FAQ

We use a combination of API Key and OAuth Client Credential Grant. For detailed instructions, refer to our guide: Step 1: Get access to Avionté APIs.

Yes, certain operations require specific scopes or permissions, but the scope is not too granular.

The token is valid for 1 hour (3600 seconds).

Yes, Avionté APIs are rate-limited, and the limits vary by the API. Bulk APIs generally have stricter throttling, with limits of 3-5 requests per second (RPS).

The typical limit is 100 records per request. Some bulk endpoints that process heavy workloads may impose lower limits.

The API supports JSON for both requests and responses.

Each request must include the following headers:

• accept: Specifies the expected response format. Set this to application/json to ensure you receive responses in JSON format.
• FrontOfficeTenantId or Tenant:
  • FrontOfficeTenantId: Tenant identifier for scoped data access during request.
  • Tenant: A short code that indicates the tenant for which the request is being made. It is preferred to use FrontOfficeTenantId when available.
• RequestId: A unique request GUID to correlate request data with log entries and events.
• Authorization: Access token, formatted as Bearer {token}. Tokens are case-sensitive, and the word Bearer should always be capitalized.
• X-api-key: Avionté API key. This key is case-sensitive and should match exactly as provided.

How to add headers in your API client:

• Using Python (with requests):

headers = {
    "accept": "application/json",
    "FrontOfficeTenantId": "your-FrontOfficeTenantId",
    "RequestId": "your-RequestId",
    "Authorization": "Bearer your-token",
    "x-api-key": "your-api-key"
}

• Using Postman: Navigate to the Headers tab in the request editor and add each key-value pair (e.g., X-api-key: your-api key) manually.

Yes, errors are communicated using standard HTTP status codes along with detailed messages where applicable.

No, query parameters are not generally supported, except for operations related to talent.