Management API

The Synqly Management APIs enable you to manage the resources within your Synqly organization, such as setting up Accounts for your customers and creating Integrations to connect your product to the different service Providers supported by Synqly.

For more information see the Synqly Overview.

Download OpenAPI description
Languages
Servers
Synqly
https://api.synqly.com/

Accounts

Accounts under your Organization are used to manage Integrations, Credentials, and other account specific resources. Accounts are secure containers and may be used to represent tenants in your system. Data is never shared across accounts.

For more information on Accounts, see the Synqly Overview.

Operations

Audit

Operations

Auth

Operations

Bridges

Operations

Capabilities

Operations

Credentials

Operations

Integration Points

An Integration Point describes a class of Integrations, and lets you describe names, allowed providers and other configuration that should apply to integrations associated with the Integration Point.

While an Integration can be created without associating it with an Integration Point, some Synqly features require the use of Integration Points, such as:

  • Connect UI
  • Validating allowed providers
  • Custom data mapping (coming soon)

Integration Points belong to the Organization, and can be associated with Integrations belonging to different Accounts.

For more information on Integration Points, see the Synqly Overview.

Operations

Integrations

An Integration represents the connection to a specific Provider. Once configured, an Integration enables interaction with the target Provider via our unified and normalized Connector APIs.

Each Integration belongs to an Account and may be associated with an Integration Point to provide additional features and configuration.

For more information on Integrations, see the Synqly Overview.

Operations

Members

Operations

Meta

Operations

Operations (In Development)

In Development

This feature is actively being developed. Breaking changes should be expected.

Please contact us before using this feature.

Operations

Organization Webhooks

Operations

Organization

Operations

Permissionset

Operations

Roles

Operations

Status

Operations

Sub Orgs

Operations

Tokens

Operations

Create Organization Token

Request

Create an adhoc organization token restricted to specified resources and permission set. Tokens can only be reduced in scope, never expanded. Permissions are inherited from the token used to call this API. Permissions assigned to the new token will not be persisted, this is not a way to create roles.

Bodyapplication/jsonrequired
resourcesobject(Resources)required
resources.​organizationsobject(RoleOrganizations)
resources.​accountsobject(RoleAccounts)
resources.​integrationsobject(RoleIntegrations)
permission_setstring(Permissions)required
Enum"administrator""viewer""member""account-manager""connect-ui""token-issuer"
namestring or null

Unique name token. If not provided, defaults to generated newly created refresh token id.

token_ttlstring or null

Token time-to-live. If not provided, defaults to the TTL of the token used to call this API. Use the format "1h", "1m", "1s" for hours, minutes, and seconds respectively.

curl -i -X POST \
  https://api.synqly.com/v1/tokens \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "name": "string",
    "resources": {
      "organizations": {
        "ids": [
          "string"
        ],
        "labels": [
          "string"
        ]
      },
      "accounts": {
        "ids": [
          "string"
        ],
        "labels": [
          "string"
        ],
        "environments": [
          "test"
        ]
      },
      "integrations": {
        "categories": [
          "assets"
        ]
      }
    },
    "permission_set": "administrator",
    "token_ttl": "string"
  }'

Responses

Bodyapplication/json
resultobject(RefreshToken)required
result.​idstring(Id)required
result.​owner_idstring(Id)required
result.​owner_typestring(TokenOwnerType)required
Enum"organization""integration"
result.​expiresstring(date-time)required

Time when this token expires and can no longer be used again.

result.​token_ttlstringrequired

Token time-to-live

result.​primaryobject(TokenPair)required
result.​primary.​accessobject(Token)required
result.​primary.​access.​secretstringrequired

Secret value for the token; used for authentication when making requests.

result.​primary.​access.​expiresstring(date-time)required

Time when this token expires and can no longer be used again.

result.​primary.​access.​permissionsobject(Permission)required
result.​primary.​access.​permissions.​resource_idstring(Id)required
result.​primary.​access.​permissions.​resource_typestringrequired

Type of the resource that this permission grants access to. Must be one of the following: "organization, "integration"

result.​primary.​access.​permissions.​parent_idstring(Id)required
result.​primary.​access.​permissions.​idstring(Id)required
result.​primary.​access.​permissions.​organization_idstring(Id)required
result.​primary.​access.​permissions.​member_idstring(Id)required
result.​primary.​access.​permissions.​role_bindingArray of strings or null(RoleName)

Roles granted to this token.

result.​primary.​access.​permissions.​adhoc_roleobject(AdhocRole)
result.​primary.​access.​permissions.​root_organization_idstring(Id)
result.​primary.​refreshobject(Token)required
result.​primary.​refresh.​secretstringrequired

Secret value for the token; used for authentication when making requests.

result.​primary.​refresh.​expiresstring(date-time)required

Time when this token expires and can no longer be used again.

result.​primary.​refresh.​permissionsobject(Permission)required
result.​primary.​refresh.​permissions.​resource_idstring(Id)required
result.​primary.​refresh.​permissions.​resource_typestringrequired

Type of the resource that this permission grants access to. Must be one of the following: "organization, "integration"

result.​primary.​refresh.​permissions.​parent_idstring(Id)required
result.​primary.​refresh.​permissions.​idstring(Id)required
result.​primary.​refresh.​permissions.​organization_idstring(Id)required
result.​primary.​refresh.​permissions.​member_idstring(Id)required
result.​primary.​refresh.​permissions.​role_bindingArray of strings or null(RoleName)

Roles granted to this token.

result.​primary.​refresh.​permissions.​adhoc_roleobject(AdhocRole)
result.​primary.​refresh.​permissions.​root_organization_idstring(Id)
result.​namestringrequired

Human-readable name for this resource

result.​created_atstring(date-time)required

Time object was originally created

result.​updated_atstring(date-time)required

Last time object was updated

result.​member_idstring(Id)
result.​secondaryobject(TokenPair)
Response
application/json
{ "result": { "id": "string", "member_id": "string", "owner_id": "string", "owner_type": "organization", "expires": "2019-08-24T14:15:22Z", "token_ttl": "string", "primary": {}, "secondary": {}, "name": "string", "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z" } }

List Refresh Tokens

Request

Returns a list of all RefreshToken objects belonging to the Authorization Bearer token. For more infromation on Tokens, refer to Authentication.

Query
limitinteger or null

Number of Token objects to return in this page. Defaults to 100.

start_afterstring or null

Return Token objects starting after this name.

orderArray of strings or null

Select a field to order the results by. Defaults to name. To control the direction of the sorting, append [asc] or [desc] to the field name. For example, name[desc] will sort the results by name in descending order. The ordering defaults to asc if not specified. May be used multiple times to order by multiple fields, and the ordering is applied in the order the fields are specified.

filterArray of strings or null

Filter results by this query. For more information on filtering, refer to our Filtering Guide. Defaults to no filter. If used more than once, the queries are ANDed together.

curl -i -X GET \
  'https://api.synqly.com/v1/tokens?filter=string&limit=0&order=string&start_after=string' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Bodyapplication/json
resultArray of objects(RefreshToken)required
result[].​idstring(Id)required
result[].​owner_idstring(Id)required
result[].​owner_typestring(TokenOwnerType)required
Enum"organization""integration"
result[].​expiresstring(date-time)required

Time when this token expires and can no longer be used again.

result[].​token_ttlstringrequired

Token time-to-live

result[].​primaryobject(TokenPair)required
result[].​primary.​accessobject(Token)required
result[].​primary.​access.​secretstringrequired

Secret value for the token; used for authentication when making requests.

result[].​primary.​access.​expiresstring(date-time)required

Time when this token expires and can no longer be used again.

result[].​primary.​access.​permissionsobject(Permission)required
result[].​primary.​access.​permissions.​resource_idstring(Id)required
result[].​primary.​access.​permissions.​resource_typestringrequired

Type of the resource that this permission grants access to. Must be one of the following: "organization, "integration"

result[].​primary.​access.​permissions.​parent_idstring(Id)required
result[].​primary.​access.​permissions.​idstring(Id)required
result[].​primary.​access.​permissions.​organization_idstring(Id)required
result[].​primary.​access.​permissions.​member_idstring(Id)required
result[].​primary.​access.​permissions.​role_bindingArray of strings or null(RoleName)

Roles granted to this token.

result[].​primary.​access.​permissions.​adhoc_roleobject(AdhocRole)
result[].​primary.​access.​permissions.​root_organization_idstring(Id)
result[].​primary.​refreshobject(Token)required
result[].​primary.​refresh.​secretstringrequired

Secret value for the token; used for authentication when making requests.

result[].​primary.​refresh.​expiresstring(date-time)required

Time when this token expires and can no longer be used again.

result[].​primary.​refresh.​permissionsobject(Permission)required
result[].​primary.​refresh.​permissions.​resource_idstring(Id)required
result[].​primary.​refresh.​permissions.​resource_typestringrequired

Type of the resource that this permission grants access to. Must be one of the following: "organization, "integration"

result[].​primary.​refresh.​permissions.​parent_idstring(Id)required
result[].​primary.​refresh.​permissions.​idstring(Id)required
result[].​primary.​refresh.​permissions.​organization_idstring(Id)required
result[].​primary.​refresh.​permissions.​member_idstring(Id)required
result[].​primary.​refresh.​permissions.​role_bindingArray of strings or null(RoleName)

Roles granted to this token.

result[].​primary.​refresh.​permissions.​adhoc_roleobject(AdhocRole)
result[].​primary.​refresh.​permissions.​root_organization_idstring(Id)
result[].​namestringrequired

Human-readable name for this resource

result[].​created_atstring(date-time)required

Time object was originally created

result[].​updated_atstring(date-time)required

Last time object was updated

result[].​member_idstring(Id)
result[].​secondaryobject(TokenPair)
Response
application/json
{ "result": [ {} ] }

Create Integration Token

Request

Create an adhoc integration token restricted to a single integration. The token used to call this API must have the necessary permissions to create tokens and have access to the account and integration IDs. Permissions may not be escalated, so any operation that the invocation token does not have access to cannot be granted.

Path
accountIdstring(Id)required
integrationIdstring(Id)required
Bodyapplication/jsonrequired
namestring or null

Unique name token. If not provided, defaults to generated newly created refresh token id.

token_ttlstring or null

Token time-to-live. If not provided, defaults to the TTL of the token used to call this API. Use the format "1h", "1m", "1s" for hours, minutes, and seconds respectively.

curl -i -X POST \
  'https://api.synqly.com/v1/tokens/{accountId}/{integrationId}' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "name": "string",
    "token_ttl": "string"
  }'

Responses

Bodyapplication/json
resultobject(Token)required
result.​secretstringrequired

Secret value for the token; used for authentication when making requests.

result.​expiresstring(date-time)required

Time when this token expires and can no longer be used again.

result.​permissionsobject(Permission)required
result.​permissions.​resource_idstring(Id)required
result.​permissions.​resource_typestringrequired

Type of the resource that this permission grants access to. Must be one of the following: "organization, "integration"

result.​permissions.​parent_idstring(Id)required
result.​permissions.​idstring(Id)required
result.​permissions.​organization_idstring(Id)required
result.​permissions.​member_idstring(Id)required
result.​permissions.​role_bindingArray of strings or null(RoleName)

Roles granted to this token.

result.​permissions.​adhoc_roleobject(AdhocRole)
result.​permissions.​root_organization_idstring(Id)
Response
application/json
{ "result": { "secret": "string", "expires": "2019-08-24T14:15:22Z", "permissions": {} } }

Delete Adhoc Refresh Token

Request

Deletes the Refresh Token with id {id}. This immediately invalidates both the primary and secondary token pairs.

Path
refreshTokenIdstring(Id)required
curl -i -X DELETE \
  'https://api.synqly.com/v1/tokens/{refreshTokenId}' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Response
No content

Get Refresh Token

Request

Returns the RefreshToken object matching {tokenId}. For more information on Tokens, refer to Authentication.

Path
refreshTokenIdstring(Id)required
curl -i -X GET \
  'https://api.synqly.com/v1/tokens/{refreshTokenId}/info' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Bodyapplication/json
resultobject(RefreshToken)required
result.​idstring(Id)required
result.​owner_idstring(Id)required
result.​owner_typestring(TokenOwnerType)required
Enum"organization""integration"
result.​expiresstring(date-time)required

Time when this token expires and can no longer be used again.

result.​token_ttlstringrequired

Token time-to-live

result.​primaryobject(TokenPair)required
result.​primary.​accessobject(Token)required
result.​primary.​access.​secretstringrequired

Secret value for the token; used for authentication when making requests.

result.​primary.​access.​expiresstring(date-time)required

Time when this token expires and can no longer be used again.

result.​primary.​access.​permissionsobject(Permission)required
result.​primary.​access.​permissions.​resource_idstring(Id)required
result.​primary.​access.​permissions.​resource_typestringrequired

Type of the resource that this permission grants access to. Must be one of the following: "organization, "integration"

result.​primary.​access.​permissions.​parent_idstring(Id)required
result.​primary.​access.​permissions.​idstring(Id)required
result.​primary.​access.​permissions.​organization_idstring(Id)required
result.​primary.​access.​permissions.​member_idstring(Id)required
result.​primary.​access.​permissions.​role_bindingArray of strings or null(RoleName)

Roles granted to this token.

result.​primary.​access.​permissions.​adhoc_roleobject(AdhocRole)
result.​primary.​access.​permissions.​root_organization_idstring(Id)
result.​primary.​refreshobject(Token)required
result.​primary.​refresh.​secretstringrequired

Secret value for the token; used for authentication when making requests.

result.​primary.​refresh.​expiresstring(date-time)required

Time when this token expires and can no longer be used again.

result.​primary.​refresh.​permissionsobject(Permission)required
result.​primary.​refresh.​permissions.​resource_idstring(Id)required
result.​primary.​refresh.​permissions.​resource_typestringrequired

Type of the resource that this permission grants access to. Must be one of the following: "organization, "integration"

result.​primary.​refresh.​permissions.​parent_idstring(Id)required
result.​primary.​refresh.​permissions.​idstring(Id)required
result.​primary.​refresh.​permissions.​organization_idstring(Id)required
result.​primary.​refresh.​permissions.​member_idstring(Id)required
result.​primary.​refresh.​permissions.​role_bindingArray of strings or null(RoleName)

Roles granted to this token.

result.​primary.​refresh.​permissions.​adhoc_roleobject(AdhocRole)
result.​primary.​refresh.​permissions.​root_organization_idstring(Id)
result.​namestringrequired

Human-readable name for this resource

result.​created_atstring(date-time)required

Time object was originally created

result.​updated_atstring(date-time)required

Last time object was updated

result.​member_idstring(Id)
result.​secondaryobject(TokenPair)
Response
application/json
{ "result": { "id": "string", "member_id": "string", "owner_id": "string", "owner_type": "organization", "expires": "2019-08-24T14:15:22Z", "token_ttl": "string", "primary": {}, "secondary": {}, "name": "string", "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z" } }

Reset Refresh Token

Request

This API can be used to reset Organization or Integration RefreshTokens. Resets the specified RefreshToken and expiration time, removes the secondary, and resets access and refresh tokens for the RefreshToken object matching {ownerId}/{refreshTokenId} where ownerId is an organizationId or integrationId. An Organization token with administrator permissions can be used to perform this operation.

Path
ownerIdstring(Id)required
refreshTokenIdstring(Id)required
curl -i -X PUT \
  'https://api.synqly.com/v1/tokens/{ownerId}/{refreshTokenId}/reset' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Bodyapplication/json
resultobject(RefreshToken)required
result.​idstring(Id)required
result.​owner_idstring(Id)required
result.​owner_typestring(TokenOwnerType)required
Enum"organization""integration"
result.​expiresstring(date-time)required

Time when this token expires and can no longer be used again.

result.​token_ttlstringrequired

Token time-to-live

result.​primaryobject(TokenPair)required
result.​primary.​accessobject(Token)required
result.​primary.​access.​secretstringrequired

Secret value for the token; used for authentication when making requests.

result.​primary.​access.​expiresstring(date-time)required

Time when this token expires and can no longer be used again.

result.​primary.​access.​permissionsobject(Permission)required
result.​primary.​access.​permissions.​resource_idstring(Id)required
result.​primary.​access.​permissions.​resource_typestringrequired

Type of the resource that this permission grants access to. Must be one of the following: "organization, "integration"

result.​primary.​access.​permissions.​parent_idstring(Id)required
result.​primary.​access.​permissions.​idstring(Id)required
result.​primary.​access.​permissions.​organization_idstring(Id)required
result.​primary.​access.​permissions.​member_idstring(Id)required
result.​primary.​access.​permissions.​role_bindingArray of strings or null(RoleName)

Roles granted to this token.

result.​primary.​access.​permissions.​adhoc_roleobject(AdhocRole)
result.​primary.​access.​permissions.​root_organization_idstring(Id)
result.​primary.​refreshobject(Token)required
result.​primary.​refresh.​secretstringrequired

Secret value for the token; used for authentication when making requests.

result.​primary.​refresh.​expiresstring(date-time)required

Time when this token expires and can no longer be used again.

result.​primary.​refresh.​permissionsobject(Permission)required
result.​primary.​refresh.​permissions.​resource_idstring(Id)required
result.​primary.​refresh.​permissions.​resource_typestringrequired

Type of the resource that this permission grants access to. Must be one of the following: "organization, "integration"

result.​primary.​refresh.​permissions.​parent_idstring(Id)required
result.​primary.​refresh.​permissions.​idstring(Id)required
result.​primary.​refresh.​permissions.​organization_idstring(Id)required
result.​primary.​refresh.​permissions.​member_idstring(Id)required
result.​primary.​refresh.​permissions.​role_bindingArray of strings or null(RoleName)

Roles granted to this token.

result.​primary.​refresh.​permissions.​adhoc_roleobject(AdhocRole)
result.​primary.​refresh.​permissions.​root_organization_idstring(Id)
result.​namestringrequired

Human-readable name for this resource

result.​created_atstring(date-time)required

Time object was originally created

result.​updated_atstring(date-time)required

Last time object was updated

result.​member_idstring(Id)
result.​secondaryobject(TokenPair)
Response
application/json
{ "result": { "id": "string", "member_id": "string", "owner_id": "string", "owner_type": "organization", "expires": "2019-08-24T14:15:22Z", "token_ttl": "string", "primary": {}, "secondary": {}, "name": "string", "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z" } }

Refresh Token Pair

Request

Creates a new primary TokenPair object, setting the secondary TokenPair to the previous primary value. Call /v1/removeSecondaryToken to remove this secondary backup once the new primary TokenPair has been deployed.

Path
refreshTokenIdstring(Id)required
curl -i -X PUT \
  'https://api.synqly.com/v1/tokens/{refreshTokenId}/refresh' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Bodyapplication/json
resultobject(RefreshToken)required
result.​idstring(Id)required
result.​owner_idstring(Id)required
result.​owner_typestring(TokenOwnerType)required
Enum"organization""integration"
result.​expiresstring(date-time)required

Time when this token expires and can no longer be used again.

result.​token_ttlstringrequired

Token time-to-live

result.​primaryobject(TokenPair)required
result.​primary.​accessobject(Token)required
result.​primary.​access.​secretstringrequired

Secret value for the token; used for authentication when making requests.

result.​primary.​access.​expiresstring(date-time)required

Time when this token expires and can no longer be used again.

result.​primary.​access.​permissionsobject(Permission)required
result.​primary.​access.​permissions.​resource_idstring(Id)required
result.​primary.​access.​permissions.​resource_typestringrequired

Type of the resource that this permission grants access to. Must be one of the following: "organization, "integration"

result.​primary.​access.​permissions.​parent_idstring(Id)required
result.​primary.​access.​permissions.​idstring(Id)required
result.​primary.​access.​permissions.​organization_idstring(Id)required
result.​primary.​access.​permissions.​member_idstring(Id)required
result.​primary.​access.​permissions.​role_bindingArray of strings or null(RoleName)

Roles granted to this token.

result.​primary.​access.​permissions.​adhoc_roleobject(AdhocRole)
result.​primary.​access.​permissions.​root_organization_idstring(Id)
result.​primary.​refreshobject(Token)required
result.​primary.​refresh.​secretstringrequired

Secret value for the token; used for authentication when making requests.

result.​primary.​refresh.​expiresstring(date-time)required

Time when this token expires and can no longer be used again.

result.​primary.​refresh.​permissionsobject(Permission)required
result.​primary.​refresh.​permissions.​resource_idstring(Id)required
result.​primary.​refresh.​permissions.​resource_typestringrequired

Type of the resource that this permission grants access to. Must be one of the following: "organization, "integration"

result.​primary.​refresh.​permissions.​parent_idstring(Id)required
result.​primary.​refresh.​permissions.​idstring(Id)required
result.​primary.​refresh.​permissions.​organization_idstring(Id)required
result.​primary.​refresh.​permissions.​member_idstring(Id)required
result.​primary.​refresh.​permissions.​role_bindingArray of strings or null(RoleName)

Roles granted to this token.

result.​primary.​refresh.​permissions.​adhoc_roleobject(AdhocRole)
result.​primary.​refresh.​permissions.​root_organization_idstring(Id)
result.​namestringrequired

Human-readable name for this resource

result.​created_atstring(date-time)required

Time object was originally created

result.​updated_atstring(date-time)required

Last time object was updated

result.​member_idstring(Id)
result.​secondaryobject(TokenPair)
Response
application/json
{ "result": { "id": "string", "member_id": "string", "owner_id": "string", "owner_type": "organization", "expires": "2019-08-24T14:15:22Z", "token_ttl": "string", "primary": {}, "secondary": {}, "name": "string", "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z" } }

Remove Secondary Token

Request

Deletes the secondary TokenPair for the RefreshToken object matching {refreshTokenId}.

Path
refreshTokenIdstring(Id)required
curl -i -X DELETE \
  'https://api.synqly.com/v1/tokens/{refreshTokenId}/secondary' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Response
No content

Transforms

Operations