This section provides pointers and solutions to common problems developers face when building Apps

 Stay on track with our changelog

If you want to be notified when our team plan/release some new technical features or if you use our API and you want to make sure our new feature won't break your code, we advise you to subscribe to the changelog channel.
Debug Mode

You can call our API with in a debug mode by adding X-Debug-Boondmanager with a value set to true. This will force our API to raise as an error any inconsistency in your API call that otherwise would have been ignored.

Trouble activating BasicAuth and x-jwt-client-token

Sometimes when trying to activate BasicAuth and x-jwt-client-token for an administrator, you can get an error complaining about a missing email. This is caused by the fact that the login used for the account is not a valid email address.

To be able to use BasicAuth and x-jwt-client-token as an administrator the login used has to be a valid email address.

Url  Rewriting

A common hurdle that some developers face when building an App for the first time is setting up Url rewriting rules on their servers. Here is a link to the help section of the most common web servers:

Authentication token

Invalid tokens

If you have trouble generating a valid token i-e your HTTP request are answered by a 401, please check this page and try using our PHP code to test your generation algorithm.

Using X-Jwt-Client-Boondmanager

To be able to use the X-Jwt-Client-Boondmanager, you have to enable the option "Autoriser l'appel aux API Rest via l'authentification BasicAuth ...".

Sometimes one of the options just below is checked. This enforces a rule that can prevent you from enabling the Basic Auth option. If this happens, please, only enable the Basic Auth option.

HTTP errors


Usually caused by incorrect credentials or an invalid generated token.


Caused when trying to access an existing but INACTIVE APIs. That means they are still not open to our clients. This should not happen as these APIs are not listed anymore in our API documentation.

Some APIs are only accessible in God mode.


Caused when trying to access or change data without enough rights.


Usually caused when sending a wrong request to an existing API (ex: instead of using /deliveries/6 you are using /deliveries?id=6)

Testing our APIs

The easiest way to test our API is:

  • To enable Basic Auth from its settings for a manager with enough rights.
  • Use BoondManager in your browser with the console open and check how we request our API.
  • Try some simple GET requests.


God mode

This mode is used to bypass the limitations enforced by the rights of the user identified by the userToken. Some APIs are restricted and can only be accessible in this mode. Currently, these are the endpoints in this case:

  • /contracts
  • /advantages


Some endpoints from the documents API use a specific id pattern. For example

  • Deleting a document of id XX and of type proof is done by calling a DELETE method on ..../api/documents/XX_proof.
  • To download a document added to an action, you can call .../api/documents/XX_document

Please reach out if you have need more information.

Survey: retrieving the questions answered

To retrieve the questions that an employee answered, you can request the timesreports API to get all his/her time-sheets then request the questions he/she answered using the enquiries API.

To use the enquiries API, you need to request  /enquiries/{id} where id is built like this: timesreport_XX where XX is the id of the time-sheet.

Limitations of database requests via API

There are api endpoints that can only be accessed using a Administrator account i-e you will need to create an access token for a manager with an Admin access.

You can read you entire database using this end-point. However, there are limitations placed on the MySQL requests that can be run on our database:

  • Only read requests are allowed.

  • Requests are also restricted to named fields.

  • The request's size is limited to a maximum of 15 000 characters.

  • A maximum of 15 JOIN statements (INNER, LEFT & RIGHT) per request

  • A maximum of 2 nested request per request

  • A LIMIT statement is mandatory at the end of each request allowing the retrieval of a maximum of 300 results PER PAGE.


We hope that this tutorial has been of any help and we invite you to let us know by voting in the dedicated section below.

If you still have other questions, feel free to get in touch with our Support team :

Reach out to our support team

Tel : (+33) 03 62 27 61 05


Was this article helpful?
0 out of 1 found this helpful



Article is closed for comments.