Authenticating with the TimeLog REST API


This page will provide information on obtaining an access token that can be used to access the TimeLog REST API.


  • The API has an access rate limit applied to it
  • The API will only respond to secured communication done over HTTPS
  • Response to every request is sent in JSON format
  • The request method (verb) determines the nature of action you intend to perform. A request made using the GET method implies that you want to fetch something from TimeLog, and POST implies you want to save something new to TimeLog
  • The API calls will respond with appropriate HTTP status codes for all requests


The default process for obtaining an Access Token for the TimeLog REST API is using the Personal access token (PAT).

A personal access token (PAT) is a string of characters that acts as a secure way to authenticate a user in a system or application. A PAT can be used as an alternative to OAuth tokens to access TimeLog resources, on behalf of the user who requested it. As such, it will have the same permissions as the user who requests it.

To obtain a PAT and see its usage example, please refer to TimeLog Personal Access Tokens for more details.

Rate Limits

API access rate limits are applied at a per-key basis in unit time. Access to the API using a key does at this time not have a hard limit, however we monitor usage closely and may at any time enforce rate limitations upon excessive usage patterns for a particular key.


For help regarding accessing the API, feel free to drop in a line at

Terms of Use

We collect information from you when you register on our site. When registering as a developer, as appropriate, you may be asked to provide your: company name, name and e-mail address. You may, however, visit our site anonymously.

By registrering as a developer (by requesting an API key), we might email you information about API service updates, scheduled down time, breaking changes and similar to allow you to react proactively on these changes.