Skip to content
ThreadSync
Request Demo

REST Integration APIs

RESTful APIs for building custom integrations, automating workflows, and extending the ThreadSync platform with your own business logic.

Authentication

All API requests require authentication using OAuth 2.0 bearer tokens. Tokens are obtained by exchanging your client credentials for an access token.

Obtaining an Access Token

POST https://api.threadsync.io/v1/auth/token Content-Type: application/json { "client_id": "your_client_id", "client_secret": "your_client_secret", "grant_type": "client_credentials" }

Using the Token

Include the access token in the Authorization header of all API requests:

Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...

🔐 Token Lifetime

Access tokens expire after 1 hour. Use the refresh token flow for long-running processes, or request a new token before expiration.

Base URL

All API endpoints use the following base URL:

https://api.threadsync.io/v1

The API uses HTTPS exclusively. HTTP requests will be rejected. All responses are JSON-encoded with Content-Type: application/json.

Rate Limits

API requests are rate-limited to ensure fair usage and platform stability:

PlanRequests/MinuteRequests/DayBurst
Developer6010,000100
Professional300100,000500
Enterprise1,000Unlimited2,000

Rate limit headers are included in all responses:

X-RateLimit-Limit: 300 X-RateLimit-Remaining: 287 X-RateLimit-Reset: 1707523200

Connections API

Manage connections to external systems. Connections store credentials and configuration for each integrated system.

GET /connections

List all connections in your organization.

POST /connections

Create a new connection to an external system.

Request Body

ParameterTypeDescription
provider requiredstringThe system to connect (e.g., "salesforce", "sap", "workday")
name requiredstringA friendly name for this connection
configobjectProvider-specific configuration options
credentials requiredobjectAuthentication credentials for the provider

Example: Create Salesforce Connection

POST /connections { "provider": "salesforce", "name": "Production Salesforce", "config": { "sandbox": false, "api_version": "v58.0" }, "credentials": { "oauth_flow": "jwt_bearer", "consumer_key": "3MVG9...", "private_key_id": "key_abc123" } }
GET /connections/{id}

Retrieve a specific connection by ID.

PUT /connections/{id}

Update connection configuration or credentials.

DELETE /connections/{id}

Delete a connection. Active syncs using this connection will be stopped.

Syncs API

Configure and manage data synchronization between connected systems.

POST /syncs

Create a new sync configuration.

Request Body

ParameterTypeDescription
name requiredstringFriendly name for this sync
source requiredobjectSource connection and object configuration
destination requiredobjectDestination connection and object configuration
schedulestring"realtime", "hourly", "daily", or cron expression
field_mappingsarrayCustom field mapping rules
filtersarrayFilter conditions for source records

Example: Real-time Contact Sync

POST /syncs { "name": "SF Contacts to Snowflake", "source": { "connection_id": "conn_sf123", "object": "Contact" }, "destination": { "connection_id": "conn_snow456", "table": "raw.contacts" }, "schedule": "realtime", "field_mappings": [ { "source": "Email", "destination": "email_address" }, { "source": "FirstName", "destination": "first_name" } ] }
POST /syncs/{id}/run

Trigger an immediate sync run.

GET /syncs/{id}/runs

List sync run history with status and statistics.

Data Operations API

Perform direct data operations for custom integration logic.

POST /data/{connection_id}/query

Execute a read query against a connected system.

POST /data/{connection_id}/write

Write records to a connected system.

Example: Query Salesforce Accounts

POST /data/conn_sf123/query { "object": "Account", "fields": ["Id", "Name", "Industry", "AnnualRevenue"], "filter": "Industry = 'Technology' AND AnnualRevenue > 1000000", "limit": 100 }

Workflows API

Build automated workflows that orchestrate multiple actions across systems.

POST /workflows

Create a new workflow with triggers and actions.

Example: Lead Routing Workflow

POST /workflows { "name": "Enterprise Lead Routing", "trigger": { "type": "record_created", "connection_id": "conn_sf123", "object": "Lead", "filter": "AnnualRevenue > 5000000" }, "actions": [ { "type": "transform", "config": { "enrich_company_data": true } }, { "type": "write", "connection_id": "conn_hubspot", "object": "Contact" }, { "type": "notify", "channel": "slack", "message": "New enterprise lead: {{Lead.Company}}" } ] }

Webhooks

Receive real-time notifications when events occur in your integrations.

POST /webhooks

Register a webhook endpoint for event notifications.

Webhook Events

EventDescription
sync.completedA sync run completed successfully
sync.failedA sync run encountered an error
connection.health_changedConnection health status changed
workflow.triggeredA workflow was triggered
record.createdA new record was synced
record.updatedA record was updated

Webhook Security

All webhook payloads include an HMAC signature in the X-ThreadSync-Signature header. Verify this signature using your webhook secret:

const crypto = require('crypto'); function verifyWebhook(payload, signature, secret) { const expected = crypto .createHmac('sha256', secret) .update(payload) .digest('hex'); return crypto.timingSafeEqual( Buffer.from(signature), Buffer.from(expected) ); }

Triggers API

Configure event-based triggers for automation.

POST /triggers

Create a new trigger configuration.

Trigger Types

TypeDescription
record_createdFires when a new record is created
record_updatedFires when a record is modified
record_deletedFires when a record is deleted
field_changedFires when a specific field value changes
scheduleFires on a time-based schedule
api_callFires when called via API

Custom Transforms

Apply custom transformation logic to data as it flows between systems.

POST /transforms

Create a custom transform function.

Transform Functions

Transforms are defined using JavaScript or JSONata expressions:

{ "name": "Format Phone Numbers", "type": "javascript", "code": ` module.exports = (record) => { if (record.Phone) { record.Phone = record.Phone.replace(/[^0-9]/g, ''); if (record.Phone.length === 10) { record.Phone = '+1' + record.Phone; } } return record; }; ` }

Extensions API

Extend the platform with custom connectors and logic.

POST /extensions

Register a custom extension.

🔧 Extension SDK

Use our Extension SDK to build custom connectors for systems we don't yet support. See the SDK documentation for details.

Error Handling

The API uses standard HTTP status codes and returns detailed error information in a consistent format.

Error Response Format

{ "error": { "code": "INVALID_REQUEST", "message": "The 'provider' field is required", "details": { "field": "provider", "constraint": "required" }, "request_id": "req_abc123xyz" } }

Common Error Codes

HTTP StatusCodeDescription
400INVALID_REQUESTRequest body or parameters are invalid
401UNAUTHORIZEDMissing or invalid authentication
403FORBIDDENInsufficient permissions for this action
404NOT_FOUNDResource does not exist
429RATE_LIMITEDToo many requests
500INTERNAL_ERRORServer error (contact support)

Ready to Build?

Get your API credentials and start integrating in minutes.

Get API Access

Related Resources

Full API Reference

Complete API documentation with all endpoints, SDKs, and code examples.

Developer Tools

SDKs, webhooks, OpenAPI specs, and developer resources.

Connector Directory

Browse 200+ pre-built connectors for enterprise systems.

Security & Compliance

SOC 2, encryption, RBAC, and enterprise security features.