SOAP Web Services Intro

Updated by Daniel Sjögren

Want more details? Take a look at this video about how to integrate with Quinyx!

Getting started

To get started with Quinyx Web Services, there are a few things you will need to know. Quinyx Web Services is a NuSOAP based collection of web service methods enabling external systems to import and export data to the Quinyx WFM database.

API Documentation

Full documentation can be found here.

Environments

Release Candidate

Release candidate (RC) is our customer environment (Release Candidate) where you as a customer can access your data in a sandbox environment. It will contain your customer data from the production environment up until last month. The data in this environment gets updated on the evening of the 1st of each month and will overwrite all changes made in the RC environment.

Production

This is the production environment which is reached through:

Important information about integrations

We encourage all our customers to make use of our APIs to maintain data and make sure that information is up to date. To ensure the scalability of our APIs while growing our customer and user base, we have restrictions on the usage of our SOAP APIs. These restrictions mean that we are enforcing a limit on concurrent calls per customer to 10. You should expect response code 429 if you happen to exceed this limit, and you are recommended to implement a backoff-retry mechanism to handle the limit. Note that the limit applies to SOAP only. When moving from SOAP to Rest over the following years, any limits will be built into the API. Please make sure to forward this information to the party within your company responsible for integrations.
For input parameters with “boolean” data types, the field must be presented with the xsi “boolean” datatype if true/false is to be used.

Restrictions

  • Concurrent call per customer in Quinyx: 10

For testing and development purposes the Web Services can be accessed via the following URL:

For live application (production) purposes the Web Services can be accessed via the following URL (use only for live transactions):

Opening these links in a web browser allows inspection of the methods.

API key

Most, if not all, of the web service methods require you to provide an API key. The API key is a unique string used to identify which unit the call is made for. A unit is an organizational entity in Quinyx WFM such as a store or restaurant. Some methods allow fetching of data for the whole organization, in which case you are required to provide the main unit’s API key. The main unit is the organization's root unit (first unit), most often set up as the headquarters or central office.

API-Keys are accessible through Account settings -> Integrations API-keys -> selected Unit/Section (main unit API-key is found under the main unit).

API keys are case sensitive and you should treat them as very very sensitive security items.

This is only available to account managers with access to account settings and integration credentials

IP address lockout (Whitelisting)

We recommend organizations to limit from which IP addresses Quinyx Web Services can be accessed for your data in order to import or export data for their units. If you are repeatedly receiving HTTP Error 401 Method not allowed in your testing, please check with your Quinyx application administrator if an IP lockout has been imposed.

Programs for testing

For testing and troubleshooting, we suggest using SoapUI or Postman, our example queries and responses are from SoapUI. If in contact with Quinyx always attach the request and response in .txt or similar format.

Never share API keys or have sample requests containing API keys

TLS

All communication with Quinyx products is encrypted using TLS. To ensure all communication stays secure and your customer-data is protected Quinyx does not support any TLS protocol below version 1.2.

You can use our website https://check.quinyx.com to verify your browser

Ciphers and TLS-versions will be applied.

Quinyx API-Calls and web: TLS 1.2 with the following ciphers:

ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES128-SHA256
ECDHE-RSA-AES128-SHA256
ECDHE-ECDSA-AES128-SHA
ECDHE-RSA-AES128-SHA
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES256-SHA384
ECDHE-RSA-AES256-SHA384
ECDHE-RSA-AES256-SHA
ECDHE-ECDSA-AES256-SHA

Quinyx Images and assets: TLS 1.2 with the following ciphers:

ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-SHA384
AES128-GCM-SHA256
AES256-GCM-SHA384
AES128-SHA256


How Did We Do?