Here you can find out more about how to use our API.
Go directly to
To authenticate access to Leviy services, you must issue an authentication request. In response to valid credentials, an authentication request returns an authentication token that must be used to sign every request to Leviy services.
Because the authentication token expires after 24 hours, you must generate a token once a day.
If you are integrating multiple tools (an ERP, an invoicing tool, an HR tool, a reservation system, a hospital information system, a ticketing system, etc.) with different purposes, you must use multiple API keys.
Manage API credentials
API credentials can be managed via the front-end of Leviy Accounts. To access this feature a User account with the user type ‘Application Administrator’ is needed.
When using the Leviy Production environment, use https://accounts.leviy.com
When using the Leviy Acceptance environment, use https://accounts.accept.leviy.com
Steps for creating new API credentials
- When logged in to accounts go to Organisation settings
- Next push look in the card Integrations and push on the button Manage API keys
- On the API keys overview page push the button on the top right Generate new API key
- Fill out a desired Name for the new API key and press the Generate
- This will generate the API Key and Secret.
- !NOTE Now save the Secret credentials somewhere safe because when this page is closed the Secret will never be shown again!
- Press the "Back to API keys" to close the page
AccessToken Request
Using the provided API key, you can request an AccessToken. This token expires after 24 hours, so you must generate a token once a day.
Example request
POST /oauth/access_token HTTP/1.1
Cache-Control: no-cache
Postman-Token: 842c7b4c-2ece-4eaf-abb4-2b481dcc6d0b
Host: accounts.test.leviy.com
Content-Type: application/x-www-form-urlencoded
Content-Length: 129
grant_type: "client_credentials"
client_id: "54ba34bddc3b916bc4dd5f8b560e5250"
client_secret: "7pqcd9aB412r/c3sLHgkt5ADTtmjmTt7ArgLvX28"
Example Response
{
"token_type":"Bearer",
"expires_in":86400,
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiI0Y2RkZTE5YTYwYjc0OTk0NWZkNDRjOGMzMWJlYmUzZiIsImp0aSI6IjAjYjM0M2NmZDZiZGU5NTkwMmRkMzA2NmU1MDViNjc2N2ZjNzU0YTNiOTdkMWVlNDdhNzUyMjkyN2QwY2ZiM2M3MDk2OTg3MzIwMzIzIiwiaWF0IjoxNjE4MzIxMzcxLCJuYmYiOjE2MTgzMjEzNzEsImV4cCI6MTYxODQwNzc3MSwic3ViIjoiIiwic2NvcGVzIjpbXX0.JL7aGZuWb-R9Uu-edVAza_qq7TZm5KMC7azgey_EUjw_P02PQAMNOku4-NxHfoOKLsedvUVG_HmJ1nImF4R7XZiV3_y2EZfKktfh6mSjlyyDkcT3-Pp1GuByc3WSQ09vjmBcoFVrnMpudMXe1ePXypZPcQY5ImlurVGlRiOHjjc"
}
In response to valid credentials, you will receive a response with an AccessToken. This token must be used to sign every request to the API.
If you perform API requests every few hours, we advise to start each series of requests with refreshing the token once.
Example Authorization in postman
Follow-Up Requests
The provided AccessToken, found in the JSON response as access_token, is to be used with follow-up requests.
HTTP
GET /replace/with/api/endpoint HTTP/1.1
Authorization: Bearer <access_token>
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article