The Authentication endpoint has a rate limit of 60 requests per minute; If this rate limit is exceeded there is a 60 second cool-down period after which new Auth requests can be made


The Authentication endpoint accepts the Client ID and Secret (found in your API Credentials page) as an input and generates a bearer token.

The bearer token can then used to access any Personnel Data endpoint (i.e. all endpoints except Auth and Recruiting) but please note that the bearer token can be used for only one request and is blacklisted immediately after its use.

In the event of a successful request to Personnel Data endpoints, you will find a new Bearer token in the Header of the response from the endpoint and this bearer token can be used for a new request
The ideal path for an integration with Personio Public APIs would involve calling the Auth endpoint when a new integration is set up and/or when an unsuccessful request is made to any of the Personnel Data endpoints. In all other cases, the Bearer token present in the response Header should be used in a rotating manner