PLEASE READ: All REST API endpoints must be in lower-case letters. Upper-case letters may cause latency or failure.

Quik! strives to make all of it's various functions and features available via the REST protocol. To use Quik!'s REST API's you'll need to be comfortable with the REST protocol and OAuth2 Tokens. To use the REST API's you'll first call the REST Authentication Service to generate an OAuth2 Token and then the appropriate REST Resource Service.

NOTE: Since Quik! was initially built upon SOAP APIs, not all APIs are available via REST yet. Please review the SOAP documentation for the service you're looking for if you don't see it in the REST API list.

Using Quik! REST API's

Inline Documentation

All REST services have an inline documentation tool called "Swagger" to make it easy to view and test the services. Each service's parameters are well documented and accessible by adding "/swagger" to any REST end point (excluding the end-points parameters). Using Swagger you can login to create an OAuth2 token and then test the service (the OAuth token is managed in the background).

A REST endpoint displayed with Swagger will show the available commands and their details. The screenshot below shows an example with two methods that can be used (Fields and Forms). At the top of the page is the end point URL and the credential inputs to perform an OAuth Login.

By clicking on the name of a service method (e.g. Forms) the details for that method are displayed. Once you've done an OAuth login you can run the service with parameters.

Service parameters are listed in the Parameters section and indicate their requirements.

REST Authentication

All of Quik!'s REST API's rely upon an OAuth2 Token authentication methodology. Each call to a Quik! resource will require a valid, unexpired OAuth2 Token that must be passed in the Authentication Header of the resource's request.

Header Key: Authorization

Header Value: Bearer {{Quik! OAuth Token}} (For example, "Bearer cSEKkmV3bGGpYjfGDlQ87DI37HtI5YYMg...")

You may be able to use a single token multiple times across different service depending on the duration of the token and whether it can be regenerated. In case a request to any of our APIs returns a 401 Unauthorized error, then it means that the Quik! OAuth token expired or is invalid, so a new one must be generated.

NOTE: Tokens expire after 30 minutes.

How to Get a Quik! OAuth Token

In order to get a token, it's as simple as making the following POST request:

REST Authentication Server Endpoint - https://websvcs.quikforms.com/rest_authentication/token

Http Method - POST

Content-Type - application/x-www-form-urlencoded

Body - grant_type=password&username={{Quik! Username}}&password={{Quik! Password}}

As you can see above, a token request requires your Quik! username and password.

Note: Only a customer's Master Credentials are to be used when calling Quik! APIs (not end-user credentials)

Response Example

{
"access_token": "gfD4QVol1ZF8EDBEyZG...",
"token_type": "bearer",
"expires_in": 86399,
"refresh_token": "VbIW0Iip4jokW4..."
}

Note: The "access_token" property of the response (Json) is what needs to be placed in the Authorization Header of any Quik! API Request (as Bearer).

To refresh a token pass the Refresh Token that was generated when the original token was created. Not all services will allow for token refreshes.

Token Request or Refresh: https://websvcs.quikforms.com/rest_authentication/token

Browser not supported