Mock sample for your project: App Store Connect API
Integrate with "App Store Connect API" from apple.com in no time with Mockoon's ready to use mock sample
App Store Connect API
Version: 1.4.1
Speed up your application development by using "App Store Connect API" ready-to-use mock sample. Mocking this API will help you accelerate your development lifecycles and allow you to stop relying on an external API to get the job done. No more API keys to provision, accesses to configure or unplanned downtime, just work.
Enhance your development infrastructure by mocking third party APIs during integrating testing.
Description
Other APIs by apple.com
Other APIs in the same category
Patchman-engine API
redhat.local
API of the Patch application on cloud.redhat.com
Syntax of the filtername] query parameters is described in [Filters documentation
Syntax of the filtername] query parameters is described in [Filters documentation
Custom Vision Training Client
microsoft.com
Spell Check Client
microsoft.com
The Spell Check API - V7 lets you check a text string for spelling and grammar errors.
API Endpoints
readme.io
Create beautiful product and API documentation with our developer friendly platform.
DynamicDocs
ADVICEment's DynamicDocs API automates your document generation and creates dynamic, optimized, interactive PDFs. Write your templates in LaTeX and call the API with JSON data to get your PDFs in seconds.
The template files are stored in your dashboard and can be edited, tested and published online. Document templates can contain dynamic text using logic statements, include tables stretching multiple pages and show great-looking charts based on the underlying data. LaTeX creates crisp, high-quality documents where every detail is well-positioned and styled.
Integrate with ADVICEment DynamicDocs API in minutes and start creating beautiful dynamic PDF documents for your needs.
For more information, visit DynamicDocs API Home page.
The template files are stored in your dashboard and can be edited, tested and published online. Document templates can contain dynamic text using logic statements, include tables stretching multiple pages and show great-looking charts based on the underlying data. LaTeX creates crisp, high-quality documents where every detail is well-positioned and styled.
Integrate with ADVICEment DynamicDocs API in minutes and start creating beautiful dynamic PDF documents for your needs.
For more information, visit DynamicDocs API Home page.
Rudder API
Download OpenAPI specification: openapi.yml
Introduction
Rudder exposes a REST API, enabling the user to interact with Rudder without using the webapp, for example in scripts or cronjobs.
Versioning
Each time the API is extended with new features (new functions, new parameters, new responses, ...), it will be assigned a new version number. This will allow you
to keep your existing scripts (based on previous behavior). Versions will always be integers (no 2.1 or 3.3, just 2, 3, 4, ...) or latest.
You can change the version of the API used by setting it either within the url or in a header:
the URL: each URL is prefixed by its version id, like /api/version/function.
Version 10
curl -X GET -H "X-API-Token: yourToken" https://rudder.example.com/rudder/api/10/rules
Latest
curl -X GET -H "X-API-Token: yourToken" https://rudder.example.com/rudder/api/latest/rules
Wrong (not an integer) => 404 not found
curl -X GET -H "X-API-Token: yourToken" https://rudder.example.com/rudder/api/3.14/rules
the HTTP headers. You can add the X-API-Version header to your request. The value needs to be an integer or latest.
Version 10
curl -X GET -H "X-API-Token: yourToken" -H "X-API-Version: 10" https://rudder.example.com/rudder/api/rules
Wrong => Error response indicating which versions are available
curl -X GET -H "X-API-Token: yourToken" -H "X-API-Version: 3.14" https://rudder.example.com/rudder/api/rules
In the future, we may declare some versions as deprecated, in order to remove them in a later version of Rudder, but we will never remove any versions without warning, or without a safe
period of time to allow migration from previous versions.
Existing versions
Version
Rudder versions it appeared in
Description
1
Never released (for internal use only)
Experimental version
2 to 10 (deprecated)
4.3 and before
These versions provided the core set of API features for rules, directives, nodes global parameters, change requests and compliance, rudder settings and system API
11
5.0
New system API (replacing old localhost v1 api): status, maintenance operations and server behavior
12
6.0 and 6.1
Node key management
13
6.2
Node status endpoint
System health check
System maintenance job to purge software [that endpoint was back-ported in 6.1]
Response format
All responses from the API are in the JSON format.
{
"action": The name of the called function,
"id": The ID of the element you want, if relevant,
"result": The result of your action: success or error,
"data": Only present if this is a success and depends on the function, it's usually a JSON object,
"errorDetails": Only present if this is an error, it contains the error message
}
Success responses are sent with the 200 HTTP (Success) code
Error responses are sent with a HTTP error code (mostly 5xx...)
HTTP method
Rudder's REST API is based on the usage of HTTP methods. We use them to indicate what action will be done by the request. Currently, we use four of them:
GET: search or retrieve information (get rule details, get a group, ...)
PUT: add new objects (create a directive, clone a Rule, ...)
DELETE: remove objects (delete a node, delete a parameter, ...)
POST: update existing objects (update a directive, reload a group, ...)
Parameters
General parameters
Some parameters are available for almost all API functions. They will be described in this section.
They must be part of the query and can't be submitted in a JSON form.
Available for all requests
Field
Type
Description
prettify
boolean optional
Determine if the answer should be prettified (human friendly) or not. We recommend using this for debugging purposes, but not for general script usage as this does add some unnecessary load on the server side.
Default value: false
Available for modification requests (PUT/POST/DELETE)
Field
Type
Description
reason
string optional or required
Set a message to explain the change. If you set the reason messages to be mandatory in the web interface, failing to supply this value will lead to an error.
Default value:""
changeRequestName
string optional
Set the change request name, is used only if workflows are enabled. The default value depends on the function called
Default value: A default string for each function
changeRequestDescription
string optional
Set the change request description, is used only if workflows are enabled.
Default value:""
Passing parameters
Parameters to the API can be sent:
As part of the URL for resource identification
As data for POST/PUT requests
Directly in JSON format
As request arguments
As part of the URL for resource identification
Parameters in URLs are used to indicate which resource you want to interact with. The function will not work if this resource is missing.
Get the Rule of ID "id"
curl -H "X-API-Token: yourToken" https://rudder.example.com/rudder/api/latest/rules/id
Sending data for POST/PUT requests
Directly in JSON format
JSON format is the preferred way to interact with Rudder API for creating or updating resources.
You'll also have to set the Content-Type header to application/json (without it the JSON content would be ignored).
In a curl POST request, that header can be provided with the -H parameter:
curl -X POST -H "Content-Type: application/json" ...
The supplied file must contain a valid JSON: strings need quotes, booleans and integers don't, etc.
The (human readable) format is:
Here is an example with inlined data:
Update the Rule 'id' with a new name, disabled, and setting it one directive
curl -X POST -H "X-API-Token: yourToken" -H "Content-Type: application/json"
https://rudder.example.com/rudder/api/rules/latest/{id}
-d '{ "displayName": "new name", "enabled": false, "directives": "directiveId"}'
You can also pass a supply the JSON in a file:
Update the Rule 'id' with a new name, disabled, and setting it one directive
curl -X POST -H "X-API-Token: yourToken" -H "Content-Type: application/json" https://rudder.example.com/rudder/api/rules/latest/{id} -d @jsonParam
Note that the general parameters view in the previous chapter cannot be passed in a JSON, and you will need to pass them a URL parameters if you want them to be taken into account (you can't mix JSON and request parameters):
Update the Rule 'id' with a new name, disabled, and setting it one directive with reason message "Reason used"
curl -X POST -H "X-API-Token: yourToken" -H "Content-Type: application/json" "https://rudder.example.com/rudder/api/rules/latest/{id}?reason=Reason used" -d @jsonParam -d "reason=Reason ignored"
Request parameters
In some cases, when you have little, simple data to update, JSON can feel bloated. In such cases, you can use
request parameters. You will need to pass one parameter for each data you want to change.
Parameters follow the following schema:
key=value
You can pass parameters by two means:
As query parameters: At the end of your url, put a ? then your first parameter and then a & before next parameters
Update the Rule 'id' with a new name, disabled, and setting it one directive
curl -X POST -H "X-API-Token: yourToken" https://rudder.example.com/rudder/api/rules/latest/{id}?"displayName=my new name"&"enabled=false"&"directives=aDirectiveId"
As request data: You can pass those parameters in the request data, they won't figure in the URL, making it lighter to read, You can pass a file that contains data.
Update the Rule 'id' with a new name, disabled, and setting it one directive (in file directive-info.json)
curl -X POST -H "X-API-Token: yourToken"
https://rudder.example.com/rudder/api/rules/latest/{id} -d "displayName=my new name" -d "enabled=false" -d @directive-info.json
Introduction
Rudder exposes a REST API, enabling the user to interact with Rudder without using the webapp, for example in scripts or cronjobs.
Versioning
Each time the API is extended with new features (new functions, new parameters, new responses, ...), it will be assigned a new version number. This will allow you
to keep your existing scripts (based on previous behavior). Versions will always be integers (no 2.1 or 3.3, just 2, 3, 4, ...) or latest.
You can change the version of the API used by setting it either within the url or in a header:
the URL: each URL is prefixed by its version id, like /api/version/function.
Version 10
curl -X GET -H "X-API-Token: yourToken" https://rudder.example.com/rudder/api/10/rules
Latest
curl -X GET -H "X-API-Token: yourToken" https://rudder.example.com/rudder/api/latest/rules
Wrong (not an integer) => 404 not found
curl -X GET -H "X-API-Token: yourToken" https://rudder.example.com/rudder/api/3.14/rules
the HTTP headers. You can add the X-API-Version header to your request. The value needs to be an integer or latest.
Version 10
curl -X GET -H "X-API-Token: yourToken" -H "X-API-Version: 10" https://rudder.example.com/rudder/api/rules
Wrong => Error response indicating which versions are available
curl -X GET -H "X-API-Token: yourToken" -H "X-API-Version: 3.14" https://rudder.example.com/rudder/api/rules
In the future, we may declare some versions as deprecated, in order to remove them in a later version of Rudder, but we will never remove any versions without warning, or without a safe
period of time to allow migration from previous versions.
Existing versions
Version
Rudder versions it appeared in
Description
1
Never released (for internal use only)
Experimental version
2 to 10 (deprecated)
4.3 and before
These versions provided the core set of API features for rules, directives, nodes global parameters, change requests and compliance, rudder settings and system API
11
5.0
New system API (replacing old localhost v1 api): status, maintenance operations and server behavior
12
6.0 and 6.1
Node key management
13
6.2
Node status endpoint
System health check
System maintenance job to purge software [that endpoint was back-ported in 6.1]
Response format
All responses from the API are in the JSON format.
{
"action": The name of the called function,
"id": The ID of the element you want, if relevant,
"result": The result of your action: success or error,
"data": Only present if this is a success and depends on the function, it's usually a JSON object,
"errorDetails": Only present if this is an error, it contains the error message
}
Success responses are sent with the 200 HTTP (Success) code
Error responses are sent with a HTTP error code (mostly 5xx...)
HTTP method
Rudder's REST API is based on the usage of HTTP methods. We use them to indicate what action will be done by the request. Currently, we use four of them:
GET: search or retrieve information (get rule details, get a group, ...)
PUT: add new objects (create a directive, clone a Rule, ...)
DELETE: remove objects (delete a node, delete a parameter, ...)
POST: update existing objects (update a directive, reload a group, ...)
Parameters
General parameters
Some parameters are available for almost all API functions. They will be described in this section.
They must be part of the query and can't be submitted in a JSON form.
Available for all requests
Field
Type
Description
prettify
boolean optional
Determine if the answer should be prettified (human friendly) or not. We recommend using this for debugging purposes, but not for general script usage as this does add some unnecessary load on the server side.
Default value: false
Available for modification requests (PUT/POST/DELETE)
Field
Type
Description
reason
string optional or required
Set a message to explain the change. If you set the reason messages to be mandatory in the web interface, failing to supply this value will lead to an error.
Default value:""
changeRequestName
string optional
Set the change request name, is used only if workflows are enabled. The default value depends on the function called
Default value: A default string for each function
changeRequestDescription
string optional
Set the change request description, is used only if workflows are enabled.
Default value:""
Passing parameters
Parameters to the API can be sent:
As part of the URL for resource identification
As data for POST/PUT requests
Directly in JSON format
As request arguments
As part of the URL for resource identification
Parameters in URLs are used to indicate which resource you want to interact with. The function will not work if this resource is missing.
Get the Rule of ID "id"
curl -H "X-API-Token: yourToken" https://rudder.example.com/rudder/api/latest/rules/id
Sending data for POST/PUT requests
Directly in JSON format
JSON format is the preferred way to interact with Rudder API for creating or updating resources.
You'll also have to set the Content-Type header to application/json (without it the JSON content would be ignored).
In a curl POST request, that header can be provided with the -H parameter:
curl -X POST -H "Content-Type: application/json" ...
The supplied file must contain a valid JSON: strings need quotes, booleans and integers don't, etc.
The (human readable) format is:
Here is an example with inlined data:
Update the Rule 'id' with a new name, disabled, and setting it one directive
curl -X POST -H "X-API-Token: yourToken" -H "Content-Type: application/json"
https://rudder.example.com/rudder/api/rules/latest/{id}
-d '{ "displayName": "new name", "enabled": false, "directives": "directiveId"}'
You can also pass a supply the JSON in a file:
Update the Rule 'id' with a new name, disabled, and setting it one directive
curl -X POST -H "X-API-Token: yourToken" -H "Content-Type: application/json" https://rudder.example.com/rudder/api/rules/latest/{id} -d @jsonParam
Note that the general parameters view in the previous chapter cannot be passed in a JSON, and you will need to pass them a URL parameters if you want them to be taken into account (you can't mix JSON and request parameters):
Update the Rule 'id' with a new name, disabled, and setting it one directive with reason message "Reason used"
curl -X POST -H "X-API-Token: yourToken" -H "Content-Type: application/json" "https://rudder.example.com/rudder/api/rules/latest/{id}?reason=Reason used" -d @jsonParam -d "reason=Reason ignored"
Request parameters
In some cases, when you have little, simple data to update, JSON can feel bloated. In such cases, you can use
request parameters. You will need to pass one parameter for each data you want to change.
Parameters follow the following schema:
key=value
You can pass parameters by two means:
As query parameters: At the end of your url, put a ? then your first parameter and then a & before next parameters
Update the Rule 'id' with a new name, disabled, and setting it one directive
curl -X POST -H "X-API-Token: yourToken" https://rudder.example.com/rudder/api/rules/latest/{id}?"displayName=my new name"&"enabled=false"&"directives=aDirectiveId"
As request data: You can pass those parameters in the request data, they won't figure in the URL, making it lighter to read, You can pass a file that contains data.
Update the Rule 'id' with a new name, disabled, and setting it one directive (in file directive-info.json)
curl -X POST -H "X-API-Token: yourToken"
https://rudder.example.com/rudder/api/rules/latest/{id} -d "displayName=my new name" -d "enabled=false" -d @directive-info.json
Interzoid Get Weather City API
This API provides current weather information for US Cities, including temperatures, wind speeds, wind direction, relative humidity, and visibility.
Lead API
Welcome to the Lead API.
You can use this API to access all Lead API endpoints.
Base URL
The base URL for all API requests is https://unify.apideck.com
We also provide a Mock API that can be used for testing purposes: https://mock-api.apideck.com
GraphQL
Use the GraphQL playground to test out the GraphQL API.
Headers
Custom headers that are expected as part of the request. Note that RFC7230 states header names are case insensitive.
| Name | Type | Required | Description |
| --------------------- | ------- | -------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| x-apideck-consumer-id | String | Yes | The id of the customer stored inside Apideck Vault. This can be a user id, account id, device id or whatever entity that can have integration within your app. |
| x-apideck-service-id | String | No | Describe the service you want to call (e.g., pipedrive). Only needed when a customer has activated multiple integrations for the same Unified API. |
| x-apideck-raw | Boolean | No | Include raw response. Mostly used for debugging purposes. |
| x-apideck-app-id | String | Yes | The application id of your Unify application. Available at https://app.apideck.com/unify/api-keys. |
| Authorization | String | Yes | Bearer API KEY |
Authorization
You can interact with the API through the authorization methods below.
Pagination
All API resources have support for bulk retrieval via list APIs. Apideck uses cursor-based pagination via the optional cursor and limit parameters.
To fetch the first page of results, call the list API without a cursor parameter. Afterwards you can fetch subsequent pages by providing a cursor parameter. You will find the next cursor in the response body in meta.cursors.next. If meta.cursors.next is null you're at the end of the list.
In the REST API you can also use the links from the response for added convenience. Simply call the URL in links.next to get the next page of results.
Query Parameters
| Name | Type | Required | Description |
| ------ | ------ | -------- | ------------------------------------------------------------------------------------------------------------------ |
| cursor | String | No | Cursor to start from. You can find cursors for next & previous pages in the meta.cursors property of the response. |
| limit | Number | No | Number of results to return. Minimum 1, Maximum 200, Default 20 |
Response Body
| Name | Type | Description |
| --------------------- | ------ | ------------------------------------------------------------------ |
| meta.cursors.previous | String | Cursor to navigate to the previous page of results through the API |
| meta.cursors.current | String | Cursor to navigate to the current page of results through the API |
| meta.cursors.next | String | Cursor to navigate to the next page of results through the API |
| meta.itemsonpage | Number | Number of items returned in the data property of the response |
| links.previous | String | Link to navigate to the previous page of results through the API |
| links.current | String | Link to navigate to the current page of results through the API |
| links.next | String | Link to navigate to the next page of results through the API |
⚠️ meta.cursors.previous/links.previous is not available for all connectors.
SDKs and API Clients
We currently offer a Node.js, PHP and .NET SDK.
Need another SDK? Request the SDK of your choice.
Debugging
Because of the nature of the abstraction we do in Apideck Unify we still provide the option to the receive raw requests and responses being handled underlying. By including the raw flag ?raw=true in your requests you can still receive the full request. Please note that this increases the response size and can introduce extra latency.
Errors
The API returns standard HTTP response codes to indicate success or failure of the API requests. For errors, we also return a customized error message inside the JSON response. You can see the returned HTTP status codes below.
| Code | Title | Description |
| ---- | -------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| 200 | OK | The request message has been successfully processed, and it has produced a response. The response message varies, depending on the request method and the requested data. |
| 201 | Created | The request has been fulfilled and has resulted in one or more new resources being created. |
| 204 | No Content | The server has successfully fulfilled the request and that there is no additional content to send in the response payload body. |
| 400 | Bad Request | The receiving server cannot understand the request because of malformed syntax. Do not repeat the request without first modifying it; check the request for errors, fix them and then retry the request. |
| 401 | Unauthorized | The request has not been applied because it lacks valid authentication credentials for the target resource. |
| 402 | Payment Required | Subscription data is incomplete or out of date. You'll need to provide payment details to continue. |
| 403 | Forbidden | You do not have the appropriate user rights to access the request. Do not repeat the request. |
| 404 | Not Found | The origin server did not find a current representation for the target resource or is not willing to disclose that one exists. |
| 409 | Conflict | The request could not be completed due to a conflict with the current state of the target resource. |
| 422 | Unprocessable Entity | The server understands the content type of the request entity, and the syntax of the request entity is correct but was unable to process the contained instructions. |
| 429 | Too Many Requests | You sent too many requests in a given amount of time ("rate limit"). Try again later |
| 5xx | Server Errors | Something went wrong with the Unify API. These errors are logged on our side. You can contact our team to resolve the issue. |
Handling errors
The Unify API and SDKs can produce errors for many reasons, such as a failed requests due to misconfigured integrations, invalid parameters, authentication errors, and network unavailability.
Error Types
RequestValidationError
Request is not valid for the current endpoint. The response body will include details on the validation error. Check the spelling and types of your attributes, and ensure you are not passing data that is outside of the specification.
UnsupportedFiltersError
Filters in the request are valid, but not supported by the connector. Remove the unsupported filter(s) to get a successful response.
UnsupportedSortFieldError
Sort field (sort[by]) in the request is valid, but not supported by the connector. Replace or remove the sort field to get a successful response.
InvalidCursorError
Pagination cursor in the request is not valid for the current connector. Make sure to use a cursor returned from the API, for the same connector.
ConnectorExecutionError
A Unified API request made via one of our downstream connectors returned an unexpected error. The status_code returned is proxied through to error response along with their original response via the error detail.
UnauthorizedError
We were unable to authorize the request as made. This can happen for a number of reasons, from missing header params to passing an incorrect authorization token. Verify your Api Key is being set correctly in the authorization header. ie: Authorization: 'Bearer sklive*'
ConnectorCredentialsError
A request using a given connector has not been authorized. Ensure the connector you are trying to use has been configured correctly and been authorized for use.
ConnectorDisabledError
A request has been made to a connector that has since been disabled. This may be temporary - You can contact our team to resolve the issue.
ConnectorRateLimitError
You sent too many request to a connector. These rate limits vary from connector to connector. You will need to try again later.
RequestLimitError
You have reached the number of requests included in your Free Tier Subscription. You will no be able to make further requests until this limit resets at the end of the month, or talk to us about upgrading your subscription to continue immediately.
EntityNotFoundError
You've made a request for a resource or route that does not exist. Verify your path parameters or any identifiers used to fetch this resource.
OAuthCredentialsNotFoundError
When adding a connector integration that implements OAuth, both a clientid and clientsecret must be provided before any authorizations can be performed. Verify the integration has been configured properly before continuing.
IntegrationNotFoundError
The requested connector integration could not be found associated to your applicationid. Verify your applicationid is correct, and that this connector has been added and configured for your application.
ConnectionNotFoundError
A valid connection could not be found associated to your applicationid. Something may_ have interrupted the authorization flow. You may need to start the connector authorization process again.
ConnectionSettingsError
The connector has required settings that were not supplied. Verify connection.settings contains all required settings for the connector to be callable.
ConnectorNotFoundError
A request was made for an unknown connector. Verify your serviceid is spelled correctly, and that this connector is enabled for your provided unifiedapi.
OAuthRedirectUriError
A request was made either in a connector authorization flow, or attempting to revoke connector access without a valid redirect_uri. This is the url the user should be returned to on completion of process.
OAuthInvalidStateError
The state param is required and is used to ensure the outgoing authorization state has not been altered before the user is redirected back. It also contains required params needed to identify the connector being used. If this has been altered, the authorization will not succeed.
OAuthCodeExchangeError
When attempting to exchange the authorization code for an access_token during an OAuth flow, an error occurred. This may be temporary. You can reattempt authorization or contact our team to resolve the issue.
OAuthConnectorError
It seems something went wrong on the connector side. It's possible this connector is in beta or still under development. We've been notified and are working to fix this issue.
MappingError
There was an error attempting to retrieve the mapping for a given attribute. We've been notified and are working to fix this issue.
ConnectorMappingNotFoundError
It seems the implementation for this connector is incomplete. It's possible this connector is in beta or still under development. We've been notified and are working to fix this issue.
ConnectorResponseMappingNotFoundError
We were unable to retrieve the response mapping for this connector. It's possible this connector is in beta or still under development. We've been notified and are working to fix this issue.
ConnectorOperationMappingNotFoundError
Connector mapping has not been implemented for the requested operation. It's possible this connector is in beta or still under development. We've been notified and are working to fix this issue.
ConnectorWorkflowMappingError
The composite api calls required for this operation have not been mapped entirely. It's possible this connector is in beta or still under development. We've been notified and are working to fix this issue.
ConnectorOperationUnsupportedError
You're attempting a call that is not supported by the connector. It's likely this operation is supported by another connector, but we're unable to implement for this one.
PaginationNotSupportedError
Pagination is not yet supported for this connector, try removing limit and/or cursor from the query. It's possible this connector is in beta or still under development. We've been notified and are working to fix this issue.
API Design
API Styles and data formats
REST API
The API is organized around REST, providing simple and predictable URIs to access and modify objects. Requests support standard HTTP methods like GET, PUT, POST, and DELETE and standard status codes. JSON is returned by all API responses, including errors. In all API requests, you must set the content-type HTTP header to application/json. All API requests must be made over HTTPS. Calls made over HTTP will fail.
Available HTTP methods
The Apideck API uses HTTP verbs to understand if you want to read (GET), delete (DELETE) or create (POST) an object. When your web application cannot do a POST or DELETE, we provide the ability to set the method through the query parameter \_method.
Response bodies are always UTF-8 encoded JSON objects, unless explicitly documented otherwise. For some endpoints and use cases we divert from REST to provide a better developer experience.
Schema
All API requests and response bodies adhere to a common JSON format representing individual items, collections of items, links to related items and additional meta data.
Meta
Meta data can be represented as a top level member named “meta”. Any information may be provided in the meta data. It’s most common use is to return the total number of records when requesting a collection of resources.
Idempotence (upcoming)
To prevent the creation of duplicate resources, every POST method (such as one that creates a consumer record) must specify a unique value for the X-Unique-Transaction-ID header name. Uniquely identifying each unique POST request ensures that the API processes a given request once and only once.
Uniquely identifying new resource-creation POSTs is especially important when the outcome of a response is ambiguous because of a transient service interruption, such as a server-side timeout or network disruption. If a service interruption occurs, then the client application can safely retry the uniquely identified request without creating duplicate operations. (API endpoints that guarantee that every uniquely identified request is processed only once no matter how many times that uniquely identifiable request is made are described as idempotent.)
Request IDs
Each API request has an associated request identifier. You can find this value in the response headers, under Request-Id. You can also find request identifiers in the URLs of individual request logs in your Dashboard. If you need to contact us about a specific request, providing the request identifier will ensure the fastest possible resolution.
Fixed field types
Dates
The dates returned by the API are all represented in UTC (ISO8601 format).
This example 2019-11-14T00:55:31.820Z is defined by the ISO 8601 standard. The T in the middle separates the year-month-day portion from the hour-minute-second portion. The Z on the end means UTC, that is, an offset-from-UTC of zero hours-minutes-seconds. The Z is pronounced "Zulu" per military/aviation tradition.
The ISO 8601 standard is more modern. The formats are wisely designed to be easy to parse by machine as well as easy to read by humans across cultures.
Prices and Currencies
All prices returned by the API are represented as integer amounts in a currency’s smallest unit. For example, $5 USD would be returned as 500 (i.e, 500 cents).
For zero-decimal currencies, amounts will still be provided as an integer but without the need to divide by 100. For example, an amount of ¥5 (JPY) would be returned as 5.
All currency codes conform to ISO 4217.
Support
If you have problems or need help with your case, you can always reach out to our Support.
You can use this API to access all Lead API endpoints.
Base URL
The base URL for all API requests is https://unify.apideck.com
We also provide a Mock API that can be used for testing purposes: https://mock-api.apideck.com
GraphQL
Use the GraphQL playground to test out the GraphQL API.
Headers
Custom headers that are expected as part of the request. Note that RFC7230 states header names are case insensitive.
| Name | Type | Required | Description |
| --------------------- | ------- | -------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| x-apideck-consumer-id | String | Yes | The id of the customer stored inside Apideck Vault. This can be a user id, account id, device id or whatever entity that can have integration within your app. |
| x-apideck-service-id | String | No | Describe the service you want to call (e.g., pipedrive). Only needed when a customer has activated multiple integrations for the same Unified API. |
| x-apideck-raw | Boolean | No | Include raw response. Mostly used for debugging purposes. |
| x-apideck-app-id | String | Yes | The application id of your Unify application. Available at https://app.apideck.com/unify/api-keys. |
| Authorization | String | Yes | Bearer API KEY |
Authorization
You can interact with the API through the authorization methods below.
Pagination
All API resources have support for bulk retrieval via list APIs. Apideck uses cursor-based pagination via the optional cursor and limit parameters.
To fetch the first page of results, call the list API without a cursor parameter. Afterwards you can fetch subsequent pages by providing a cursor parameter. You will find the next cursor in the response body in meta.cursors.next. If meta.cursors.next is null you're at the end of the list.
In the REST API you can also use the links from the response for added convenience. Simply call the URL in links.next to get the next page of results.
Query Parameters
| Name | Type | Required | Description |
| ------ | ------ | -------- | ------------------------------------------------------------------------------------------------------------------ |
| cursor | String | No | Cursor to start from. You can find cursors for next & previous pages in the meta.cursors property of the response. |
| limit | Number | No | Number of results to return. Minimum 1, Maximum 200, Default 20 |
Response Body
| Name | Type | Description |
| --------------------- | ------ | ------------------------------------------------------------------ |
| meta.cursors.previous | String | Cursor to navigate to the previous page of results through the API |
| meta.cursors.current | String | Cursor to navigate to the current page of results through the API |
| meta.cursors.next | String | Cursor to navigate to the next page of results through the API |
| meta.itemsonpage | Number | Number of items returned in the data property of the response |
| links.previous | String | Link to navigate to the previous page of results through the API |
| links.current | String | Link to navigate to the current page of results through the API |
| links.next | String | Link to navigate to the next page of results through the API |
⚠️ meta.cursors.previous/links.previous is not available for all connectors.
SDKs and API Clients
We currently offer a Node.js, PHP and .NET SDK.
Need another SDK? Request the SDK of your choice.
Debugging
Because of the nature of the abstraction we do in Apideck Unify we still provide the option to the receive raw requests and responses being handled underlying. By including the raw flag ?raw=true in your requests you can still receive the full request. Please note that this increases the response size and can introduce extra latency.
Errors
The API returns standard HTTP response codes to indicate success or failure of the API requests. For errors, we also return a customized error message inside the JSON response. You can see the returned HTTP status codes below.
| Code | Title | Description |
| ---- | -------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| 200 | OK | The request message has been successfully processed, and it has produced a response. The response message varies, depending on the request method and the requested data. |
| 201 | Created | The request has been fulfilled and has resulted in one or more new resources being created. |
| 204 | No Content | The server has successfully fulfilled the request and that there is no additional content to send in the response payload body. |
| 400 | Bad Request | The receiving server cannot understand the request because of malformed syntax. Do not repeat the request without first modifying it; check the request for errors, fix them and then retry the request. |
| 401 | Unauthorized | The request has not been applied because it lacks valid authentication credentials for the target resource. |
| 402 | Payment Required | Subscription data is incomplete or out of date. You'll need to provide payment details to continue. |
| 403 | Forbidden | You do not have the appropriate user rights to access the request. Do not repeat the request. |
| 404 | Not Found | The origin server did not find a current representation for the target resource or is not willing to disclose that one exists. |
| 409 | Conflict | The request could not be completed due to a conflict with the current state of the target resource. |
| 422 | Unprocessable Entity | The server understands the content type of the request entity, and the syntax of the request entity is correct but was unable to process the contained instructions. |
| 429 | Too Many Requests | You sent too many requests in a given amount of time ("rate limit"). Try again later |
| 5xx | Server Errors | Something went wrong with the Unify API. These errors are logged on our side. You can contact our team to resolve the issue. |
Handling errors
The Unify API and SDKs can produce errors for many reasons, such as a failed requests due to misconfigured integrations, invalid parameters, authentication errors, and network unavailability.
Error Types
RequestValidationError
Request is not valid for the current endpoint. The response body will include details on the validation error. Check the spelling and types of your attributes, and ensure you are not passing data that is outside of the specification.
UnsupportedFiltersError
Filters in the request are valid, but not supported by the connector. Remove the unsupported filter(s) to get a successful response.
UnsupportedSortFieldError
Sort field (sort[by]) in the request is valid, but not supported by the connector. Replace or remove the sort field to get a successful response.
InvalidCursorError
Pagination cursor in the request is not valid for the current connector. Make sure to use a cursor returned from the API, for the same connector.
ConnectorExecutionError
A Unified API request made via one of our downstream connectors returned an unexpected error. The status_code returned is proxied through to error response along with their original response via the error detail.
UnauthorizedError
We were unable to authorize the request as made. This can happen for a number of reasons, from missing header params to passing an incorrect authorization token. Verify your Api Key is being set correctly in the authorization header. ie: Authorization: 'Bearer sklive*'
ConnectorCredentialsError
A request using a given connector has not been authorized. Ensure the connector you are trying to use has been configured correctly and been authorized for use.
ConnectorDisabledError
A request has been made to a connector that has since been disabled. This may be temporary - You can contact our team to resolve the issue.
ConnectorRateLimitError
You sent too many request to a connector. These rate limits vary from connector to connector. You will need to try again later.
RequestLimitError
You have reached the number of requests included in your Free Tier Subscription. You will no be able to make further requests until this limit resets at the end of the month, or talk to us about upgrading your subscription to continue immediately.
EntityNotFoundError
You've made a request for a resource or route that does not exist. Verify your path parameters or any identifiers used to fetch this resource.
OAuthCredentialsNotFoundError
When adding a connector integration that implements OAuth, both a clientid and clientsecret must be provided before any authorizations can be performed. Verify the integration has been configured properly before continuing.
IntegrationNotFoundError
The requested connector integration could not be found associated to your applicationid. Verify your applicationid is correct, and that this connector has been added and configured for your application.
ConnectionNotFoundError
A valid connection could not be found associated to your applicationid. Something may_ have interrupted the authorization flow. You may need to start the connector authorization process again.
ConnectionSettingsError
The connector has required settings that were not supplied. Verify connection.settings contains all required settings for the connector to be callable.
ConnectorNotFoundError
A request was made for an unknown connector. Verify your serviceid is spelled correctly, and that this connector is enabled for your provided unifiedapi.
OAuthRedirectUriError
A request was made either in a connector authorization flow, or attempting to revoke connector access without a valid redirect_uri. This is the url the user should be returned to on completion of process.
OAuthInvalidStateError
The state param is required and is used to ensure the outgoing authorization state has not been altered before the user is redirected back. It also contains required params needed to identify the connector being used. If this has been altered, the authorization will not succeed.
OAuthCodeExchangeError
When attempting to exchange the authorization code for an access_token during an OAuth flow, an error occurred. This may be temporary. You can reattempt authorization or contact our team to resolve the issue.
OAuthConnectorError
It seems something went wrong on the connector side. It's possible this connector is in beta or still under development. We've been notified and are working to fix this issue.
MappingError
There was an error attempting to retrieve the mapping for a given attribute. We've been notified and are working to fix this issue.
ConnectorMappingNotFoundError
It seems the implementation for this connector is incomplete. It's possible this connector is in beta or still under development. We've been notified and are working to fix this issue.
ConnectorResponseMappingNotFoundError
We were unable to retrieve the response mapping for this connector. It's possible this connector is in beta or still under development. We've been notified and are working to fix this issue.
ConnectorOperationMappingNotFoundError
Connector mapping has not been implemented for the requested operation. It's possible this connector is in beta or still under development. We've been notified and are working to fix this issue.
ConnectorWorkflowMappingError
The composite api calls required for this operation have not been mapped entirely. It's possible this connector is in beta or still under development. We've been notified and are working to fix this issue.
ConnectorOperationUnsupportedError
You're attempting a call that is not supported by the connector. It's likely this operation is supported by another connector, but we're unable to implement for this one.
PaginationNotSupportedError
Pagination is not yet supported for this connector, try removing limit and/or cursor from the query. It's possible this connector is in beta or still under development. We've been notified and are working to fix this issue.
API Design
API Styles and data formats
REST API
The API is organized around REST, providing simple and predictable URIs to access and modify objects. Requests support standard HTTP methods like GET, PUT, POST, and DELETE and standard status codes. JSON is returned by all API responses, including errors. In all API requests, you must set the content-type HTTP header to application/json. All API requests must be made over HTTPS. Calls made over HTTP will fail.
Available HTTP methods
The Apideck API uses HTTP verbs to understand if you want to read (GET), delete (DELETE) or create (POST) an object. When your web application cannot do a POST or DELETE, we provide the ability to set the method through the query parameter \_method.
Response bodies are always UTF-8 encoded JSON objects, unless explicitly documented otherwise. For some endpoints and use cases we divert from REST to provide a better developer experience.
Schema
All API requests and response bodies adhere to a common JSON format representing individual items, collections of items, links to related items and additional meta data.
Meta
Meta data can be represented as a top level member named “meta”. Any information may be provided in the meta data. It’s most common use is to return the total number of records when requesting a collection of resources.
Idempotence (upcoming)
To prevent the creation of duplicate resources, every POST method (such as one that creates a consumer record) must specify a unique value for the X-Unique-Transaction-ID header name. Uniquely identifying each unique POST request ensures that the API processes a given request once and only once.
Uniquely identifying new resource-creation POSTs is especially important when the outcome of a response is ambiguous because of a transient service interruption, such as a server-side timeout or network disruption. If a service interruption occurs, then the client application can safely retry the uniquely identified request without creating duplicate operations. (API endpoints that guarantee that every uniquely identified request is processed only once no matter how many times that uniquely identifiable request is made are described as idempotent.)
Request IDs
Each API request has an associated request identifier. You can find this value in the response headers, under Request-Id. You can also find request identifiers in the URLs of individual request logs in your Dashboard. If you need to contact us about a specific request, providing the request identifier will ensure the fastest possible resolution.
Fixed field types
Dates
The dates returned by the API are all represented in UTC (ISO8601 format).
This example 2019-11-14T00:55:31.820Z is defined by the ISO 8601 standard. The T in the middle separates the year-month-day portion from the hour-minute-second portion. The Z on the end means UTC, that is, an offset-from-UTC of zero hours-minutes-seconds. The Z is pronounced "Zulu" per military/aviation tradition.
The ISO 8601 standard is more modern. The formats are wisely designed to be easy to parse by machine as well as easy to read by humans across cultures.
Prices and Currencies
All prices returned by the API are represented as integer amounts in a currency’s smallest unit. For example, $5 USD would be returned as 500 (i.e, 500 cents).
For zero-decimal currencies, amounts will still be provided as an integer but without the need to divide by 100. For example, an amount of ¥5 (JPY) would be returned as 5.
All currency codes conform to ISO 4217.
Support
If you have problems or need help with your case, you can always reach out to our Support.
Vault API
Welcome to the Vault API 👋
When you're looking to connect to an API, the first step is authentication.
Vault helps you handle OAuth flows, store API keys, and refresh access tokens from users (called consumers in Apideck).
Base URL
The base URL for all API requests is https://unify.apideck.com
Get Started
To use the Apideck APIs, you need to sign up for free at https://app.apideck.com/signup. Follow the steps below to get started.
Create a free account.
Go to the Dashboard.
Get your API key and the application ID.
Select and configure the integrations you want to make available to your users. Through the Unify dashboard, you can configure which connectors you want to support as integrations.
Retrieve the clientid and clientsecret for the integration you want to activate (Only needed for OAuth integrations).
Soon, you can skip the previous step and use the Apideck sandbox credentials to get you started instead (upcoming)
Register the redirect URI for the example app (https://unify.apideck.com/vault/callback) in the list of redirect URIs under your app's settings
Use the publishing guides to get your integration listed across app marketplaces.
Hosted Vault
Hosted Vault (vault.apideck.com) is a no-code solution, so you don't need to build your own UI to handle the integration settings and authentication.
Hosted Vault - Integrations portal
Behind the scenes, Hosted Vault implements the Vault API endpoints and handles the following features for your customers:
Add a connection
Handle the OAuth flow
Configure connection settings per integration
Manage connections
Discover and propose integration options
Search for integrations (upcoming)
Give integration suggestions based on provided metadata (email or website) when creating the session (upcoming)
To use Hosted Vault, you will need to first create a session. This can be achieved by making a POST request to the Vault API to create a valid session for a user, hereafter referred to as the consumer ID.
Example using curl:
Vault API
Beware, this is strategy takes more time to implement in comparison to Hosted Vault.
If you are building your integration settings UI manually, you can call the Vault API directly.
The Vault API is for those who want to completely white label the in-app integrations overview and authentication experience. All the available endpoints are listed below.
Through the API, your customers authenticate directly in your app, where Vault will still take care of redirecting to the auth provider and back to your app.
If you're already storing access tokens, we will help you migrate through our Vault Migration API (upcoming).
Domain model
At its core, a domain model creates a web of interconnected entities.
Our domain model contains five main entity types: Consumer (user, account, team, machine), Application, Connector, Integration, and Connection.
Connection state
The connection state is computed based on the connection flow below.
Unify and Proxy integration
The only thing you need to use the Unify APIs and Proxy is the consumer id; thereafter, Vault will do the look-up in the background to handle the token injection before performing the API call(s).
Headers
Custom headers that are expected as part of the request. Note that RFC7230 states header names are case insensitive.
| Name | Type | Required | Description |
| --------------------- | ------- | -------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| x-apideck-app-id | String | Yes | The id of your Unify application. Available at https://app.apideck.com/api-keys. |
| x-apideck-consumer-id | String | Yes | The id of the customer stored inside Apideck Vault. This can be a user id, account id, device id or whatever entity that can have integration within your app. |
| x-apideck-raw | Boolean | No | Include raw response. Mostly used for debugging purposes. |
Sandbox (upcoming)
The sandbox is pre-loaded with data similar to a real-life integrations setup. You can use the preconfigured OAauth configured connectors for testing purposes and can skip this step by using the Apideck sandbox credentials to get you started.
Guides
How to build an integrations UI with Vault
How to configure the OAuth credentials for integration providers (COMING SOON)
FAQ
What purpose does Vault serve? Can I just handle the authentication and access token myself?
You can store everything yourself, but that defeats the purpose of using Apideck Unify. Handling tokens for multiple providers can quickly become very complex.
Is my data secure?
Vault employs data minimization, therefore only requesting the minimum amount of scopes needed to perform an API request.
How do I migrate existing data?
Using our migration API, you can migrate the access tokens and accounts to Apideck Vault. (COMING SOON)
Can I use Vault in combination with existing integrations?
Yes, you can. The flexibility of Unify allows you to quickly the use cases you need while keeping a gradual migration path based on your timeline and requirements.
How does Vault work for Apideck Ecosystem customers?
Once logged in, pick your ecosystem; on the left-hand side of the screen, you'll have the option to create an application underneath the Unify section.
How to integrate Apideck Vault
This section covers everything you need to know to authenticate your customers through Vault.
Vault provides three auth strategies to use API tokens from your customers:
Vault API
Hosted Vault
Apideck Ecosystem (COMING SOON)
You can also opt to bypass Vault and still take care of authentication flows yourself. Make sure to put the right safeguards in place to protect your customers' tokens and other sensitive data.
What auth types does Vault support?
What auth strategies does Vault handle? We currently support three flows so your customers can activate an integration.
API keys
For Services supporting the API key strategy, you can use Hosted Vault will need to provide an in-app form where users can configure their API keys provided by the integration service.
OAuth 2.0
Authorization Code Grant Type Flow
Vault handles the complete Authorization Code Grant Type Flow for you. This flow only supports browser-based (passive) authentication because most identity providers don't allow entering a username and password to be entered into applications that they don't own.
Certain connectors require an OAuth redirect authentication flow, where the end-user is redirected to the provider's website or mobile app to authenticate.
This is being handled by the /authorize endpoint.
Basic auth
Basic authentication is a simple authentication scheme built into the HTTP protocol. The required fields to complete basic auth are handled by Hosted Vault or by updating the connection through the Vault API below.
When you're looking to connect to an API, the first step is authentication.
Vault helps you handle OAuth flows, store API keys, and refresh access tokens from users (called consumers in Apideck).
Base URL
The base URL for all API requests is https://unify.apideck.com
Get Started
To use the Apideck APIs, you need to sign up for free at https://app.apideck.com/signup. Follow the steps below to get started.
Create a free account.
Go to the Dashboard.
Get your API key and the application ID.
Select and configure the integrations you want to make available to your users. Through the Unify dashboard, you can configure which connectors you want to support as integrations.
Retrieve the clientid and clientsecret for the integration you want to activate (Only needed for OAuth integrations).
Soon, you can skip the previous step and use the Apideck sandbox credentials to get you started instead (upcoming)
Register the redirect URI for the example app (https://unify.apideck.com/vault/callback) in the list of redirect URIs under your app's settings
Use the publishing guides to get your integration listed across app marketplaces.
Hosted Vault
Hosted Vault (vault.apideck.com) is a no-code solution, so you don't need to build your own UI to handle the integration settings and authentication.
Hosted Vault - Integrations portal
Behind the scenes, Hosted Vault implements the Vault API endpoints and handles the following features for your customers:
Add a connection
Handle the OAuth flow
Configure connection settings per integration
Manage connections
Discover and propose integration options
Search for integrations (upcoming)
Give integration suggestions based on provided metadata (email or website) when creating the session (upcoming)
To use Hosted Vault, you will need to first create a session. This can be achieved by making a POST request to the Vault API to create a valid session for a user, hereafter referred to as the consumer ID.
Example using curl:
Vault API
Beware, this is strategy takes more time to implement in comparison to Hosted Vault.
If you are building your integration settings UI manually, you can call the Vault API directly.
The Vault API is for those who want to completely white label the in-app integrations overview and authentication experience. All the available endpoints are listed below.
Through the API, your customers authenticate directly in your app, where Vault will still take care of redirecting to the auth provider and back to your app.
If you're already storing access tokens, we will help you migrate through our Vault Migration API (upcoming).
Domain model
At its core, a domain model creates a web of interconnected entities.
Our domain model contains five main entity types: Consumer (user, account, team, machine), Application, Connector, Integration, and Connection.
Connection state
The connection state is computed based on the connection flow below.
Unify and Proxy integration
The only thing you need to use the Unify APIs and Proxy is the consumer id; thereafter, Vault will do the look-up in the background to handle the token injection before performing the API call(s).
Headers
Custom headers that are expected as part of the request. Note that RFC7230 states header names are case insensitive.
| Name | Type | Required | Description |
| --------------------- | ------- | -------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| x-apideck-app-id | String | Yes | The id of your Unify application. Available at https://app.apideck.com/api-keys. |
| x-apideck-consumer-id | String | Yes | The id of the customer stored inside Apideck Vault. This can be a user id, account id, device id or whatever entity that can have integration within your app. |
| x-apideck-raw | Boolean | No | Include raw response. Mostly used for debugging purposes. |
Sandbox (upcoming)
The sandbox is pre-loaded with data similar to a real-life integrations setup. You can use the preconfigured OAauth configured connectors for testing purposes and can skip this step by using the Apideck sandbox credentials to get you started.
Guides
How to build an integrations UI with Vault
How to configure the OAuth credentials for integration providers (COMING SOON)
FAQ
What purpose does Vault serve? Can I just handle the authentication and access token myself?
You can store everything yourself, but that defeats the purpose of using Apideck Unify. Handling tokens for multiple providers can quickly become very complex.
Is my data secure?
Vault employs data minimization, therefore only requesting the minimum amount of scopes needed to perform an API request.
How do I migrate existing data?
Using our migration API, you can migrate the access tokens and accounts to Apideck Vault. (COMING SOON)
Can I use Vault in combination with existing integrations?
Yes, you can. The flexibility of Unify allows you to quickly the use cases you need while keeping a gradual migration path based on your timeline and requirements.
How does Vault work for Apideck Ecosystem customers?
Once logged in, pick your ecosystem; on the left-hand side of the screen, you'll have the option to create an application underneath the Unify section.
How to integrate Apideck Vault
This section covers everything you need to know to authenticate your customers through Vault.
Vault provides three auth strategies to use API tokens from your customers:
Vault API
Hosted Vault
Apideck Ecosystem (COMING SOON)
You can also opt to bypass Vault and still take care of authentication flows yourself. Make sure to put the right safeguards in place to protect your customers' tokens and other sensitive data.
What auth types does Vault support?
What auth strategies does Vault handle? We currently support three flows so your customers can activate an integration.
API keys
For Services supporting the API key strategy, you can use Hosted Vault will need to provide an in-app form where users can configure their API keys provided by the integration service.
OAuth 2.0
Authorization Code Grant Type Flow
Vault handles the complete Authorization Code Grant Type Flow for you. This flow only supports browser-based (passive) authentication because most identity providers don't allow entering a username and password to be entered into applications that they don't own.
Certain connectors require an OAuth redirect authentication flow, where the end-user is redirected to the provider's website or mobile app to authenticate.
This is being handled by the /authorize endpoint.
Basic auth
Basic authentication is a simple authentication scheme built into the HTTP protocol. The required fields to complete basic auth are handled by Hosted Vault or by updating the connection through the Vault API below.