Apideck HRIS API
The Apideck HRIS API is a unified API for managing human resources data for employees, companies, departments, and time-off requests across multiple HR platforms such as BambooHR, Personio, Workday, and SAP SuccessFactors.
OpenAPI Specification
openapi: 3.0.0
info:
version: 10.24.12
title: Apideck HRIS API
description: "Welcome to the HRIS API.\n\nYou can use this API to access all HRIS API endpoints.\n\n## Base URL\n\nThe base URL for all API requests is `https://unify.apideck.com`\n\n## Headers\n\nCustom headers that are expected as part of the request. Note that [RFC7230](https://tools.ietf.org/html/rfc7230) states header names are case insensitive.\n\n| Name | Type | Required | Description |\n| --------------------- | ------- | -------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- |\n| x-apideck-consumer-id | String | Yes | The id of the customer stored inside Apideck Vault. This can be a user id, account id, device id or whatever entity that can have integration within your app. |\n| x-apideck-service-id | String | No | Describe the service you want to call (e.g., pipedrive). Only needed when a customer has activated multiple integrations for the same Unified API. |\n| x-apideck-app-id | String | Yes | The application id of your Unify application. Available at https://app.apideck.com/unify/api-keys. |\n| Authorization | String | Yes | Bearer <token> KEY |\n\n## Authorization\n\nYou can interact with the API through the authorization methods below.\n\n<!-- ReDoc-Inject: <security-definitions> -->\n\n## Pagination\n\nAll API resources have support for bulk retrieval via list APIs. Apideck uses cursor-based pagination via the optional `cursor` and `limit` parameters.\n\nTo fetch the first page of results, call the list API without a `cursor` parameter. Afterwards you can fetch subsequent pages by providing a cursor parameter. You will find the next cursor in the response body in `meta.cursors.next`. If `meta.cursors.next` is `null` you're at the end of the list.\n\nIn the REST API you can also use the `links` from the response for added convenience. Simply call the URL in `links.next` to get the next page of results.\n\n### Query Parameters\n\n| Name | Type | Required | Description |\n| ------ | ------ | -------- | ------------------------------------------------------------------------------------------------------------------ |\n| cursor | String | No | Cursor to start from. You can find cursors for next & previous pages in the meta.cursors property of the response. |\n| limit | Number | No | Number of results to return. Minimum 1, Maximum 200, Default 20 |\n\n### Response Body\n\n| Name | Type | Description |\n| --------------------- | ------ | ------------------------------------------------------------------ |\n| meta.cursors.previous | String | Cursor to navigate to the previous page of results through the API |\n| meta.cursors.current | String | Cursor to navigate to the current page of results through the API |\n| meta.cursors.next | String | Cursor to navigate to the next page of results through the API |\n| meta.items_on_page | Number | Number of items returned in the data property of the response |\n| links.previous | String | Link to navigate to the previous page of results through the API |\n| links.current | String | Link to navigate to the current page of results through the API |\n| links.next | String | Link to navigate to the next page of results through the API |\n\n⚠️ `meta.cursors.previous`/`links.previous` is not available for all connectors.\n\n## SDKs and API Clients\n\nWe currently
offer a [Node.js](https://developers.apideck.com/sdks/node), [PHP](https://developers.apideck.com/sdks/php), [Python](https://developers.apideck.com/sdks/python) and [.NET](https://developers.apideck.com/sdks/dot-net) SDK.\nNeed another SDK? [Request the SDK of your choice](https://requests.apideck.io/request).\n\n## Debugging\n\nBecause of the nature of the abstraction we do in Apideck Unify we still provide the option to the receive raw requests and responses being handled underlying. By including the raw flag `?raw=true` in your requests you can still receive the full request. Please note that this increases the response size and can introduce extra latency.\n\n## Errors\n\nThe API returns standard HTTP response codes to indicate success or failure of the API requests. For errors, we also return a customized error message inside the JSON response. You can see the returned HTTP status codes below.\n\n| Code | Title | Description |\n| ---- | -------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |\n| 200 | OK | The request message has been successfully processed, and it has produced a response. The response message varies, depending on the request method and the requested data. |\n| 201 | Created | The request has been fulfilled and has resulted in one or more new resources being created. |\n| 204 | No Content | The server has successfully fulfilled the request and that there is no additional content to send in the response payload body. |\n| 400 | Bad Request | The receiving server cannot understand the request because of malformed syntax. Do not repeat the request without first modifying it; check the request for errors, fix them and then retry the request. |\n| 401 | Unauthorized | The request has not been applied because it lacks valid authentication credentials for the target resource. |\n| 402 | Payment Required | Subscription data is incomplete or out of date. You'll need to provide payment details to continue. |\n| 403 | Forbidden | You do not have the appropriate user rights to access the request. Do not repeat the request. |\n| 404 | Not Found | The origin server did not find a current representation for the target resource or is not willing to disclose that one exists. |\n| 409 | Conflict | The request could not be completed due to a conflict with the current state of the target resource. |\n| 422 | Unprocessable Entity | The server understands the content type of the request entity, and the syntax of the request entity is correct but was unable to process the contained instructions. |\n| 429 | Too Many Requests | You sent too many requests in a given amount of time (\"rate limit\"). Try again later |\n| 5xx | Server Errors | Something went wrong with the Unify API. These errors are logged on our side.
You can contact our team to resolve the issue. |\n\n### Handling errors\n\nThe Unify API and SDKs can produce errors for many reasons, such as a failed requests due to misconfigured integrations, invalid parameters, authentication errors, and network unavailability.\n\n### Error Types\n\n#### RequestValidationError\n\nRequest is not valid for the current endpoint. The response body will include details on the validation error. Check the spelling and types of your attributes, and ensure you are not passing data that is outside of the specification.\n\n#### UnsupportedFiltersError\n\nFilters in the request are valid, but not supported by the connector. Remove the unsupported filter(s) to get a successful response.\n\n#### UnsupportedSortFieldError\n\nSort field (`sort[by]`) in the request is valid, but not supported by the connector. Replace or remove the sort field to get a successful response.\n\n#### InvalidCursorError\n\nPagination cursor in the request is not valid for the current connector. Make sure to use a cursor returned from the API, for the same connector.\n\n#### ConnectorExecutionError\n\nA Unified API request made via one of our downstream connectors returned an unexpected error. The `status_code` returned is proxied through to error response along with their original response via the error detail.\n\n#### UnauthorizedError\n\nWe were unable to authorize the request as made. This can happen for a number of reasons, from missing header params to passing an incorrect authorization token. Verify your Api Key is being set correctly in the authorization header. ie: `Authorization: 'Bearer <API KEY>'`\n\n#### ConnectorCredentialsError\n\nA request using a given connector has not been authorized. Ensure the connector you are trying to use has been configured correctly and been authorized for use.\n\n#### ConnectorDisabledError\n\nA request has been made to a connector that has since been disabled. This may be temporary - You can contact our team to resolve the issue.\n\n#### ConnectorRateLimitError\n\nYou sent too many request to a connector. These rate limits vary from connector to connector. You will need to try again later.\n\n#### RequestLimitError\n\nYou have reached the number of requests included in your Free Tier Subscription. You will not be able to make further requests until you upgrade your subscription. Please reach out to [email protected] to continue making requests.\n\n#### EntityNotFoundError\n\nYou've made a request for a resource or route that does not exist. Verify your path parameters or any identifiers used to fetch this resource.\n\n#### OAuthCredentialsNotFoundError\n\nWhen adding a connector integration that implements OAuth, both a `client_id` and `client_secret` must be provided before any authorizations can be performed. Verify the integration has been configured properly before continuing.\n\n#### IntegrationNotFoundError\n\nThe requested connector integration could not be found associated to your `application_id`. Verify your `application_id` is correct, and that this connector has been added and configured for your application.\n\n#### ConnectionNotFoundError\n\nA valid connection could not be found associated to your `application_id`. Something _may_ have interrupted the authorization flow. You may need to start the connector authorization process again.\n\n#### ConnectionSettingsError\n\nThe connector has required settings that were not supplied. Verify `connection.settings` contains all required settings for the connector to be callable.\n\n#### ConnectorNotFoundError\n\nA request was made for an unknown connector. Verify your `service_id` is spelled correctly, and that this connector is enabled for your provided `unified_api`.\n\n#### OAuthRedirectUriError\n\nA request was made either in a connector authorization flow, or attempting to revoke connector access without a valid `redirect_uri`. This is the url the user should be returned to on completion of process.\n\n#### OAuthInvalidStateError\n\nThe state
param is required and is used to ensure the outgoing authorization state has not been altered before the user is redirected back. It also contains required params needed to identify the connector being used. If this has been altered, the authorization will not succeed.\n\n#### OAuthCodeExchangeError\n\nWhen attempting to exchange the authorization code for an `access_token` during an OAuth flow, an error occurred. This may be temporary. You can reattempt authorization or contact our team to resolve the issue.\n\n#### OAuthConnectorError\n\nIt seems something went wrong on the connector side. It's possible this connector is in `beta` or still under development. We've been notified and are working to fix this issue.\n\n#### MappingError\n\nThere was an error attempting to retrieve the mapping for a given attribute. We've been notified and are working to fix this issue.\n\n#### ConnectorMappingNotFoundError\n\nIt seems the implementation for this connector is incomplete. It's possible this connector is in `beta` or still under development. We've been notified and are working to fix this issue.\n\n#### ConnectorResponseMappingNotFoundError\n\nWe were unable to retrieve the response mapping for this connector. It's possible this connector is in `beta` or still under development. We've been notified and are working to fix this issue.\n\n#### ConnectorOperationMappingNotFoundError\n\nConnector mapping has not been implemented for the requested operation. It's possible this connector is in `beta` or still under development. We've been notified and are working to fix this issue.\n\n#### ConnectorWorkflowMappingError\n\nThe composite api calls required for this operation have not been mapped entirely. It's possible this connector is in `beta` or still under development. We've been notified and are working to fix this issue.\n\n#### ConnectorOperationUnsupportedError\n\nYou're attempting a call that is not supported by the connector. It's likely this operation is supported by another connector, but we're unable to implement for this one.\n\n#### PaginationNotSupportedError\n\nPagination is not yet supported for this connector, try removing limit and/or cursor from the query. It's possible this connector is in `beta` or still under development. We've been notified and are working to fix this issue.\n\n## API Design\n\n### API Styles and data formats\n\n#### REST API\n\nThe API is organized around [REST](https://restfulapi.net/), providing simple and predictable URIs to access and modify objects. Requests support standard HTTP methods like GET, PUT, POST, and DELETE and standard status codes. JSON is returned by all API responses, including errors. In all API requests, you must set the content-type HTTP header to application/json. All API requests must be made over HTTPS. Calls made over HTTP will fail.\n\n##### Available HTTP methods\n\nThe Apideck API uses HTTP verbs to understand if you want to read (GET), delete (DELETE) or create (POST) an object. When your web application cannot do a POST or DELETE, we provide the ability to set the method through the query parameter \\_method.\n\n```\nPOST /messages\nGET /messages\nGET /messages/{messageId}\nPATCH /messages/{messageId}\nDELETE /messages/{messageId}\n```\n\nResponse bodies are always UTF-8 encoded JSON objects, unless explicitly documented otherwise. For some endpoints and use cases we divert from REST to provide a better developer experience.\n\n### Schema\n\nAll API requests and response bodies adhere to a common JSON format representing individual items, collections of items, links to related items and additional meta data.\n\n### Meta\n\nMeta data can be represented as a top level member named “meta”. Any information may be provided in the meta data. It’s most common use is to return the total number of records when requesting a collection of resources.\n\n### Request IDs\n\nEach API request has an associated request identifier. You can find this value in the response headers, under Request-Id. You can also find request identifiers in the URLs of individual request logs in
your Dashboard. If you need to contact us about a specific request, providing the request identifier will ensure the fastest possible resolution.\n\n### Fixed field types\n\n#### Dates\n\nThe dates returned by the API are all represented in UTC (ISO8601 format).\n\nThis example `2019-11-14T00:55:31.820Z` is defined by the ISO 8601 standard. The T in the middle separates the year-month-day portion from the hour-minute-second portion. The Z on the end means UTC, that is, an offset-from-UTC of zero hours-minutes-seconds. The Z is pronounced \"Zulu\" per military/aviation tradition.\n\nThe ISO 8601 standard is more modern. The formats are wisely designed to be easy to parse by machine as well as easy to read by humans across cultures.\n\n#### Currencies\n\nAll currency codes conform to [ISO 4217](https://en.wikipedia.org/wiki/ISO_4217).\n\n## Support\n\nIf you have problems or need help with your case, you can always reach out to our Support.\n\n## Static IP\n\nSome of the APIs you want to use can require a static IP. Apideck's static IP feature allows you to use Apideck with a fixed IP avoiding the need for you to set up your own infrastructure. This feature is currently available to all Apideck customers.\nTo use this feature, the API Vendor will need to whitelist the associated static IP addresses.\nThe provided static IP addresses are fixed to their specified region and shared by all customers who use this feature.\n\n- EU Central 1: **18.197.244.247**, **18.156.9.3**, **3.65.139.215**\n- Other: upcoming\n\n More info about our data security can be found at [https://compliance.apideck.com/](https://compliance.apideck.com/)\n\n"
contact:
email: [email protected]
url: https://developers.apideck.com
x-logo:
url: https://developers.apideck.com/icon.png
license:
name: Apache 2.0
url: http://www.apache.org/licenses/LICENSE-2.0.html
x-apideck-api: hris
x-apideck-sdk-support: true
externalDocs:
description: Apideck Developer Docs
url: https://developers.apideck.com
servers:
- url: https://unify.apideck.com
components:
parameters:
applicationId:
name: x-apideck-app-id
in: header
required: true
description: The ID of your Unify application
schema:
type: string
minLength: 1
example: dSBdXd2H6Mqwfg0atXHXYcysLJE9qyn1VwBtXHX
x-speakeasy-name-override: appId
companyId:
description: ID of the company you are acting upon.
in: path
name: company_id
required: true
schema:
type: string
consumerId:
name: x-apideck-consumer-id
in: header
required: true
description: ID of the consumer which you want to get or push data from
schema:
type: string
example: test-consumer
x-speakeasy-name-override: consumerId
cursor:
name: cursor
in: query
description: Cursor to start from. You can find cursors for next/previous pages in the meta.cursors property of the response.
schema:
type: string
nullable: true
employeeId:
description: ID of the employee you are acting upon.
in: path
name: employee_id
required: true
schema:
type: string
employeesFilter:
name: filter
in: query
description: Apply filters
style: deepObject
explode: true
schema:
$ref: '#/components/schemas/EmployeesFilter'
employeesSort:
name: sort
in: query
description: Apply sorting
style: deepObject
explode: true
schema:
$ref: '#/components/schemas/EmployeesSort'
employeesOneFilter:
name: filter
in: query
description: Apply filters
style: deepObject
explode: true
schema:
$ref: '#/components/schemas/EmployeesOneFilter'
fields:
name: fields
in: query
description: 'The ''fields'' parameter allows API users to specify the fields they want to include in the API response. If this parameter is not present, the API will return all available fields. If this parameter is present, only the fields specified in the comma-separated string will be included in the response. Nested properties can also be requested by using a dot notation. <br /><br />Example: `fields=name,email,addresses.city`<br /><br />In the example above, the response will only include the fields "name", "email" and "addresses.city". If any other fields are available, they will be excluded.'
example: id,updated_at
schema:
type: string
nullable: true
id:
in: path
name: id
schema:
type: string
required: true
description: ID of the record you are acting upon.
jobId:
description: ID of the job you are acting upon.
in: path
name: job_id
required: true
schema:
type: string
limit:
name: limit
in: query
description: Number of results to return. Minimum 1, Maximum 200, Default 20
schema:
type: integer
minimum: 1
maximum: 200
default: 20
payrollId:
description: ID of the payroll you are acting upon.
in: path
name: payroll_id
required: true
schema:
type: string
payrollsFilter:
name: filter
in: query
description: Apply filters
style: deepObject
explode: true
schema:
$ref: '#/components/schemas/PayrollsFilter'
passThrough:
name: pass_through
in: query
description: 'Optional unmapped key/values that will be passed through to downstream as query parameters. Ie: ?pass_through[search]=leads becomes ?search=leads'
style: deepObject
explode: true
schema:
$ref: '#/components/schemas/PassThroughQuery'
raw:
name: raw
in: query
description: Include raw response. Mostly used for debugging purposes
schema:
type: boolean
default: false
serviceId:
name: x-apideck-service-id
in: header
description: Provide the service id you want to call (e.g., pipedrive). Only needed when a consumer has activated multiple integrations for a Unified API.
schema:
type: string
example: salesforce
x-speakeasy-name-override: serviceId
timeOffRequestsFilter:
name: filter
in: query
description: Apply filters
style: deepObject
explode: true
schema:
$ref: '#/components/schemas/TimeOffRequestsFilter'
responses:
BadRequestResponse:
description: Bad Request
content:
application/json:
schema:
$ref: '#/components/schemas/BadRequestResponse'
CreateHrisCompanyResponse:
description: Companies
content:
application/json:
schema:
$ref: '#/components/schemas/CreateHrisCompanyResponse'
CreateEmployeeResponse:
description: Employees
content:
application/json:
schema:
$ref: '#/components/schemas/CreateEmployeeResponse'
DeleteHrisCompanyResponse:
description: Companies
content:
application/json:
schema:
$ref: '#/components/schemas/DeleteHrisCompanyResponse'
DeleteEmployeeResponse:
description: Employees
content:
application/json:
schema:
$ref: '#/components/schemas/DeleteEmployeeResponse'
GetHrisCompaniesResponse:
description: Companies
content:
application/json:
schema:
$ref: '#/components/schemas/GetHrisCompaniesResponse'
GetHrisCompanyResponse:
description: Company
content:
application/json:
schema:
$ref: '#/components/schemas/GetHrisCompanyResponse'
GetEmployeeResponse:
description: Employees
content:
application/json:
schema:
$ref: '#/components/schemas/GetEmployeeResponse'
GetEmployeesResponse:
description: Employees
content:
application/json:
schema:
$ref: '#/components/schemas/GetEmployeesResponse'
NotFoundResponse:
description: The specified resource was not found
content:
application/json:
schema:
$ref: '#/components/schemas/NotFoundResponse'
NotImplementedResponse:
description: Not Implemented
content:
application/json:
schema:
$ref: '#/components/schemas/NotImplementedResponse'
PaymentRequiredResponse:
description: Payment Required
content:
application/json:
schema:
$ref: '#/components/schemas/PaymentRequiredResponse'
UnauthorizedResponse:
description: Unauthorized
content:
application/json:
schema:
$ref: '#/components/schemas/UnauthorizedResponse'
UnexpectedErrorResponse:
description: Unexpected error
content:
application/json:
schema:
$ref: '#/components/schemas/UnexpectedErrorResponse'
UnprocessableResponse:
description: Unprocessable
content:
application/json:
schema:
$ref: '#/components/schemas/UnprocessableResponse'
UpdateHrisCompanyResponse:
description: Companies
content:
application/json:
schema:
$ref: '#/components/schemas/UpdateHrisCompanyResponse'
UpdateEmployeeResponse:
description: Employees
content:
application/json:
schema:
$ref: '#/components/schemas/UpdateEmployeeResponse'
CreateDepartmentResponse:
description: Departments
content:
application/json:
schema:
$ref: '#/components/schemas/CreateDepartmentResponse'
DeleteDepartmentResponse:
description: Departments
content:
application/json:
schema:
$ref: '#/components/schemas/DeleteDepartmentResponse'
GetDepartmentResponse:
description: Departments
content:
application/json:
schema:
$ref: '#/components/schemas/GetDepartmentResponse'
GetDepartmentsResponse:
description: Departments
content:
application/json:
schema:
$ref: '#/components/schemas/GetDepartmentsResponse'
UpdateDepartmentResponse:
description: Departments
content:
application/json:
schema:
$ref: '#/components/schemas/UpdateDepartmentResponse'
GetPayrollsResponse:
description: Payrolls
content:
application/json:
schema:
$ref: '#/components/schemas/GetPayrollsResponse'
GetPayrollResponse:
description: Payrolls
content:
application/json:
schema:
$ref: '#/components/schemas/GetPayrollResponse'
GetEmployeePayrollResponse:
description: Payrolls
content:
application/json:
schema:
$ref: '#/components/schemas/GetEmployeePayrollResponse'
GetEmployeePayrollsResponse:
description: EmployeePayrolls
content:
application/json:
schema:
$ref: '#/components/schemas/GetEmployeePayrollsResponse'
GetEmployeeSchedulesResponse:
description: EmployeeSchedules
content:
application/json:
schema:
$ref: '#/components/schemas/GetEmployeeSchedulesResponse'
GetHrisJobsResponse:
description: Jobs
content:
application/json:
schema:
$ref: '#/components/schemas/GetHrisJobsResponse'
GetHrisJobResponse:
description: Job
content:
application/json:
schema:
$ref: '#/components/schemas/GetHrisJobResponse'
TooManyRequestsResponse:
description: Too Many Requests
content:
application/json:
schema:
$ref: '#/components/schemas/TooManyRequestsResponse'
CreateTimeOffRequestResponse:
description: TimeOffRequests
content:
application/json:
schema:
$ref: '#/components/schemas/CreateTimeOffRequestResponse'
DeleteTimeOffRequestResponse:
description: TimeOffRequests
content:
application/json:
schema:
$ref: '#/components/schemas/DeleteTimeOffRequestResponse'
GetTimeOffRequestResponse:
description: TimeOffRequests
content:
application/json:
schema:
$ref: '#/components/schemas/GetTimeOffRequestResponse'
GetTimeOffRequestsResponse:
description: TimeOffRequests
content:
application/json:
schema:
$ref: '#/components/schemas/GetTimeOffRequestsResponse'
TimeOffRequest:
description: TimeOffRequests
content:
application/json:
schema:
$ref: '#/components/schemas/TimeOffRequest'
UpdateTimeOffRequestResponse:
description: TimeOffRequests
content:
application/json:
schema:
$ref: '#/components/schemas/UpdateTimeOffRequestResponse'
schemas:
Address:
type: object
x-apideck-schema-id: Address
additionalProperties: false
x-apideck-weights:
id: edge-case
name: edge-case
type: critical
line1: high
line2: low
line3: edge-case
line4: edge-case
line5: edge-case
street_number: low
city: high
string: low
state: high
postal_code: high
country: high
latitude: low
longitude: low
county: edge-case
contact_name: edge-case
salutation: edge-case
phone_number: edge-case
fax: edge-case
email: edge-case
website: edge-case
row_version: edge-case
properties:
id:
description: Unique identifier for the address.
type: string
example: '123'
nullable: true
type:
type: string
description: The type of address.
x-apideck-enum-id: addresses.type
enum:
- primary
- secondary
- home
- office
- shipping
- billing
- work
- other
example: primary
nullable: true
string:
type: string
description: The address string. Some APIs don't provide structured address data.
example: 25 Spring Street, Blackburn, VIC 3130
nullable: true
name:
description: The name of the address.
type: string
example: HQ US
nullable: true
line1:
type: string
example: Main street
description: 'Line 1 of the address e.g. number, street, suite, apt #, etc.'
nullable: true
line2:
type: string
example: 'apt #'
description: Line 2 of the address
nullable: true
line3:
type: string
example: 'Suite #'
description: Line 3 of the address
nullable: true
line4:
type: string
example: delivery instructions
description: Line 4 of the address
nullable: true
line5:
type: string
example: 'Attention: Finance Dept'
description: Line 5 of the address
nullable: true
street_number:
type: string
example: '25'
description: Street number
nullable: true
city:
type: string
example: San Francisco
description: Name of city.
nullable: true
state:
type: string
example: CA
description: Name of state
nullable: true
postal_code:
type: string
example: '94104'
description: Zip code or equivalent.
nullable: true
country:
type: string
example: US
description: country code according to ISO 3166-1 alpha-2.
nullable: true
latitude:
description: Latitude of the addr
# --- truncated at 32 KB (234 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/apideck/refs/heads/main/openapi/apideck-hris-openapi.yml