API Reference
The One Stack exposes RESTful APIs for each product in the platform. All APIs accept and return JSON, use standard HTTP methods, and follow consistent patterns for authentication, error handling, and pagination.
Base URLs
Each product has its own API base URL following the pattern:
https://{product}-api.azurewebsites.net/api/
| Product | Base URL |
|---|---|
| PSA | https://theonepsa-api.azurewebsites.net/api/ |
| CRM | https://theonecrm-api.azurewebsites.net/api/ |
| Books | https://theonebooks-api.azurewebsites.net/api/ |
| RMM | https://theonermm-api.azurewebsites.net/api/ |
| Security | https://theonesecurity-api.azurewebsites.net/api/ |
| Defend | https://theonedefend-api.azurewebsites.net/api/ |
| Voice | https://theonevoice-api.azurewebsites.net/api/ |
| Portal | https://theoneportal-api.azurewebsites.net/api/ |
| Backups | https://theonebackups-api.azurewebsites.net/api/ |
| On-Call | https://theoneoncall-api.azurewebsites.net/api/ |
| Relay | https://theonerelay-api.azurewebsites.net/api/ |
| Fleet | https://theonefleet-api.azurewebsites.net/api/ |
| CMDB | https://theonecmdb-api.azurewebsites.net/api/ |
| Projects | https://theoneprojects-api.azurewebsites.net/api/ |
| People | https://theonepeople-api.azurewebsites.net/api/ |
| Mission | https://theonemission-api.azurewebsites.net/api/ |
| Legal | https://theonelegal-api.azurewebsites.net/api/ |
| Brand | https://theonebrand-api.azurewebsites.net/api/ |
| Code | https://theonecode-api.azurewebsites.net/api/ |
| Agents | https://theoneagents-api.azurewebsites.net/api/ |
| Hub | https://ops-center-api.azurewebsites.net/api/ |
Authentication
The One Stack supports three authentication methods:
- Hub SSO Session -- Automatic for logged-in users of the Hub web application. No extra configuration needed.
- API Keys -- For server-to-server integrations. Pass your key in the
X-Integration-Keyheader. Generate keys in Hub > Settings > API Keys. - Client Portal Tokens -- JWT tokens issued during client portal sessions. Provides access to a limited set of endpoints scoped to the portal client.
See Authentication for full details and code examples.
Rate Limiting
All APIs enforce a rate limit of 100 requests per minute per tenant. When exceeded, the API returns HTTP 429 Too Many Requests with a Retry-After header indicating how many seconds to wait.
See Rate Limits for best practices.
Common Patterns
Pagination
List endpoints support cursor-based pagination:
GET /api/tickets?limit=25&continuationToken=eyJpZCI6...
{
"items": [...],
"continuationToken": "eyJpZCI6...",
"hasMore": true
}
Filtering
Most list endpoints accept query parameters for filtering:
GET /api/tickets?status=open&priority=high&[email protected]
Sorting
Use the orderBy parameter with optional direction:
GET /api/tickets?orderBy=createdAt&orderDirection=desc
Products with API Access
All products listed in the Base URLs table above expose public APIs. The following sections provide detailed endpoint documentation:
- PSA API -- Tickets, time entries, projects, SLAs, service catalog
- CRM API -- Companies, contacts, deals, pipelines, activities
- Books API -- Invoices, payments, chart of accounts, journal entries
- RMM API -- Devices, agents, scripts, policies, patch management
- Security API -- Alerts, incidents, scans, vulnerabilities, MITRE mappings
Additional endpoint documentation for other products is being added continuously.