OTR Business Events API External - Version (9/29/2025)

Overview

The OTR Business Event API ingests over-the-road (OTR) business events produced by vendors and internal systems. Clients submit a typed payload (OTRBusinessEventInput) describing the event, including device/asset context, event category/type, measured values, a geolocation point, and a short time-series of supporting datapoints.

Operation surface (from model): OTRBusinessEvent (single operation)
Payload: JSON
Response: Success returns 200 OK with no body (void). Validation errors return InvalidInputException (400).
(Implementation detail, not in model): The service typically deduplicates by eventId.

Authentication & Access

Auth: AWS Signature Version 4 (SigV4).
Authorization: Requests must originate from allow-listed AWS accounts (environment config). Non-allow-listed callers receive 403 Forbidden.

Signing libraries:
Use any AWS SDK SigV4 signer for your language

Protocol & Endpoint

Protocol: HTTPS
Content-Types: application/json
Path (canonical REST mapping): POST → OTRBusinessEvent

(Your Gateway may route directly to the Lambda with an aws_proxy integration; the REST path above is the recommended public shape.)

Operation

Publish OTR Business Event

POST /OTRBusinessEvent

Submit a single OTR event.

Each environment has a separate URL

	Environment	Endpoint URL
1	Beta	`https://beta-na.api.freight-pulse.ats.amazon.dev/OTRBusinessEvent`
2	Gamma NA	`https://gamma-na.api.freight-pulse.ats.amazon.dev/OTRBusinessEvent`
3	Gamma EU	`https://gamma-eu.api.freight-pulse.ats.amazon.dev/OTRBusinessEvent`
4	Gamma JP	`https://gamma-jp.api.freight-pulse.ats.amazon.dev/OTRBusinessEvent`
5	Prod NA	`https://prod-na.api.freight-pulse.ats.amazon.dev/OTRBusinessEvent`
6	Prod EU	`https://prod-eu.api.freight-pulse.ats.amazon.dev/OTRBusinessEvent`
7	Prod JP	`https://prod-jp.api.freight-pulse.ats.amazon.dev/OTRBusinessEvent`

Headers

Authorization: AWS4-HMAC-SHA256 ... (SigV4)
Content-Type: application/json
X-Request-Id (optional, recommended)

Request Body

OTRBusinessEventInput

Success Response

200 OK (empty body)

Error Responses

400 Bad Request — InvalidInputException (see Errors)
403 Forbidden — caller's AWS account not allow-listed
5xx — InternalServerException server/dependency errors

Onboarding & Testing Requirements

Before sending data to production environments, API users must first onboard and test in Gamma:

Test in Gamma First: All API users must validate their implementation using the appropriate Gamma environment (NA, EU, or JP) before sending any data to Production
Production Deployment: Only after successful testing in Gamma should you begin sending data to Production endpoints

Gamma Testing Checklist:

Verify SigV4 authentication works correctly
Validate payload structure and required fields
Test error handling for various scenarios (400, 403, 5xx responses)
Confirm idempotency behavior with duplicate eventId values
Validate geographic coordinates and data units
Test with realistic data volumes and frequencies

Environment Progression:

Gamma → Pre-production validation and testing
Production → Live data submission only after successful Gamma validation

This approach ensures data quality and reduces the risk of production issues.

Schema

`OTRBusinessEventInput`

Required fields are marked ✱.

	Field	Type	Required	Description
1	`eventId`	`string` (UUID)	✱	Unique identifier for this event (often used for idempotency).
2	`eventTimestamp`	`string` (ISO-8601)	✱	When the event occurred at the source.
3	`assetId`	`string`		Vendor or canonical asset identifier.
4	`assetType`	`AssetType`	✱	Asset class (e.g., `TRAILER`).
5	`deviceId`	`string`	✱	Hardware device identifier associated with the event.
6	`deviceManufacturer`	`DeviceManufacturer`	✱	Device OEM (e.g., `XIRGO`, `PHILLIPS`).
7	`assetPart`	`AssetPart`	✱	Asset subsystem/part affected (e.g., `TIRE`).
8	`eventCategory`	`EventCategory`	✱	High-level category (`MAINTENANCE`, `SAFETY`, `CARGO`).
9	`eventType`	`EventType`	✱	Specific event type (see enum).
10	`currentValue`	`number`	✱	Current observed value.
11	`triggerValue`	`number`	✱	Threshold/trigger value that caused the event.
12	`dataUnit`	`DataUnit`	✱	Unit for `currentValue`/`triggerValue` (e.g., `PSI`).
13	`triggerRule`	`string`	✱	Rule name/description that fired.
14	`dataPoints`	`DataPoint[]`	✱	Series of supporting datapoints (value/time/unit).
15	`geoPoint`	`GeoPoint`		Latitude/longitude where the event was observed.
16	`vendorName`	`VendorName`	✱	Event producer/vendor.
17	`additionalInformation`	`AdditionalInformation`	✱	Vendor-specific extras (e.g., `IMAGE_ID`).
18	`version`	`integer`	✱	Payload schema/version from the producer.

`DataPoint`

	Field	Type	Req	Description
1	`value`	`number`	✱	Measured value.
2	`timeStamp`	`string` (ISO-8601)	✱	When this measurement was taken.
3	`dataUnit`	`DataUnit`	✱	Unit for the value.

`GeoPoint`

	Field	Type	Req	Description
1	`latitude`	`number`	✱	Decimal degrees.
2	`longitude`	`number`	✱	Decimal degrees.

`AdditionalInformation`

	Field	Type	Req	Description
1	imageId	`string`		Reference to an associated image/artifact.
2	severity	`Severity`		The severity of the event

Enums

	Enum	Values
1	DeviceManufacturer	`XIRGO`, `PHILLIPS`
2	AssetType	`TRAILER`, `TRACTOR`, `BOX_TRUCK`, `HOSTLER`
3	AssetPart	`TIRE`, `ABS`, `LIGHT`, `ENGINE`, `DOOR`, `CARGO_COMPARTMENT`
4	EventCategory	`MAINTENANCE`, `SAFETY`, `CARGO`
5	EventType	`BRAKE_ABS_FAULT`, `BRAKE_EBPMS`, `COLD_INFLATION_PRESSURE`, `CONFIRMED_DOOR_OPEN`, `FAST_TIRE_LEAK`, `IDENTIFIED_PERSONNEL`, `LOW_TIRE_PRESSURE`, `PREDICTIVE_MAINTENANCE`, `TIRE_FAST_LEAK`, `TRAILER_AGGRESIVE_TURN`, `TRAILER_EMPTY`, `TRAILER_HARSH_ACCELERATION`, `TRAILER_HARSH_BRAKING`, `TRAILER_LOADED`, `TRAILER_MAJOR_COLLISION_ACCIDENT_DETECTION`, `TRAILER_ROLL_OVER_DETECTION`, `TRAILER_ROLL_OVER_RISK`, `TRAILER_VOLUME`
6	DataUnit	`PERCENT`, `PSI`, `BOOLEAN`
7	VendorName	`PCT`, `AWS`, `APERIA_HALO`, `AXSCEND`, `UPTAKE`, `GEOTAB`, `BENDIX`
8	Severity	`MINOR`, `MAJOR`, `CRITICAL`

Examples

Full payload

{  
    "eventId": "d1c1b2f3-4455-4e4a-9f5a-111122223333",  
    "eventTimestamp": "2025-08-18T10:15:30Z",  
    "assetId": "V503768",  
    "assetType": "TRAILER",  
    "deviceId": "861836057633161",  
    "deviceManufacturer": "PHILLIPS",  
    "assetPart": "TIRE",  
    "eventCategory": "MAINTENANCE",  
    "eventType": "COLD_INFLATION_PRESSURE",  
    "currentValue": 72.0,  
    "triggerValue": 80.0,  
    "dataUnit": "PSI",  
    "triggerRule": "Event triggered when 3 datapoints crossed the 80 PSI threshold",
    "dataPoints": [  
        {"value": 78.0, "timeStamp": "2025-08-18T09:50:00Z", "dataUnit": "PSI"},  
        {"value": 75.5, "timeStamp": "2025-08-18T10:05:00Z", "dataUnit": "PSI"},  
        {"value": 72.0, "timeStamp": "2025-08-18T10:15:00Z", "dataUnit": "PSI"}  
    ],  
    "geoPoint": {"latitude": 33.4484, "longitude": -112.074},  
    "vendorName": "PCT",  
    "additionalInformation": {   
        "imageId": "img_20250818_101530_abc123",  
        "severity": "MINOR"  
    },  
    "version": 1  
}

Errors Catalog

	HTTP	Code	When it happens	What you should do
1	400	`InvalidInputException`	Missing required fields, bad enum, wrong types, invalid ranges, malformed timestamps, inconsistent units.	Fix the payload; validate locally before retrying.
2	400	`MalformedBody`	Body isn't valid JSON/CBOR or can't be parsed.	Send valid JSON/CBOR; check `Content-Type`.
3	400	`UnsupportedOperation`	Hitting the RPC without the required operation mapping.	Use the documented URL/operation.
4	401	`Unauthorized` (rare with IAM auth)	No auth provided or credentials disabled. Some gateways use 403 instead.	Sign with SigV4 and ensure credentials are active.
5	403	`AccessDenied`	Caller's AWS account/user/role is not allow-listed.	Use an allow-listed account/role or request access.
6	403	`InvalidSignature`	SigV4 signature invalid, wrong region/service, or clock skew.	Re-sign in correct region/service; sync clock (±5 min).
7	404	`NotFound`	Wrong path / environment URL, or resource route not found.	Verify the environment URL and path.
8	405	`MethodNotAllowed`	Using GET/PUT/DELETE on this operation.	Use POST.
9	408	`RequestTimeout`	Upstream timeout before Lambda processed request.	Retry with backoff; reduce body size if large.
10	415	`UnsupportedMediaType`	Wrong `Content-Type` (e.g., JSON expected but CBOR sent, or vice-versa).	Set `Content-Type: application/json` (or `application/x-amz-cbor` for CBOR deployments).
11	500	`InternalServerException`	Unhandled server error.	Retry with backoff; contact support if persistent.
12	502	`BadGateway` / `UpstreamError`	Lambda/bridge mapping error; enrichment/dependency failed.	Retry; if persistent, investigate dependency health.
13	503	`ServiceUnavailable`	Temporary outage, cold start storm, or dependency unavailable.	Retry with exponential backoff.
14	504	`GatewayTimeout`	Request reached the gateway timeout limit.	Retry; for large payloads, consider smaller batches.

Idempotency & Dedupe

(Behavioral; not explicitly encoded in the model)
Most deployments treat eventId as the idempotency key. Re-submitting the same payload with the same eventId will not create a second record; servers typically return 200 OK (ack) without side effects.

Notes for Implementers

Timestamps: Use RFC 3339/ISO-8601 UTC strings (e.g., 2025-08-12T14:05:07Z).
Units: Ensure dataUnit matches currentValue, triggerValue, and each dataPoints[*].dataUnit.
Enums: Requests with unknown enum values will fail validation.
Geo: latitude ∈ [-90, 90], longitude ∈ [-180, 180] (recommended validation).
Access control: Keep your allow-list of AWS accounts in configuration/infra; return 403 otherwise.