Skip to main content

FiorLab API

Programmatic access to supplier risk assessment data

v1.0https://app.fiorlab.com/api/v1/publicBack to Dashboard

Authentication

All Public API requests require an API key. Create keys from your FiorLab dashboard under Settings. Each key is scoped to specific permissions and your organization.

Option 1: Authorization header

Authorization: Bearer fl_your_api_key_here

Option 2: X-API-Key header

X-API-Key: fl_your_api_key_here

Available Permissions

suppliers:readList and view suppliers
suppliers:writeUpdate supplier data
assessments:readView assessments
assessments:writeTrigger assessments
reports:readGenerate reports
contracts:readView contracts

Rate Limits

General endpoints100 requests / minute
Company verification30 requests / minute

Rate limit info is returned in response headers:X-RateLimit-LimitX-RateLimit-RemainingX-RateLimit-Reset

Error Handling

{
  "error": {
    "code": "INVALID_API_KEY",
    "message": "Invalid or expired API key"
  },
  "requestId": "550e8400-e29b-41d4-a716-446655440000"
}
StatusCodeDescription
400INVALID_QUERY / INVALID_BODYValidation error in request
401MISSING_API_KEYNo API key provided
401INVALID_API_KEYKey invalid, expired, or disabled
403INSUFFICIENT_PERMISSIONSKey lacks required permission
403NO_ORGANIZATIONKey not linked to an organization
404NOT_FOUNDResource does not exist or not accessible
405METHOD_NOT_ALLOWEDWrong HTTP method
429RATE_LIMIT_EXCEEDEDToo many requests
500INTERNAL_ERRORUnexpected server error

Endpoints

Internal API

FiorLab also has an internal REST API at /api/v1/* used by the web application. These endpoints use Firebase ID token authentication and are documented separately. The Public API (/api/v1/public/*) is the recommended integration point for external systems.

Code Examples

cURL

curl -H "Authorization: Bearer fl_your_api_key_here" \
     "https://app.fiorlab.com/api/v1/public/suppliers?page=1&pageSize=10"

Python

import requests

API_KEY = "fl_your_api_key_here"
BASE = "https://app.fiorlab.com/api/v1/public"
headers = {"Authorization": f"Bearer {API_KEY}"}

# List suppliers with score above 70
suppliers = requests.get(
    f"{BASE}/suppliers",
    headers=headers,
    params={"minScore": 70, "sortBy": "score", "sortOrder": "desc"}
).json()["data"]

# Get assessment for top supplier
top = suppliers[0]
assessment = requests.get(
    f"{BASE}/suppliers/{top['id']}/assessment",
    headers=headers
).json()["data"]

print(f"{top['companyName']}: {assessment['overallRiskRating']}")

Node.js

const API_KEY = "fl_your_api_key_here";
const BASE = "https://app.fiorlab.com/api/v1/public";
const headers = { Authorization: `Bearer ${API_KEY}` };

// List all suppliers
const { data: suppliers } = await fetch(
  `${BASE}/suppliers`, { headers }
).then(r => r.json());

// Get report for each supplier
for (const s of suppliers) {
  const { data: report } = await fetch(
    `${BASE}/suppliers/${s.id}/report`, { headers }
  ).then(r => r.json());

  console.log(`${s.companyName}: ${report.summary.recommendation}`);
}

FiorLab API v1.0 — Questions? Contact hello@fiorlab.com