Skip to main content

Auth

Once you got your API Key, you can use it for interact with our API.

Basic usage of the API key

By using the API key, you can use the API as if you were navigating through the web app.

Example request to fetch the API Key owner TimeTime profile:

GET https://api.timetime.in/v1/me
Authorization: Bearer tt1.ac507ef948a04fakeApiKey5304fa7b4abd936d8e2add1

Using the API Key to "impersonate" other user's (for enterprise customers)

Requires the API key owner to be a tenant ADMIN (creating your own tenant)

As TimeTime is a multi-tenant API, you can use the API "on behalf" any of your users. To do so, you need to append use any of the following special headers.

X-TT-Impersonated-User-Id

GET https://api.timetime.in/v1/me
Authorization: Bearer tt1.ac507ef948a04fakeApiKey5304fa7b4abd936d8e2add1
X-TT-Impersonated-User-Id: e003eabc-cd21-496b-afaf-275a2477681c

Assuming the TimeTime user exist for that User-Id, this request will return the profile of that user. This header can be used with any endpoint of our API.

X-TT-Impersonated-External-User-Id

If your tenant users were created by specifiying an "externalId", you benefit from it to interact with the TimeTime API, simplifying the logic on your side as you don't need to know which id TimeTime assigned in its system.

GET https://api.timetime.in/v1/me
Authorization: Bearer tt1.ac507ef948a04fakeApiKey5304fa7b4abd936d8e2add1
X-TT-Impersonated-External-User-Id: 123