API Overview
Our Web API provides client applications with fast and reliable access to Yuvo data.
About the Web API
Through the Yuvo Web API your applications can create and manage Yuvo content. The base address
of the API is https://api.yuvohub.com/. There are several endpoints at that address, each with its own unique path.
To access private data through the Web API, such as employee profiles, an application must get
the company admin’s permission to access the data. Authorization is
via the Yuvo OAuth service.
Requests
The Yuvo Web API is based on REST principles: data resources are accessed via standard HTTPS requests in UTF-8 format to an API endpoint. Where possible, the API strives to use appropriate HTTP verbs for each action:
| Verb |
Description |
|---|---|
| GET |
Used for retrieving resources. |
| POST |
Used for creating resources. |
| PUT |
Used for changing/replacing resources or collections. |
| DELETE |
Used for deleting resources. |
Responses
All data is received as a JSON object.
Dates
Dates or timestamps are returned in ISO 8601 format as Coordinated Universal
Time (UTC) with zero offset: YYYY-MM-DDTHH:MM:SSZ.
Pagination
Some endpoints support a way of paging the dataset, taking page
as query parameter:
$ curl "https://api.yuvohub.com/companies?page=1"
Note that page numbering is one-based and that default number of elements returned by page is 10. Requests that return an array of
items are automatically paginated and returns count, next,
previous, which you can make use of to fetch the remaining records.
Response Status Codes
The API uses the following response status codes, as defined in the RFC 6585:
| Status Code | Description |
|---|---|
| 200 | OK - The request has succeeded. The client can read the result of the request in the body and the headers of the response. |
| 201 | Created - The request has been fulfilled and resulted in a new resource being created. |
| 202 | Accepted - The request has been accepted for processing, but the processing has not been completed. |
| 204 | No Content - The request has succeeded but returns no message body. |
| 304 | Not Modified.. |
| 400 | Bad Request - The request could not be understood by the server due to malformed syntax. |
| 401 | Unauthorized - The request requires user authentication or, if the request included authorization credentials, authorization has been refused for those credentials. |
| 403 | Forbidden - The server understood the request, but is refusing to fulfill it. |
| 404 | Not Found - The requested resource could not be found. This error can be due to a temporary or permanent condition. |
| 429 | Too Many Requests - Rate limiting has been applied. |
| 500 | Internal Server Error. You should never receive this error because our clever coders catch them all ... but if you are unlucky enough to get one, please report it to us through a help icon at the bottom right of this page. |
| 502 | Bad Gateway - The server was acting as a gateway or proxy and received an invalid response from the upstream server. |
| 503 | Service Unavailable - The server is currently unable to handle the request due to a temporary condition which will be alleviated after some delay. You can choose to resend the request again. |
Authentication
All requests to the Web API require authentication. This is achieved by sending a valid OAuth access token in the request header. For more information about these authentication methods, see the Web API Authorization Guide. Note that, to access a company’s private information, you need an access token generated by asking a company admin user permission to access the data.