Creating Your First App

The first step using the API is to register as a developer and create your first application for which you'll be issued a set of authentication keys.

What is an application?

The application represents the top level authentication entity; all other entities are a child objects of the application. Each application is a distinct authorisation point having its own set of credentials. The client application is intended to support a single API consumer; you may register multiple applications in different environments such as test and production.

Authorization using OAuth 1.0

The API uses OAuth 1.0 (zero legged) protocol for an authorization, for more detail on OAuth please see Authorization: OAuth 1.0

Your Consumer Key and Consumer Secret

Once you have created your application you will be issued a set of keys, these are made up of a ConsumerKey and ConsumerSecret. The secret is shared between both the API and the application but is never transmitted as part of the API interaction. Both parties can use the secret to confirm the request signature is valid. This allows the API to then use the Consumer Key to identify the application client being invoked. Using this technique, the client can securely transmit its identity and the API infrastructure can authenticate the remote client.

Although part of the object hierarchy, the client application is not represented by a data model. There are no interaction end points for inserting or retrieving a client application data model. Instead the application represents the starting point for requested URI paths.

For example:

[GET] 
  -H "Authorization: OAuth oauth_consumer_key=\"YourAppKey\",..." 
  /Employer/ER001/Employees 

Once you have your keys use our Swagger UI to explore the API.