Authorization
Securely access all data and capabilities provided by Salsa.
Salsa requires an OAuth 2.0 Bearer Token in the Authorization
header of all requests made to our APIs. Two token type are supported, which are described in detail below: API Tokens and User Tokens.
API Token
Salsa provides two API Tokens that are used to access our APIs. One for the Sandbox environment and one for Production environment. These tokens grant many privileges, so it's important to keep them secure and never use or share them publicly.
Use the following base URLs when making requests to Salsa API
- Sandbox:
api.sandbox.salsa.dev
- Production:
api.salsa.dev
Having trouble finding your API token?
If you've misplaced your token or need it resent for any reason, contact us.
User Token
A User Token allows you to temporarily provision access for a user. By assigning an access role during creation, you can specify their level of access to your data. Available roles include:
EMPLOYER_ADMIN
- Grants administrative permissions, allowing a user to view and modify all employer associated data, such as workers, payroll runs, and so on.WORKER_USER
- Grants the ability to view data associated with a specific worker, such as personal information, payment records, and so on.
To create a User Token, send a request to Salsa’s Credentials API. This is an example of how to create a User Token with the EMPLOYER_ADMIN
access role in the sandbox environment:
curl --request POST \
--url https://api.sandbox.salsa.dev/api/rest/v1/auth/token \
--header 'accept: application/json' \
--header 'authorization: Bearer ${YOUR_SANDBOX_API_TOKEN}' \
--header 'content-type: application/json' \
--data '{
"type": "CreateEmployerUserTokenInput",
"role": "EMPLOYER_ADMIN",
"employerIds": [
"${SALSA_EMPLOYER_ID_1}",
"${SALSA_EMPLOYER_ID_2}"
]
}'
The token generated in the example is valid for 1 hour, after which, a new token needs to be issued. The expiration time is configurable.
See Create User API token API reference for more details.
Updated 9 months ago