Documentation Index
Fetch the complete documentation index at: https://jobticket-docs.ticket-plus.app/llms.txt
Use this file to discover all available pages before exploring further.
Overview
The JobTicket+ Developer Portal gives you a self-service interface to manage everything you need to integrate with the JobTicket B2B API — API keys, permissions, webhooks, and delivery logs.Production Portal
Access the live production developer dashboard
Staging Portal
Access the staging developer dashboard for testing
| Card | What it shows |
|---|---|
| API Status | Whether API access is ENABLED or disabled for your account |
| Active API Keys | Number of currently enabled keys |
| Disabled API Keys | Number of keys that exist but are disabled |
| Total Webhooks | Number of webhook endpoints registered |
Authentication
Every API request uses HTTP Basic Auth. The credentials come from an API key you create in the portal:| Basic Auth field | Value |
|---|---|
| Username | API Key ID (e.g. f1b24afa-39c6-4cc2-b545-cfab6b687f6e) |
| Password | API Key Secret (revealed via View API Key Secret in the ⋯ menu) |
Most HTTP clients (e.g.
curl -u, Axios auth, Python requests auth=)
handle the Base64 encoding automatically when you supply a username and
password separately.API Keys
Permissions
Each API key carries a set of permissions that control which endpoints it can call. The portal shows the count (e.g. 5 Permissions) on the key list. Click the count to see the full list assigned to that key. Available permissions and what they unlock:| Permission | Description | Endpoints covered |
|---|---|---|
View Employees (view-employees) | Allows the API key to view the list of employees, their details, and their documents within the company. | List Employees, Get Employee, List Documents, Get Document, Get Employee Documents |
Add New Employees (add-employees) | Enables the API key to add new employees to the company, including setting up their roles and permissions. | Used internally during HR sync |
Update Existing Employee Details (update-employees) | Allows modification of existing employee details such as role, department, and contact information. | Used internally during HR sync |
Remove Existing Employees From Company (remove-employees) | Grants permission to remove employees from the company and deactivate their accounts. | Used internally during HR sync |
View HR Integrations (view-hr-integrations) | View HR integration connections and settings. | List HR Integrations, Get HR Integration |
403 Forbidden.
Creating an API Key
Open API Keys
In the left navigation click API Keys, then click + Add New Api Key in the top-right corner.
Enter a description
Type a descriptive label in the API Key Description field (e.g.
Production – Payroll System) and click Create API Key.Copy your credentials
After creation, click the ⋯ menu on the key row and select View API Key Secret to reveal the secret. Copy the API Key ID and API Key Secret and store them in a secret manager.
Managing API Keys
Click the ⋯ menu on any key row to access:| Action | What it does |
|---|---|
| View API Key Secret | Reveals the current secret (requires confirmation) |
| Update API Key permissions | Opens a permissions editor to add or remove scopes |
| Rotate API Key Secret | Generates a new secret and immediately invalidates the old one |
| Disable API Key | Revokes API access without deleting the key — can be re-enabled later |
Webhooks
Webhooks let JobTicket+ push real-time events to your server so you don’t need to poll the API. When a subscribed event occurs, JobTicket+ makes an HTTPPOST to your endpoint with a signed JSON payload.
See Webhooks for the full payload schemas and signature verification guide.
Creating a Webhook
Fill in the form
| Field | Description |
|---|---|
| Webhook Description | A friendly label (required) |
| Webhook URL | The HTTPS URL JobTicket+ should POST to |
| Event Types | Check one or more events to subscribe to |
| Event | Fires when… |
|---|---|
employee-subscription-changed | An employee’s subscription status or dates change |
new-employee-document-generated | A new document is generated for an employee |
Managing Webhooks
Click the ⋯ menu on any webhook row:| Action | What it does |
|---|---|
| View Webhook Logs | Navigate to filtered delivery logs for this webhook |
| View Webhook Signing Secrets | Reveal the two signing secrets used to verify payloads |
| Update Webhook | Change the URL, description, or subscribed events |
| Rotate First Webhook Signing Secret | Generates a new first secret; old one is immediately invalid |
| Rotate Second Webhook Signing Secret | Generates a new second secret; old one is immediately invalid |
| Delete Webhook | Permanently removes the webhook and stops all deliveries |
Two signing secrets exist to support zero-downtime rotation. Both are
valid simultaneously — rotate one while the other keeps requests flowing, then
retire the old one. See Verifying
Signatures for details.
Webhook Logs
The Webhook Logs section records every delivery attempt. Each row shows:| Column | Description |
|---|---|
| Webhook Log ID | Unique ID of the delivery attempt |
| Event ID | ID of the event that triggered the delivery |
| URL | The endpoint JobTicket+ posted to |
| Event Type | The event type label |
| Status Code | HTTP status returned by your server |
| Logged At | Timestamp of the delivery attempt |
X-Signing-Signature header value, and your server’s response body. This is your primary debugging tool when a delivery fails or produces an unexpected response.