The affixapi.com API documentation.
Affix API is an OAuth 2.1 application that allows developers to access customer data, without developers needing to manage or maintain integrations; or collect login credentials or API keys from users for these third party systems.
Affix API follows the OAuth 2.1 spec.
As an OAuth application, Affix API handles not only both the collection of sensitive user credentials or API keys, but also builds and maintains the integrations with the providers, so you don't have to.
in order to get started, you must:
- register a
client_id - direct your user to the sign in flow (
https://connect.affixapi.comwith the appropriate query parameters) - capture
authorization_codewe will send to your redirect URI after the sign in flow is complete and exchange thatauthorization_codefor a Bearer token
eyJhbGciOiJFUzI1NiIsImtpZCI6Ims5RmxwSFR1YklmZWNsUU5QRVZzeFcxazFZZ0Zfbk1BWllOSGVuOFQxdGciLCJ0eXAiOiJKV1MifQ.eyJwcm92aWRlciI6InNhbmRib3giLCJzY29wZXMiOlsiLzIwMjMtMDMtMDEveGhyL2NvbXBhbnkiLCIvMjAyMy0wMy0wMS94aHIvZW1wbG95ZWUiLCIvMjAyMy0wMy0wMS94aHIvZW1wbG95ZWVzIiwiLzIwMjMtMDMtMDEveGhyL2dyb3VwcyIsIi8yMDIzLTAzLTAxL3hoci9pZGVudGl0eSIsIi8yMDIzLTAzLTAxL3hoci9wYXlydW5zIiwiLzIwMjMtMDMtMDEveGhyL3BheXJ1bnMvOnBheXJ1bl9pZCIsIi8yMDIzLTAzLTAxL3hoci90aW1lLW9mZi1iYWxhbmNlcyIsIi8yMDIzLTAzLTAxL3hoci90aW1lLW9mZi1lbnRyaWVzIiwiLzIwMjMtMDMtMDEveGhyL3RpbWVzaGVldHMiLCIvMjAyMy0wMy0wMS94aHIvd29yay1sb2NhdGlvbnMiXSwidG9rZW4iOiIzODIzNTNlMi05N2ZiLTRmMWEtOTYxYy0zZDI5OTViNzYxMTUiLCJpYXQiOjE3MTE4MTA3MTQsImlzcyI6InB1YmxpY2FwaS1pbnRlcm1lZGlhdGUuZGV2LmVuZ2luZWVyaW5nLmFmZml4YXBpLmNvbSIsInN1YiI6InhociIsImF1ZCI6IjNGREFFREY5LTFEQ0E0RjU0LTg3OTQ5RjZBLTQxMDI3NjQzIn0.zUJPaT6IxcIdr8b9iO6u-Rr5I-ohTHPYTrQGrgOFghbEbovItiwr9Wk479GnJVJc3WR8bxAwUMAE4Ul6Okdk6Q
curl - -fail \\
-X GET \\
-H 'Authorization: Bearer eyJhbGciOiJFUzI1NiIsImtpZCI6Ims5RmxwSFR1YklmZWNsUU5QRVZzeFcxazFZZ0Zfbk1BWllOSGVuOFQxdGciLCJ0eXAiOiJKV1MifQ.eyJwcm92aWRlciI6InNhbmRib3giLCJzY29wZXMiOlsiLzIwMjMtMDMtMDEveGhyL2NvbXBhbnkiLCIvMjAyMy0wMy0wMS94aHIvZW1wbG95ZWUiLCIvMjAyMy0wMy0wMS94aHIvZW1wbG95ZWVzIiwiLzIwMjMtMDMtMDEveGhyL2dyb3VwcyIsIi8yMDIzLTAzLTAxL3hoci9pZGVudGl0eSIsIi8yMDIzLTAzLTAxL3hoci9wYXlydW5zIiwiLzIwMjMtMDMtMDEveGhyL3BheXJ1bnMvOnBheXJ1bl9pZCIsIi8yMDIzLTAzLTAxL3hoci90aW1lLW9mZi1iYWxhbmNlcyIsIi8yMDIzLTAzLTAxL3hoci90aW1lLW9mZi1lbnRyaWVzIiwiLzIwMjMtMDMtMDEveGhyL3RpbWVzaGVldHMiLCIvMjAyMy0wMy0wMS94aHIvd29yay1sb2NhdGlvbnMiXSwidG9rZW4iOiIzODIzNTNlMi05N2ZiLTRmMWEtOTYxYy0zZDI5OTViNzYxMTUiLCJpYXQiOjE3MTE4MTA3MTQsImlzcyI6InB1YmxpY2FwaS1pbnRlcm1lZGlhdGUuZGV2LmVuZ2luZWVyaW5nLmFmZml4YXBpLmNvbSIsInN1YiI6InhociIsImF1ZCI6IjNGREFFREY5LTFEQ0E0RjU0LTg3OTQ5RjZBLTQxMDI3NjQzIn0.zUJPaT6IxcIdr8b9iO6u-Rr5I-ohTHPYTrQGrgOFghbEbovItiwr9Wk479GnJVJc3WR8bxAwUMAE4Ul6Okdk6Q' \\
'https://dev.api.affixapi.com/2023-03-01/xhr/employees'
eyJhbGciOiJFUzI1NiIsImtpZCI6Ims5RmxwSFR1YklmZWNsUU5QRVZzeFcxazFZZ0Zfbk1BWllOSGVuOFQxdGciLCJ0eXAiOiJKV1MifQ.eyJwcm92aWRlciI6InNhbmRib3giLCJzY29wZXMiOlsiLzIwMjMtMDMtMDEveGhyL2NvbXBhbnkiLCIvMjAyMy0wMy0wMS94aHIvZW1wbG95ZWUiLCIvMjAyMy0wMy0wMS94aHIvZW1wbG95ZWVzIiwiLzIwMjMtMDMtMDEveGhyL2dyb3VwcyIsIi8yMDIzLTAzLTAxL3hoci9pZGVudGl0eSIsIi8yMDIzLTAzLTAxL3hoci9wYXlydW5zIiwiLzIwMjMtMDMtMDEveGhyL3BheXJ1bnMvOnBheXJ1bl9pZCIsIi8yMDIzLTAzLTAxL3hoci90aW1lLW9mZi1iYWxhbmNlcyIsIi8yMDIzLTAzLTAxL3hoci90aW1lLW9mZi1lbnRyaWVzIiwiLzIwMjMtMDMtMDEveGhyL3RpbWVzaGVldHMiLCIvMjAyMy0wMy0wMS94aHIvd29yay1sb2NhdGlvbnMiXSwidG9rZW4iOiIzYjg4MDc2NC1kMGFmLTQ5ZDAtOGM5OS00YzIwYjE2MTJjOTMiLCJpYXQiOjE3MTE4MTA4NTgsImlzcyI6InB1YmxpY2FwaS1pbnRlcm1lZGlhdGUucHJvZC5lbmdpbmVlcmluZy5hZmZpeGFwaS5jb20iLCJzdWIiOiJ4aHIiLCJhdWQiOiIwOEJCMDgxRS1EOUFCNEQxNC04REY5OTIzMy02NjYxNUNFOSJ9.n3pJmmfegU21Tko_TyUyCHi4ITvfd75T8NFFTHmf1r8AI8yCUYTWdfNjyZZWcZD6z50I3Wsk2rAd8GDWXn4vlg
curl - -fail \\
-X GET \\
-H 'Authorization: Bearer eyJhbGciOiJFUzI1NiIsImtpZCI6Ims5RmxwSFR1YklmZWNsUU5QRVZzeFcxazFZZ0Zfbk1BWllOSGVuOFQxdGciLCJ0eXAiOiJKV1MifQ.eyJwcm92aWRlciI6InNhbmRib3giLCJzY29wZXMiOlsiLzIwMjMtMDMtMDEveGhyL2NvbXBhbnkiLCIvMjAyMy0wMy0wMS94aHIvZW1wbG95ZWUiLCIvMjAyMy0wMy0wMS94aHIvZW1wbG95ZWVzIiwiLzIwMjMtMDMtMDEveGhyL2dyb3VwcyIsIi8yMDIzLTAzLTAxL3hoci9pZGVudGl0eSIsIi8yMDIzLTAzLTAxL3hoci9wYXlydW5zIiwiLzIwMjMtMDMtMDEveGhyL3BheXJ1bnMvOnBheXJ1bl9pZCIsIi8yMDIzLTAzLTAxL3hoci90aW1lLW9mZi1iYWxhbmNlcyIsIi8yMDIzLTAzLTAxL3hoci90aW1lLW9mZi1lbnRyaWVzIiwiLzIwMjMtMDMtMDEveGhyL3RpbWVzaGVldHMiLCIvMjAyMy0wMy0wMS94aHIvd29yay1sb2NhdGlvbnMiXSwidG9rZW4iOiIzYjg4MDc2NC1kMGFmLTQ5ZDAtOGM5OS00YzIwYjE2MTJjOTMiLCJpYXQiOjE3MTE4MTA4NTgsImlzcyI6InB1YmxpY2FwaS1pbnRlcm1lZGlhdGUucHJvZC5lbmdpbmVlcmluZy5hZmZpeGFwaS5jb20iLCJzdWIiOiJ4aHIiLCJhdWQiOiIwOEJCMDgxRS1EOUFCNEQxNC04REY5OTIzMy02NjYxNUNFOSJ9.n3pJmmfegU21Tko_TyUyCHi4ITvfd75T8NFFTHmf1r8AI8yCUYTWdfNjyZZWcZD6z50I3Wsk2rAd8GDWXn4vlg' \\
'https://api.affixapi.com/2023-03-01/xhr/employees'
We support brotli, gzip, and deflate compression algorithms.
To enable, pass the Accept-Encoding header with one or all of the values:
br, gzip, deflate, or identity (no compression)
In the response, you will receive the Content-Encoding response header
indicating the compression algorithm used in the data payload to enable you
to decompress the result. If the Accept-Encoding: identity header was
passed, no Content-Encoding response header is sent back, as no
compression algorithm was used.
An exciting feature for HR/Payroll modes are webhooks.
If enabled, your webhook_uri is set on your client_id for the
respective environment: dev | prod
Webhooks are configured to make live requests to the underlying integration
1x/hr, and if a difference is detected since the last request, we will send a
request to your webhook_uri with this shape:
{
added: <api.v20230301.Employees>[
<api.v20230301.Employee>{
...,
date_of_birth: '2010-08-06',
display_full_name: 'Daija Rogahn',
employee_number: '57993',
employment_status: 'pending',
employment_type: 'other',
employments: [
{
currency: 'eur',
effective_date: '2022-02-25',
employment_type: 'other',
job_title: 'Dynamic Implementation Manager',
pay_frequency: 'semimonthly',
pay_period: 'YEAR',
pay_rate: 96000,
},
],
first_name: 'Daija',
...
}
],
removed: [],
updated: [
<api.v20230301.Employee>{
...,
date_of_birth: '2009-11-09',
display_full_name: 'Lourdes Stiedemann',
employee_number: '63189',
employment_status: 'leave',
employment_type: 'full_time',
employments: [
{
currency: 'gbp',
effective_date: '2023-01-16',
employment_type: 'full_time',
job_title: 'Forward Brand Planner',
pay_frequency: 'semimonthly',
pay_period: 'YEAR',
pay_rate: 86000,
},
],
first_name: 'Lourdes',
}
]
}
the following headers will be sent with webhook requests:
x-affix-api-signature: ab8474e609db95d5df3adc39ea3add7a7544bd215c5c520a30a650ae93a2fba7
x-affix-api-origin: webhooks-employees-webhook
user-agent: affixapi.com
Before trusting the payload, you should sign the payload and verify the
signature matches the signature sent by the affixapi.com service.
This secures that the data sent to your webhook_uri is from the
affixapi.com server.
The signature is created by combining the signing secret (your
client_secret) with the body of the request sent using a standard
HMAC-SHA256 keyed hash.
The signature can be created via:
- create an
HMACwith yourclient_secret - update the
HMACwith the payload - get the hex digest -> this is the signature
Sample typescript code that follows this recipe:
import { createHmac } from 'crypto';
export const computeSignature = ({
str,
signingSecret,
}: {
signingSecret: string;
str: string;
}): string => {
const hmac = createHmac('sha256', signingSecret);
hmac.update(str);
const signature = hmac.digest('hex');
return signature;
};
While verifying the Affix API signature header should be your primary method of confirming validity, you can also whitelist our outbound webhook static IP addresses.
dev:
- 52.210.169.82
- 52.210.38.77
- 3.248.135.204
prod:
- 52.51.160.102
- 54.220.83.244
- 3.254.213.171
Open endpoints (not gated by an API key) (applied at endpoint level):
- 15 requests every 1 minute (by IP address)
- 25 requests every 5 minutes (by IP address)
Gated endpoints (require an API key) (applied at endpoint level):
- 40 requests every 1 minute (by IP address)
- 40 requests every 5 minutes (by
client_id)
Things to keep in mind:
- Open endpoints (not gated by an API key) will likely be called by your users, not you, so rate limits generally would not apply to you.
- As a developer, rate limits are applied at the endpoint granularity.
- For example, say the rate limits below are 10 requests per minute by ip.
from that same ip, within 1 minute, you get:
- 10 requests per minute on
/orders, - another 10 requests per minute on
/items, - and another 10 requests per minute on
/identity, - for a total of 30 requests per minute.
- 10 requests per minute on
- For example, say the rate limits below are 10 requests per minute by ip.
from that same ip, within 1 minute, you get:
This C# SDK is automatically generated by the OpenAPI Generator project:
- API version: 2023-03-01
- SDK version: 1.1.101
- Build package: org.openapitools.codegen.languages.CSharpNetCoreClientCodegen
- RestSharp - 106.11.7 or later
- Json.NET - 12.0.3 or later
- JsonSubTypes - 1.8.0 or later
- System.ComponentModel.Annotations - 5.0.0 or later
The DLLs included in the package may not be the latest version. We recommend using NuGet to obtain the latest version of the packages:
Install-Package RestSharp
Install-Package Newtonsoft.Json
Install-Package JsonSubTypes
Install-Package System.ComponentModel.Annotations
NOTE: RestSharp versions greater than 105.1.0 have a bug which causes file uploads to fail. See RestSharp#742. NOTE: RestSharp for .Net Core creates a new socket for each api call, which can lead to a socket exhaustion problem. See RestSharp#1406.
Run the following command to generate the DLL
- [Mac/Linux]
/bin/sh build.sh - [Windows]
build.bat
Then include the DLL (under the bin folder) in the C# project, and use the namespaces:
using AffixApi.Api.Api;
using AffixApi.Api.Client;
using AffixApi.Api.Model;A .nuspec is included with the project. You can follow the Nuget quickstart to create and publish packages.
This .nuspec uses placeholders from the .csproj, so build the .csproj directly:
nuget pack -Build -OutputDirectory out AffixApi.Api.csproj
Then, publish to a local feed or other host and consume the new package via Nuget as usual.
To use the API client with a HTTP proxy, setup a System.Net.WebProxy
Configuration c = new Configuration();
System.Net.WebProxy webProxy = new System.Net.WebProxy("http://myProxyUrl:80/");
webProxy.Credentials = System.Net.CredentialCache.DefaultCredentials;
c.Proxy = webProxy;using System.Collections.Generic;
using System.Diagnostics;
using AffixApi.Api.Api;
using AffixApi.Api.Client;
using AffixApi.Api.Model;
namespace Example
{
public class Example
{
public static void Main()
{
Configuration config = new Configuration();
config.BasePath = "https://api.affixapi.com";
// Configure API key authorization: access-token
config.ApiKey.Add("Authorization", "YOUR_API_KEY");
// Uncomment below to setup prefix (e.g. Bearer) for API key, if needed
// config.ApiKeyPrefix.Add("Authorization", "Bearer");
var apiInstance = new Class20230301Api(config);
try
{
// Company
List<CompanyResponse> result = apiInstance.XhrCompanies20230301();
Debug.WriteLine(result);
}
catch (ApiException e)
{
Debug.Print("Exception when calling Class20230301Api.XhrCompanies20230301: " + e.Message );
Debug.Print("Status Code: "+ e.ErrorCode);
Debug.Print(e.StackTrace);
}
}
}
}All URIs are relative to https://api.affixapi.com
| Class | Method | HTTP request | Description |
|---|---|---|---|
| Class20230301Api | XhrCompanies20230301 | GET /2023-03-01/xhr/company | Company |
| Class20230301Api | XhrEmployees20230301 | GET /2023-03-01/xhr/employees | Employees |
| Class20230301Api | XhrGroups20230301 | GET /2023-03-01/xhr/groups | Groups |
| Class20230301Api | XhrIdentity20230301 | GET /2023-03-01/xhr/identity | Identity |
| Class20230301Api | XhrPayruns20230301 | GET /2023-03-01/xhr/payruns | Payruns |
| Class20230301Api | XhrPayslips20230301 | GET /2023-03-01/xhr/payruns/{payrun_id} | Payslips |
| Class20230301Api | XhrTimeOffBalances20230301 | GET /2023-03-01/xhr/time-off-balances | Time off balances |
| Class20230301Api | XhrTimeOffEntries20230301 | GET /2023-03-01/xhr/time-off-entries | Time off entries |
| Class20230301Api | XhrTimesheets20230301 | GET /2023-03-01/xhr/timesheets | Timesheets |
| Class20230301Api | XhrWorkLocations20230301 | GET /2023-03-01/xhr/work-locations | Work locations |
| CoreApi | Providers | GET /providers | Providers |
| ManagementApi | CallClient | GET /2023-03-01/management/client | Client |
| ManagementApi | Disconnect | POST /2023-03-01/management/disconnect | Disconnect token |
| ManagementApi | Introspect | GET /2023-03-01/management/introspect | Inspect token |
| ManagementApi | Token | POST /2023-03-01/management/token | Create token |
| ManagementApi | Tokens | GET /2023-03-01/management/tokens | Tokens |
| ManagementApi | UpdateClient | POST /2023-03-01/management/client | Update client |
| XHRVerticallyIntegratedApi | XhrCompanies20230301 | GET /2023-03-01/xhr/company | Company |
| XHRVerticallyIntegratedApi | XhrEmployees20230301 | GET /2023-03-01/xhr/employees | Employees |
| XHRVerticallyIntegratedApi | XhrGroups20230301 | GET /2023-03-01/xhr/groups | Groups |
| XHRVerticallyIntegratedApi | XhrIdentity20230301 | GET /2023-03-01/xhr/identity | Identity |
| XHRVerticallyIntegratedApi | XhrPayruns20230301 | GET /2023-03-01/xhr/payruns | Payruns |
| XHRVerticallyIntegratedApi | XhrPayslips20230301 | GET /2023-03-01/xhr/payruns/{payrun_id} | Payslips |
| XHRVerticallyIntegratedApi | XhrTimeOffBalances20230301 | GET /2023-03-01/xhr/time-off-balances | Time off balances |
| XHRVerticallyIntegratedApi | XhrTimeOffEntries20230301 | GET /2023-03-01/xhr/time-off-entries | Time off entries |
| XHRVerticallyIntegratedApi | XhrTimesheets20230301 | GET /2023-03-01/xhr/timesheets | Timesheets |
| XHRVerticallyIntegratedApi | XhrWorkLocations20230301 | GET /2023-03-01/xhr/work-locations | Work locations |
- Model.AddressNoNonNullRequest
- Model.AddressResponse
- Model.ClientRequest
- Model.ClientResponse
- Model.CompanyResponse
- Model.CompensationHistoryNoNonNullRequest
- Model.CompensationHistoryResponse
- Model.CreateEmployeeRequest
- Model.CreateEmployeeRequestBankAccount
- Model.CreateEmployeeRequestDependents
- Model.CreateEmployeeRequestEmergencyContacts
- Model.CreateEmployeeRequestManager
- Model.CurrencyNotNullRequest
- Model.CurrencyNotNullResponse
- Model.CurrencyResponse
- Model.DisconnectResponse
- Model.EmployeeResponse
- Model.EmployeeResponseManager
- Model.EmploymentHistoryNoNonNullRequest
- Model.EmploymentHistoryResponse
- Model.EmploymentStatusNotNullNotNullable
- Model.EmploymentStatusNotNullRequest
- Model.EmploymentStatusResponse
- Model.GroupNoNullEnumRequest
- Model.GroupResponse
- Model.IdAndMessageResponse
- Model.IdentityResponse
- Model.InlineResponse400
- Model.InlineResponse401
- Model.InlineResponse409
- Model.IntrospectResponse
- Model.LocationNoNonNullRequest
- Model.LocationResponse
- Model.MessageResponse
- Model.ModeRequest
- Model.ModeResponse
- Model.PayrunResponse
- Model.PayrunTypeResponse
- Model.PayslipResponse
- Model.PayslipResponseContributions
- Model.PayslipResponseDeductions
- Model.PayslipResponseEarnings
- Model.PayslipResponseReimbursements
- Model.PayslipResponseTaxes
- Model.PolicyTypeResponse
- Model.ProviderRequest
- Model.ProviderResponse
- Model.ScopesRequest
- Model.ScopesResponse
- Model.TimeOffBalanceResponse
- Model.TimeOffEntryResponse
- Model.TimesheetResponse
- Model.TokenRequest
- Model.TokenResponse
- Type: API key
- API key parameter name: Authorization
- Location: HTTP header
- Type: API key
- API key parameter name: Authorization
- Location: HTTP header