Authentication

All calls to the Employgroup API require authentication; this document describes the process required to successfully authenticate, and then how to apply that authentication to API calls.

Prerequisites

To connect to the Employgroup API, you will need a valid and active employer account. We strongly recommend that during your development phase, you use a separate employer account, to reduce the likelihood of accidentally affecting live data. Please talk to your Employgroup consultant about setting up a separate test account.

We strongly recommend that for all phases of development, testing and release, that you use a separate user account reserved exclusively for the API. This will reduce the chances of the account being locked due to forgotten/mistyped passwords, and will help identify API activity in logs and audits.

Retrieving API Key

Once a user account has been created for API access, the API key can be retrieved from the My Account > My Account Home page, in the API Keys section.

API Keys screenshot

The API key can then be added to your API calls, by adding the Authorization header with the Bearer scheme to your API request: 

> curl -X GET https://api.epayroll.com.au/v12.5/Employees \
    -H 'Authorization: Bearer 098sd7f0sdf/h09s8fh09df8hs09df8hds0f9==' \
    -H 'Content-Type: application/json'

HTTP/1.1 200 OK
Content-Length: 7092
[
// ...
]