API Overview

2 minute read

The ServiceChannel API is a RESTful and stateless API. It has predictable, resource-oriented URLs and accepts POST, GET, PUT, PATCH, and DELETE requests. Our API uses standard HTTP response codes and returns JSON-encapsulated data.

API Version

The current stable version of the ServiceChannel API is v3.

Environments

There are two environments for working with our API: Sandbox2 for testing and Production for live integrations.

App Registration

To use our API, you should have either a subscriber account with the Super Admin role or a provider account with admin rights. You also need to register your application.

Authentication and Authorization

We use the OAuth 2.0 protocol for simple, yet secure and efficient authentication and authorization.

You must include the Authorization header in every API request. Unauthorized calls will fail.

Token Types and Lifetimes

The SC API uses a token-based approach to session management.

Access Token: Used to authenticate API requests. Must be included in all API requests. Short-lived — valid for 10 minutes. When an access token expires, the client requests a new one. If the refresh token is valid, the API returns a new access token.
Refresh Token: Used to obtain new access tokens after expiration. Long-lived — valid for 30 days.

Session Management

Your session remains active as long as the access_token is valid (10 minutes), or you successfully refresh it using a valid refresh_token.

Your session ends when the refresh_token expires (after 30 days).

Requests and Responses

Making requests is easy: our API accepts the most common HTTP verbs and has well-structured endpoint routes.

After a successful request, you will receive a JSON-formatted response as well as a standard HTTP status code.

Call Limits

There are limits to how many calls you can make in a minute. For the default limits, see Throttling.

SSL/TLS Version Support

We’re committed to providing secure experiences, so we’ve deprecated Transport Layer Security (TLS) 1.0 and 1.1 and now support only TLS 1.2. This protocol provides greater security, privacy, and data integrity. If you do not enable TLS 1.2, you will not be able to use our services.

Check this news article to learn more about this protocol and verify that your browser and applications use TLS 1.2.

Sandbox Mode

Before going live, thoroughly test and debug your applications in sandbox mode.

You can use your favorite REST client to explore our API, but we recommend the built-in Swagger Explorer, Postman, or Fiddler.

Share on

Twitter Facebook Google+ LinkedIn