Authentication requirements and API tokens
Skedulo or Skedulo for Salesforce users require an API key to access the Skedulo API and follow the majority of the procedures included in this developer documentation.
The API key can be either long-lived or time-limited, and is used to authenticate users to the API.
Skedulo API token users
Skedulo users with administrator permissions can create and manage API tokens through the Developer Tools > API tokens section of the Skedulo web application.
See Authentication for Skedulo for Salesforce for information about using API tokens to access the Skedulo API from your Skedulo for Salesforce managed package.
Skedulo API requests
Requests to Skedulo API endpoints must be made using HTTPS protocol for additional security and encryption.
You can use any HTTP-enabled API client to call the Skedulo API using a standard HTTP method (GET, POST, PUT, DELETE) to call a valid Skedulo REST endpoint.
REST API endpoints expect requests to be made in JSON format. See the Skedulo API Reference Documentation for a full list of supported Skedulo REST API endpoints.
The Skedulo GraphQL API endpoints only support POST requests and expect requests in GraphQL format. GraphQL queries allow you to request specific information from the API using a single request.
The Skedulo web application includes the GraphiQL web extension for creating and testing GraphQL queries and exploring the schema. You can enable this web extension using Developer Tools > Web extensions in the web app settings. To explore the standard Skedulo GraphQL Schema, see the GraphQL Schema Documentation.
Create a token using the API
You can also create an API token by making a POST request to the /auth/token endpoint.
- Obtain a
jwt_tokenfrom your Skedulo account to use as a bearer token. You can do this by running the following JavaScript in the web application browser console:
JSON.parse(localStorage.getItem('auth')).skedApiAccessToken
2. Use cURL or your preferred REST client to send a POST request to https://api.skedulo.com/auth/token with the JWT token returned in the first step as a bearer token. For example:
curl -X POST -H "Authorization: Bearer $ACCESS_TOKEN" https://api.skedulo.com/auth/token -d '{}'
You must include the brackets (`{}`) in the request body, which can be empty for a long lived token, or include a time you want the token to expire.
See the Skedulo API Reference Guide for more information about the /auth endpoint.
Save API Tokens in a secure place
Tokens are secrets that must be kept secure (much like passwords). For example, store them in an encrypted password vault.Use the access token
The access token obtained above is a Base64 encoded JavaScript Web Token (JWT). Place it into the Authorization header using the Bearer method when making REST API requests.
For example:
curl -X GET https://api.skedulo.com/auth/whoami -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik9ESkNORFE0TkRJMVJUTkJNekE1TlRFNVJqVTFORGxDUXpjME9EZEJOVEF3T1RjNE1rVkZSUSJ9.eyJodHRwczovL2FwaS5za2VkdWxvLmNvbS92ZW5kb...-dpYZm_8YuaUYTnMrS4Fs3fQTDxM0oEkt9CWWJxPQTOv3l3pjp3sgDeuRvzYcaFZuoVTVLPYNidL9Pc5gPMrsXpTxOJL3nMF-2GmJJ5YHAXgG2cQc9MmL74u7IsGbQ-qg"
This will return a result like the following:
{
"result":{
"username":"apiuser@skedulo.com",
"userId":"auth0|97056322c44eb888e6a351fa",
"tenantId":"sk_6b03bcfe283f2b49df9cc30a40cf42ac",
"roles":[
"administrator"
],
"resourceId":null,
"vendorInfo":{
"vendor":"skedulo"
}
}
}
Example using Postman
Example using Paw
Example using Insomnia
Setting the API key as an environment variable
This documentation uses $AUTH_TOKEN to represent a long-lived API token as an environment variable. You can create an environment variable for your own environment to avoid having to look up your key for every request.
Set your API key as the AUTH_TOKEN variable by adding the following to your local configuration file:
export AUTH_TOKEN="123456789YOURAPIKEYGOESHERE"
Feedback
Was this page helpful?