OneLink currently exposes three major API categories inherited from the upstream API surface and adapted to the product context.
  1. Application APIs
  2. Client APIs
  3. Platform APIs
Ref: API Docs

Application APIs

Application APIs are designed to interact with an account from a user’s perspective. These APIs help with agent-facing integrations, workflow automation, and bulk import/export. To authenticate to this API, you will require a user access_token, which can be obtained from profile_settings after logging into the product account. These APIs are available on the application surfaces exposed by the fork. Ref: Postman Collection

Example Implementations

Client APIs

The client APIs allow users to build custom conversational interfaces over the messaging layer. If you’re not using the native website widget or want to create a custom chat support experience in your mobile app, these APIs are here to help. Client APIs use a combination of inbox_identifier and contact_identifier for authentication. The inbox_identifier can be obtained from the Settings -> Configuration of API inboxes. The contact_identifier can be obtained from the server on successful contact create API requests, which can be cached to perform subsequent requests on behalf of the contact. These APIs are available on the client-facing surfaces exposed by the fork. Ref: Postman Collection

Example Implementations

Platform APIs

The installation admin can use these APIs to manage users, accounts, and roles. These APIs can also be used to sync authentication information from external systems into the product. They are particularly helpful if you plan to build a conversation management interface into your existing software stack.
Note: Platform APIs cannot access accounts or users created via the UI, or by other API keys. They can only access accounts, users, and other objects created by the specific platform API key used for authentication, or objects explicitly permitted to that API key.
To authenticate these APIs, you must have an access_token issued on behalf of a Platform app. You can create a Platform App from Super Admin Console. The access_token can also be obtained from the Access Tokens tab in Super Admin Console. These APIs are available on self-hosted installation-admin surfaces. Ref: Postman Collection

FAQ

Why do I get a 401 ‘Non permissible resource’ error when using Platform API tokens?

Platform APIs cannot access accounts or users created via the UI, or by other API keys. They can only access accounts, users, and other objects created by the same API key, or objects explicitly permitted to that API key. If you need to grant a Platform App access to an object (such as an Account) that it did not create, you can manually add the permission using the following command in a Rails console (replace the numbers with the correct IDs): 
PlatformAppPermissible.create!(platform_app: PlatformApp.find(1), permissible: Account.find(1))

What should I do if the API documentation appears outdated?

If you encounter discrepancies between the API documentation and actual API behavior, inspect the actual requests made by the current product UI through your browser’s developer console Network tab to see the exact request format and payload structure that works with the current implementation, then replicate the same request structure in your integration. Update the OneLink docs when API usage intentionally diverges from inherited upstream assumptions.