` Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`avatarUrl`	string	optional	URL of the profile's avatar picture The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`birthDate`	string	optional	Date of birth in the profile. Must be in `yyyy-mm-dd` format and later than `1900-01-01`. Must be a date in the past. IMPORTANT: Months and days must be zero-padded. For example: May 3, 1993 is `1993-05-03`.
`company`	string	optional	Profiles's company The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`city`	string	optional	Profile's city of residence. The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`address`	string	optional	Profile's street address. The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`zipCode`	string	optional	Profile's zip code The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`province`	string	optional	Profile's province of residence The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`countryCode`	string	optional	Code of profile's country of residence in accordance with the ISO 3166 format
`sex`	enum<"FEMALE", "MALE", "NOT_SPECIFIED", "OTHER">	optional	Profile's sex
`agreements`	object	optional	This object contains the marketing agreements of the Profile. You can also pass the values as strings (`"true"`;`"True"`/`"false"`;`"False"`) or integers (`1` for true and `0` for false).
`attributes`	object	optional	This object contains custom attributes that can have any name (except for reserved attributes, see warning below) and data type, as required by your integration. The attribute names can't include any characters that match the pattern (ECMA flavor): `/[\r\n\u2028\u2029\u00AD\u0000\uFE00-\uFE0F]/` String values: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`) If you want to send a date/time attribute for use in analytics, take the following into account: The date/time should be formatted according to ISO 8601. The time zone of the workspace affects dates/times in the attributes that DON'T have a defined timezone. Example: `2023-10-09T12:00:00` doesn't have a timezone indicator and will be considered as a time in the workspace's time zone. `2023-10-09T12:00:00+02:00` has a timezone indicator (`+02:00`), so the timezone of the workspace doesn't affect it. `2023-10-09T12:00:00Z` is a time in the UTC time zone (denoted by the `Z` at the end), so the timezone of the workspace doesn't affect it. WARNING: Some attributes cannot be sent in this object and will be ignored. Some of these are reserved for system use, and others must be sent as properties of the profile in the root object of the request body instead of inside the `attributes` object. Click to expand the list of reserved attributes `emailidclientIdphonecustomIduuidfirstNamelastName` `displayNamecompanyaddresscityprovincezipCodecountryCode` `birthDatesexavatarUrlanonymousagreementstagsbusinessProfileId` `timeipsourcenewsletter_agreementcustom_identifyfirstname` `lastnamecreatedupdatedlast_activity_datebirthdateexternal_avatar_url` `displaynamereceive_smsesreceive_push_messagesreceive_webpush_messages` `receive_btooth_messagesreceive_rfid_messagesreceive_wifi_messages` `zipCodeanonymous_typecountry_idgeo_loc_countrygeo_loc_isp` `geo_loc_latgeo_loc_lonclub_card_idtypeconfirmedfacebookIddeletedAtdeleted_uniquestatusrecognizedprevious_clientstestProfile` `apikeyapiKeyApiKeyApikeytrackersnr_sdk_versioneventCreateTimecorrelationId`
`tags`	array<string>	optional	Tags can be used to group profiles. Tag names (strings): can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)

Responses

Status	Description
`202`	Accepted, queued for processing
`400` `application/json`	Bad Request
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`404` `application/json`	Profile not found
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/clients/434428563 \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"email":"string","phone":"+48111222333","customId":"string","firstName":"string","lastName":"string","displayName":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","avatarUrl":"string","birthDate":"1987-10-24","company":"string","city":"string","address":"string","zipCode":"string","province":"string","countryCode":"PL","sex":"FEMALE","agreements":{"email":false,"sms":false,"push":false,"webPush":false,"bluetooth":false,"rfid":false,"wifi":false},"attributes":{"property1":null,"property2":null},"tags":["string"]}'

`DELETE` `/v4/clients/{clientId}` — Delete a profile

/api-reference/data-management#tag/Profile-management/operation/DeleteAClient

Delete a profile from the database.

API consumers: Synerise User, Workspace (Business Profile)

API key permission required: API_BY_ID_CLIENT_DELETE

User role permission required: client_info: delete

Parameters

Name	In	Type	Required	Description
`clientId`	path	integer	required	The ID of the profile Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`Accept`	header	enum<"application/json">	required
`Content-Type`	header	enum<"application/json">	required
`Api-Version`	header	enum<"4.4">	required

Responses

Status	Description
`202`	Accepted
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`404` `application/json`	Profile not found

Example request (cURL)

curl --request DELETE \
  --url https://api.synerise.com/v4/clients/434428563 \
  --header 'Accept: SOME_STRING_VALUE' \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'Content-Type: SOME_STRING_VALUE'

`POST` `/v4/clients/by-email/{clientEmail}` — Update a profile (identify by email)

/api-reference/data-management#tag/Profile-management/operation/UpdateAClientByEmail

The attributes object can be used to add custom attributes of your choice. For example, "hasDog":true.

The tags array contains custom tags of your choice.

This is an asynchronous operation. After the request body is validated, the request is added to the queue (HTTP 202).

API consumers: Synerise User, Workspace (Business Profile)

API key permission required: API_BY_EMAIL_CLIENT_UPDATE

User role permission required: client_info: update

Parameters

Name	In	Type	Required	Description
`clientEmail`	path	string	required	The profile's email address Must match the pattern (ECMA flavor): `/^(([^<>()[\]\\.,;:\s@\\"]+(\.[^<>()[\]\\.,;:\s@\\"]+))\|(\\".+\\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])\|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/` The value can't include any characters that match the patternn (ECMA flavor): `/([\uD800-\uDBFF][\uDC00-\uDFFF])\|([\r\n\u2028\u2029\u00AD]\|[\uFE00-\uFE0F]\|[\u0000])/` Upcoming breaking change (effective July 6, 2026):* Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · api-service-CreateClientRequestBody-apiv4

Field	Type	Required	Description
`email`	string	optional	The profile's e-mail address. Must match the pattern (ECMA flavor): `/^(([^<>()[\]\\.,;:\s@\\"]+(\.[^<>()[\]\\.,;:\s@\\"]+))\|(\\".+\\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])\|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/` The value can't include any characters that match the pattern (ECMA flavor): `/([\uD800-\uDBFF][\uDC00-\uDFFF])\|([\r\n\u2028\u2029\u00AD]\|[\uFE00-\uFE0F]\|[\u0000])/` By default, email is a unique identifier. If non-unique emails are enabled, this field should not be used. It is no longer an identifier. The configuration of non-unique emails includes creating an email parameter for communication. Upcoming breaking change (effective July 6, 2026):* Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`phone`	string	optional	Phone number of the profile Must match the pattern (ECMA flavor): `/(^\+[0-9 \-()/]{6,19}$)\|(^[0-9 \-()/]{6,20}$)/` The value can't include any characters that match the pattern (ECMA flavor): `/([\uD800-\uDBFF][\uDC00-\uDFFF])\|([\r\n\u2028\u2029\u00AD]\|[\uFE00-\uFE0F]\|[\u0000])/` Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`customId`	string	optional	A custom ID for the Profile. It is a unique identifier. The value can't include any characters that match the pattern (ECMA flavor): `/([\uD800-\uDBFF][\uDC00-\uDFFF])\|([\r\n\u2028\u2029\u00AD]\|[\uFE00-\uFE0F]\|[\u0000])/` Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`firstName`	string	optional	Profile's first name. The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`lastName`	string	optional	Profile's last name The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`displayName`	string	optional	Currently unused
`uuid`	string	optional	UUID of the Profile. It is a unique identifier. The value can't include any characters that match the pattern (ECMA flavor): `/([\uD800-\uDBFF][\uDC00-\uDFFF])\|([\r\n\u2028\u2029\u00AD]\|[\uFE00-\uFE0F]\|[\u0000])/` Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`avatarUrl`	string	optional	URL of the profile's avatar picture The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`birthDate`	string	optional	Date of birth in the profile. Must be in `yyyy-mm-dd` format and later than `1900-01-01`. Must be a date in the past. IMPORTANT: Months and days must be zero-padded. For example: May 3, 1993 is `1993-05-03`.
`company`	string	optional	Profiles's company The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`city`	string	optional	Profile's city of residence. The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`address`	string	optional	Profile's street address. The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`zipCode`	string	optional	Profile's zip code The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`province`	string	optional	Profile's province of residence The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`countryCode`	string	optional	Code of profile's country of residence in accordance with the ISO 3166 format
`sex`	enum<"FEMALE", "MALE", "NOT_SPECIFIED", "OTHER">	optional	Profile's sex
`agreements`	object	optional	This object contains the marketing agreements of the Profile. You can also pass the values as strings (`"true"`;`"True"`/`"false"`;`"False"`) or integers (`1` for true and `0` for false).
`attributes`	object	optional	This object contains custom attributes that can have any name (except for reserved attributes, see warning below) and data type, as required by your integration. The attribute names can't include any characters that match the pattern (ECMA flavor): `/[\r\n\u2028\u2029\u00AD\u0000\uFE00-\uFE0F]/` String values: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`) If you want to send a date/time attribute for use in analytics, take the following into account: The date/time should be formatted according to ISO 8601. The time zone of the workspace affects dates/times in the attributes that DON'T have a defined timezone. Example: `2023-10-09T12:00:00` doesn't have a timezone indicator and will be considered as a time in the workspace's time zone. `2023-10-09T12:00:00+02:00` has a timezone indicator (`+02:00`), so the timezone of the workspace doesn't affect it. `2023-10-09T12:00:00Z` is a time in the UTC time zone (denoted by the `Z` at the end), so the timezone of the workspace doesn't affect it. WARNING: Some attributes cannot be sent in this object and will be ignored. Some of these are reserved for system use, and others must be sent as properties of the profile in the root object of the request body instead of inside the `attributes` object. Click to expand the list of reserved attributes `emailidclientIdphonecustomIduuidfirstNamelastName` `displayNamecompanyaddresscityprovincezipCodecountryCode` `birthDatesexavatarUrlanonymousagreementstagsbusinessProfileId` `timeipsourcenewsletter_agreementcustom_identifyfirstname` `lastnamecreatedupdatedlast_activity_datebirthdateexternal_avatar_url` `displaynamereceive_smsesreceive_push_messagesreceive_webpush_messages` `receive_btooth_messagesreceive_rfid_messagesreceive_wifi_messages` `zipCodeanonymous_typecountry_idgeo_loc_countrygeo_loc_isp` `geo_loc_latgeo_loc_lonclub_card_idtypeconfirmedfacebookIddeletedAtdeleted_uniquestatusrecognizedprevious_clientstestProfile` `apikeyapiKeyApiKeyApikeytrackersnr_sdk_versioneventCreateTimecorrelationId`
`tags`	array<string>	optional	Tags can be used to group profiles. Tag names (strings): can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)

Responses

Status	Description
`202`	Accepted, queued for processing
`400` `application/json`	Bad Request
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`404` `application/json`	Profile not found
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/clients/by-email/clientemail@synerise.com \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"email":"string","phone":"+48111222333","customId":"string","firstName":"string","lastName":"string","displayName":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","avatarUrl":"string","birthDate":"1987-10-24","company":"string","city":"string","address":"string","zipCode":"string","province":"string","countryCode":"PL","sex":"FEMALE","agreements":{"email":false,"sms":false,"push":false,"webPush":false,"bluetooth":false,"rfid":false,"wifi":false},"attributes":{"property1":null,"property2":null},"tags":["string"]}'

`POST` `/v4/clients/by-customid/{customId}` — Update a profile (identify by customId)

/api-reference/data-management#tag/Profile-management/operation/UpdateAClientByCustomId

The attributes object can be used to add custom attributes of your choice. For example, "hasDog":true.

The tags array contains custom tags of your choice.

This is an asynchronous operation. After the request body is validated, the request is added to the queue (HTTP 202).

API consumers: Synerise User, Workspace (Business Profile)

API key permission required: API_BY_CUSTOM_ID_CLIENT_UPDATE

User role permission required: client_info: update

Parameters

Name	In	Type	Required	Description
`customId`	path	string	required	The custom ID of the profile Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · api-service-CreateClientRequestBody-apiv4

Field	Type	Required	Description
`email`	string	optional	The profile's e-mail address. Must match the pattern (ECMA flavor): `/^(([^<>()[\]\\.,;:\s@\\"]+(\.[^<>()[\]\\.,;:\s@\\"]+))\|(\\".+\\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])\|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/` The value can't include any characters that match the pattern (ECMA flavor): `/([\uD800-\uDBFF][\uDC00-\uDFFF])\|([\r\n\u2028\u2029\u00AD]\|[\uFE00-\uFE0F]\|[\u0000])/` By default, email is a unique identifier. If non-unique emails are enabled, this field should not be used. It is no longer an identifier. The configuration of non-unique emails includes creating an email parameter for communication. Upcoming breaking change (effective July 6, 2026):* Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`phone`	string	optional	Phone number of the profile Must match the pattern (ECMA flavor): `/(^\+[0-9 \-()/]{6,19}$)\|(^[0-9 \-()/]{6,20}$)/` The value can't include any characters that match the pattern (ECMA flavor): `/([\uD800-\uDBFF][\uDC00-\uDFFF])\|([\r\n\u2028\u2029\u00AD]\|[\uFE00-\uFE0F]\|[\u0000])/` Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`customId`	string	optional	A custom ID for the Profile. It is a unique identifier. The value can't include any characters that match the pattern (ECMA flavor): `/([\uD800-\uDBFF][\uDC00-\uDFFF])\|([\r\n\u2028\u2029\u00AD]\|[\uFE00-\uFE0F]\|[\u0000])/` Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`firstName`	string	optional	Profile's first name. The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`lastName`	string	optional	Profile's last name The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`displayName`	string	optional	Currently unused
`uuid`	string	optional	UUID of the Profile. It is a unique identifier. The value can't include any characters that match the pattern (ECMA flavor): `/([\uD800-\uDBFF][\uDC00-\uDFFF])\|([\r\n\u2028\u2029\u00AD]\|[\uFE00-\uFE0F]\|[\u0000])/` Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`avatarUrl`	string	optional	URL of the profile's avatar picture The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`birthDate`	string	optional	Date of birth in the profile. Must be in `yyyy-mm-dd` format and later than `1900-01-01`. Must be a date in the past. IMPORTANT: Months and days must be zero-padded. For example: May 3, 1993 is `1993-05-03`.
`company`	string	optional	Profiles's company The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`city`	string	optional	Profile's city of residence. The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`address`	string	optional	Profile's street address. The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`zipCode`	string	optional	Profile's zip code The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`province`	string	optional	Profile's province of residence The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`countryCode`	string	optional	Code of profile's country of residence in accordance with the ISO 3166 format
`sex`	enum<"FEMALE", "MALE", "NOT_SPECIFIED", "OTHER">	optional	Profile's sex
`agreements`	object	optional	This object contains the marketing agreements of the Profile. You can also pass the values as strings (`"true"`;`"True"`/`"false"`;`"False"`) or integers (`1` for true and `0` for false).
`attributes`	object	optional	This object contains custom attributes that can have any name (except for reserved attributes, see warning below) and data type, as required by your integration. The attribute names can't include any characters that match the pattern (ECMA flavor): `/[\r\n\u2028\u2029\u00AD\u0000\uFE00-\uFE0F]/` String values: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`) If you want to send a date/time attribute for use in analytics, take the following into account: The date/time should be formatted according to ISO 8601. The time zone of the workspace affects dates/times in the attributes that DON'T have a defined timezone. Example: `2023-10-09T12:00:00` doesn't have a timezone indicator and will be considered as a time in the workspace's time zone. `2023-10-09T12:00:00+02:00` has a timezone indicator (`+02:00`), so the timezone of the workspace doesn't affect it. `2023-10-09T12:00:00Z` is a time in the UTC time zone (denoted by the `Z` at the end), so the timezone of the workspace doesn't affect it. WARNING: Some attributes cannot be sent in this object and will be ignored. Some of these are reserved for system use, and others must be sent as properties of the profile in the root object of the request body instead of inside the `attributes` object. Click to expand the list of reserved attributes `emailidclientIdphonecustomIduuidfirstNamelastName` `displayNamecompanyaddresscityprovincezipCodecountryCode` `birthDatesexavatarUrlanonymousagreementstagsbusinessProfileId` `timeipsourcenewsletter_agreementcustom_identifyfirstname` `lastnamecreatedupdatedlast_activity_datebirthdateexternal_avatar_url` `displaynamereceive_smsesreceive_push_messagesreceive_webpush_messages` `receive_btooth_messagesreceive_rfid_messagesreceive_wifi_messages` `zipCodeanonymous_typecountry_idgeo_loc_countrygeo_loc_isp` `geo_loc_latgeo_loc_lonclub_card_idtypeconfirmedfacebookIddeletedAtdeleted_uniquestatusrecognizedprevious_clientstestProfile` `apikeyapiKeyApiKeyApikeytrackersnr_sdk_versioneventCreateTimecorrelationId`
`tags`	array<string>	optional	Tags can be used to group profiles. Tag names (strings): can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)

Responses

Status	Description
`202`	Accepted, queued for processing
`400` `application/json`	Bad Request
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`404` `application/json`	Profile not found
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/clients/by-customid/customIdExample \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"email":"string","phone":"+48111222333","customId":"string","firstName":"string","lastName":"string","displayName":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","avatarUrl":"string","birthDate":"1987-10-24","company":"string","city":"string","address":"string","zipCode":"string","province":"string","countryCode":"PL","sex":"FEMALE","agreements":{"email":false,"sms":false,"push":false,"webPush":false,"bluetooth":false,"rfid":false,"wifi":false},"attributes":{"property1":null,"property2":null},"tags":["string"]}'

`DELETE` `/v4/clients/by-custom-id/{customId}` — Delete a profile (identify by customId)

/api-reference/data-management#tag/Profile-management/operation/DeleteAClientByCustomId

Delete a profile from the database.

API consumers: Synerise User, Workspace (Business Profile)

API key permission required: API_BY_ID_CLIENT_DELETE

User role permission required: client_info: delete

Parameters

Name	In	Type	Required	Description
`customId`	path	string	required	The custom ID of the profile Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`Content-Type`	header	enum<"application/json">	required
`Api-Version`	header	enum<"4.4">	required

Responses

Status	Description
`202`	Accepted
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`404` `application/json`	Profile not found

Example request (cURL)

curl --request DELETE \
  --url https://api.synerise.com/v4/clients/by-custom-id/customIdExample \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'Content-Type: SOME_STRING_VALUE'

`GET` `/v4/clients/{identifierType}/{identifierValue}` — Fetch profile data

/api-reference/data-management#tag/Profile-management/operation/FindAClient

Get the details of a single profile. If PII protection is enabled and your API key/user doesn't have the required permissions, this endpoint can only return test profiles; other profiles return error 404.

API consumers: Synerise User, Workspace (Business Profile)

API key permission required: API_BY_IDENTIFIER_CLIENT_READ

User role permission required: client_info: read

Parameters

Name	In	Type	Required	Description
`identifierType`	path	enum<"by-custom-id", "by-phone", "by-uuid", "by-email">	required	The type of profile identifier to use for the request
`identifierValue`	path	string	required	The value of the selected identifier. The value must be URL-encoded.
`Content-Type`	header	enum<"application/json">	required
`Api-Version`	header	enum<"4.4">	required

Responses

Status	Description
`200` `application/json`	Details of a single profile
`400` `application/json`	Bad Request
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`404` `application/json`	Profile not found or access blocked by PII protection settings
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request GET \
  --url https://api.synerise.com/v4/clients/by-email/address@domain.com \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'Content-Type: SOME_STRING_VALUE'

`GET` `/v4/clients/batch/by-phone/{phoneNumber}` — Batch fetch profiles by phone number

/api-reference/data-management#tag/Profile-management/operation/FindClientsByPhone

Returns a detailed list of profiles associated with the provided phone number. The number saved in the profile must exactly match the number from the request. If no profiles match the criteria, an empty list is returned.

API consumers: Synerise User, Workspace (Business Profile)

API key permission required: API_BY_IDENTIFIER_CLIENT_READ

User role permission required: client_info: read

Parameters

Name	In	Type	Required	Description
`phoneNumber`	path	string	required	The phone number to search for in profiles. Must be an exact match. The value must be URL-encoded. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`Content-Type`	header	enum<"application/json">	required
`Api-Version`	header	enum<"4.4">	required

Responses

Status	Description
`200` `application/json`	Returns an array of profile details.
`400` `application/json`	Bad Request
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`404` `application/json`	Profile not found or access blocked by PII protection settings
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request GET \
  --url https://api.synerise.com/v4/clients/batch/by-phone/12065550100 \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'Content-Type: SOME_STRING_VALUE'

`GET` `/crm/v1/clients/{clientId}/contacts` — Get Profile details (deprecated)

/api-reference/data-management#tag/Profile-management/operation/getClient

This method is deprecated. It will be disabled on August 30, 2026.

You can use these methods instead:

GET /v4/clients/{clientId}
GET /v4/clients/{identifierType}/{identifierValue}

Retrieve the details of a Profile.

API consumers: Synerise User, Workspace (Business Profile)

API key permission required: CRM_DETAILS_CLIENT_READ

User role permission required: client_info: read

Parameters

Name	In	Type	Required	Description
`clientId`	path	integer	required	Profile ID Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.

Responses

Status	Description
`200` `application/json`	Profile details
`404` `text/plain`	Resource not found or access blocked by PII protection settings

Example request (cURL)

curl --request GET \
  --url https://api.synerise.com/crm/v1/clients/%7BclientId%7D/contacts \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN'

`PUT` `/crm/v1/contacts/{clientId}` — Update Profile (deprecated)

/api-reference/data-management#tag/Profile-management/operation/updateClient

This method is deprecated. It will be disabled on August 16, 2026
Use one of these endpoints instead:

POST /v4/clients/{clientId}
POST /v4/clients/by-email/{clientEmail}
POST /v4/clients/by-customid/{customId}

Sending a null value deletes an attribute (if it's a custom attribute) or sets it to null/default value (if the attribute is Synerise-native)

API consumers: Synerise User, Workspace (Business Profile)

API key permission required: CRM_CLIENT_UPDATE

User role permission required: client_management: update

Parameters

Name	In	Type	Required	Description
`clientId`	path	integer	required	Profile ID Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.

Request body (required)

application/json · crm-CustomerCommon

Field	Type	Required	Description
`uuid`	string	optional	UUID of the Profile Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`email`	string	optional	Profile's e-mail address Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`firstname`	string	optional	Profile's first name
`lastName`	string	optional	Profile's last name
`custom_identify`	string	optional	A custom ID for the Profile Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`company`	string	optional	Profile's company
`phone`	string	optional	Profile's phone number Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`address`	string	optional	Profile's street address
`birthdate`	string	optional	Profile's date of birth. Must be a past date.
`city`	string	optional	Profile's city of residence
`zipCode`	string	optional	Profile's zip code
`province`	string	optional	Profile's province of residence
`country_id`	string	optional	ID of the Profile's country of residence
`countryCode`	string	optional	Code of Profile's country of residence
`avatarUrl`	string	optional	URL of the Profile's avatar picture
`sex`	enum<"0", "1", "2", "3">	optional	Profile's sex. 0: undefined 1: female 2: male 3: other
`tags`	array<string>	optional	Custom tags. They can be used, for example, to group Profiles.
`additionalProperties`		optional	Additional attributes, including custom attributes. The following attributes are reserved for system use and can't be modified: Click to expand the list of reserved attributes `emailclientIdphonecustomIduuidfirstNamelastNamedisplayNamecompanyaddresscityprovincezipCodecountryCodebirthDatesexavatarUrlanonymousagreementstagsbusinessProfileIdtimeipsourcenewsletter_agreementcustom_identifyfirstnamelastnamecreatedupdatedlast_activity_datebirthdateexternal_avatar_urldisplaynamereceive_smsesreceive_push_messagesreceive_webpush_messagesreceive_btooth_messagesreceive_rfid_messagesreceive_wifi_messagesconfirmation_hashownerIdzipCodeanonymous_typecountry_idgeo_loc_citygeo_loc_countrygeo_loc_asgeo_loc_country_codegeo_loc_ispgeo_loc_latgeo_loc_longeo_loc_orggeo_loc_querygeo_loc_regiongeo_loc_region_namegeo_loc_statusgeo_loc_timezonegeo_loc_zipclub_card_idtypeconfirmedfacebookIdstatus`

Responses

Status	Description
`200` `application/json`	Profile details

Example request (cURL)

curl --request PUT \
  --url https://api.synerise.com/crm/v1/contacts/%7BclientId%7D \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string","firstname":"string","lastName":"string","custom_identify":"string","company":"string","phone":"string","address":"string","birthdate":"2019-08-24","city":"string","zipCode":"string","province":"string","country_id":"string","countryCode":"PL","avatarUrl":"string","sex":"0","tags":["string"],"additionalProperties":null}'

`POST` `/morph/exports/clients/segmentation` — Create and run profile export

/api-reference/data-management#tag/Profile-management/operation/runProfileExport

Request an export of profiles. The group of profiles to export is selected by pointing to a segmentation. After the export is completed, you can access the data with GET /exports/clients/{taskId}/data or from https://app.synerise.com/assets/exports.

API consumers: Synerise User, Workspace (Business Profile)

API key permission required: CLIENT_EXPORTER_REPORT_CREATE

User role permission required: settings_export: create

Request body (required)

application/json · morph-NewProfileExport

Field	Type	Required	Description
`name`	string	required	Name of the export, visible at https://app.synerise.com/assets/
`fields`	array<string>	required	Profile attributes to export. The first attribute in this array MUST BE `id`
`agreementFilter`	enum<"NONE", "EMAIL", "WEB_PUSH", "PUSH", …>	required	You can filter the profiles by their marketing agreement. `NONE` means no filter.
`segmentationHash`	string	required	UUID of the segmentation which defines the profiles to export. The segmentation conditions are checked at the time of sending the "create and run export" request.
`tags`	array<string>	optional	Profile tags to check for an exported profile. In the results, the tag name is the key and the value is "true" (string) if the tag is assigned to a given profile, otherwise it's "false".
`expressions`	array<string>	optional	UUIDs of expressions to check for an exported profile. In the results, the name of the expression is the key and the value is the result of the expression.
`aggregates`	array<string>	optional	UUIDs of aggregates to check for an exported profile. In the results, the name of the aggregate is the key and the value is the result of the aggregate.
`segmentations`	array<string>	optional	UUIDs of segmentations to check for an exported profile. In the results, the name of the segmentation is the key and the value is "true" (string) if the profile belongs to the segmentation, otherwise it's "false".
`excludedIds`	array<number>	required	List of clientIds to exclude from the exported data

Responses

Status	Description
`200` `application/json`	Export task created and queued
`400` `application/json`	Invalid request

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/morph/exports/clients/segmentation \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"name":"string","fields":["id","attr1","attr2"],"agreementFilter":"NONE","segmentationHash":"e7cff342-b484-4fcb-aa34-4735122bc9e7","tags":["string"],"expressions":["497f6eca-6276-4993-bfeb-53cbbbba6f08"],"aggregates":["497f6eca-6276-4993-bfeb-53cbbbba6f08"],"segmentations":["497f6eca-6276-4993-bfeb-53cbbbba6f08"],"excludedIds":[0]}'

`GET` `/morph/exports/clients/{taskId}/status` — Check profile export status

/api-reference/data-management#tag/Profile-management/operation/getProfileExportStatus

After creating an export with POST /exports/clients/segmentation, you can check its status. When the export is ready, you can access the data with GET /exports/clients/{taskId}/data.

API consumers: Synerise User, Workspace (Business Profile)

API key permission required: CLIENT_EXPORTER_REPORT_CREATE

User role permission required: settings_export: create

Parameters

Name	In	Type	Required	Description
`taskId`	path	string	required	Unique ID of the export task

Responses

Status	Description
`200` `application/json`	Status of the export task

Example request (cURL)

curl --request GET \
  --url https://api.synerise.com/morph/exports/clients/%7BtaskId%7D/status \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN'

`GET` `/morph/exports/clients/{taskId}/data` — Get exported profiles

/api-reference/data-management#tag/Profile-management/operation/getExportedProfileData

Get exported profiles as a list. To create the export, use POST /exports/clients/segmentation.

Tip: If you want to download a CSV, JSON, or JSONL, find your export in https://app.synerise.com/assets/exports.

API consumers: Synerise User, Workspace (Business Profile)

API key permission required: CLIENT_EXPORTER_REPORT_CREATE

User role permission required: settings_export: create

Parameters

Name	In	Type	Required	Description
`taskId`	path	string	required	Unique ID of the export task
`offset`	query	number	required	The index of the first record to retrieve. Use this to paginate the exported data.
`limit`	query	integer	required	The number of records to retrieve. Use this to paginate the exported data.

Responses

Status	Description
`200` `application/json`	Exported profile data
`400` `application/json`	Invalid request

Example request (cURL)

curl --request GET \
  --url 'https://api.synerise.com/morph/exports/clients/%7BtaskId%7D/data?offset=SOME_NUMBER_VALUE&limit=SOME_INTEGER_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN'

`GET` `/notes-service/by-id/{clientId}` — Get all Profile notes

/api-reference/data-management#tag/Profile-management/operation/getAllNotesUsingGET

Retrieve all notes associated with a single profile.

API consumer: Synerise User

User role permission required: client_notes: read

Parameters

Name	In	Type	Required	Description
`clientId`	path	integer	required	Profile ID

Responses

Status	Description
`200` `application/json`	An array of notes
`401`	Unauthorized
`403`	Forbidden
`404`	Not Found

Example request (cURL)

curl --request GET \
  --url https://api.synerise.com/notes-service/by-id/%7BclientId%7D \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN'

`POST` `/notes-service/by-id/{clientId}` — Create a note

/api-reference/data-management#tag/Profile-management/operation/createNoteUsingPOST

Create a new note in the profile

API consumer: Synerise User

User role permission required: client_notes: create

Parameters

Name	In	Type	Required	Description
`clientId`	path	integer	required	Profile ID

Request body

application/json · notes-service-NoteRequest

Field	Type	Required	Description
`subject`	string	optional	The title of the note
`body`	string	optional	Text of the note

Responses

Status	Description
`200` `application/json`	OK
`201`	Created
`401`	Unauthorized
`403`	Forbidden
`404`	Not Found

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/notes-service/by-id/%7BclientId%7D \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"subject":"Note 1","body":"<h1>NOTE 1</h1>\\n<p>Some text</p>\\n<ul>\\n<li>1</li>\\n<li>2</li>\\n<li>3</li>\\n</ul>\\n<blockquote>Lorem ipsum in quote</blockquote>\\n<p><strong>Lorem ipsum in bold</strong></p>\\n"}'

`GET` `/notes-service/by-id/{clientId}/{noteId}` — Get note

/api-reference/data-management#tag/Profile-management/operation/getNoteUsingGET

Retrieve a single note

API consumer: Synerise User

User role permission required: client_notes: read

Parameters

Name	In	Type	Required	Description
`clientId`	path	integer	required	Profile ID
`noteId`	path	string	required	Note UUID

Responses

Status	Description
`200` `application/json`	OK
`401`	Unauthorized
`403`	Forbidden
`404`	Not Found

Example request (cURL)

curl --request GET \
  --url https://api.synerise.com/notes-service/by-id/%7BclientId%7D/%7BnoteId%7D \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN'

`PUT` `/notes-service/by-id/{clientId}/{noteId}` — Update note

/api-reference/data-management#tag/Profile-management/operation/updateNoteUsingPUT

You can update an existing note.

API consumer: Synerise User

User role permission required: client_notes: update

Parameters

Name	In	Type	Required	Description
`clientId`	path	integer	required	Profile ID
`noteId`	path	string	required	Note UUID

Request body

application/json · notes-service-NoteRequest

Field	Type	Required	Description
`subject`	string	optional	The title of the note
`body`	string	optional	Text of the note

Responses

Status	Description
`200` `application/json`	OK
`201`	Created
`401`	Unauthorized
`403`	Forbidden
`404`	Not Found

Example request (cURL)

curl --request PUT \
  --url https://api.synerise.com/notes-service/by-id/%7BclientId%7D/%7BnoteId%7D \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"subject":"Note 1","body":"<h1>NOTE 1</h1>\\n<p>Some text</p>\\n<ul>\\n<li>1</li>\\n<li>2</li>\\n<li>3</li>\\n</ul>\\n<blockquote>Lorem ipsum in quote</blockquote>\\n<p><strong>Lorem ipsum in bold</strong></p>\\n"}'

`DELETE` `/notes-service/by-id/{clientId}/{noteId}` — Delete note

/api-reference/data-management#tag/Profile-management/operation/deleteNoteUsingDELETE

You can delete a note. This operation is irreversible.

API consumer: Synerise User

User role permission required: client_notes: delete

Parameters

Name	In	Type	Required	Description
`clientId`	path	integer	required	Profile ID
`noteId`	path	string	required	Note UUID

Responses

Status	Description
`200`	OK
`204`	No Content
`401`	Unauthorized
`403`	Forbidden

Example request (cURL)

curl --request DELETE \
  --url https://api.synerise.com/notes-service/by-id/%7BclientId%7D/%7BnoteId%7D \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN'

`POST` `/sauth/management/client/{clientID}/logout` — Log out a Profile

/api-reference/data-management#tag/Profile-management/operation/logoutClientUsingPOST

Log out a Profile when authenticated as a Synerise User or a Workspace.

API consumers: Synerise User, Workspace (Business Profile)

API key permission required: SAUTH_LOGOUT_CLIENT_CREATE

User role permission required: settings_customers_iam: create

Parameters

Name	In	Type	Required	Description
`clientID`	path	string	required	The ID of the Profile

Request body

application/json · sauth-ClientLogoutRequest

Field	Type	Required	Description
`action`	enum<"LOGOUT", "LOGOUT_WITH_SESSION_CLEARING">	optional

Responses

Status	Description
`200`	OK
`401` `application/json`	JWT missing, expired, or invalid
`403` `application/json`	Insufficient permissions or wrong JWT scope (for example, profile token where a workspace token was required)
`404`	Profile not found

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/sauth/management/client/434428563/logout \
  --header 'content-type: application/json' \
  --data '{"action":"LOGOUT"}'

Profile account management

`GET` `/v4/my-account/personal-information` — Get Profile's own data

/api-reference/profile-management#tag/Profile-account-management/operation/getAccountDataGET

A Profile can retrieve its details from the database.

API consumers: Profile (Client), ANONYMOUS_CLIENT_CONDITIONAL

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required
`Content-Type`	header	enum<"application/json">	required

Responses

Status	Description
`200` `application/json`	Profile information
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request GET \
  --url https://api.synerise.com/v4/my-account/personal-information \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'Content-Type: SOME_STRING_VALUE'

`POST` `/v4/my-account/personal-information` — Update Profile's own data

/api-reference/profile-management#tag/Profile-account-management/operation/updateAccountDataUsingPOST

A Profile can update its own details.

API consumer: Profile (Client)

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body

application/json · api-service-ClientChangeset-apiv4

Field	Type	Required	Description
`address`	string	optional	Profile's street address. The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`agreements`	object	optional	This object contains the marketing agreements of the Profile. You can also pass the values as strings (`"true"`;`"True"`/`"false"`;`"False"`) or integers (`1` for true and `0` for false).
`attributes`	object	optional	This object contains custom attributes that can have any name (except for reserved attributes, see warning below) and data type, as required by your integration. The attribute names can't include any characters that match the pattern (ECMA flavor): `/[\r\n\u2028\u2029\u00AD\u0000\uFE00-\uFE0F]/` String values: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`) If you want to send a date/time attribute for use in analytics, take the following into account: The date/time should be formatted according to ISO 8601. The time zone of the workspace affects dates/times in the attributes that DON'T have a defined timezone. Example: `2023-10-09T12:00:00` doesn't have a timezone indicator and will be considered as a time in the workspace's time zone. `2023-10-09T12:00:00+02:00` has a timezone indicator (`+02:00`), so the timezone of the workspace doesn't affect it. `2023-10-09T12:00:00Z` is a time in the UTC time zone (denoted by the `Z` at the end), so the timezone of the workspace doesn't affect it. WARNING: Some attributes cannot be sent in this object and will be ignored. Some of these are reserved for system use, and others must be sent as properties of the profile in the root object of the request body instead of inside the `attributes` object. Click to expand the list of reserved attributes `emailidclientIdphonecustomIduuidfirstNamelastName` `displayNamecompanyaddresscityprovincezipCodecountryCode` `birthDatesexavatarUrlanonymousagreementstagsbusinessProfileId` `timeipsourcenewsletter_agreementcustom_identifyfirstname` `lastnamecreatedupdatedlast_activity_datebirthdateexternal_avatar_url` `displaynamereceive_smsesreceive_push_messagesreceive_webpush_messages` `receive_btooth_messagesreceive_rfid_messagesreceive_wifi_messages` `zipCodeanonymous_typecountry_idgeo_loc_countrygeo_loc_isp` `geo_loc_latgeo_loc_lonclub_card_idtypeconfirmedfacebookIddeletedAtdeleted_uniquestatusrecognizedprevious_clientstestProfile` `apikeyapiKeyApiKeyApikeytrackersnr_sdk_versioneventCreateTimecorrelationId`
`avatarUrl`	string	optional	URL of the profile's avatar picture The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`birthDate`	string	optional	Date of birth in the profile. Must be in `yyyy-mm-dd` format and later than `1900-01-01`. Must be a date in the past. IMPORTANT: Months and days must be zero-padded. For example: May 3, 1993 is `1993-05-03`.
`city`	string	optional	Profile's city of residence. The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`company`	string	optional	Profiles's company The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`countryCode`	string	optional	Code of profile's country of residence in accordance with the ISO 3166 format
`customId`	string	optional	A custom ID for the Profile. It is a unique identifier. The value can't include any characters that match the pattern (ECMA flavor): `/([\uD800-\uDBFF][\uDC00-\uDFFF])\|([\r\n\u2028\u2029\u00AD]\|[\uFE00-\uFE0F]\|[\u0000])/` Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`displayName`	string	optional	Currently unused
`email`	string	optional	The profile's e-mail address. Must match the pattern (ECMA flavor): `/^(([^<>()[\]\\.,;:\s@\\"]+(\.[^<>()[\]\\.,;:\s@\\"]+))\|(\\".+\\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])\|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/` The value can't include any characters that match the pattern (ECMA flavor): `/([\uD800-\uDBFF][\uDC00-\uDFFF])\|([\r\n\u2028\u2029\u00AD]\|[\uFE00-\uFE0F]\|[\u0000])/` By default, email is a unique identifier. If non-unique emails are enabled, this field should not be used. It is no longer an identifier. The configuration of non-unique emails includes creating an email parameter for communication. Upcoming breaking change (effective July 6, 2026):* Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`firstName`	string	optional	Profile's first name. The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`lastName`	string	optional	Profile's last name The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`phone`	string	optional	Phone number of the profile Must match the pattern (ECMA flavor): `/(^\+[0-9 \-()/]{6,19}$)\|(^[0-9 \-()/]{6,20}$)/` The value can't include any characters that match the pattern (ECMA flavor): `/([\uD800-\uDBFF][\uDC00-\uDFFF])\|([\r\n\u2028\u2029\u00AD]\|[\uFE00-\uFE0F]\|[\u0000])/` Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`province`	string	optional	Profile's province of residence The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)
`sex`	enum<"FEMALE", "MALE", "NOT_SPECIFIED", "OTHER">	optional	Profile's sex
`zipCode`	string	optional	Profile's zip code The value: can't include variation selectors (`[\uFE00-\uFE0F]`), unless there are other characters in the string. can't include the "null" control character (`\u0000`)

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad Request
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/my-account/personal-information \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"address":"string","agreements":{"email":false,"sms":false,"push":false,"webPush":false,"bluetooth":false,"rfid":false,"wifi":false},"attributes":{"property1":null,"property2":null},"avatarUrl":"string","birthDate":"1987-10-24","city":"string","company":"string","countryCode":"PL","customId":"string","displayName":"string","email":"string","firstName":"string","lastName":"string","phone":"+48111222333","province":"string","sex":"FEMALE","zipCode":"string"}'

`POST` `/v4/my-account/phone-update/request` — Request profile phone number change

/api-reference/profile-management#tag/Profile-account-management/operation/RequestClientPhoneNumberChange

A Profile can request a phone number update. The confirmation code is sent in a text message.

API consumer: Profile (Client)

Parameters

Name	In	Type	Required	Description
`Accept`	header	enum<"application/json">	required
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · object

Field	Type	Required	Description
`phone`	string	required	Current phone number of the profile. Must match the pattern (ECMA flavor): `/(^\+[0-9 \-()/]{6,19}$)\|(^[0-9 \-()/]{6,20}$)/`

Responses

Status	Description
`202`	Request accepted'
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/my-account/phone-update/request \
  --header 'Accept: SOME_STRING_VALUE' \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"phone":"+48111222333"}'

`POST` `/v4/my-account/phone-update/confirmation` — Confirm profile phone number change

/api-reference/profile-management#tag/Profile-account-management/operation/ConfirmClientPhoneNumberChange

Use a code to confirm the phone number change and provide the new number.

API consumer: Profile (Client)

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · object

Field	Type	Required	Description
`phone`	string	required	New phone number Must match the pattern (ECMA flavor): `/(^\+[0-9 \-()/]{6,19}$)\|(^[0-9 \-()/]{6,20}$)/` Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`confirmationCode`	string	required	Confirmation code received by text message
`deviceId`	string	optional	Unique Android or iOS device ID
`smsAgreement`	boolean	optional	Permission to receive marketing information by SMS

Responses

Status	Description
`202`	Request accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/my-account/phone-update/confirmation \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"phone":"+48111222333","confirmationCode":"73AC1","deviceId":"string","smsAgreement":true}'

`POST` `/sauth/clients/password-reset/request` — Request Profile password reset

/api-reference/profile-management#tag/Profile-account-management/operation/RequestClientPasswordReset

Allows a Profile to send a password reset request. A reset link is sent to the specified email address. To confirm the request, use the Confirm a Profile's password reset endpoint.

API consumers: Anonymous Profile, Workspace (Business Profile)

API key permission required: SAUTH_PASSWORD_RESET_CLIENT_CREATE

Request body (required)

application/json · sauth-RequestClientpasswordresetRequest

Field	Type	Required	Description
`email`	string	required	Email address where the password reset link will be sent

Responses

Status	Description
`200`	Request accepted
`201`	Created
`401` `application/json`	JWT missing, expired, or invalid
`403` `application/json`	Forbidden
`404`	Not Found

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/sauth/clients/password-reset/request \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"email":"testDoc@example.com"}'

`POST` `/sauth/clients/password-reset/confirmation` — Confirm Profile password reset

/api-reference/profile-management#tag/Profile-account-management/operation/ConfirmClientPasswordReset

Confirm a password reset using the token obtained from the Request Profile password reset endpoint.

API consumers: Anonymous Profile, Workspace (Business Profile)

API key permission required: SAUTH_PASSWORD_RESET_CLIENT_CREATE

Request body (required)

application/json · sauth-ConfirmClientpasswordresetRequest

Field	Type	Required	Description
`password`	string	required	New password
`token`	string	required	Token received by email

Responses

Status	Description
`200`	Request accepted

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/sauth/clients/password-reset/confirmation \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"password":"testPass1!","token":"token_from_pass_reset_req"}'

`POST` `/sauth/my-account/change-password` — Change Profile password

/api-reference/profile-management#tag/Profile-account-management/operation/ChangeClientPassword

A Profile can update the password to its account.

API consumer: Profile (Client)

Request body (required)

application/json · sauth-ChangeClientPasswordRequestBody

Field	Type	Required	Description
`oldPassword`	string	optional	Current password
`password`	string	optional	New password
`deviceId`	string	optional	Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled.

Responses

Status	Description
`200` `text/plain`	Request accepted
`400` `application/json`	Bad Request

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/sauth/my-account/change-password \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"oldPassword":"string","password":"string","deviceId":"string"}'

`POST` `/sauth/v2/my-account/delete` — Delete account

/api-reference/profile-management#tag/Profile-account-management/operation/deleteAccountUsingPOST

A Profile can delete its own account. Its history shows an client.deleteAccount event. All marketing agreements are cancelled. The profile is signed out on all devices and cannot sign in again.

API consumer: Profile (Client)

Request body (required)

application/json · sauth-DeleteAccountV2RequestBody

Field	Type	Required	Description
`password`	string	required	Profile password. Only applicable if the Profile is not authenticated by an external identity provider.
`uuid`	string	optional	UUID of the Profile
`externalToken`	string	optional	External authorization token. Only applicable if the Profile is authenticated by an external identity provider.
`customId`	string	optional	Custom ID of the Profile, if applicable
`identityProvider`	enum<"FACEBOOK", "OAUTH", "APPLE", "SYNERISE">	required	Authorization provider
`deviceId`	string	optional	Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled.

Responses

Status	Description
`200`	Account deleted
`400` `application/json`	Request body malformed/invalid
`401` `application/json`	JWT missing, expired, or invalid
`403` `application/json`	Invalid credentials in request body
`404`	Not Found

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/sauth/v2/my-account/delete \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"password":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","externalToken":"string","customId":"string","identityProvider":"FACEBOOK","deviceId":"string"}'

`POST` `/sauth/v2/my-account/email-change/request` — Request Profile email change

/api-reference/profile-management#tag/Profile-account-management/operation/changeEmailRequestUsingPOST

A Profile can request an email change for its own account. A confirmation token is sent to the new email by and must be applied by clicking the link in the message or using the Confirm Profile email change endpoint.

API consumer: Profile (Client)

Request body

application/json · sauth-GenericClientEmailChangeRequest

Field	Type	Required	Description
`email`	string	required	New email address
`externalToken`	string	optional	External authorization token. Only applicable if the Profile is authenticated by an external identity provider.
`password`	string	optional	Profile password. Only applicable if the Profile is not authenticated by an external identity provider.
`uuid`	string	required	UUID of the Profile
`deviceId`	string	optional	Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled.
`customId`	string	optional	Custom ID of the Profile, if applicable

Responses

Status	Description
`200`	Email change requested, confirmation token sent to new email
`400` `application/json`	Request body malformed/invalid
`401` `application/json`	JWT missing, expired, or invalid
`403` `application/json`	Invalid credentials in request body
`404`	Not Found

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/sauth/v2/my-account/email-change/request \
  --header 'content-type: application/json' \
  --data '{"email":"string","externalToken":"string","password":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","deviceId":"string","customId":"string"}'

`POST` `/sauth/v3/my-account/logout` — Log out a Profile

/api-reference/profile-management#tag/Profile-account-management/operation/logoutUsingPOST

Log out a Profile when authenticated as that Profile.

API consumers: Profile (Client), ANONYMOUS_CLIENT_CONDITIONAL

Request body

application/json · sauth-ClientLogoutRequest

Field	Type	Required	Description
`action`	enum<"LOGOUT", "LOGOUT_WITH_SESSION_CLEARING">	optional

Responses

Status	Description
`200`	OK
`401` `application/json`	JWT missing, expired, or invalid
`403` `application/json`	Insufficient permissions or wrong JWT scope (for example, profile token where a workspace token was required)
`404`	Profile not found

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/sauth/v3/my-account/logout \
  --header 'content-type: application/json' \
  --data '{"action":"LOGOUT"}'

`POST` `/sauth/my-account/email-change/confirmation` — Confirm Profile email change

/api-reference/profile-management#tag/Profile-account-management/operation/confirmClientEmailChange

The Profile can confirm the email change by providing the token that they received by email as a result of the Request a Profile email change call.

API consumer: Profile (Client)

Request body (required)

application/json · sauth-ConfirmClientEmailChangeRequestBody

Field	Type	Required	Description
`token`	string	optional	Token received by email
`newsletterAgreement`	boolean	optional	Permission to receive email newsletters

Responses

Status	Description
`200`	Request accepted
`400` `application/json`	Request body malformed/invalid
`401` `application/json`	JWT missing, expired, or invalid
`403` `application/json`	Invalid confirmation token

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/sauth/my-account/email-change/confirmation \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"token":"58acd5bd-8efd-47ed-b101-32eb56e13839","newsletterAgreement":true}'

`POST` `/sauth/clients/facebook/email-change/request` — Change Facebook Profile email

/api-reference/profile-management#tag/Profile-account-management/operation/changeEmailUsingPOST

Change the email address of a Profile registered by Facebook

API consumer: Profile (Client)

Request body (required)

application/json · sauth-ClientEmailChangeRequest

Field	Type	Required	Description
`email`	string	optional	New email address
`uuid`	string	optional	UUID of the Profile
`deviceId`	string	optional	Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled.

Responses

Status	Description
`200`	OK
`401` `application/json`	JWT missing, expired, or invalid
`403` `application/json`	Insufficient permissions or wrong JWT scope (for example, profile token where a workspace token was required)
`404`	Not Found

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/sauth/clients/facebook/email-change/request \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"email":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","deviceId":"string"}'

`POST` `/sauth/clients/oauth/deleted` — Delete Client Account (OAuth) (deprecated)

/api-reference/profile-management#tag/Profile-account-management/operation/deleteOauthClientUsingPOST

This endpoint is deprecated. Use this one.

A Client can delete their own account.

API consumer: Profile (Client)

Request body (required)

application/json · sauth-DeleteOauthClientRequestBody

Field	Type	Required	Description
`accessToken`	string	optional	OAuth access token
`uuid`	string	optional	UUID of the Profile
`deviceId`	string	optional	Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled.
`customId`	string	optional	Profile's custom ID

Responses

Status	Description
`200`	OK
`400` `application/json`	Request body malformed/invalid
`401` `application/json`	JWT missing, expired, or invalid
`403` `application/json`	Invalid credentials in request body
`404`	Not Found

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/sauth/clients/oauth/deleted \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"accessToken":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","deviceId":"string","customId":"string"}'

`POST` `/sauth/clients/apple/deleted` — Delete Profile account (Sign in with Apple) (deprecated)

/api-reference/profile-management#tag/Profile-account-management/operation/deleteAppleClientUsingPOST

This endpoint is deprecated. Use this one.

A Profile can delete its own account.

API consumer: Profile (Client)

Request body (required)

application/json · sauth-DeleteAppleClientRequestBody

Field	Type	Required	Description
`accessToken`	string	optional	Apple access token
`uuid`	string	optional	UUID of the Profile
`deviceId`	string	optional	Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled.
`customId`	string	optional	Profile's custom ID

Responses

Status	Description
`200`	OK
`401` `application/json`	JWT missing, expired, or invalid
`403` `application/json`	Insufficient permissions or wrong JWT scope (for example, profile token where a workspace token was required)
`404`	Not Found

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/sauth/clients/apple/deleted \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"accessToken":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","deviceId":"string","customId":"string"}'

`POST` `/sauth/clients/facebook/deleted` — Delete Facebook Profile Account (deprecated)

/api-reference/profile-management#tag/Profile-account-management/operation/DeleteAFacebookClientAccount

This endpoint is deprecated. Use this one.

A Profile can delete its own account.

API consumer: Profile (Client)

Request body (required)

application/json · sauth-DeleteAFacebookClientAccountRequestBody

Field	Type	Required	Description
`facebookToken`	string	optional	Facebook authentication token
`uuid`	string	optional	UUID of the Profile
`deviceId`	string	optional	Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled.

Responses

Status	Description
`200`	Request accepted
`400` `application/json`	Request body malformed/invalid
`401` `application/json`	JWT missing, expired, or invalid
`403` `application/json`	Invalid credentials in request body
`404`	Not Found

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/sauth/clients/facebook/deleted \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"facebookToken":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","deviceId":"string"}'

`POST` `/sauth/my-account/delete` — Delete account (deprecated)

/api-reference/profile-management#tag/Profile-account-management/operation/deleteAccountUsingPOST-v1

This endpoint is deprecated. Use this one.

A Profile can delete its own account.

API consumer: Profile (Client)

Request body

application/json · sauth-DeleteAccountV1RequestBody

Field	Type	Required	Description
`password`	string	optional	Profile password
`uuid`	string	optional	Profile UUID
`deviceId`	string	optional	Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled.

Responses

Status	Description
`200`	OK
`400` `application/json`	Request body malformed/invalid
`401` `application/json`	JWT missing, expired, or invalid
`403` `application/json`	Invalid credentials in request body

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/sauth/my-account/delete \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"password":"string","uuid":"string","deviceId":"string"}'

`POST` `/sauth/my-account/email-change/request` — Request Profile email change (deprecated)

/api-reference/profile-management#tag/Profile-account-management/operation/requestClientEmailChange

This endpoint is deprecated. Use this one.

A Profile can request an email change for its account. A confirmation token is sent by and must be applied using the Confirm Profile email change endpoint.

API consumer: Profile (Client)

Request body (required)

application/json · sauth-RequestClientEmailChangeRequestBody

Field	Type	Required	Description
`email`	string	optional	New email address
`password`	string	optional	Profile password
`uuid`	string	optional	UUID of the Profile
`deviceId`	string	optional	Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled.

Responses

Status	Description
`202`	Request accepted
`400`	Clients not recognizable by email

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/sauth/my-account/email-change/request \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"email":"string","password":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","deviceId":"string"}'

Profile devices

`POST` `/v4/clients/{clientId}/linked-devices` — Link a device by profile ID

/api-reference/profile-management#tag/Profile-devices/operation/LinkAClientDeviceByClientId

Assign a device to a profile ID. A profile may have many devices assigned.

API consumers: Synerise User, Workspace (Business Profile)

API key permission required: API_DEVICE_CLIENT_UPDATE

User role permission required: client_info: update

Parameters

Name	In	Type	Required	Description
`clientId`	path	integer	required	The ID of the profile Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · api-service-LinkaClientdeviceRequest-apiv4

Field	Type	Required	Description
`deviceId`	string	required	Unique Android or iOS device ID
`registrationId`	string	required	Registration ID for Firebase Cloud Messaging
`type`	enum<"android", "ios", "windows">	required	Device type
`bluetoothAddress`	string	optional	Bluetooth MAC address of the device
`macAddress`	string	optional	MAC address of the network adapter
`manufacturer`	string	optional	Manufacturer of the device
`model`	string	optional	Model of the device
`osVersion`	string	optional	Operating system of the device
`product`	string	optional	Additional information about the OS on the device
`screenHeight`	integer	optional	Screen height in pixels
`screenWidth`	integer	optional	Screen width in pixels
`publicKey`	string	optional	Public key used to encrypt push messages

Responses

Status	Description
`200`	Request accepted
`400` `application/json`	Bad request
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`404`	Profile not found
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/clients/434428563/linked-devices \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"deviceId":"string","registrationId":"string","type":"android","bluetoothAddress":"string","macAddress":"string","manufacturer":"string","model":"string","osVersion":"string","product":"a51ul_htc_europe","screenHeight":0,"screenWidth":0,"publicKey":"string"}'

`POST` `/v4/clients/{identifierType}/{identifierValue}/linked-devices` — Link a device by other parameters

/api-reference/profile-management#tag/Profile-devices/operation/LinkAClientDeviceByClientUuid

Assign a device to a profile UUID. A profile may have many devices assigned.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

API key permission required: API_BY_IDENTIFY_DEVICE_CLIENT_UPDATE

User role permission required: client_info: update

Parameters

Name	In	Type	Required	Description
`identifierType`	path	enum<"by-customId", "by-uuid">	required	The profile identifier to use for the request
`identifierValue`	path	string	required	The value of the selected identifier. It must be URL-encoded. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`Accept`	header	enum<"application/json">	required
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · api-service-LinkaClientdeviceRequest-apiv4

Field	Type	Required	Description
`deviceId`	string	required	Unique Android or iOS device ID
`registrationId`	string	required	Registration ID for Firebase Cloud Messaging
`type`	enum<"android", "ios", "windows">	required	Device type
`bluetoothAddress`	string	optional	Bluetooth MAC address of the device
`macAddress`	string	optional	MAC address of the network adapter
`manufacturer`	string	optional	Manufacturer of the device
`model`	string	optional	Model of the device
`osVersion`	string	optional	Operating system of the device
`product`	string	optional	Additional information about the OS on the device
`screenHeight`	integer	optional	Screen height in pixels
`screenWidth`	integer	optional	Screen width in pixels
`publicKey`	string	optional	Public key used to encrypt push messages

Responses

Status	Description
`200`	Request accepted
`400` `application/json`	Bad request
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`404`	Profile not found
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/clients/%7BidentifierType%7D/%7BidentifierValue%7D/linked-devices \
  --header 'Accept: SOME_STRING_VALUE' \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"deviceId":"string","registrationId":"string","type":"android","bluetoothAddress":"string","macAddress":"string","manufacturer":"string","model":"string","osVersion":"string","product":"a51ul_htc_europe","screenHeight":0,"screenWidth":0,"publicKey":"string"}'

`POST` `/v4/my-account/linked-devices` — Link a device to currently logged in profile

/api-reference/profile-management#tag/Profile-devices/operation/LinkAClientDeviceToCurrentlyLoggedInClient

Assign a device to the profile that is currently logged in. A Profile may have many devices assigned.

API consumer: Profile (Client)

Parameters

Name	In	Type	Required	Description
`Accept`	header	enum<"application/json">	required
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · api-service-LinkaClientdeviceRequest-apiv4

Field	Type	Required	Description
`deviceId`	string	required	Unique Android or iOS device ID
`registrationId`	string	required	Registration ID for Firebase Cloud Messaging
`type`	enum<"android", "ios", "windows">	required	Device type
`bluetoothAddress`	string	optional	Bluetooth MAC address of the device
`macAddress`	string	optional	MAC address of the network adapter
`manufacturer`	string	optional	Manufacturer of the device
`model`	string	optional	Model of the device
`osVersion`	string	optional	Operating system of the device
`product`	string	optional	Additional information about the OS on the device
`screenHeight`	integer	optional	Screen height in pixels
`screenWidth`	integer	optional	Screen width in pixels
`publicKey`	string	optional	Public key used to encrypt push messages

Responses

Status	Description
`200`	Request accepted
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/my-account/linked-devices \
  --header 'Accept: SOME_STRING_VALUE' \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"deviceId":"string","registrationId":"string","type":"android","bluetoothAddress":"string","macAddress":"string","manufacturer":"string","model":"string","osVersion":"string","product":"a51ul_htc_europe","screenHeight":0,"screenWidth":0,"publicKey":"string"}'

`POST` `/push-devices/web-push/clean-up/{clientId}` — Clean up web push tokens

/api-reference/profile-management#tag/Profile-devices/operation/cleanUpWebPushSubscriber

Remove mobile push Firebase tokens from profile. You can use this endpoint to clean up tokens updated before a selected date or by service worker version.

Using this endpoint generates a webpush.tokenDelete event for each deleted token.

If no tokens are left after the clean-up, the has_webpush_devices attribute in the profile is set to false.

API consumers: Synerise User, Workspace (Business Profile)

API key permission required: PUSH_DEVICES_SERVICE_WEB_PUSH_DEVICES_DELETE

User role permission required: client_detail: delete

Parameters

Name	In	Type	Required	Description
`clientId`	path	integer	required	Unique identifier of a profile

Request body (required)

application/json · push-devices-service-WebPushCleanupRequest

Field	Type	Required	Description
`type`	enum<"BY_UPDATED_BEFORE">	required
`updated`	string	required	Tokens updated before this date will be deleted.
`version`	string	required	Tokens with this service worker version will be deleted.

Responses

Status	Description
`200`	Tokens deleted
`4xx` `application/json`	See error message for details

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/push-devices/web-push/clean-up/%7BclientId%7D \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"type":"BY_UPDATED_BEFORE","updated":"2019-08-24T14:15:22Z"}'

`POST` `/push-devices/mobile-push-subscriber/clean-up/{clientId}` — Clean up mobile push tokens

/api-reference/profile-management#tag/Profile-devices/operation/cleanUpMobilePushSubscriber

Remove mobile push Firebase tokens from profile. You can use this endpoint to clean up tokens updated before a selected date.

Using this endpoint generates a push.tokenDelete event for each deleted token.

If no tokens are left after the clean-up, the has_mobile_push_devices attribute in the profile is set to false.

API consumers: Synerise User, Workspace (Business Profile)

API key permission required: PUSH_DEVICES_SERVICE_MOBILE_PUSH_DEVICES_DELETE

User role permission required: client_detail: delete

Parameters

Name	In	Type	Required	Description
`clientId`	path	integer	required	Unique identifier of a profile

Request body (required)

application/json · push-devices-service-MobilePushCleanupRequest

Field	Type	Required	Description
`type`	enum<"BY_UPDATED_BEFORE">	required
`updated`	string	required	Tokens updated before this date will be deleted.

Responses

Status	Description
`200`	Tokens deleted
`4xx` `application/json`	See error message for details

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/push-devices/mobile-push-subscriber/clean-up/%7BclientId%7D \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"type":"BY_UPDATED_BEFORE","updated":"2019-08-24T14:15:22Z"}'

`POST` `/push-devices/clients/by-uuid/{identifierValue}/linked-devices` — Link a device by other parameters

/api-reference/profile-management#tag/Profile-devices/operation/LinkAClientDeviceByClientUuid

Assign a device to a profile UUID. A profile may have many devices assigned. If request is made by PROFILE or ANONYMOUS_PROFILE uuid is taken from jwt token.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

API key permission required: API_BY_IDENTIFY_DEVICE_CLIENT_UPDATE

User role permission required: client_info: update

Parameters

Name	In	Type	Required	Description
`identifierType`	path	enum<"by-customId", "by-uuid">	required	The profile identifier to use for the request
`identifierValue`	path	string	required	The value of the selected identifier
`Accept`	header	enum<"application/json">	required

Request body (required)

application/json · push-devices-service-LinkaClientdeviceRequest

Field	Type	Required	Description
`deviceId`	string	required	Unique Android or iOS device ID
`registrationId`	string	required	Registration ID for Firebase Cloud Messaging
`type`	enum<"android", "ios", "windows">	required	Device type
`bluetoothAddress`	string	optional	Bluetooth MAC address of the device
`macAddress`	string	optional	MAC address of the network adapter
`manufacturer`	string	optional	Manufacturer of the device
`model`	string	optional	Model of the device
`osVersion`	string	optional	Operating system of the device
`product`	string	optional	Additional information about the OS on the device
`screenHeight`	integer	optional	Screen height in pixels
`screenWidth`	integer	optional	Screen width in pixels
`publicKey`	string	optional	Public key used to encrypt push messages

Responses

Status	Description
`202`	Request accepted
`400` `application/json`	Bad request
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions
`404`	Profile not found
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/push-devices/clients/by-uuid/%7BidentifierValue%7D/linked-devices \
  --header 'Accept: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"deviceId":"string","registrationId":"string","type":"android","bluetoothAddress":"string","macAddress":"string","manufacturer":"string","model":"string","osVersion":"string","product":"a51ul_htc_europe","screenHeight":0,"screenWidth":0,"publicKey":"string"}'

`POST` `/push-devices/clients/linked-devices` — Link a device by other parameters

/api-reference/profile-management#tag/Profile-devices/operation/LinkAClientDeviceByClientUuidFromJwtToken

Assign a device to a profile UUID from JWT token. A profile may have many devices assigned.

API consumers: Profile (Client), Anonymous Profile

User role permission required: client_info: update

Parameters

Name	In	Type	Required	Description
`identifierType`	path	enum<"by-customId", "by-uuid">	required	The profile identifier to use for the request
`identifierValue`	path	string	required	The value of the selected identifier
`Accept`	header	enum<"application/json">	required

Request body (required)

application/json · push-devices-service-LinkaClientdeviceRequest

Field	Type	Required	Description
`deviceId`	string	required	Unique Android or iOS device ID
`registrationId`	string	required	Registration ID for Firebase Cloud Messaging
`type`	enum<"android", "ios", "windows">	required	Device type
`bluetoothAddress`	string	optional	Bluetooth MAC address of the device
`macAddress`	string	optional	MAC address of the network adapter
`manufacturer`	string	optional	Manufacturer of the device
`model`	string	optional	Model of the device
`osVersion`	string	optional	Operating system of the device
`product`	string	optional	Additional information about the OS on the device
`screenHeight`	integer	optional	Screen height in pixels
`screenWidth`	integer	optional	Screen width in pixels
`publicKey`	string	optional	Public key used to encrypt push messages

Responses

Status	Description
`202`	Request accepted
`400` `application/json`	Bad request
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions
`404`	Profile not found
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/push-devices/clients/linked-devices \
  --header 'Accept: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"deviceId":"string","registrationId":"string","type":"android","bluetoothAddress":"string","macAddress":"string","manufacturer":"string","model":"string","osVersion":"string","product":"a51ul_htc_europe","screenHeight":0,"screenWidth":0,"publicKey":"string"}'

Events

`POST` `/v4/transactions` — Create a transaction

/api-reference/data-management#tag/Events/operation/CreateATransaction

Create a transaction record in the database.

For each transaction, a transaction.charge event is generated automatically. In addition, each item in the products array produces a product.buy event.

All monetary values must use the same currency and be greater than or equal to zero. discountAmount must be greater than zero or omitted.

API consumer: Workspace (Business Profile)

API key permission required: API_TRANSACTION_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · api-service-CreateatransactionRequest-apiv4

Field	Type	Required	Description
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`discountAmount`	object	optional	How much the total cost decreased
`metadata`	object	optional	Any custom parameters.If you want to send `promotionCode` and `quantityToRedeem`, contact the Synerise support to enable it for your workspace.Include these parameters in the `metadata` object, so Synerise can redeem it automatically.
`orderId`	string	required	ID of the transaction. If you want to be able to overwrite this transaction in the future, you use `eventSalt`. If you send a transaction with the same `orderId` multiple times, the system generates multiple transaction events.
`paymentInfo`	object	required	Payment details
`products`	array<api-service-Product-apiv4>	required	A list of items in the transaction. Each item creates a `product.buy` event. The UUID of that event is generated from a combination of: the UUID of the `transaction.charge` event created by the transaction the position of the item in this array. This has an effect on updating transaction events. This means that when you update a transaction (a transaction can only be updated if it has an `eventSalt` and the same timestamp as the original), you must keep the original order of items in the array. Otherwise, you may accidentally overwrite a `product.buy` event with another item's event. The system does NOT recognize the item by SKU in this case. Example: You create a transaction with items A, B and C (in that order). You update the transaction and the items are now A, B, D, and C (in that order). Because item D took the position of C in the event, it has the same UUID as C had earlier. The event of D overwrites the event of C, and C is generated as a new event. Additionally, because events can't be deleted from the database, cancelled items remain as events in a Profile's history. You can use a custom free-form property to tag items as cancelled. This way, you can keep cancelled items in `products` when updating a transaction without breaking the order of items. You can also use the property to filter cancelled items out in Analytics.
`recordedAt`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`revenue`	object	required	Transaction revenue (amount after taxation). This field is not calculated automatically by the backend, you must provide the value by summing up the results of `finalUnitPrice * quantity` from all items in the `products` array.
`value`	object	required	If you want to display the price before taxation, use this object. If you only want to display the price after taxation, set the values to the same as in `revenue`.
`source`	enum<"WEB_DESKTOP", "WEB_MOBILE", "MOBILE_APP", "POS", …>	required	Source of the event.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad Request
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`404` `application/json`	Profile not found or access blocked by PII protection settings
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/transactions \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"discountAmount":{"amount":0,"currency":"USD"},"metadata":{"promotionCode":"string","quantityToRedeem":0},"orderId":"be466362-71e9-4bdd-ad11-bfacead5276b","paymentInfo":{"method":"CASH"},"products":[{"finalUnitPrice":{"amount":3.25,"currency":"USD"},"name":"Soft drink","sku":"189784563455","categories":["string"],"image":"string","url":"string","netUnitPrice":{"amount":3.25,"currency":"USD"},"tax":0.1,"quantity":2.5,"regularPrice":{"amount":3.25,"currency":"USD"},"discountPrice":{"amount":15.5,"currency":"USD"},"discountPercent":0.1,"property1":null,"property2":null}],"recordedAt":"2019-02-07T09:53:56.999+00:00","revenue":{"amount":64.25,"currency":"USD"},"value":{"amount":112.25,"currency":"USD"},"source":"MOBILE","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00"}'

`POST` `/v4/transactions/batch` — Batch add or update transactions

/api-reference/data-management#tag/Events/operation/BatchAddOrUpdateTransactions

Enqueue a number of add/update operations in the Synerise application database.

For each transaction, a transaction.charge event is generated automatically. In addition, each item in the products array produces a product.buy event.

If you don't have some information about a transaction, don't insert a null-value parameter - omit the parameter entirely. Sending a null value deletes an attribute (if it's a custom attribute) or sets it to null/default value (if the attribute is Synerise-native).

The body contains an array of objects to update. The objects are the same as in the Update transaction and Create transaction endpoints.

All monetary values must use the same currency and be greater than or equal to zero. discountAmount must be greater than zero or omitted.

API consumer: Workspace (Business Profile)

API key permission required: API_BATCH_TRANSACTION_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · array<api-service-CreateatransactionRequest-apiv4>

An array of transactions to post or update

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad Request
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/transactions/batch \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '[{"client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"discountAmount":{"amount":0,"currency":"USD"},"metadata":{"promotionCode":"string","quantityToRedeem":0},"orderId":"be466362-71e9-4bdd-ad11-bfacead5276b","paymentInfo":{"method":"CASH"},"products":[{"finalUnitPrice":{"amount":3.25,"currency":"USD"},"name":"Soft drink","sku":"189784563455","categories":["string"],"image":"string","url":"string","netUnitPrice":{"amount":3.25,"currency":"USD"},"tax":0.1,"quantity":2.5,"regularPrice":{"amount":3.25,"currency":"USD"},"discountPrice":{"amount":15.5,"currency":"USD"},"discountPercent":0.1,"property1":null,"property2":null}],"recordedAt":"2019-02-07T09:53:56.999+00:00","revenue":{"amount":64.25,"currency":"USD"},"value":{"amount":112.25,"currency":"USD"},"source":"MOBILE","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00"}]'

`GET` `/v4/events/by-client/{clientId}` — Get Profile events as Workspace (deprecated)

/api-reference/data-management#tag/Events/operation/GetClientEvents

This endpoint is deprecated. Use /activities-api/events/by/{identifierType} instead.

Retrieve a list of events saved in a Profile.

API consumers: Workspace (Business Profile), Synerise User

API key permission required: API_LISTING_BY_CLIENT_EVENTS_READ

User role permission required: client_activities: read

Parameters

Name	In	Type	Required	Description
`clientId`	path	integer	required	The ID of the profile Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`Content-Type`	header	enum<"application/json">	required
`Api-Version`	header	enum<"4.4">	required
`time[from]`	query	string	optional	Start of the time range to query. UTC time in ISO 8601 (for example, `2020-10-19T13:47:53Z`). If no value is provided, the results are returned starting with the oldest entry in the database.
`time[to]`	query	string	optional	End of the time range to query. UTC time in ISO 8601 (for example, `2020-10-19T13:47:53Z`). If no value is provided, the current time applies.
`action`	query	string	optional	Filter events by action type. For example, to retrieve completed transactions, enter `transaction.charge`
`limit`	query	integer	optional	The number of events to retrieve

Responses

Status	Description
`200` `application/json`	A list of events
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)

Example request (cURL)

curl --request GET \
  --url 'https://api.synerise.com/v4/events/by-client/434428563?time%5Bfrom%5D=SOME_STRING_VALUE&time%5Bto%5D=SOME_STRING_VALUE&action=transaction.charge&limit=SOME_INTEGER_VALUE' \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'Content-Type: SOME_STRING_VALUE'

`GET` `/v4/events` — Get Profile's own events (deprecated)

/api-reference/data-management#tag/Events/operation/GetClientOwnEvents

This endpoint is deprecated. Use /activities-api/events instead.

A Profile can retrieve a list of its own events saved in the database.

API consumer: Profile (Client)

Parameters

Name	In	Type	Required	Description
`Content-Type`	header	enum<"application/json">	required
`Api-Version`	header	enum<"4.4">	required
`time[from]`	query	string	optional	Start of the time range to query. UTC time in ISO 8601 (for example, `2020-10-19T13:47:53Z`). If no value is provided, the results are returned starting with the oldest entry in the database.
`time[to]`	query	string	optional	End of the time range to query. UTC time in ISO 8601 (for example, `2020-10-19T13:47:53Z`). If no value is provided, the current time applies.
`action`	query	string	optional	Filter events by action type. For example, to retrieve completed transactions, enter `transaction.charge`
`limit`	query	integer	optional	The number of events to retrieve

Responses

Status	Description
`200` `application/json`	A list of events
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type
`500` `application/json`	Internal Server Error

Example request (cURL)

curl --request GET \
  --url 'https://api.synerise.com/v4/events?time%5Bfrom%5D=SOME_STRING_VALUE&time%5Bto%5D=SOME_STRING_VALUE&action=transaction.charge&limit=SOME_INTEGER_VALUE' \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'Content-Type: SOME_STRING_VALUE'

`POST` `/v4/events/application-started` — Application started

/api-reference/data-management#tag/Events/operation/ApplicationStarted

Send a 'client application started' event.

This endpoint is available from API version 4.1.2.

When you send an event to this endpoint, the action field is set to client.applicationStarted by the backend.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

API key permission required: API_APPLICATION_STARTED_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · api-service-ApplicationstartedRequest-apiv4

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	required	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile which generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type
`500` `application/json`	Internal Server Error

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/application-started \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{"applicationName":"string","version":"string"}}'

`POST` `/v4/events/registered` — Profile account registered

/api-reference/data-management#tag/Events/operation/ClientRegistered

Send a 'profile account registered' event.

If you don't have a value for a field, omit that field. Do not send null values.

When you send an event to this endpoint, the action field is set to client.register by the backend.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

API key permission required: API_REGISTERED_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body

application/json · object

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	optional	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. If you want to send a date/time param for use in analytics, take the following into account: The date/time should be formatted according to ISO 8601. The time zone of the workspace affects dates/times in the params that DON'T have a defined timezone. Example: `2023-10-09T12:00:00` doesn't have a timezone indicator and will be considered as a time in the workspace's time zone. `2023-10-09T12:00:00+02:00` has a timezone indicator (`+02:00`), so the timezone of the workspace doesn't affect it. `2023-10-09T12:00:00Z` is a time in the UTC time zone (denoted by the `Z` at the end), so the timezone of the workspace doesn't affect it. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile which generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/registered \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{}}'

`POST` `/v4/events/logged-in` — Profile logged in

/api-reference/data-management#tag/Events/operation/ClientLoggedIn

Send a 'profile logged in' event.

If you don't have a value for a field, omit that field. Do not send null values.

When you send an event to this endpoint, the action field is set to client.login by the backend.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

API key permission required: API_LOGGED_IN_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body

application/json · object

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	optional	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. If you want to send a date/time param for use in analytics, take the following into account: The date/time should be formatted according to ISO 8601. The time zone of the workspace affects dates/times in the params that DON'T have a defined timezone. Example: `2023-10-09T12:00:00` doesn't have a timezone indicator and will be considered as a time in the workspace's time zone. `2023-10-09T12:00:00+02:00` has a timezone indicator (`+02:00`), so the timezone of the workspace doesn't affect it. `2023-10-09T12:00:00Z` is a time in the UTC time zone (denoted by the `Z` at the end), so the timezone of the workspace doesn't affect it. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile which generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/logged-in \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{}}'

`POST` `/v4/events/logged-out` — Profile logged out

/api-reference/data-management#tag/Events/operation/ClientLoggedOut

Send a 'profile logged out' event.

If you don't have a value for a field, omit that field. Do not send null values.

When you send an event to this endpoint, the action field is set to client.logout by the backend.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

API key permission required: API_LOGGED_OUT_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body

application/json · object

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	optional	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. If you want to send a date/time param for use in analytics, take the following into account: The date/time should be formatted according to ISO 8601. The time zone of the workspace affects dates/times in the params that DON'T have a defined timezone. Example: `2023-10-09T12:00:00` doesn't have a timezone indicator and will be considered as a time in the workspace's time zone. `2023-10-09T12:00:00+02:00` has a timezone indicator (`+02:00`), so the timezone of the workspace doesn't affect it. `2023-10-09T12:00:00Z` is a time in the UTC time zone (denoted by the `Z` at the end), so the timezone of the workspace doesn't affect it. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile which generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/logged-out \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{}}'

`POST` `/v4/events/added-to-cart` — Item added to cart

/api-reference/data-management#tag/Events/operation/ClientAddedProductToCart

Send an 'item added to cart' event.

If you don't have a value for a field, omit that field. Do not send null values.

When you send an event to this endpoint, the action field is set to product.addToCart by the backend.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

API key permission required: API_ADDED_TO_CART_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · api-service-ClientCartEventRequest-apiv4

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	required	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile who generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/added-to-cart \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{"sku":"189784563455","name":"Soft drink","category":"Beverages","categories":["string"],"offline":true,"source":"MOBILE","regularUnitPrice":{"amount":0,"currency":"USD"},"discountedUnitPrice":{"amount":0,"currency":"USD"},"finalUnitPrice":{"amount":3.25,"currency":"USD"},"ItemUrlAddress":"string","producer":"string","quantity":0}}'

`POST` `/v4/events/removed-from-cart` — Item removed from cart

/api-reference/data-management#tag/Events/operation/ClientRemovedProductFromCart

Send an 'item removed from cart' event.

If you don't have a value for a field, omit that field. Do not send null values.

When you send an event to this endpoint, the action field is set to product.removeFromCart by the backend.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

API key permission required: API_REMOVED_FROM_CART_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · api-service-ClientCartEventRequest-apiv4

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	required	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile who generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/removed-from-cart \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{"sku":"189784563455","name":"Soft drink","category":"Beverages","categories":["string"],"offline":true,"source":"MOBILE","regularUnitPrice":{"amount":0,"currency":"USD"},"discountedUnitPrice":{"amount":0,"currency":"USD"},"finalUnitPrice":{"amount":3.25,"currency":"USD"},"ItemUrlAddress":"string","producer":"string","quantity":0}}'

`POST` `/v4/events/added-to-favorites` — Product added to favorites

/api-reference/data-management#tag/Events/operation/ClientAddedProductToFavorites

Send an 'item added to favorites' event.

If you don't have a value for a field, omit that field. Do not send null values.

When you send an event to this endpoint, the action field is set to product.addToFavorite by the backend.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

API key permission required: API_ADDED_TO_FAVORITES_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · object

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	optional	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. If you want to send a date/time param for use in analytics, take the following into account: The date/time should be formatted according to ISO 8601. The time zone of the workspace affects dates/times in the params that DON'T have a defined timezone. Example: `2023-10-09T12:00:00` doesn't have a timezone indicator and will be considered as a time in the workspace's time zone. `2023-10-09T12:00:00+02:00` has a timezone indicator (`+02:00`), so the timezone of the workspace doesn't affect it. `2023-10-09T12:00:00Z` is a time in the UTC time zone (denoted by the `Z` at the end), so the timezone of the workspace doesn't affect it. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile which generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/added-to-favorites \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{}}'

`POST` `/v4/events/product-view` — Item viewed

/api-reference/data-management#tag/Events/operation/ClientViewedProduct

Send an 'item viewed' event.

When you send an event to this endpoint, the action field is set to product.view by the backend.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

API key permission required: API_PRODUCT_VIEW_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · object

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	optional	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile which generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/product-view \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{"productId":"189784563455","name":"Soft drink","fromRecommendation":true,"source":"MOBILE","category":"Beverages","url":"string","campaignHash":"21e0d4b0-bd4e-497b-817b-4fr660284918"}}'

`POST` `/v4/events/assigned-to-company` — Profile assigned to company

/api-reference/data-management#tag/Events/operation/ClientAssignedToCompany

Send a 'profile assigned to company' event.

When you send an event to this endpoint, the action field is set to client.assignToCompany by the backend.

API consumers: Workspace (Business Profile), Synerise User, Profile (Client), Anonymous Profile

API key permission required: API_ASSIGNED_TO_COMPANY_EVENTS_CREATE

User role permission required: client_activities: create

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body

application/json · object

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	required	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile which generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/assigned-to-company \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{"companyId":0}}'

`POST` `/v4/events/appeared-in-location` — Profile logged location

/api-reference/data-management#tag/Events/operation/ClientAppearedInLocation

Send an event when a profile submits its location.

If you don't have a value for a field, omit that field. Do not send null values.

When you send an event to this endpoint, the action field is set to client.location by the backend.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

API key permission required: API_APPEARED_IN_LOCATION_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body

application/json · object

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	optional	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile which generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/appeared-in-location \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{"lat":50.021102,"lon":19.886218}}'

`POST` `/v4/events/push/received` — Push notification received

/api-reference/data-management#tag/Events/operation/ClientReceivedPushNotification

Record a 'push notification was received' event. It is used for push message interaction tracking.

This endpoint is available from API version 4.1.2.

When you send an event to this endpoint, the action field is set to push.receiveInBackground by the backend.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

API key permission required: API_PUSH_RECIVED_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body

application/json · object

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	optional	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. If you want to send a date/time param for use in analytics, take the following into account: The date/time should be formatted according to ISO 8601. The time zone of the workspace affects dates/times in the params that DON'T have a defined timezone. Example: `2023-10-09T12:00:00` doesn't have a timezone indicator and will be considered as a time in the workspace's time zone. `2023-10-09T12:00:00+02:00` has a timezone indicator (`+02:00`), so the timezone of the workspace doesn't affect it. `2023-10-09T12:00:00Z` is a time in the UTC time zone (denoted by the `Z` at the end), so the timezone of the workspace doesn't affect it. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile which generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/push/received \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{}}'

`POST` `/v4/events/push/viewed` — Push notification viewed

/api-reference/data-management#tag/Events/operation/ClientViewedPushNotification

Record a 'push notification was viewed' event. It is used for push message interaction tracking.

When you send an event to this endpoint, the action field is set to push.view by the backend.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

API key permission required: API_PUSH_VIEWED_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body

application/json · object

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	optional	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. If you want to send a date/time param for use in analytics, take the following into account: The date/time should be formatted according to ISO 8601. The time zone of the workspace affects dates/times in the params that DON'T have a defined timezone. Example: `2023-10-09T12:00:00` doesn't have a timezone indicator and will be considered as a time in the workspace's time zone. `2023-10-09T12:00:00+02:00` has a timezone indicator (`+02:00`), so the timezone of the workspace doesn't affect it. `2023-10-09T12:00:00Z` is a time in the UTC time zone (denoted by the `Z` at the end), so the timezone of the workspace doesn't affect it. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile which generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/push/viewed \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{}}'

`POST` `/v4/events/push/clicked` — Push notification clicked

/api-reference/data-management#tag/Events/operation/ClientClickedPushNotification

Send a 'Push notification was clicked' event. It's used for push message interaction tracking.

When you send an event to this endpoint, the action field is set to push.click by the backend.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

API key permission required: API_PUSH_CLICKED_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body

application/json · object

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	optional	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. If you want to send a date/time param for use in analytics, take the following into account: The date/time should be formatted according to ISO 8601. The time zone of the workspace affects dates/times in the params that DON'T have a defined timezone. Example: `2023-10-09T12:00:00` doesn't have a timezone indicator and will be considered as a time in the workspace's time zone. `2023-10-09T12:00:00+02:00` has a timezone indicator (`+02:00`), so the timezone of the workspace doesn't affect it. `2023-10-09T12:00:00Z` is a time in the UTC time zone (denoted by the `Z` at the end), so the timezone of the workspace doesn't affect it. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile which generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/push/clicked \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{}}'

`POST` `/v4/events/push/cancelled` — Push notifications cancelled

/api-reference/data-management#tag/Events/operation/ClientCancelledPushNotifications

Send a 'push notifications cancelled' event. It's used for push message interaction tracking.

When you send an event to this endpoint, the action field is set to push.cancel by the backend.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

API key permission required: API_PUSH_CANCELLED_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body

application/json · object

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	optional	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. If you want to send a date/time param for use in analytics, take the following into account: The date/time should be formatted according to ISO 8601. The time zone of the workspace affects dates/times in the params that DON'T have a defined timezone. Example: `2023-10-09T12:00:00` doesn't have a timezone indicator and will be considered as a time in the workspace's time zone. `2023-10-09T12:00:00+02:00` has a timezone indicator (`+02:00`), so the timezone of the workspace doesn't affect it. `2023-10-09T12:00:00Z` is a time in the UTC time zone (denoted by the `Z` at the end), so the timezone of the workspace doesn't affect it. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile which generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/push/cancelled \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{}}'

`POST` `/v4/events/cancelled-transaction` — Transaction cancelled

/api-reference/data-management#tag/Events/operation/ClientCancelledTransaction

Send a 'transaction cancelled' event.

If you don't have a value for a field, omit that field. Do not send null values.

When you send an event to this endpoint, the action field is set to transaction.cancel by the backend.

API consumer: Workspace (Business Profile)

API key permission required: API_CANCELLED_TRANSACTION_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body

application/json · object

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	optional	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile which generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/cancelled-transaction \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{"orderId":"be466362-71e9-4bdd-ad11-bfacead5276b","orderStatus":"string","discountAmount":{"amount":0,"currency":"USD"},"discountPercent":0.1,"discountCode":"string","value":{"amount":112.25,"currency":"USD"},"revenue":{"amount":64.25,"currency":"USD"},"products":[{"finalUnitPrice":{"amount":3.25,"currency":"USD"},"name":"Soft drink","sku":"189784563455","categories":["string"],"image":"string","url":"string","netUnitPrice":{"amount":3.25,"currency":"USD"},"tax":0.1,"quantity":2.5,"regularPrice":{"amount":3.25,"currency":"USD"},"discountPrice":{"amount":15.5,"currency":"USD"},"discountPercent":0.1,"property1":null,"property2":null}],"source":"MOBILE","paymentInfo":{"method":"CASH"}}}'

`POST` `/v4/events/hit-timer` — Timer hit

/api-reference/data-management#tag/Events/operation/ClientHitTimer

Send a 'timer' event.

Timers are used for analytics. For example, if you send a event when a profiles starts doing something and another one when they finish, you can collect data about average activity time.

If you don't have a value for a field, omit that field. Do not send null values.

When you send an event to this endpoint, the action field is set to client.hitTimer by the backend.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

API key permission required: API_HIT_TIMER_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · object

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	optional	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. If you want to send a date/time param for use in analytics, take the following into account: The date/time should be formatted according to ISO 8601. The time zone of the workspace affects dates/times in the params that DON'T have a defined timezone. Example: `2023-10-09T12:00:00` doesn't have a timezone indicator and will be considered as a time in the workspace's time zone. `2023-10-09T12:00:00+02:00` has a timezone indicator (`+02:00`), so the timezone of the workspace doesn't affect it. `2023-10-09T12:00:00Z` is a time in the UTC time zone (denoted by the `Z` at the end), so the timezone of the workspace doesn't affect it. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile which generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/hit-timer \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{}}'

`POST` `/v4/events/searched` — Search requested

/api-reference/data-management#tag/Events/operation/ClientSearched

Send a 'search requested' event.

If you don't have a value for a field, omit that field. Do not send null values.

When you send an event to this endpoint, the action field is set to client.search by the backend.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

API key permission required: API_SEARCHED_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · object

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	optional	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. If you want to send a date/time param for use in analytics, take the following into account: The date/time should be formatted according to ISO 8601. The time zone of the workspace affects dates/times in the params that DON'T have a defined timezone. Example: `2023-10-09T12:00:00` doesn't have a timezone indicator and will be considered as a time in the workspace's time zone. `2023-10-09T12:00:00+02:00` has a timezone indicator (`+02:00`), so the timezone of the workspace doesn't affect it. `2023-10-09T12:00:00Z` is a time in the UTC time zone (denoted by the `Z` at the end), so the timezone of the workspace doesn't affect it. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile which generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/searched \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{}}'

`POST` `/v4/events/shared` — Content shared

/api-reference/data-management#tag/Events/operation/ClientShared

Send a 'content shared' event.

If you don't have a value for a field, omit that field. Do not send null values.

When you send an event to this endpoint, the action field is set to client.shared by the backend.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

API key permission required: API_SHARED_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body

application/json · object

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	optional	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. If you want to send a date/time param for use in analytics, take the following into account: The date/time should be formatted according to ISO 8601. The time zone of the workspace affects dates/times in the params that DON'T have a defined timezone. Example: `2023-10-09T12:00:00` doesn't have a timezone indicator and will be considered as a time in the workspace's time zone. `2023-10-09T12:00:00+02:00` has a timezone indicator (`+02:00`), so the timezone of the workspace doesn't affect it. `2023-10-09T12:00:00Z` is a time in the UTC time zone (denoted by the `Z` at the end), so the timezone of the workspace doesn't affect it. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile which generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/shared \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{}}'

`POST` `/v4/events/recommendation-seen` — Recommendation viewed (deprecated)

/api-reference/data-management#tag/Events/operation/RecommendationSeen

This endpoint is deprecated. Use the AI Events endpoints instead.

Send a 'recommendation was viewed' event.

When you send an event to this endpoint, the action field is set to recommendation.view by the backend.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile, Web SDK Tracker, AI API key (legacy)

API key permission required: API_RECOMENDATION_SEEN_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · object

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	optional	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile who generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/recommendation-seen \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{"productId":"189784563455","name":"Soft drink","source":"MOBILE","campaignHash":"21e0d4b0-bd4e-497b-817b-4fr660284918","url":"string","category":"Beverages"}}'

`POST` `/v4/events/recommendation-click` — Recommendation clicked (deprecated)

/api-reference/data-management#tag/Events/operation/RecommendationClicked

Send a 'recommendation clicked' event. This endpoint is deprecated. Use the AI Events endpoints instead.

When you send an event to this endpoint, the action field is set to recommendation.click by the backend.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile, Web SDK Tracker, AI API key (legacy)

API key permission required: API_RECOMMENDATION_CLICK_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · object

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	optional	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile who generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/recommendation-click \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{"productId":"189784563455","name":"Soft drink","source":"MOBILE","campaignHash":"21e0d4b0-bd4e-497b-817b-4fr660284918","url":"string","category":"Beverages"}}'

`POST` `/v4/events/visited-screen` — Mobile app screen visited

/api-reference/data-management#tag/Events/operation/ClientVisitedScreen

Send a 'screen in a mobile app was visited' event. This can be used for mobile screen usage tracking.

If you don't have a value for a field, omit that field. Do not send null values.

When you send an event to this endpoint, the action field is set to screen.view by the backend.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

API key permission required: API_VISITED_SCREEN_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body

application/json · object

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`params`	object	optional	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. If you want to send a date/time param for use in analytics, take the following into account: The date/time should be formatted according to ISO 8601. The time zone of the workspace affects dates/times in the params that DON'T have a defined timezone. Example: `2023-10-09T12:00:00` doesn't have a timezone indicator and will be considered as a time in the workspace's time zone. `2023-10-09T12:00:00+02:00` has a timezone indicator (`+02:00`), so the timezone of the workspace doesn't affect it. `2023-10-09T12:00:00Z` is a time in the UTC time zone (denoted by the `Z` at the end), so the timezone of the workspace doesn't affect it. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile which generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/visited-screen \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","params":{}}'

`POST` `/v4/events/custom` — Custom event

/api-reference/data-management#tag/Events/operation/CustomEvent

Send a custom event.

WARNING: This endpoint doesn't create product.buy events from transaction.charge events! Use Create a transaction or Batch add or update transactions instead.

If you don't have a value for a field, omit that field. Do not send null values.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile, Synerise User

API key permission required: API_CUSTOM_EVENTS_CREATE

User role permission required: client_activities: create

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body

application/json · object

Field	Type	Required	Description
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.
`action`	string	required	For custom events, enter your own action name. For pre-defined events, omit this field.The action name can be up to 32 characters long and must match the following regular expression (ECMA flavor): `^[a-zA-Z0-9\\.\\-_]{2,64}$`
`params`	object	optional	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. If you want to send a date/time param for use in analytics, take the following into account: The date/time should be formatted according to ISO 8601. The time zone of the workspace affects dates/times in the params that DON'T have a defined timezone. Example: `2023-10-09T12:00:00` doesn't have a timezone indicator and will be considered as a time in the workspace's time zone. `2023-10-09T12:00:00+02:00` has a timezone indicator (`+02:00`), so the timezone of the workspace doesn't affect it. `2023-10-09T12:00:00Z` is a time in the UTC time zone (denoted by the `Z` at the end), so the timezone of the workspace doesn't affect it. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile which generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/custom \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","action":"context.action","params":{}}'

`POST` `/v4/events/batch` — Batch send events

/api-reference/data-management#tag/Events/operation/BatchSendEvents

Send a batch of events as an array of objects. You can send up to a 1000 events and the size of the request can't be more than 1 MB.

WARNING: This endpoint doesn't create product.buy events from transaction.charge events! Use Create a transaction or Batch add or update transactions instead.

If you don't have a value for a field, omit that field. Do not send null values.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

API key permission required: API_BATCH_EVENTS_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body (required)

application/json · array<any>

IMPORTANT: In a request, all events must use the same type of profile identifier. For example, if you want to send some events identified by email and others by customId, you must send them in separate batches.

Responses

Status	Description
`202`	Accepted
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/batch \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '[{"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00","type":"string","action":"context.action","params":{}}]'

`GET` `/v4/server/time` — Get server time

/api-reference/data-management#tag/Events/operation/getServerTime

Get current server time, needed to send events with a correct timestamp.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile

Authentication: Not required

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Responses

Status	Description
`200` `application/json`	OK
`400` `application/json`	Bad Request
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)

Example request (cURL)

curl --request GET \
  --url https://api.synerise.com/v4/server/time \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN'

`POST` `/v4/events/recommendation-view` — Recommendation viewed

/api-reference/data-management#tag/Events/operation/publishRecommendationViewEventUsingPOST

A recommendation was displayed to a customer.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile, Web SDK Tracker, AI API key (legacy)

API key permission required: API_RECOMMENDATION_VIEW_EVENT_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body

application/json · api-service-RecommendationViewEventData-apiv4

Field	Type	Required	Description
`params`	object	required	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile who generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.

Responses

Status	Description
`200`	OK
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/recommendation-view \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"params":{"items":["string"],"correlationId":"string","campaignId":"string"},"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00"}'

`POST` `/v4/events/item-search-click` — Search result clicked

/api-reference/data-management#tag/Events/operation/publishItemSearchClickEventUsingPOST

An item in a search result was clicked or tapped.

API consumers: Workspace (Business Profile), Profile (Client), Anonymous Profile, Web SDK Tracker, AI API key (legacy)

API key permission required: API_ITEM_SEARCH_CLICK_EVENT_CREATE

Parameters

Name	In	Type	Required	Description
`Api-Version`	header	enum<"4.4">	required

Request body

application/json · api-service-ItemSearchClickEventData-apiv4

Field	Type	Required	Description
`params`	object	required	Additional parameters. Remember that you can use event enrichment to add the data automatically from a catalog. Aside from the required parameters (if any exist), all events accept custom, free-form parameters, with the following restrictions: WARNING: If you want to send the `email` param, it must be exactly the same as the email of the profile who generated the event. Some params are reserved for system use. If you send them in the `params` object, they are ignored or overwritten with system-assigned values: `modifiedBy` `apiKey` `eventUUID` `ip` `time` `businessProfileId`
`label`	string	required	This parameter is required, but not saved in the database. It can't be used in Analytics, Automations, and so on.
`client`	object	required	You must provide at least one of those profile identifiers. Upcoming breaking change (effective July 6, 2026): Synerise is introducing changes to how user identifiers and UUIDs are handled. These changes may affect profiles with accented or diacritical characters in identifiers, profiles with leading or trailing whitespace in identifiers, and profiles with duplicate UUIDs. For details and recommended actions, see Upcoming changes to identifier and UUID handling.
`time`	string	optional	Time when the event occurred, in ISO 8601. This time isn't affected and doesn't affect the timezone of your workspace - you can send events with a timezone different than that of the workspace. Synerise calculates the times into UTC standard when saving events in the database. If not defined, the backend inserts the time of receiving the event. A time with a "Z" at the end (for example, `2022-10-14T12:02:06Z`) denotes a time in the UTC standard. If you want to send time in a different timezone, you can do this by appending `{+\|-}hh:mm` at the end of the string. Note that if the timezone is ahead (+) of UTC, the UTC time is calculated by subtraction. When the timezone is behind (-) UTC, the UTC time is calculated by addition.For example: if your timezone is UTC+1, append `+01:00`. When you send `2022-10-14T15:00:000+01:00`, it is saved in the database as `2022-10-14T14:00:000Z` if your timezone is UTC-8, append `-08:00`. When you send `2022-10-14T22:00:000-08:00`, it is saved in the database as `2022-10-15T06:00:000Z` (note that the date also changes between timezones in this example) IMPORTANT: If you send an event with a future time, the parameter is rejected and the time of receiving the event is saved as the occurrence time. For example, if your timezone is UTC+1 and you send the event at 15:00 local time, future times are: later than 15:00 local time later than 14:00 UTC When you retrieve an event, its time is always shown as UTC. The original time string that you sent (even if it was a future time and was rejected) can be retrieved with the activities endpoints, as `snr-original-time`.
`eventSalt`	string	optional	When an event has an `eventSalt`, it can be overwritten by sending another event. The event's UUID stays the same. `eventSalt` must be unique in a workspace. An example of creating a salt is by generating a UUID or concatenating the profile ID, event's name, and timestamp, including milliseconds. This creates a value whose possibility of being duplicated is practically zero. To overwrite an event with another one, the new event MUST: have the same `eventSalt` as the original event have the same date and time as the original event (If the date and time don't match the original event, event salt doesn't have any effect.) belong to the same `clientId` as the original event have the same action (event name) as the original event IMPORTANT: DO NOT send the same `eventSalt` to different profiles! DO NOT send the same `eventSalt` with a different action! Pay attention to timezones - more details in the description of the `time` property (in v4/transactions events, it's called `recordedAt`). If you send a future time in an event, it is rejected and the current time is assigned automatically. This means it's impossible to use event salt with future times. An event without an `eventSalt` can't be overwritten. The parameter cannot be added to an event at a later time. The parameter can't be retrieved later. You must keep track of the values that you send. In Automations that use the overwritten event as a trigger, the automation is triggered if the new event is sent more than 72 hours after the original. This is because the event UUID stays the same, and Automation treats events with the same UUID within 72 hours as duplicates that were sent due to an error.

Responses

Status	Description
`200`	OK
`400` `application/json`	Bad request: input data missing or malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Example request (cURL)

curl --request POST \
  --url https://api.synerise.com/v4/events/item-search-click \
  --header 'Api-Version: SOME_STRING_VALUE' \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data '{"params":{"item":"string","correlationId":"string","position":0,"searchType":"full-text-search"},"label":"Human-readable label","client":{"customId":"string","id":433230297,"uuid":"07243772-008a-42e1-ba37-c3807cebde8f","email":"string"},"time":"2019-02-07T09:53:56.999+00:00","eventSalt":"972346context.action2019-02-07T09:53:56.999+00:00"}'

Back to all API categories

Status	Description
`200` `application/json`	A list of tags
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)

Status	Description
`200` `application/json`	Tag created
`400` `application/json`	Invalid or incomplete data
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`415` `application/json`	Unsupported Media Type

Status	Description
`200` `application/json`	Tag updated
`400` `application/json`	Invalid or incomplete data
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`404` `application/json`	Tag doesn't exist or it is a global tag (not related to any workspace).
`415` `application/json`	Unsupported Media Type

Status	Description
`202`	Tag removed
`400` `application/json`	Invalid or incomplete data
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`404` `application/json`	Tag doesn't exist, was already deleted, or is a global tag (not related to any workspace).
`415` `application/json`	Unsupported Media Type

Status	Description
`200` `application/json`	Tag assigned
`400` `application/json`	Profile not found or data malformed
`401` `application/json`	Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc.
`403` `application/json`	Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description)
`404` `application/json`	Tag not found
`415` `application/json`	Unsupported Media Type

Profile Management — API Reference

Profile registration

POST /sauth/clients/registered — Register a Profile

Request body (required)

Responses

Example request (cURL)

POST /sauth/clients/activation/by-pin-code/confirmation — Confirm registration with PIN code

Request body

Responses

Example request (cURL)

POST /sauth/clients/activation/by-pin-code/request — Re-send PIN code

Request body

Responses

Example request (cURL)

POST /sauth/clients/activation/confirmation — Activate a Profile's account

Request body (required)

Responses

Example request (cURL)

POST /sauth/clients/activation/request — Re-send email confirmation

Request body (required)

Responses

Example request (cURL)

Profile management

POST /v4/clients — Create or update a Profile

Parameters

Request body

Responses

Example request (cURL)

POST /v4/clients/merge/from/custom-ids/{sourceCustomIDs}/to/custom-id/{targetCustomID} — Merge profiles by customId

Parameters

Responses

Example request (cURL)

POST /v4/clients/merge/from/ids/{fromClientIds}/to/id/{toClientId} — Merge profiles by clientId

Parameters

Responses

Example request (cURL)

POST /v4/clients/batch — Batch add or update profiles

Parameters

Request body (required)

Responses

Example request (cURL)

GET /v4/clients/{clientId} — Get profile data

Parameters

Responses

Example request (cURL)

POST /v4/clients/{clientId} — Update a profile (identify by ID)

Parameters

Request body (required)

Responses

Example request (cURL)

DELETE /v4/clients/{clientId} — Delete a profile

Parameters

Responses

Example request (cURL)

POST /v4/clients/by-email/{clientEmail} — Update a profile (identify by email)

Parameters

Request body (required)

Responses

Example request (cURL)

POST /v4/clients/by-customid/{customId} — Update a profile (identify by customId)

Parameters

Request body (required)

Responses

Example request (cURL)

DELETE /v4/clients/by-custom-id/{customId} — Delete a profile (identify by customId)

Parameters

Responses

Example request (cURL)

GET /v4/clients/{identifierType}/{identifierValue} — Fetch profile data

Parameters

Responses

Example request (cURL)

GET /v4/clients/batch/by-phone/{phoneNumber} — Batch fetch profiles by phone number

Parameters

Responses

Example request (cURL)

GET /crm/v1/clients/{clientId}/contacts — Get Profile details (deprecated)

Parameters

Responses

Example request (cURL)

`POST` `/sauth/clients/registered` — Register a Profile

`POST` `/sauth/clients/activation/by-pin-code/confirmation` — Confirm registration with PIN code

`POST` `/sauth/clients/activation/by-pin-code/request` — Re-send PIN code

`POST` `/sauth/clients/activation/confirmation` — Activate a Profile's account

`POST` `/sauth/clients/activation/request` — Re-send email confirmation

`POST` `/v4/clients` — Create or update a Profile

`POST` `/v4/clients/merge/from/custom-ids/{sourceCustomIDs}/to/custom-id/{targetCustomID}` — Merge profiles by customId

`POST` `/v4/clients/merge/from/ids/{fromClientIds}/to/id/{toClientId}` — Merge profiles by clientId

`POST` `/v4/clients/batch` — Batch add or update profiles

`GET` `/v4/clients/{clientId}` — Get profile data

`POST` `/v4/clients/{clientId}` — Update a profile (identify by ID)

`DELETE` `/v4/clients/{clientId}` — Delete a profile

`POST` `/v4/clients/by-email/{clientEmail}` — Update a profile (identify by email)

`POST` `/v4/clients/by-customid/{customId}` — Update a profile (identify by customId)

`DELETE` `/v4/clients/by-custom-id/{customId}` — Delete a profile (identify by customId)

`GET` `/v4/clients/{identifierType}/{identifierValue}` — Fetch profile data

`GET` `/v4/clients/batch/by-phone/{phoneNumber}` — Batch fetch profiles by phone number

`GET` `/crm/v1/clients/{clientId}/contacts` — Get Profile details (deprecated)

`PUT` `/crm/v1/contacts/{clientId}` — Update Profile (deprecated)

`POST` `/morph/exports/clients/segmentation` — Create and run profile export

`GET` `/morph/exports/clients/{taskId}/status` — Check profile export status

`GET` `/morph/exports/clients/{taskId}/data` — Get exported profiles

`GET` `/notes-service/by-id/{clientId}` — Get all Profile notes

`POST` `/notes-service/by-id/{clientId}` — Create a note

`GET` `/notes-service/by-id/{clientId}/{noteId}` — Get note

`PUT` `/notes-service/by-id/{clientId}/{noteId}` — Update note

`DELETE` `/notes-service/by-id/{clientId}/{noteId}` — Delete note

`POST` `/sauth/management/client/{clientID}/logout` — Log out a Profile

`GET` `/v4/my-account/personal-information` — Get Profile's own data

`POST` `/v4/my-account/personal-information` — Update Profile's own data

`POST` `/v4/my-account/phone-update/request` — Request profile phone number change

`POST` `/v4/my-account/phone-update/confirmation` — Confirm profile phone number change