Authentication methods
The public API provides two methods of authentication, API Keys and OAuth2. The following sections provide information regarding each one and their intent.
API Keys
API Key is the most straightforward method to start making requests to the public API
API Keys access is restricted to internal company developments
API Key usage for marketplace integrations will be deprecated at the end of 2024. New marketplace integrations must use OAuth
Internal company integrations will still be supported
OAuth 2
OAuth2 is meant to make requests on behalf of a user or a company
OAuth 2 is the required way to build marketplace integrations
Contrary to API Keys, OAuth 2 brings a secure channel for company token exchange. Besides, it automatizes the UX, allowing company HR admins to grant access following a link
Not authenticated
In case you do a request without authentication or with an expired one, the API will return a 401 Unauthorized HTTP status code.
Updated about 1 month ago