Envoy Visitor Management API
api.envoy.com · Security
Visitor management and workplace platform API — manage visitor sign-ins, pre-registration, watchlists, host notifications, badge printing, and deliveries. Integrates with access control systems. Free developer sandbox.
Authentication
OAuth2
OAuth2 Authorization Code flow. Register at developers.envoy.com for a free developer account and sandbox.
Sample Requests
GET
List recent visitors
List currently signed-in visitors.
https://api.envoy.com/v1/invites?page[limit]=5&filter[status]=signed-in
Hover any highlighted part to learn what it does
Headers — extra info sent with the request
| Authorization | Bearer YOUR_TOKEN |
curl -X GET "https://api.envoy.com/v1/invites?page[limit]=5&filter[status]=signed-in" \ -H "Authorization: Bearer YOUR_TOKEN"
import requests
params = {
"page[limit]": "5",
"filter[status]": "signed-in"
}
headers = {
"Authorization": "Bearer YOUR_TOKEN"
}
response = requests.get(
"https://api.envoy.com/v1/invites",
params=params,
headers=headers,
)
print(response.json())const url = new URL('https://api.envoy.com/v1/invites');
url.searchParams.set('page[limit]', '5');
url.searchParams.set('filter[status]', 'signed-in');
const response = await fetch(url, {
headers: {
'Authorization': 'Bearer YOUR_TOKEN'
},
});
const data = await response.json();
console.log(data);package main
import (
"fmt"
"io"
"net/http"
"net/url"
)
func main() {
baseURL, _ := url.Parse("https://api.envoy.com/v1/invites")
q := baseURL.Query()
q.Set("page[limit]", "5")
q.Set("filter[status]", "signed-in")
baseURL.RawQuery = q.Encode()
targetURL := baseURL.String()
req, _ := http.NewRequest("GET", targetURL, nil)
req.Header.Set("Authorization", "Bearer YOUR_TOKEN")
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
fmt.Println(string(body))
}require "net/http"
require "json"
uri = URI("https://api.envoy.com/v1/invites")
uri.query = URI.encode_www_form({
"page[limit]" => "5",
"filter[status]" => "signed-in"
})
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"
req = Net::HTTP::Get.new(uri)
req["Authorization"] = "Bearer YOUR_TOKEN"
res = http.request(req)
puts JSON.parse(res.body)<?php
$url = "https://api.envoy.com/v1/invites?" . http_build_query([
"page[limit]" => "5",
"filter[status]" => "signed-in"
]);
$opts = ["http" => [
"method" => "GET",
"header" => implode("\r\n", [
"Authorization: Bearer YOUR_TOKEN"
]),
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));
POST
Pre-register a visitor
Pre-register a visitor before they arrive.
https://api.envoy.com/v1/invites
Hover any highlighted part to learn what it does
Headers — extra info sent with the request
| Content-Type | application/json |
| Authorization | Bearer YOUR_TOKEN |
Request Body — data you're sending
{
"data": {
"type": "invites",
"attributes": {
"email": "[email protected]",
"full-name": "John Doe",
"expected-arrival-time": "2026-06-09T09:00:00Z"
}
}
}
curl -X POST "https://api.envoy.com/v1/invites" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"data":{"type":"invites","attributes":{"email":"[email protected]","full-name":"John Doe","expected-arrival-time":"2026-06-09T09:00:00Z"}}}'import requests
headers = {
"Content-Type": "application/json",
"Authorization": "Bearer YOUR_TOKEN"
}
data = {
"data": {
"type": "invites",
"attributes": {
"email": "[email protected]",
"full-name": "John Doe",
"expected-arrival-time": "2026-06-09T09:00:00Z"
}
}
}
response = requests.post(
"https://api.envoy.com/v1/invites",
headers=headers,
json=data,
)
print(response.json())const url = 'https://api.envoy.com/v1/invites';
const response = await fetch(url, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Authorization': 'Bearer YOUR_TOKEN'
},
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
"data": {
"type": "invites",
"attributes": {
"email": "[email protected]",
"full-name": "John Doe",
"expected-arrival-time": "2026-06-09T09:00:00Z"
}
}
}),
});
const data = await response.json();
console.log(data);package main
import (
"fmt"
"io"
"net/http"
"bytes"
"encoding/json"
)
func main() {
targetURL := "https://api.envoy.com/v1/invites"
jsonData, _ := json.Marshal({"data":{"type":"invites","attributes":{"email":"[email protected]","full-name":"John Doe","expected-arrival-time":"2026-06-09T09:00:00Z"}}})
req, _ := http.NewRequest("POST", targetURL, bytes.NewBuffer(jsonData))
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", "Bearer YOUR_TOKEN")
req.Header.Set("Content-Type", "application/json")
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
fmt.Println(string(body))
}require "net/http"
require "json"
uri = URI("https://api.envoy.com/v1/invites")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"
req = Net::HTTP::Post.new(uri)
req["Content-Type"] = "application/json"
req["Authorization"] = "Bearer YOUR_TOKEN"
req["Content-Type"] = "application/json"
req.body = "{\"data\":{\"type\":\"invites\",\"attributes\":{\"email\":\"[email protected]\",\"full-name\":\"John Doe\",\"expected-arrival-time\":\"2026-06-09T09:00:00Z\"}}}"
res = http.request(req)
puts JSON.parse(res.body)<?php
$url = "https://api.envoy.com/v1/invites";
$opts = ["http" => [
"method" => "POST",
"header" => implode("\r\n", [
"Content-Type: application/json",
"Authorization: Bearer YOUR_TOKEN",
"Content-Type: application/json"
]),
"content" => json_encode({"data":{"type":"invites","attributes":{"email":"[email protected]","full-name":"John Doe","expected-arrival-time":"2026-06-09T09:00:00Z"}}}),
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));Postman Setup Guide
- Register for a free developer account at developers.envoy.com
- OAuth2: register an app to get client_id/secret
- Sandbox environment available — no real Envoy subscription needed to test
- Set Authorization: Bearer YOUR_TOKEN
- Webhooks available for visitor sign-in/sign-out events