HomeBuildMarketplace integration guides
Guide
ADP Marketplace ESI - Making your first api call using Postman
Published on
Mar 31, 2022 5:50AM
Last modified
Jul 14, 2022 8:22AM
ADP Copyright Information
ADP, the ADP logo, and Always Designing for People are trademarks of ADP, Inc.
Windows is a registered trademark of the Microsoft Corporation.
All other trademarks are the property of their respective owners.
Copyright © 2022 ADP, Inc. ADP Proprietary and Confidential - All Rights Reserved. These materials may not be reproduced in any format without the express written permission of ADP, Inc.
These materials may not be reproduced in any format without the express written permission of ADP, Inc. ADP provides this publication “as is” without warranty of any kind, either expressed or implied, including, but not limited to, the implied warranties of merchantability or fitness for a particular purpose. ADP is not responsible for any technical inaccurancies or typographical errors which may be contained in this publication. Changes are periodically made to the information herein, and such changes will be incorporated in new editions of this publication. ADP may make improvements and/or changes in the product and/or the programes described in this publication.
Published on
Mar 31, 2022 5:50AM
Last modified
Jul 14, 2022 8:22AM
Table of Contents
Chapter 1
Prerequisites

Overview

This guide provides an overview of using Postman to make your first application programming interface (API) call to ADP.

Intended audience

This document is intended for:

  • Architects
  • Developers

Prerequisites

You need to have the following ready before making your first API call:

  • Client ID and Client Secret: If you don't have this information, contact your client representative
  • Certificate
  • Private key

 

These are all a result of the process as described in the ADP Marketplace ESI - Getting started document.

Installing and preparing postman

  1. Install Postman from https://www.getpostman.com/apps

  2. Using the following steps, add your ADP issued .PEM file and your .KEY file (generated as part of the CSR process) into Postman for the domains. You can use the instructions found at https://www.getpostman.com/docs/postman/sending_api_requests/certificates)

    • Click 'Settings'

    • Click Certificates, Add Certificates and select the CRT file (certificate) and KEY file, then click Add.


       

      This step has to repeated for the following Hosts:

      • https://accounts.eu.adp.com

      • https://api.eu.adp.com




       

    • On the Settings page, turn the SSL certificate verification on.


Import the Postman collections 

 


Postman allows you to store a collection of APIs and share them with others. For example, you can find the collection examples used in this document by clicking here. When at the location, download the file and click Import to import the list file.

 

Chapter 2
Making your first call

Requesting a bearer token

Each request to one of ADP's APIs needs to be accompanied by an Authorization header containing a bearer token issued by the ADP Security Token Service. Please verify if you are granted the permission by the IT department to execute the process below.

  1. In Postman, open the token request. To expose the headers, click Headers.

  2. If your POST request is successful, you will receive an HTTP 200 from the server with your token in the body of the response. Copy the access_token value.


     

  3. You will receive an Access Token in response, which is valid for 1 hour. The same can be used to make API calls by adding the following header:

    Authorization: Bearer {accessToken}


Making an API Call with Your Bearer Token

The following sample shows selecting the GET HR - Worker (List) API and making the first call.

  1. Open feature call request.
  2. Paste your bearer token into the Token field and click Send

If your request was successful, you’ll receive an HTTP 200 message from the server within a few records. The following sample shows a response of the GET HR - Worker (List) API request:

Chapter 3
Frequently Encountered Errors and Resolutions

HTTP 401 error when trying to authenticate

Error
An HTTP 401 error is returned from the ADP Security Token Service when you fail to provide valid credentials in the request header or missing/incorrect certificate.

 

 

Resolution
Take the following suggested troubleshooting steps before contacting your ADP Representative for assistance:·

  • Make sure you have base-64 encoded in your Open Authorization 2 (OAuth2) Client ID and client Sscret before sending them to the authorization header
  • Make sure you are including your ADP-issued SSL Certificate in the request.

HTTP 401 error

Error
An HTTP 401 error is returned from APIs other than the ADP Security Token Service when you fail to provide a valid bearer token in the request header.

Resolution
Take the following suggested troubleshooting steps before contacting your ADP Representative for assistance:·

  • Make sure you have added an Authorization header to your request along with the bearer token you fetched from the ADP Security Token Service. The Header ‘WWW- Authenticate’ will provide the value ‘Bearer error=’Invalid request’ when this occurs.
  • Check the body of the response for an “expired token” message. If that message is present in the response, fetching a fresh bearer token and resubmitting your request should resolve the issue

HTTP 403 error

Error
An HTTP 403 error is returned from the server when the bearer token you provided is valid, but you are not authorized to access the resource you have requested

Resolution
First, confirm that you have not made a mistake in the request Uniform Resource Indicator (URI). If there quest URI is correct, contact your ADP Representative to request access to the URI in question.

HTTP 404 error

Error
An HTTP 404 error is returned from the server when the URL you provided is invalid.

Resolution
First, confirm that you have not made a mistake in the requested URL. If the requested URL is correct, contact your ADP Representative.

Chapter 4
Terminology and Acronyms

API

(Application Programming Interface) A system of tools and resources in an operating system created by ADP, enabling developers to create software applications.
CSR

(Certificate Signing Request) Required for accessing ADP APIs and authenticating users with SSO.
OAuth

(Open Authorization) Framework for token-based authentication and authorization for web-based applications.
Private Key

A text file used initially to generate a CSR, and later to secure and verify connections using the certificate created per that request. The client is the owner for this key and the server is not aware of the key.
Public Key

Distributed by the vendor and is included as part of the SSL certificate. It works together with a private key to make sure that data is encrypted, not tampered with, and verified.
SOR

(System of Records) Refers to the ADP HCM solution.
SSL

(Secure Sockets Layer) A global standard security technology that enables encrypted communication between a web browser and a web server.

 

ADP Marketplace ESI - Making your first api call using Postman

Last updated: Jul 14, 2022
SummaryThis guide provides an overview of using Postman to make your first application programming interface (API) call to ADP Marketplace ESI.
Download Guide.Download PDF
Chapter 1
Prerequisites
Chapter 2
Making your first call
Chapter 3
Frequently Encountered Errors and Resolutions
Chapter 4
Terminology and Acronyms
ADP Marketplace
About Marketplace
Apps
Partners
Developers
About ADP
API Reference
Learn
Key concepts
How-to articles
FAQs
Build
Integration by solution
API explorer
Developer libraries
Guides
Support
Status
Help center
ADP and the ADP logo are registered trademarks of ADP, Inc. All other marks are the property of their respective owners.
Copyright © 2022 ADP, Inc.
Terms|Privacy