Wialon help center

Wialon ecosystem

Wialon Hosting

Web version Mobile version What's new

Wialon Local

Web version Mobile version What's new

Wialon Platform

User guide Quick start What's new

Wialon for developers

API documentation Expert articles What's new

More solutions by Wialon

Other sources of information

Wialon Platform User guide Wialon Platform API

Wialon Platform API

Wialon Platform provides a RESTful API that allows service providers to manage their accounts and customer fleet data programmatically. The API comes with auto-generated OpenAPI (Swagger) documentation and can be accessed using standard HTTP calls from any language or tool.

On this page, you can find the following information:

  • API layers: how the API is split into the Studio API (provider-level) and Module APIs (customer-level).
  • Authentication: how to authenticate requests using API keys and how the two-level permission model works.
  • Calling the API: how to send requests to the Studio API and Module APIs, with annotated examples.
  • OpenAPI specifications and playground: how to access OpenAPI specs and use the built-in interactive Swagger UI.
  • Getting started: the first steps for working with the API.

API layers

The API is split into two layers:

Layer Path Description
Studio API /api/* Service provider-level operations: customers, devices, channels, sensors, billing, users, sites, API keys, and more.
Module APIs /module/{moduleName}/* Customer-level operations: devices, trips, drivers, geofences, automations, maintenance, checklists, analytics, video, tachograph, location share, and more.

Authentication

All external integrations use API keys, which are dedicated credentials passed as an HTTP header with every request:

x-platform-api-key: <your_key>

You can create up to 50 API keys per provider account. Each key can have an expiration date and can be scoped to specific permissions. You can manage your API keys (create, update, and delete) through the /api/api-keys endpoints.

Two-level permission model

Each API key has two independent permission sets:

Permission level Scope Examples
Service provider permissions Studio API access read:customers, update:devices, read:billing, read:sensors, manage:api_keys
Customer permissions Module API access (per entity)
  • Devices: read, update, commands, history
  • Geofences: read, create, delete
  • Drivers: read, update, create

For example, you can create a key that can only read devices and trips at the customer level, with no access to billing or user management at the provider level.

Calling the API

Provider-level requests go to the Studio API, while customer-level requests go to Module APIs and require an additional header to identify the customer.

Calling the Studio API (provider-level)

Send requests to the /api/* endpoints to manage customers, devices, channels, sites, and other provider-level entities. The service provider permissions of the key control what operations are allowed.

For example, to retrieve the list of customers, send a GET request with the x-platform-api-key header:

Copied!
GET /api/customers
x-platform-api-key: <your_key>

Calling Module APIs (customer-level)

For operations such as reading trips, managing geofences, or sending commands, add the customer ID header to specify which customer’s data you’re accessing:

For example, to retrieve trip intervals for a specific customer, send a GET request with the x-platform-api-key and x-platform-cid headers:

Copied!
GET /module/trips/intervals
x-platform-api-key: <your_key>
x-platform-cid: <customer_id>

A single API key can access any of your customers. Change the x-platform-cid header for each customer you want to work with. Each request targets only one customer at a time. You can’t retrieve data for multiple customers in a single request.

For each Module API request, the system verifies that:

  • The key is valid and active.
  • The customer belongs to your provider account.
  • The requested module is enabled for the customer.
  • The customer permissions of the key grant the required entity-level permissions.

OpenAPI specifications and playground

You can access the API documentation in two ways:

  • OpenAPI specification files: full endpoint definitions for the Studio API (/api/openapi.json) or any module (/module/{moduleName}/openapi.json). Each endpoint includes the list of permissions your API key needs to access it. Use these files to auto-generate API clients in your preferred language.
  • API playground: an interactive tool built into Studio where you can browse, test, and execute API requests directly in the browser.

The API playground page in Studio provides two tabs:

  • Studio: browse and test all provider-level endpoints.
  • FleetSpace: select a module from the sidebar, select a customer, and test customer-level endpoints with the customer ID pre-filled.

For a step-by-step guide on using the API playground, see the API playground page.

Getting started

To start working with the Wialon Platform API:

  • Open the API playground page in Studio to explore endpoints interactively.
  • Create an API key using the POST /api/api-keys endpoint.
  • Use GET /api/openapi.json to auto-generate a client in your preferred language.

If you find a mistake in the text, please select it and press Ctrl+Enter.

Report a mistake

Your message was sent. Thank you!

An error occurred while submitting the form