Skip to main content
  1. Create an integration key in the YoLead UI.
  2. Store the API secret on your backend.
  3. Sign each /v1/* request with HMAC-SHA256.
  4. Call GET https://api.yo-lead.com/v1/employees.
  5. Use the REST API reference for endpoint-specific request and response shapes.
Run signing code on your backend. The API secret must never be sent to browser code.
GET /v1/employees HTTP/1.1
Host: api.yo-lead.com
X-YoLead-Key: <publicKey>
X-YoLead-Timestamp: <unix_ms_timestamp>
X-YoLead-Signature: <hex_hmac_sha256>
import { createHmac } from "node:crypto";

const publicKey = process.env.YOLEAD_PUBLIC_KEY!;
const apiSecret = process.env.YOLEAD_SECRET!;
const timestamp = Date.now().toString();
const rawBody = "";
const signature = createHmac("sha256", apiSecret)
  .update(`${timestamp}.`)
  .update(rawBody)
  .digest("hex");

const response = await fetch("https://api.yo-lead.com/v1/employees", {
  method: "GET",
  headers: {
    "X-YoLead-Key": publicKey,
    "X-YoLead-Timestamp": timestamp,
    "X-YoLead-Signature": signature,
  },
});

console.log(await response.json());