Stitch Documentation
has moved!

Please update your bookmarks to

If you're not automatically redirected after 5 seconds, click here.

Import API FAQ

In this article:

Have a question that you don’t see answered here? We strive to make our docs as self-explanatory as possible and we’re always looking for ways to improve. Give us a shout with your feedback and questions.


What is the Stitch Import API?

The Stitch Import API (or just Import API) provides a simple way for our customers to get data from various sources into the Stitch app. Once the data enters the Import API, it will be processed by the app just like the data from any other integration.

What do I need to use the Import API?

You need a Stitch account to use the Import API. If you don’t already have an account, you can create one for free.

Who should use the Import API? Who shouldn’t?

Using the Import API requires a certain level of technical expertise. Someone comfortable writing and maintaining a small Ruby or PHP script will be more than qualified.

If the data in question is already in a database or SaaS for which we have an integration, it is often easier to to use the native integration. However, you can always use the Import API if you want total control over data replication.

What type of data can I send?

You can send data from any source as long as it’s in either JSON or Transit formats once it gets to us. We send data to the Import API for systems monitoring, syncing data from Google Drive, anda variety of other purposes.

For any data sources for which we don’t yet have a direct, native integration, the Import API will be your best bet. You can see the full list of current integrations here.


I’m getting a 4xx error code, what do I do?

Check out the return code from your request and double-check your request’s validity. You can use this table as a starting point:

401 Unauthorized Message: The request did not have a valid API access token.

Action: Generate a new API access token.
403 Forbidden Message: The request had a valid API access token, but is not permitted.

Action: Check that the client_id field in your request contains your correct client ID.
405 Method Not Allowed Message: The request has an HTTP method that is not supported by the endpoint.

Action: POST and GET are supported by the Import API. Check that you’re using the correct HTTP method.
413 Request Entity Too Large Message: The size of the request body was over 4MB.

Action: Reduce the size of the request body and try again.
415 Unsupported Media Type Message: The content header of the request did not specify JSON or Transit.

Action: Check that header includes the type of data being sent.
422 Unprocessable Entity Message: Your request was missing a required parameter.

Action: Requests must contain all of the following fields:
  • client_id - your client ID
  • table_name - name of the destination table
  • sequence - property that communicates the order in which data points are considered
  • action - “upsert”
  • key_names - array of field names that uniquely identifies the row that this record belongs to - these are the Primary Keys for the table.
  • data - contains data to be upserted into the database

I’m getting a 5xx error code, what do I do?

Try your request again. If the issue persists, please contact support.


How secure is the API?

We store all of your data in a private cloud and only connect via SSH. Each API key is totally independent of every other key and can only push data. This means if somebody gets their hands on your key, they won’t be able to access your data.

Despite the security of the API, DO NOT push sensitive data - such as credit cards or medical records - to the Import API.

Is the Import API compliant with PCI and/or HIPPA?

Stitch is PCI Level 4 compliant.

Stitch is not HIPPA compliant.

Despite our PCI compliance, please do not push sensitive information to the Import API.

What happens if my API key is compromised?

Luckily, nobody can access data with your API key: they can only send it. If your key has been compromised, you can disable it by navigating to the Integration Settings for your Import API integration.

Looking for other security info?

Don’t see your question here? Check out the Security FAQ for more general security info. Please reach out to us if you still have questions.


Was this article helpful?
0 out of 0 found this helpful


Questions or suggestions? If something in our documentation is unclear, let us know in the comments!