Find answers to the most common questions about FlexiProject API
The API utilizes Bearer Token Authentication to secure endpoints. All requests must be performed over HTTPS to ensure credential security.
To authenticate your session, exchange your account credentials for an access_token by sending a POST request to the token endpoint.
Endpoint: POST /api/user/token
Payload: Valid user credentials (JSON)
Once obtained, the token must be included in the Authorization header for all subsequent API requests. Use the Bearer schema as follows:
GET /api/project
Content-Type: application/json
Authorization: Bearer {{access_token}}
Upon successful verification of the token, the server will process the request. If the token is missing, or is invalid, the API will return a 401 Unauthorized response. If the token is epired or you do not have an access to a given resource, the API will return a 403 Forbidden response.
If you have provided a valid token but the request still fails, ensure you are passing the other mandatory headers. Many endpoints require specific metadata to process the request successfully.
GET /api/project
Content-Type: application/json
Authorization: Bearer {{access_token}}
Origin: https://app.flexi-project.com
Flexi-Project-Selected-Tenant-Id: {{your_tenant_id}}