Jim's Group Public API: production

Getting Started with Jim's Public REST API

Welcome to the Jim’s Public REST API — your gateway to building secure, flexible, and powerful integrations with Jim’s platform.

This guide walks you through the authentication and authorization process required to make successful requests to our API.

Authentication

All requests to Jim’s Public REST API must be authenticated using a Bearer Token.

What is a Bearer Token?

A Bearer Token is a secure, time-limited string issued by Jim’s authorization server. It must be included in the header of every API request to verify your identity.

To see how to make requests, visit the live documentation

Never share your Bearer Token publicly or include it in client-side code.

Authorization

In addition to authentication, access is authorized at two levels: by route and by host.

1. Route-Based Authorization

You are only permitted to call specific endpoints that your API key has been granted access to. Unauthorized routes will return a 403 Forbidden error.

Each token is bound to:

  • A defined set of API routes
  • A defined access scope (e.g., read-only, write)

2. Host-Level Whitelisting

Jim's API also enforces host/domain restrictions as an added security measure. Only requests from whitelisted domains or IP addresses will be accepted.

How Host Whitelisting Works

  • Register your application’s IPs or domains when setting up.
  • Requests from unregistered hosts will return 403 Forbidden.

Getting Your Access Token

  1. Log in to the Jim Developer Portal
  2. Register your application and define:
    • Authorized routes
    • Allowed hosts (domains or IPs)
  3. Generate your API key/token securely
  4. Store it safely and use it in your Authorization headers

Testing & Environments

Jim’s API supports both sandbox and production environments. Use the correct base URL for your environment:

Environment Base URL
Sandbox https://sandbox.api.jims.net
Production https://api.jims.net

Common Error Codes

Status Code Description
401 Unauthorized – token missing or invalid
403 Forbidden – not allowed to access route or host
404 Not Found – invalid endpoint
500 Internal Server Error – try again later

Ready to get started?

To get your token, please contact infotech@jims.net, with details of what you would like to do with the API, the routes you need access to, and the domains and IP addresses you need whitelisted.

Need Help?

If you need help configuring access or are encountering unexpected errors, contact infotech@jims.net, or refer to the live documentation.