Getting Started with Exepron API
Learn how to integrate with the Exepron REST API in minutes. This guide will walk you through everything you need to make your first successful API call.
📝 Note: This documentation uses placeholder URLs. Replace
{YOUR_IDENTITY_SERVER} with your Identity Server URL (e.g., identity.yourdomain.com or localhost:44367 for local development) and {YOUR_API_SERVER} with your API Server URL (e.g., api.yourdomain.com or localhost:44395 for local development).
On this page
Prerequisites
Before you begin integrating with the Exepron API, ensure you have the following:
Exepron Account
You need an active Exepron account with administrative privileges. If you don't have one, contact your organization administrator or request a trial account.
API Client Credentials
Register your application in the Exepron Identity Server to obtain a Client ID and Client Secret. See our API Clients guide for detailed instructions.
Development Environment
Set up your preferred programming language and HTTP client. We provide examples in C#, JavaScript, Python, and cURL.
Basic Understanding of REST APIs
Familiarity with HTTP methods (GET, POST, PUT, DELETE) and JSON data format will be helpful.
Quick Start Tutorial
Follow this step-by-step tutorial to make your first API call in under 5 minutes:
1
Register Your Application
Log into the Exepron Identity Server and create a new API client:
- Navigate to
https://{YOUR_IDENTITY_SERVER} - Go to Account → Manage → API Clients
- Click "Create New Client"
- Configure your client:
- Client Name: My API Integration
- Client Type: Confidential (for server-side apps)
- Grant Types: Password (Resource Owner)
- Scopes: api1 (full API access)
- Save and copy your Client ID and Client Secret
Security Note: Store your Client Secret securely. It won't be shown again after you leave this page.
2
Obtain an Access Token
Exchange your client credentials for an access token:
curl -X POST https://{YOUR_IDENTITY_SERVER}/connect/token \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=password" \
-d "username=USER_EMAIL" \
-d "password=USER_PASSWORD" \
-d "client_id=YOUR_CLIENT_ID" \
-d "client_secret=YOUR_CLIENT_SECRET" \
-d "scope=api1"using System.Net.Http;
using IdentityModel.Client;
var client = new HttpClient();
var disco = await client.GetDiscoveryDocumentAsync("https://{YOUR_IDENTITY_SERVER}");
var tokenResponse = await client.RequestPasswordTokenAsync(
new PasswordTokenRequest
{
Address = disco.TokenEndpoint,
ClientId = "YOUR_CLIENT_ID",
ClientSecret = "YOUR_CLIENT_SECRET",
UserName = "USER_EMAIL",
Password = "USER_PASSWORD",
Scope = "api1"
});
var accessToken = tokenResponse.AccessToken;const getAccessToken = async () => {
const params = new URLSearchParams();
params.append('grant_type', 'password');
params.append('username', 'USER_EMAIL');
params.append('password', 'USER_PASSWORD');
params.append('client_id', 'YOUR_CLIENT_ID');
params.append('client_secret', 'YOUR_CLIENT_SECRET');
params.append('scope', 'api1');
const response = await fetch('https://{YOUR_IDENTITY_SERVER}/connect/token', {
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded'
},
body: params
});
const data = await response.json();
return data.access_token;
};Response:
{
"access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjE5...",
"expires_in": 3600,
"token_type": "Bearer",
"scope": "api1"
}3
Make Your First API Call
Use the access token to retrieve your projects:
curl -X GET https://{YOUR_API_SERVER}/api/v1/projects \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Accept: application/json"Success! You've made your first API call.
Your First API Call - Detailed Examples
Here are complete examples for making your first API call in different languages:
C# (.NET Core)
using System;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Threading.Tasks;
using IdentityModel.Client;
using Newtonsoft.Json;
class ExepronApiClient
{
private static readonly HttpClient client = new HttpClient();
static async Task Main()
{
// Step 1: Get Access Token
var tokenEndpoint = "https://{YOUR_IDENTITY_SERVER}/connect/token";
var tokenResponse = await client.RequestPasswordTokenAsync(
new PasswordTokenRequest
{
Address = tokenEndpoint,
ClientId = "YOUR_CLIENT_ID",
ClientSecret = "YOUR_CLIENT_SECRET",
UserName = "USER_EMAIL",
Password = "USER_PASSWORD",
Scope = "api1"
});
if (tokenResponse.IsError)
{
Console.WriteLine($"Error: {tokenResponse.Error}");
return;
}
// Step 2: Call API
client.DefaultRequestHeaders.Authorization =
new AuthenticationHeaderValue("Bearer", tokenResponse.AccessToken);
var apiResponse = await client.GetAsync(
"https://{YOUR_API_SERVER}/api/v1/projects?$top=5"
);
if (apiResponse.IsSuccessStatusCode)
{
var content = await apiResponse.Content.ReadAsStringAsync();
dynamic projects = JsonConvert.DeserializeObject(content);
Console.WriteLine("Your Projects:");
foreach (var project in projects.value)
{
Console.WriteLine($"- {project.name} (Status: {project.status})");
}
}
}
}Node.js (JavaScript)
const axios = require('axios');
const https = require('https');
// Ignore self-signed certificate in development
const agent = new https.Agent({
rejectUnauthorized: false
});
class ExepronApiClient {
constructor(clientId, clientSecret) {
this.clientId = clientId;
this.clientSecret = clientSecret;
this.accessToken = null;
}
async authenticate(username, password) {
const params = new URLSearchParams({
grant_type: 'password',
username: username,
password: password,
client_id: this.clientId,
client_secret: this.clientSecret,
scope: 'api1'
});
try {
const response = await axios.post(
'https://{YOUR_IDENTITY_SERVER}/connect/token',
params,
{
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
httpsAgent: agent
}
);
this.accessToken = response.data.access_token;
console.log('Authentication successful!');
} catch (error) {
console.error('Authentication failed:', error.message);
throw error;
}
}
async getProjects(username, password) {
if (!this.accessToken) {
await this.authenticate(username, password);
}
try {
const response = await axios.get(
'https://{YOUR_API_SERVER}/api/v1/projects?$top=5',
{
headers: {
'Authorization': `Bearer ${this.accessToken}`,
'Accept': 'application/json'
},
httpsAgent: agent
}
);
console.log('Your Projects:');
response.data.value.forEach(project => {
console.log(`- ${project.name} (Status: ${project.status})`);
});
return response.data;
} catch (error) {
console.error('API call failed:', error.message);
throw error;
}
}
}
// Usage
const client = new ExepronApiClient('YOUR_CLIENT_ID', 'YOUR_CLIENT_SECRET');
client.getProjects('user@example.com', 'password123');Python
import requests
import json
from typing import Optional
class ExepronApiClient:
def __init__(self, client_id: str, client_secret: str):
self.client_id = client_id
self.client_secret = client_secret
self.access_token: Optional[str] = None
self.base_url = "https://{YOUR_API_SERVER}/api/v1"
self.auth_url = "https://{YOUR_IDENTITY_SERVER}"
# Disable SSL verification for development (remove in production)
self.session = requests.Session()
self.session.verify = False
def authenticate(self, username: str, password: str) -> str:
"""Obtain access token using password flow"""
token_url = f"{self.auth_url}/connect/token"
data = {
'grant_type': 'password',
'username': username,
'password': password,
'client_id': self.client_id,
'client_secret': self.client_secret,
'scope': 'api1'
}
response = self.session.post(token_url, data=data)
response.raise_for_status()
token_data = response.json()
self.access_token = token_data['access_token']
print("Authentication successful!")
return self.access_token
def get_projects(self, username: str, password: str, top: int = 5) -> dict:
"""Retrieve projects from the API"""
if not self.access_token:
self.authenticate(username, password)
headers = {
'Authorization': f'Bearer {self.access_token}',
'Accept': 'application/json'
}
url = f"{self.base_url}/projects?$top={top}"
response = self.session.get(url, headers=headers)
response.raise_for_status()
projects = response.json()
print("Your Projects:")
for project in projects.get('value', []):
print(f"- {project['name']} (Status: {project['status']})")
return projects
# Usage
if __name__ == "__main__":
client = ExepronApiClient('YOUR_CLIENT_ID', 'YOUR_CLIENT_SECRET')
client.get_projects('user@example.com', 'password123')Common Use Cases
Here are some typical scenarios and how to implement them:
1. Create a New Project
POST /api/v1/projects
Content-Type: application/json
Authorization: Bearer YOUR_ACCESS_TOKEN
{
"name": "Q1 Product Launch",
"description": "New product launch for Q1 2025",
"startDate": "2025-02-01",
"targetEndDate": "2025-03-31",
"projectManagerId": 12345,
"bufferType": "PROJECT",
"bufferPercentage": 30
}2. Update Task Status
PATCH /api/v1/tasks/67890
Content-Type: application/json
Authorization: Bearer YOUR_ACCESS_TOKEN
{
"status": "InProgress",
"percentComplete": 45,
"remainingDuration": 3.5
}3. Get Project with Tasks and Resources
GET /api/v1/projects/12345?$expand=tasks,resources&$select=name,status,bufferConsumption
Authorization: Bearer YOUR_ACCESS_TOKEN4. Monitor Critical Chain Buffer
GET /api/v1/projects/12345/buffer-analysis
Authorization: Bearer YOUR_ACCESS_TOKEN
Response:
{
"projectId": 12345,
"bufferType": "PROJECT",
"totalBuffer": 15,
"consumedBuffer": 4.5,
"consumptionPercentage": 30,
"status": "GREEN",
"projectedCompletion": "2025-03-28",
"recommendations": [
"Current buffer consumption is within acceptable limits",
"Monitor tasks 456 and 789 for potential delays"
]
}5. Batch Update Multiple Tasks
POST /api/v1/tasks/batch-update
Content-Type: application/json
Authorization: Bearer YOUR_ACCESS_TOKEN
{
"updates": [
{
"taskId": 101,
"status": "Completed",
"percentComplete": 100
},
{
"taskId": 102,
"status": "InProgress",
"percentComplete": 60
}
]
}SDKs and Libraries
To speed up your integration, we provide official SDKs and community libraries:
.NET SDK
Official SDK for .NET Core and .NET Framework applications.
Install-Package Exepron.ApiClientNode.js SDK
TypeScript-ready SDK for Node.js applications.
npm install @exepron/api-clientJava SDK
Java client for Spring and standard Java applications.
<dependency>
<groupId>com.exepron</groupId>
<artifactId>api-client</artifactId>
</dependency>Testing Your Integration
Development Environment
For development and testing, you can register a free Exepron account:
- Visit www.exepron.com and click "Start Free Trial"
- Your free account includes full API access for testing and development
- Create API client credentials from Account → Manage → API Clients
- Use your free account credentials to authenticate and test all API endpoints
Testing Tools
Postman Collection
Import our Postman collection for pre-configured API requests:
Download CollectionTest Scenarios
We recommend testing these critical scenarios:
- Authentication Flow: Token acquisition and refresh
- CRUD Operations: Create, read, update, delete for main entities
- Error Handling: Invalid requests, expired tokens, rate limits
- Pagination: Large result sets with OData queries
- Webhook Reception: Receiving and processing webhook events
- Concurrent Requests: Multiple simultaneous API calls
Troubleshooting
401 Unauthorized
Cause: Invalid or expired access token
Solution:
- Verify your access token is included in the Authorization header
- Check if the token has expired (default: 1 hour)
- Ensure the token has the correct scope (api1)
- Request a new token if needed
403 Forbidden
Cause: Insufficient permissions
Solution:
- Verify your client has the required scopes
- Check if your user account has the necessary permissions
- Contact your administrator to grant appropriate access
429 Too Many Requests
Cause: Rate limit exceeded
Solution:
- Check the
X-RateLimit-Remainingheader - Implement exponential backoff
- Default limits: 100 requests per minute
- Contact support for increased limits
SSL Certificate Errors
Cause: Self-signed certificates in development
Solution:
- In development only, disable SSL verification
- For production, use valid SSL certificates
- Never disable SSL verification in production
Security Warning: Only disable SSL verification in development environments. Production must always use valid SSL certificates.
CORS Errors (Browser)
Cause: Cross-origin requests blocked by browser
Solution:
- Configure CORS in your API client registration
- Add your domain to allowed origins
- For SPAs, use the implicit flow with PKCE
- Consider using a backend proxy for API calls
Next Steps
Now that you've successfully made your first API call, explore these resources to build your integration:
Need Help? Our support team is here to assist you. Contact us at customersupport@exepron.com or visit our support portal.