1. Arcoro
  2. General Arcoro Resources
  3. General Resources

Module Navigation

Understanding the Arcoro API

Avatar
David N

The Arcoro API offers an additional method for organizations to read and/or write their company data with options such as:

  • RESTful API - Gives users direct, programmatic access to their Arcoro data. It covers employee demographics and company reference data today, and will expand across all Arcoro modules over time.
  • OData API - Offers users read-only access for analytics and reporting.

Table of Contents

API Guide

You can refer to our dedicated page that covers the functionality, use of the Arcoro API, data endpoints, and access to the API Portal.

While the resources for the Arcoro API are freely available, a login is required to access the API Portal to manage your API key(s). If you do not have access to the API Portal, contact Arcoro support to request access.

Summary of Features

The information listed below is just a summary of the Arcoro API features and capabilities. Refer to our dedicated resource page for the full details of the Arcoro API.

API Infrastructure

The API is hosted through a dedicated, secure gateway providing:

  • Security — Encrypted with TLS 1.2+
  • API key authentication — Strong keys validated through a dedicated login flow
  • Per-key security controls — Each API key can be assigned as read-only or read-write.
  • Request/response logging — Full HTTP request and response bodies are captured for every API call, with automatic redaction of sensitive fields (e.g., SSNs)
  • Rate limiting — Configurable request throttling
  • Multi-tenant isolation — Each API request is scoped to the authenticated company's data

Self-Service API Management

  • Dashboard — KPI cards (total requests, success rates, failures), usage-over-time chart, success/failure breakdown, and top 3 most-used endpoints. Configurable for 7, 30, or 90-day timeframes.
  • API Keys — Create, view (masked), and delete API keys. Each key is named and assigned to security groups at creation. The full key is shown only once at creation time.
    • Support for unlimited API keys per company
    • Immediate invalidation of revoked keys
  • Request History — Searchable, filterable log of all API requests showing timestamp, request method/path, status code, response time, requestor, and IP address.

Sandbox

  • API users can request access to a sandbox environment populated with sample data. A sandbox offers a safe place to test API calls without affecting your production data.
  • The sandbox will not contain the company's actual data.
Was this article helpful?
0 out of 0 found this helpful

Articles in this section

See more