Outseta REST API v1
The Outseta REST API enables customers to perform a variety of powerful tasks such as creating and updating people, accounts, subscriptions and invoices. Outseta uses standard HTTP protocols within a compliant architecture that is simple to integrate. You can use the API both on the client or the server side; see instrutions for authorization for each scenario in the getting started section.
The easiest way to get started with the API is to click the Run in Postman button present at the top of the documentation page and use the Postman App to send requests. Make sure to update the Outseta environment information at the top right corner of Postman so that it can be applied authomatically when you send requests.
Getting Started
You need to include a valid authorization token to send requests to the API endpoints.
Server Side
To construct the authorization token you need to create an API key under Settings >> Integrations >> API Keys. Make sure to record the secret key when you create the new API Key. Then construct the token as follows
"Outseta [APIKey]:[SecretKey]"
Example:
Outseta ce08fd5a-e1ee-4472-9c5f-b7575d8369b2:74fc1d2242a4eb7336d34b0e40cfbc5f
Client Side
If you plan to use the API from the client side do NOT use the API keys as those are unsecure on the client side and can be easily copied. Instead construct the authorization token by calling the Get Auth API from the server side with your Outseta username and password. Then construct the authorization token as follows
"bearer [access_token]"
Example:
bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6InhObnZiLWxaWDJWNHdKTFctaVdreXBSR0cwVSJ9.eyJ1bmlxdWVfbmFtZSI6ImRpbWl0cmlzQG91dHNldGEuY29tIiwiZ2l2ZW5fbmFtZSI6IkRpbWl0cmlzIiwiZmFtaWx5X25hbWUiOiJHZW9yZ2Frb3BvdWxvcyIsImVtYWlsIjoiZGltaXRyaXNAb3V0c2V0YS5jb20iLCJuYW1laWQiOiI0WFFZcVFQQiIsIm91dHNldGE6YWNjb3VudFVpZCI6IndabU5abTJPIiwib3V0c2V0YTphY2NvdW50Q2xpZW50SWRlbnRpZmllciI6IjEiLCJ
For the URL use your outseta domain name and append /api/v1 https://[yourdomain].outseta.com/api/v1
The API will only respond to secured communication done over HTTPS. HTTP requests will be sent a 301 redirect to corresponding HTTPS resources.
Response to every request is sent in JSON format. In case the API request results in an error, it is represented by an "error": {} key in the JSON response.
The request method (verb) determines the nature of action you intend to perform. A request made using the GET method implies that you want to fetch something from Outseta, and POST implies you want to save something new to Outseta.
The API calls will respond with appropriate HTTP status codes for all requests. A 200 OK indicates all went well, while 4XX or 5XX response codes indicate an error from the requesting client or our API servers respectively.
Use "donotlog=1" as part of the querystring on any API call where you don't want to trigger the action performed being logged in the activity log.
Get all API conventions
You can apply filtering by adding additional information on the querystring on the methods that retrieve all the entities in a domain (e.g., Get all accounts, Get all people). The conventions are as follows:
Filtering
Partial Response
By default, requests will return all fields from the requested object and its child objects. If you want to return fields from deeper in the object graph, you will have to explicitly request them via the fields
parameter.
Pagination
If your request includes fields from a child object you will be limited to retrieving 25 items in a single request. The maximum number of results returned in requests not requesting child object fields is 100 items.
Sorting
Acceptable use
Requests authorized by an API Key should not exceed 4 requests/second.
Support
For help regarding the Outseta API please email