Skip to main content

Get started with the OData API

How to authenticate, understand rate limits, and construct your first OData query in Prospect CRM.

Written by Arthur Ashdown

Use the OData API to query and update your Prospect CRM data using standard web technologies. This guide covers everything you need to know to authenticate, understand rate limits, and start building queries. You'll need a Personal Access Token (PAT) to use the API.

If you're already familiar with OData and just need endpoint and data model details, refer to the API documentation instead.

What is OData

OData is a REST-based protocol for querying and updating data, built on standard technologies such as HTTP, Atom/XML and JSON. It is standardised by OASIS and is ISO/IEC approved.

Because the OData specification is standardised, any OData feed responds in the same way to the defined OData functions. This means you can use a consistent approach to query your CRM data regardless of the tool or language you're using.

Authenticate with the API

To access the Prospect CRM OData service, you need a Personal Access Token (PAT). To generate a token:

  1. Go to Integrations, then click Custom API Integration (OData API).

  2. Open the My Tokens section.

  3. Follow the steps to generate your PAT token.

The OData service uses bearer authentication. You need to add a bearer authorisation header to every request using a valid access token:

Authorization: Bearer [YOUR_PAT_TOKEN]

Warning: Your access token allows the same level of read and write access to the database as your user login. Treat it like a password. Never share it with anyone. If a colleague needs a token, they must generate their own. You can revoke a token at any time from the My Tokens section.

Understand the rate limit

API access is limited to 1,200 requests every 10 minutes using a 'Sliding Window' algorithm. The rate limit applies to your overall CRM workspace, not per token. If you have multiple PAT tokens, all requests across all tokens count towards the same limit.

If you exceed the limit, the API returns a 429 response code. The API does not queue requests, so you must retry any request that receives a 429 response.

How the Sliding Window algorithm works

The algorithm keeps a rolling log of request timestamps for your workspace. For each incoming request, the system:

  1. Checks the list of recent request timestamps for your workspace.

  2. Removes any requests older than 10 minutes from the count.

  3. Counts the remaining requests.

  4. Allows the request if the count is under 1,200, or returns a 429 response code if the limit is reached.

šŸ¤“ Tip: Build a retry process into your integration to handle 429 responses automatically.

Construct a query

Every OData query is made up of three parts:

  • Base URL: where your data lives.

  • Entity: the type of CRM record you want to access.

  • Parameters: the OData functions that filter, sort, and shape the data returned.

Example query

https://crm-odata-v1.prospect365.com/Contacts?$select=Title,Forename,Surname,Email,StatusFlag&$filter=contains(email,'@prospectsoft.com') and StatusFlag eq 'A'&$expand=Leads($select=Description,Created,StatusFlag;$filter=StatusFlag eq 'A' and Status/DeadFlag eq 0;$expand=Status($select=Description))

Base URL

The base URL tells the API where to retrieve data from. The Prospect CRM OData base URL is: 

https://crm-odata-v1.prospect365.com/

šŸ¤“ Tip: You can use the unsecured OData test service at http://services.odata.org/V4/OData/OData.svc/ to practise queries without needing to authenticate.

Entity

The entity is the type of CRM record you want to access. Entities are generally the plural of the table name. You append the entity name directly after the base URL:

https://crm-odata-v1.prospect365.com/Contacts

To retrieve a specific record by ID, append the ID in parentheses after the entity name:

https://crm-odata-v1.prospect365.com/Contacts(272970)

Running a query without any filters returns all records for that entity. Retrieving large data sets takes a long time to complete. Wherever possible, retrieve only the data you need using smaller, filtered queries.

Parameters

Parameters are OData functions that you chain after the entity using &. They let you select, filter, sort, and limit the data returned. For example:

https://crm-odata-v1.prospect365.com/Contacts?$select=ContactId,Forename,Surname&$top=50

For a full list of available OData functions and how to use them, see Query the OData API.

Troubleshoot

401 Unauthorised error

A 401 Unauthorised error usually indicates a problem with your token. To resolve it:

  1. Check that your token is included in the Authorization header.

  2. Confirm the header uses the correct format: Bearer [YOUR_PAT_TOKEN].

  3. Check the token for any typos or extra spaces.

  4. Confirm you are not including the token in the URL itself.

If the error persists, revoke the token and generate a new one from Integrations, then click Custom API Integration (OData API).

Related Articles
Getting Started with Business Intelligence Tools like Power BI
Custom Accounts and ERP Integrations
Adding Mintsoft as a Secondary Connection
Query the OData API
Did this answer your question?