# Getting started

To get started with the Quinyx REST API, there are a few things you will need to know.

This page covers the **Quinyx API** (`api.quinyx.com` / `api-rc.quinyx.com`). For the per-employee **User API** — which uses a different authentication flow and different base URLs — see the [User API overview](/api/v2/userapi-intro).

## Before you start

You'll need:

- **Integration credentials and a bearer token** — see [Authentication](/api/v2/authentication) for how to obtain them.
- **A way to translate external IDs** — most v2 endpoints take Quinyx internal IDs, so use the [Mapping API](/api/v2/mapping) to convert yours first.
- **The correct environment** — RC for testing, Production for live data. See [Environments](#environments) below.


## Environments

Quinyx provides two environments: **Production** and **Release Candidate (RC)**.

### Production

This is the production (live) environment where your organization's real data is stored and processed. Use this environment for all operational workloads.

- Quinyx Production Web Interface: [https://web.quinyx.com](https://web.quinyx.com)


### Release Candidate (RC)

RC is a customer-facing sandbox environment where you can test integrations against real-world data without affecting your live setup.

- It contains your organization's customer data from Production up until the end of the previous month.
- The data is refreshed on the evening of the 1st of each month, overwriting any changes made in RC.


The monthly copy/overwrite to RC does not affect forecast configurations, data, or variables.

- Quinyx RC Web Interface: [https://web-rc.quinyx.com](https://web-rc.quinyx.com)


## Base URLs by Environment

| Environment | API Base URL |
|  --- | --- |
| Production | `https://api.quinyx.com` |
| RC | `https://api-rc.quinyx.com` |


## Programs for testing

For testing and troubleshooting, we suggest using [Postman](https://www.postman.com/) or any HTTP client of your choice (curl, Insomnia, HTTPie, etc.). Our example queries and responses are from Postman. If in contact with Quinyx, always attach the request and response in `.json` or a similar plaintext format.

Never share API keys or sample requests containing API keys.

## Limitations

The following limitations currently apply:

- You are not allowed to use more than **5 concurrent requests** (e.g. running more than 5 threads simultaneously per unique customer regardless of endpoint).


## TLS

All communication with Quinyx products is encrypted using TLS. To ensure all communication stays secure and your customer data is protected, Quinyx does not support any TLS protocol below version 1.2.

You can use our website [https://check.quinyx.com](https://check.quinyx.com) to verify your browser.

**Ciphers and TLS versions will be applied.**

Quinyx API calls and web: TLS 1.2 with the following ciphers:

```text
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES128-SHA256
ECDHE-RSA-AES128-SHA256
ECDHE-ECDSA-AES128-SHA
ECDHE-RSA-AES128-SHA
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES256-SHA384
ECDHE-RSA-AES256-SHA384
ECDHE-RSA-AES256-SHA
ECDHE-ECDSA-AES256-SHA
```

Quinyx images and assets: TLS 1.2 with the following ciphers:

```text
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-SHA384
AES128-GCM-SHA256
AES256-GCM-SHA384
AES128-SHA256
```

## Next steps

- [Authenticate and obtain a bearer token](/api/v2/authentication).
- Resolve your external IDs to Quinyx internal IDs with the [Mapping API](/api/v2/mapping).
- Working with absences? See the [Absences guide](/api/v2/absences) for workflow, permissions, and validation rules.
- Hitting Forecast errors? See [Forecast troubleshooting](/api/v2/forecast-troubleshooting).
- Browse the [Quinyx API reference](/api/v2/specs/quinyx-public-api-v2) for the full operation catalog.