I’ve been trying to reverse engineer the revoke badge API endpoint, but I can’t figure out how its done. When i’m looking at the XHR requests on the inspector, I can’t figure out how the API knows what user/badge I want deleted. I’m not super experienced with hacking APIs, so I’m not sure if I’m missing some additional data, but all the parts of the API i’ve reverse engineered had some kind of form data attached to it.
This is what I’m seeing:
As far as I can see it’s a
DELETE to the url
http://testforum.daohub.org/user_badges/36, different badges have different numbers, but I’m not sure how it knows which user to delete it from. If I add and remove the same badge, the number is different the second time round so it doesn’t seem to be using the badgeID for it either.
Any help would be appreciated.