{"id":29586643,"url":"https://github.com/basecamp/highrise-api","last_synced_at":"2025-07-20T03:31:15.330Z","repository":{"id":3353859,"uuid":"4399098","full_name":"basecamp/highrise-api","owner":"basecamp","description":"Official API documentation for Highrise","archived":false,"fork":false,"pushed_at":"2021-09-17T04:09:37.000Z","size":80,"stargazers_count":133,"open_issues_count":4,"forks_count":53,"subscribers_count":35,"default_branch":"master","last_synced_at":"2025-07-18T05:34:46.163Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"http://highrisehq.com","language":null,"has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/basecamp.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2012-05-21T21:41:05.000Z","updated_at":"2025-06-04T23:55:18.000Z","dependencies_parsed_at":"2022-09-04T01:10:10.321Z","dependency_job_id":null,"html_url":"https://github.com/basecamp/highrise-api","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/basecamp/highrise-api","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/basecamp%2Fhighrise-api","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/basecamp%2Fhighrise-api/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/basecamp%2Fhighrise-api/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/basecamp%2Fhighrise-api/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/basecamp","download_url":"https://codeload.github.com/basecamp/highrise-api/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/basecamp%2Fhighrise-api/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266063099,"owners_count":23870716,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-07-20T03:30:55.977Z","updated_at":"2025-07-20T03:31:15.325Z","avatar_url":"https://github.com/basecamp.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"Highrise API\n============\n\nThe Highrise API is implemented as vanilla XML over HTTP using all four verbs (GET/POST/PUT/DELETE). Every resource, like Person, Deal, or Party, has their own URL and are manipulated in isolation. In other words, we've tried to make the API follow the REST principles as much as we can.\n\nYou can explore the view part of the API (everything that's fetched with GET) through a regular browser. Using Firefox for this is particularly nice as it has a good, simple XML renderer (unlike Safari which just strips the tags and dumps the content). Pretty much any URL in Highrise can be viewed in its XML form by adding the .xml extension. So `/people/4` becomes `/people/4.xml` if you want to see the XML version.\n\nAPI Endpoints\n-------------\n\n* [People](https://github.com/basecamp/highrise-api/blob/master/sections/people.md)\n* [Categories (Tasks, Deals)](https://github.com/basecamp/highrise-api/blob/master/sections/categories.md)\n* [Companies](https://github.com/basecamp/highrise-api/blob/master/sections/companies.md)\n* [Cases](https://github.com/basecamp/highrise-api/blob/master/sections/cases.md)\n* [Deals](https://github.com/basecamp/highrise-api/blob/master/sections/deals.md)\n* [Notes](https://github.com/basecamp/highrise-api/blob/master/sections/notes.md)\n* [Emails](https://github.com/basecamp/highrise-api/blob/master/sections/emails.md)\n* [Comments](https://github.com/basecamp/highrise-api/blob/master/sections/comments.md)\n* [Tags](https://github.com/basecamp/highrise-api/blob/master/sections/tags.md)\n* [Tasks](https://github.com/basecamp/highrise-api/blob/master/sections/tasks.md)\n* [Users](https://github.com/basecamp/highrise-api/blob/master/sections/users.md)\n* [Groups](https://github.com/basecamp/highrise-api/blob/master/sections/groups.md)\n* [Memberships](https://github.com/basecamp/highrise-api/blob/master/sections/memberships.md)\n* [Account](https://github.com/basecamp/highrise-api/blob/master/sections/account.md)\n* [Parties](https://github.com/basecamp/highrise-api/blob/master/sections/parties.md)\n* [Recordings](https://github.com/basecamp/highrise-api/blob/master/sections/recordings.md)\n* [Custom Fields](https://github.com/basecamp/highrise-api/blob/master/sections/custom_fields.md)\n* [Deletions](https://github.com/basecamp/highrise-api/blob/master/sections/deletions.md)\n\n(Hint: Press `t` to enable the file finder and type out the endpoint you need!)\n\nNeed a sample of each XML blob will look like? Check out the [Data Reference](https://github.com/basecamp/highrise-api/blob/master/sections/data_reference.md).\n\n\nAuthentication\n--------------\n\nWhen you're using the API, it's always through an existing user in Highrise. There's no special API user. So when you use the API as \"david\", you get to see and work with what \"david\" is allowed to. Authenticating is done with an authentication token, which you'll find on the \"My Info\" screen in Highrise, in the \"Integrations\" tab.\n\nWhen using the authentication token, you don't need a separate password. But since Highrise uses [HTTP Basic Authentication](http://www.ietf.org/rfc/rfc2617.txt), and lots of implementations assume that you want to have a password, it's often easier just to pass in a dummy password, like X.\n\nHere's an example using the authentication token and a dummy password through curl:\n\n    curl -u 605b32dd:X https://example.highrisehq.com/people/1.xml\n\nRemember that anyone who has your authentication token can see and change everything you have access to. So you want to guard that as well as you guard your username and password. If you come to fear that it has been compromised, you can regenerate it at any time from the \"My Info\" screen in Highrise.\n\nYou can also use OAuth 2 to authenticate users on their behalf without having to copy/paste API tokens or touch sensitive login info. Read the [Basecamp API Authentication Guide](https://github.com/basecamp/api/tree/master/sections/authentication.md) for more info on using OAuth.\n\nNote that the `/me.xml` endpoint is the one exception to token authentication: you can use a username and password to authenticate against this action. This allows developers to obtain the token for a user, given that user's username and password, which makes it easier for users to authenticate on mobile platforms and the like.\n\nIdentify your app\n-----------------\n\nYou should include a `User-Agent` header with the name of your application and a link to it or your email address so we can get in touch in case you're doing something wrong (so we may warn you before you're blacklisted) or something awesome (so we may congratulate you). Here's a couple of examples:\n\n    User-Agent: Freshbooks (http://freshbooks.com/contact.php)\n    User-Agent: Fabian's Ingenious Integration (fabian@example.com)\n\nReading through the API\n-----------------------\n\nThe Highrise API has two category of actions for reading: Get one, or get many. All these actions are done through an HTTP GET, which also means that they're all easily explorable through a browser as described above.\n\nHere's a few examples of reading with curl:\n\n    curl -u 605b32dd:X https://example.highrisehq.com/kases/5.xml\n\n    curl -u 605b32dd:X https://example.highrisehq.com/people/27/notes.xml\n\nIf the read is successful, you'll get an XML response back along with the status code `200 OK`.\n\n\nWriting through the API\n-----------------------\n\nCreating, updating, and deleting resources through the API is almost as easy as reading, but you can't explore it as easily through the browser. Regardless of your implementation language, though, using curl to play first is a great idea. It makes it very easy to explore the API and is perfect for small scripts too.\n\nWhen you're creating and updating resources, you'll be sending XML into Highrise. You need to let the system know that fact by adding the header `Content-type: application/xml`, so we know that it's not regular form-encoded data coming in. Then you just include the XML of the resource in the body of your request.\n\nHere's a few examples creating new resources, first with the XML inline, second referencing the XML from a file:\n\n    curl -u 605b32dd:X -H 'Content-Type: application/xml' \\\n    -d '\u003ckase\u003e\u003cname\u003eImportant matters\u003c/name\u003e\u003c/kase\u003e' https://example.highrisehq.com/kases.xml\n\n    curl -u 605b32dd:X -H 'Content-Type: application/xml' \\\n    -d @note.xml https://example.highrisehq.com/people/5/notes.xml\n\nThe response to a succesful creation is the status code `201 Created`. You can get the URL of the new resource in the Location header (such that you know where to update your new resource in the future). We also include the complete XML for the final resource in the response. This is because you can usually get away with creating a new resource with less than all its regular attributes. Especially attributes like `created_at` can be helpful to get back from the creation.\n\nUpdating resources is done through the PUT verb and against the URL of the resource you want to update. Here's a few examples:\n\n    curl -u 605b32dd:X -X PUT -H 'Content-Type: application/xml' \\\n    -d '\u003ckase\u003e\u003cname\u003eReally important matters\u003c/name\u003e\u003c/kase\u003e' https://example.highrisehq.com/kases/5.xml\n\n    curl -u 605b32dd:X -X PUT -H 'Content-Type: application/xml' \\\n    -d @note.xml https://example.highrisehq.com/notes/27.xml\n\nThe response to a successful update is \"200 OK\".  Finally, you can delete resources (if you're allowed to) using the DELETE verb. A few examples of that:\n\n    curl -u 605b32dd:X -X DELETE https://example.highrisehq.com/kases/5.xml\n\n    curl -u 605b32dd:X -X DELETE https://example.highrisehq.com/notes/27.xml\n\nNote that you don't need to pass the content-type header because you're not sending any XML. The response to a successful delete is `200 OK`.\n\n\nDealing with failure\n--------------------\n\nIf a request fails, the error information is returned with the HTTP status code. For instance, if a requested record could not be found, the HTTP response might look something like:\n\n    HTTP/1.1 404 The record could not be found\n    Date: Thu, 16 Mar 2006 17:41:40 GMT\n    ...\n\nNote that, in general, if a request causes a new record to be created (like a new message, or to-do item, etc.), the response will use the \"201 Created\" status. Any other successful operation (like a successful query, delete, or update) will use a 200 status code.\n\nRate limiting\n-------------\n\n**Please note:** We've lowered the API limit call to searching for contacts via an email address to 2 requests in a 10 second period and requests to `GET /recordings.xml` to 10 requests in 10 seconds.\n\nAll other limits remain at up to 150 requests per 5 second period from the same IP address for the same account. \n\nRegardless of these limits, your integrations with our API should handle `503 Service Unavailable` errors returned. Those will be returned if you exceed our limit, or we may have a temporary limit in place to handle surges or problematic load to the API. \n\nCheck for `503 Service Unavailable` response from your requests and be sure to check the `Retry-After` header to see how many seconds to wait before retrying the request.\n\nSSL Usage\n---------\n\nA non-SSL request made against an account that has SSL enabled (and vice versa) will receive a \"302 Found\" response. The Location header will contain the correct URI.\n\nIf SSL is enabled for your account, ensure that you're using https. If it's not, ensure you're using http.\n\n\nAlternative formats\n-------------------\n\nXML is not the only other language than HTML you can make Highrise speak. We're also fairly fluent in Atom, CSV, and vCards. To subscribe to recordings (notes, emails, and comments), it's often easier to use the Atom feeds than to go through the XML API. Try browsing around Highrise to find the recording feeds. They're linked up with link-tags in the head of the HTML. For example, there's `/recordings.atom` for the getting the 25 most recent recordings across all subjects (people, companies, and cases). And there's `/people/1/recordings.atom` for getting just the last 25 about the person with ID = 1.\n\nAll parties (people and companies) can be retrieved in vCard form too. Just append the .vcf extension to the URL, like `/people/4.vcf`.\n\n\nConventions in the API documentation\n------------------------------------\n\nIn the documentation that follows, the following notation is used:\n\n    #{text}: Indicates text that should be replaced by your own data\n\n    ...: Indicates content from the response has been elided for brevity in documentation. See the list of data responses at the end of the page for a full description of the format of that response type.\n\n\nHelp us make it better\n----------------------\n\nPlease tell us how we can make this API better. If you have a specific feature request or if you found a bug, please [open a support ticket](http://help.basecamp.com/tickets/new). Also, feel free to fork these docs and send a pull request with improvements!\n\nTo talk with us and other developers about the API, [post a question on StackOverflow](http://stackoverflow.com/questions/ask) tagged `highrise` or [open a support ticket](http://help.basecamp.com/tickets/new).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbasecamp%2Fhighrise-api","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbasecamp%2Fhighrise-api","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbasecamp%2Fhighrise-api/lists"}