Welcome to the API reference for the OneLink platform. The API surface is largely inherited from the upstream base product, but should be read in the context of the OneLink product, architecture, and domain direction. The platform currently exposes three main API categories:
  • Application APIs – For account-level automation and agent-facing integrations
  • Client APIs – For building custom chat interfaces for end-users
  • Platform APIs – For managing and administering installations at scale

Application APIs

Application APIs are designed for interacting with an account from an agent/admin perspective. Use them to build internal tools, automate workflows, or perform bulk operations like data import/export.
  • Authentication: Requires a user access_token, which can be generated from Profile Settings after logging into your OneLink account.
  • Availability: Supported for the application surface used by the fork.
  • Example: Google Cloud Functions Demo

Client APIs

Client APIs are intended for building custom messaging experiences over the communication layer. If you’re not using the native website widget or want to embed chat in your mobile app, these APIs are the way to go.
  • Authentication: Uses inbox_identifier (from Settings → Configuration in API inboxes) and contact_identifier (returned when creating a contact).
  • Availability: Supported on the client-facing surfaces exposed by the fork.
  • Examples:

Platform APIs

Platform APIs are used to manage installations at the admin level. These APIs allow you to control users, roles, and accounts, or sync data from external authentication systems.
Note: Platform APIs cannot access accounts or users created via the product UI, or by other API keys. They can only access accounts, users, and other objects created by the specific platform API key used for authentication, or objects explicitly permitted to that API key.
  • Authentication: Requires an access_token generated by a Platform App, which can be created in the Super Admin Console.
  • Availability: Available where the fork exposes platform administration features.
Use the right API category for your use case, and pair it with the OneLink development and architecture docs when behavior diverges from upstream assumptions.

FAQ

Why do I get a 401 ‘Non permissible resource’ error when using Platform API tokens?

Platform APIs cannot access accounts or users created via the product UI, or by other API keys. They can only access accounts, users, and other objects created by the same API key, or objects explicitly permitted to that API key. If you need to grant a Platform App access to an object (such as an Account) that it did not create, you can manually add the permission using the following command in a Rails console (replace the numbers with the correct IDs): 
PlatformAppPermissible.create!(platform_app: PlatformApp.find(1), permissible: Account.find(1))

What should I do if the API documentation appears outdated?

If you encounter discrepancies between the API documentation and actual API behavior, inspect the actual requests made by the OneLink UI through your browser’s developer console Network tab to see the exact request format and payload structure that works with the current API, then replicate the same request structure in your integration. Update the OneLink docs whenever product behavior or API usage intentionally diverges from the inherited upstream assumptions.