Getting Started
TrackTik's API is offered as a paid-monthly cloud service, but reciprocal partnership agreements without a separate cost are also available. Once access is gained, usage of the API is not limited except by some technical maximums defined to protect your experience and service availability.
To request access, you should reach out to your TrackTik Customer Success Manager/Executive (CSM) and they will help make arrangements. This will lead to you to a quick consultation with our Developer Relations team about the level of access you need, and an API Service Account will be created for you so you can begin innovating and integrating.
If you're not already a TrackTik customer through its Guarding Suite, Shifts or Guard Tour applications and would like to become one, you can use our Contact Us page to begin your journey.
Staging Environments
API Service Accounts that are read-only don't require a staging environment because they're only pulling data from TrackTik into another system non-destructiveness.
But for integration scopes that involve editing or creating new records in TrackTik portals, you should ask your CSM for a Staging Environment, so that you can have a proper development environment to stage and test the solution before deployment to production. This staging environment will have its own domain name and copy of the database from the destination production environment so that you don't have to set up any test data.
NB: Once you have API credentials for a staging environment, any additional database refresh requests that you make will be a full database copy, and the API credentials will be lost. You'll have to request new credentials. But, if you've already had a deployment to production and have API credentials there, then those will be copied to the staging environment and you can authenticate in staging as you would production.
API Service Account
A TrackTik API Service Account is a set of credentials for authentication and role permissions for access control to the data you intend to fetch or create within the TrackTik ecosystem. These are divided like so (green bolded items are data you will use when authenticating and obtaining an Access Token):
OAuth 2 Credentials and Scope
- Client ID
- Client Secret
- Scope is configured for you in a Client Record (defines which API endpoints and actions are available)
- A URL for requesting Access Tokens
Employee Record, Role and Role Permissions
- An Employee record is created with generated username and password
- The Employee is assigned a Role
- The Role is assigned permissions
NB: The OAuth 2 scope and Employee Role/Permissions will be matched so that the entities, their actions and all their data contexts you need are made available. This helps to protect the integrity of your production data and prevents permissions escalation in case your API or Employee credentials become compromised.
Authenticating (Postman - OAuth 2 Password Flow)
NB: Our OAuth 2 access tokens are set to expire after 60 minutes.
NB: Do no provide any values for "scope" since we will have that already configured internally via an OAuth 2 Client Record.
Authenticating (PHP - OAuth 2 Password Flow)
<?php
$portal = 'https://<domain>/rest/oauth2/access_token';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $portal);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_POSTFIELDS, array(
'client_id' => "d6543cb8...",
'client_secret' => "bdc6ed2e...",
'username' => "username",
'password' => "smart password that isn't 12345",
'grant_type' => 'password'
));
$data = curl_exec($ch);
$auth_string = json_decode($data, true);
$access_token = $auth_string["access_token"];
$refresh_token = $auth_string["refresh_token"];
curl_close($ch);
?>