Gangmates
  • Getting Started
  • GENERAL USER GUIDES
    • Directory Services
      • Users
        • Quick Guide for Completing the CSV Template
          • Quick Guide: Formatting the Account Number Column as Text
        • New User Account Activation
      • User Types
      • Third Party Providers
    • Company Services
    • Security
      • Roles
      • Security Settings
    • Configurations
      • Branding
        • Logo
        • Domains
        • Add Email Address Format
          • Custom Expressions for Email Address Format
      • Company Settings
      • Bank Names and Codes Reference
      • Categories and Subcategories
    • Finance
      • Invoice
      • Payroll
        • Create Payslip
          • Understanding Payslip Calculations
        • Payroll Settings
        • Custom Contributions
      • Payment Processing
    • Performance
    • Organization Structure
  • API Documentation
    • API Overview
      • 🔌Authentication
      • ⏱️Rate Limits
    • API Reference
      • Company Management
      • Users Management
      • Payroll Management
        • Payroll Settings
      • Payment Processing
      • Domain Management
      • Wallet Top-Up
      • Invoices Management
  • Legal
    • Compliance and Regulatory Documents
      • Service Agreement
      • Service Level Agreement (SLA)
      • Privacy Policy
      • Data Processing Agreement (DPA)
      • Non-Disclosure Agreement (NDA)
      • Payroll Processing Agreement
      • Master Services Agreement (MSA)
      • Onboarding Checklist
      • Refund Policy
      • Terms and Conditions
Powered by GitBook
On this page
  • Introduction
  • Obtaining an API Token
  • Using the API Token
  • Managing API Tokens
  • Rate Limiting
  • Error Handling
  • Contact
  1. API Documentation
  2. API Overview

Authentication

Introduction

Authentication for the Gangmates API is based on bearer tokens. Each company is issued a unique API token that must be included in the header of each request to authenticate and authorize access to the API endpoints.

Obtaining an API Token

To obtain an API token, contact your administrator. The token will be provided and must be kept secure.

Using the API Token

Include the API token in the Authorization header of your HTTP requests. The format should be as follows:

Authorization: Bearer {your_api_token}

Example Request

GET /api/paystubs HTTP/1.1
Host: stage.gangmates.com
Authorization: Bearer your_api_token

Managing API Tokens

API tokens can be managed through the Gangmates UI. Each company can generate, regenerate, and invalidate their API token.

Generating a New Token

  1. Log in to the Gangmates UI.

  2. Navigate to the "Security" tab then select "API" from the drop down.

  3. Click the "Generate Token" button.

  4. The new token will be generated. Copy and store it securely.

Invalidating a Token

  1. Log in to the Gangmates UI.

  2. Navigate to the "Security" tab then select "API" from the drop down.

  3. Click the "Invalidate Token" button.

  4. The token will be invalidated, and any further requests using that token will be unauthorized.

Rate Limiting

API requests are limited to 100 requests per minute per company. If this limit is exceeded, the following response will be returned:

{
    "error": "Too Many Requests",
    "retry_after": 60
}

The retry_after field indicates the number of seconds to wait before making new requests.

Error Handling

If an invalid or missing token is provided, the following response will be returned:

{
    "error": "Unauthorized"
}

Ensure that your token is correctly included in the Authorization header of each request.

Contact

For any questions or support, please contact our support team at support@gangmates.com.

PreviousAPI OverviewNextRate Limits

Last updated 10 months ago

🔌