One endpoint to every corner of your travel data.
A clean, mostly read-only REST API over 25 years of VTO data — branches, clients, consultants, groups, trips and reports. Send one token, read predictable JSON.
The legend: four rules behind every request.
Learn these symbols once and the whole API behaves the way you'd expect.
One token, by office
Send an X-Api-Token header on every request. Each token is scoped to one office's data.
Fair use limits
5 req/sec burst and 200/day per token. Cross the line, get a clean 429.
Predictable JSON
Every response carries success and a timestamp. Lists add a pagination block.
Mostly read-only
Browse with GET. A few client sub-resources take POST with clients.write; other verbs return 405.
Every resource, with a list and a by-ID endpoint.
The full gazetteer. Each entry links through to its schema in the reference.
One header. One request. Clean data.
No SDK, no handshake. Add your token, hit a resource, read the JSON. Here's a list of clients, start to finish.
- AUTHYour office token in the
X-Api-Tokenheader. - SHAPE
dataholds records;paginationtracks the rest. - NEXTSwap
/clientsfor any resource in the index.
$ curl https://api.vto.cloud/v1/clients \ -H "X-Api-Token: ••••••••••••" { "success": true, "data": [ { "id": 4821, "first_name": "Poh", "last_name": "Tan", "is_corporate": false } ], "pagination": { "total": 137, "page": 1 } }
Chart your route on VTO.
Talk to your VTO account manager and we'll issue a token scoped to your office — usually the same day.