Welcome to Trisk.io documentation
Make an HTTP Request in the Trisk.io
There are many ways you can make an HTTP request to the Trisk.io API. You can make a raw HTTP request in your code or use a tool like Postman.
Credentials
Most of all requests to Trisk.io REST API need to be authenticated. The Trisk.io API uses API keys and HTTP bearer authentication to authenticate requests.
You can view your API keys in the For Developer menu.
Your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, etc.
Use your API key by setting it in the headers.
X-API-KEY this is a Public key from the For Developer menu
X-API-SECRET this is a Secret key from the For Developer menu
To get an HTTP bearer authentication token, you need to Authenticate using credentials and exchange the auth_codes_internal to the JWT Bearer token.
Working with an HTTP bearer authentication, you work in the user session, and all user restrictions are included.
Pay attention! The HTTP bearer authentication doesn't work without API keys
All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.
HTTP Methods
Trisk.io uses the GET and POST HTTP methods on the various resources.
HTTP Headers
Every request should have default Headers:
Accept: application/vnd.api+json
Content-Type: application/vnd.api+json
API has a multi-tenant application scheme. Therefore, every request should have X-Domain Header:
X-Domain: example
Authorization token should be set via Authorization Header:
Authorization: Bearer t318a31a-0bcf-48d1-9350-a6ae499007c0
API doesn't accept the DELETE method. Instead of this, please set X-HTTP-METHOD-OVERRIDE Header:
X-HTTP-METHOD-OVERRIDE: DELETE
API doesn't accept the PATCH method. Instead of this, please set X-HTTP-METHOD-OVERRIDE Header:
X-HTTP-METHOD-OVERRIDE: PATCH
API doesn't accept the PUT method. Instead of this, please set X-HTTP-METHOD-OVERRIDE Header:
X-HTTP-METHOD-OVERRIDE: PUT
More details about where used each method is described in the specific request.
Status Codes
As you make requests, you'll see responses indicating what's happening on the other side of the server. The following is a list of common status codes you'll see in response from the Trisk.io API and what they mean.
| Status Code | Meaning | Description |
|---|---|---|
| 200 | OK | Everything worked as expected. |
| 201 | CREATED | The request was successful, we created a new resource, and the response body contains the representation. This should only appear for POST requests. |
| 401 | UNAUTHORIZED | The client request has not been completed because it lacks valid authentication credentials for the requested resource. |
| 403 | FORBIDDEN | The supplied credentials are insufficient to access the resource. |
| 404 | NOT FOUND | The requested resource doesn't exist. |
| 422 | UNPROCESSABLE | The server understands the content type of the request entity, and the syntax of the request entity is correct, but it was unable to process the contained instructions. |
| 500 | SERVER ERROR | We couldn't return the representation due to an internal server error. |
Rate Limits
The Trisk API employs a number of safeguards against bursts of incoming traffic to help maximize its stability. Integration that sends many requests quickly may see error responses showing status code 429.
For all APIs, Trisk allows up to 600 requests within a one-hour time frame per one Developer License (API key). Concurrent connections are not limited at this time. We reserve the right to reduce limits to prevent abuse without additional notice or increase limits to enable high-traffic applications. Any material changes to limits are communicated in advance via email.
HTTP headers and response codes
You can use the HTTP headers to understand where the integration is for a given rate limit.
X-RateLimit-Limit: the rate limit ceiling
X-RateLimit-Remaining: the number of requests left for the 60-minute window
X-RateLimit-Reset: the remaining window before the rate limit resets, in UTC epoch seconds
Retry-After: the number of seconds before the hold will be released
Errors
Trisk.io uses conventional HTTP response codes to indicate the success or failure of an API request.
- Codes in the
2xxrange indicate success. - Codes in the
4xxrange indicate an error that failed given the information provided (e.g., a required parameter was omitted, etc.). - Codes in the
5xxrange indicate an error with Trisk.io servers.
Link Builder Examples
Each request CAN contains include and fields as a GET parameters.
-
include: (string) accepts
?include=*for all nested relationships. For concrete relationships use?include=relation_name. For nested with nested use dot notation?include=relationship1.relationship1.1For multiple relationships?include=relationship_one,relationship_two -
fields: (array[string]). By default, the response contains all object fields. Accepts:
fields[relationship_name]=field_one,field_twoor multiplefields[relation_ship_one]=field_one,field_two&fields[relation_two]=field_three -
filter: array[string]). By default, the response contains all object fields. Accepts:
filter[property]=valueor multiplefilter[property_one]=value&filter[property_two]=another valueor search (not strict compliance)filter[property_one][contains]=value
Pay attention! All IDs and credentials in the documentation are examples. To work with the system, you should use actual data.