API Reference

Generating an access token

This page will help you to generate access token to access the Teamogy API

Your work with the API must begin by generating an access token to access the Teamogy API. It is not possible to use api without a valid access token. The procedure is as follows:

Log in to your Teamogy account in https://{yourDomain}.teamogy.com

  • You must be member of the Configurator group to generate a token. If you are not a member of this group, ask the responsible person in your organization to add you to this group, or ask your existing confugurator to generate a token.

  • The token can be generated on the Configuration area, in the Security page.

  • The token will be generated for the user who requested the generation and all transactions will be performed on his behalf and his rights. If you want to have API transactions performed under a specific user account and set specific rights for the API, create a new user for this purpose and generate a token under this user account.

  • Always generate a token for a specific purpose and a specific IP address range.

  • The user ID specified in the token will be used for transactions. If such a user does not have access to some data, it will not be possible to access such data even through the API.

  • The address range specified in the token is checked during each API operation. Do not use the 0.0.0.0/0 setting, which allows the token to connect from anywhere in the Internet environment. Such a setting is ONLY suitable for a token used for debugging purposes in an production environment. Always find out the range of IP addresses from which the API will be called and enable this range in the token. A token can be generated for multiple ranges of IP addresses.

  • You must also have the allowed range of IP addresses set in the general whitelisting of IP addresses, which applies to all API accesses.

  • If you plan to use the token on any external system, we recommend that you further restrict the API url and API method that the token can use. Such a token then has permissions only for the allowed API method and API url

  • Always disable a token that you no longer use to debug access or a token that you suspect could be misused (could get into unauthorized hands) in the Teamogy environment.

You can easily verify the data stored in the generated token at https://jwt.io/

In the image below you can see two generated tokens.
The first token was generated without restricting the IP address, method, and url, and was used for debugging purposes and then disabled.
The second token was generated for production deployment, it has a limited specific IP address, specific API method and URL mask. It can be used only from the IP address 18.157.99.147, only POST method calls and only for the API of module attendance.

2072