Supplier API Tech Specs

Credential Management

The Gateway API supports both individual supplier and group access types. Group API credentials provide access across all supplier profiles associated with a single Gateway subscription, eliminating the need for separate credentials and repeated API calls for each individual record.

As a Supplier user with API Admin and/or Group API Admin permissions, navigate to the API Management page in Magnit VMS to generate credentials. These credentials include a Client Key, Client Secret, Credential Key, and x-api-key header. If you are working with an ATS or middleware partner, provide them with all four components. Important: Copy the values before saving, as they will be masked and require a verification code to view again.

Credentials are valid for 180 days and upcoming expiration email notifications are sent. When new credentials are generated, existing credentials (if valid for more than one week) will remain active for five days to allow testing and validation before full transition. This structured overlap ensures uninterrupted connectivity while supporting secure credential rotation best practices.

Rate Limiting and Pagination

Verbs

Supported verbs are POST, GET and PATCH.

Error Response

Error response uses "Content-Type" as "application/problem" and JSON format.
2XX status codes are used for successful request processing.
4XX HTTP status codes are used for client errors with a specific resource.
500 HTTP status code is used for server errors.

Unknown Attributes
Any unrecognized parameters or attributes in the request are disregarded during processing.

Rate Limiting
We currently apply a rate limit of 1 request per second. If this limit is exceeded, the IP will be temporarily blocked for one second. Additional daily rate limits (UTC time zone) are enforced based on the subscription model chosen:

Core: 500 calls/day

Professional: 4,000 calls/day

Enterprise: 10,000 calls/day

Pagination

Pagination is managed through “offset” and “limit” query string parameters, with the default value for offset set to 0 and limit set to 500. The maximum limit is set to 1,000. If a request specifies a size greater than this limit, the maximum value will be applied instead.
These parameters are case-sensitive and must be lowercase.
The response includes a “next” value, which provides the URL for the next page of results.
The “totalRecords” field indicates the total number of records without pagination.
Smart Page-Size Auto-Adjustment To prevent payload errors and system timeouts, the API now automatically reduces the number of records returned if a response is projected to exceed maximum size limits. Instead of failing, the API will return a successful, slightly smaller batch of records alongside updated limit and offset values.
What this means for you: Your integration should rely on the ‘next’ pagination link provided in the response payload to seamlessly fetch the remaining records, rather than assuming a static page size.

Sample Pagination URL: https://{baseurl}/staffingrequests?offset=0&limit=750