Available Data and Options
Our Open API provides access to receive and update key information from the system. It also allows third-party systems or providers to interact with the data.
Below is a summary of the current options:
- Access, create and update account information
- Access, create and update shifts
- Access, create and update time entries
- Access, create and update absence periods
- Access skills, venues, shift tasks, and pay elements
- Access shifts assigned to my account, accept/reject them (if allowed) and provide an external worker name (useful for agency integrations)
API Access & Configuration
You must have an active account within the system to use the API. If you intend to have separate system access to the API, you may wish to create a dedicated account.
For a dedicated account, we recommend setting up an API access level (System > Levels & Permissions > Manage Levels). Note that within a level, you can set the account type to API only. This will block them from logging in to the main interface and only give the user access via the API.
For any level, you can now add which API permissions you want to grant to them. These are all within the manage permissions page (System > Levels & Permissions > Manage Permissions).
Once the account has general permission to access the API, they will have access to a new page under My Account called API Access. This can also be accessed under their profile page for accounts, allowing them to log into the normal interface.
You will be able to view and replace your API User and API key from this page.
When replacing an API key, the system will allow both keys to be used for 14 days for a smooth migration. You can cancel the old key instantly on this management page, too.
This page also allows you to restrict the use of the API User and Key to specific IP addresses.
On the right-hand side of the page will also be a log of all authorisation requests for this API user.
Once you have your API User and API Key, you can access the API.
Using the API
The API endpoint is [your instant url]/api/v1/
The API uses an authorization bearer token to give you access to the data. To generate a token, you need to request it via the /auth endpoint passing in the following variables. They can be passed in the GET, POST or REQUEST HEADER.
X-user: your API User ID
X-key: your API Key
You will be returned a token. This then must be passed with any request within the Authorization Header to allow access to the endpoint.
The tokens will expire after a period of inactivity, and you will receive an authorised response.
Responses & Errors
The API will return standard HTTP response codes for all requests. In addition, further details of the error may be included in the response.
All responses will be in a JSON format with standardised formatting across the API version.
Detailed Documentation
The latest documentation is available at https://api.staffsavvy.com/
This provides example code and details on the various API methods and options.
Comments
0 comments
Please sign in to leave a comment.