The Authentication endpoint has a rate limit of 60 requests per minute; If this rate limit is exceeded there is a 60 second cool-down period after which new Auth requests can be made


The Authentication endpoint accepts the Client ID and Secret (found in your API Credentials page) as an input and generates a bearer token. The bearer token generated is specific to the Client ID and secret used and remains the same i.e. stable, for a period of 24 hours.

The bearer token can then used to access any Personnel Data endpoint (i.e. all endpoints except Auth and Recruiting) but please note that the bearer token will have a 'papi-' prefix. This bearer token can be used for an indefinite number of calls in the 24 hour period and can also be used for parallel API calls to multiple Personio API endpoints, simultaneously.

In the event of a successful request to Personnel Data endpoints, you will find the same stable Bearer token in the Header of the response from the endpoint and this stable Bearer token can be used for a new request