Auth
Once you got your API Key, you can use it for interact with our API.
Basic usage of the API key
By using the API key, you can use the API as if you were navigating through the web app.
Example request to fetch the API Key owner TimeTime profile:
GET https://api.timetime.in/v1/me
Authorization: Bearer tt1.ac507ef948a04fakeApiKey5304fa7b4abd936d8e2add1
Using the API Key to "impersonate" other user's (for enterprise customers)
Requires the API key owner to be a tenant ADMIN (creating your own tenant)
As TimeTime is a multi-tenant API, you can use the API "on behalf" any of your users. To do so, you need to append use any of the following special headers.
X-TT-Impersonated-User-Id
GET https://api.timetime.in/v1/me
Authorization: Bearer tt1.ac507ef948a04fakeApiKey5304fa7b4abd936d8e2add1
X-TT-Impersonated-User-Id: e003eabc-cd21-496b-afaf-275a2477681c
Assuming the TimeTime user exist for that User-Id, this request will return the profile of that user. This header can be used with any endpoint of our API.
X-TT-Impersonated-External-User-Id
If your tenant users were created by specifiying an "externalId", you benefit from it to interact with the TimeTime API, simplifying the logic on your side as you don't need to know which id TimeTime assigned in its system.
GET https://api.timetime.in/v1/me
Authorization: Bearer tt1.ac507ef948a04fakeApiKey5304fa7b4abd936d8e2add1
X-TT-Impersonated-External-User-Id: 123