Skip to content

Sniff API calls using Chrome

Monitoring Tallyfy API Calls with Chrome DevTools

Tallyfy’s “API-first” architecture enables developers to understand how the platform communicates with its backend. By inspecting these API calls, you can implement your own integrations.

Requirements

Before starting:

  • Chrome browser (latest version recommended)
  • A Tallyfy account with appropriate permissions
  • Basic understanding of HTTP requests and JSON
  • Familiarity with the Tallyfy feature you want to analyze

Important API header requirement

When making direct API calls to Tallyfy endpoints, you must include this header:

X-Tallyfy-Client: APIClient

Capturing API calls with Chrome DevTools

Setup process

  1. Navigate to the Tallyfy web application and sign in.
  2. Open Chrome DevTools by right-clicking anywhere and selecting Inspect (or press F12, Ctrl+Shift+I on Win/Linux, Cmd+Option+I on macOS).
  3. Click the Network tab in the DevTools panel.
  4. Ensure recording is enabled (the red record button should be active).
  5. Check the Preserve log checkbox to maintain requests between page loads.
  6. Select Disable cache to ensure fresh responses.
  7. Clear existing requests by clicking the 🚫 icon.
  8. Perform the Tallyfy action you want to analyze (e.g., load processes, launch a process, complete a task).
  9. Click the Fetch/XHR filter button at the top of the Network panel.
  10. Type /api/ in the filter box to show only Tallyfy API calls.
  11. Click on a Tallyfy /api/ request in the filtered list to open its details.

Analyzing request details

Request headers section

In the Headers tab, examine:

  • General information:

    • Request URL: The full endpoint path
    • Request method: GET, POST, PUT, DELETE, etc.
    • Status code: 200 (success), 400 (client error), etc.
  • Request Headers:

    • Authorization: Bearer <token> for authentication
    • X-Tallyfy-Client: APIClient required for direct API calls
    • Content-Type: application/json for data formatting
  • Response Headers:

    • Server response metadata
    • Rate limiting information
    • Caching directives

Request payload section

For POST, PUT, or PATCH requests:

  • Click the Payload tab to view the request body

  • Review the following views:

    • Form Data: URL-encoded parameters
    • Request Payload: JSON structure
    • View Source: Raw data exactly as sent
  • Copy method:

    1. Select the view source tab
    2. Click anywhere in the payload area
    3. Press Ctrl+A (or Cmd+A on Mac) to select all
    4. Press Ctrl+C (or Cmd+C on Mac) to copy
    5. This exact format can be used in your own API implementations

Response data section

Examine the server’s response:

  • Click the Response tab to view raw data returned from the server
  • Click the Preview tab to see formatted JSON structure
  • Analyze:
    • Data objects and their structure

    • Success/error messages

    • Pagination information for list responses

    • Timestamps and formatting patterns

      Detailed view of request and response

Authentication analysis

When examining authentication in Tallyfy API calls:

  • Bearer Token Format: Note the structure and length of the JWT token
  • Token Lifespan: Tokens typically expire after a set period
  • Scope Information: What permissions the token includes
  • User Context: Which user the token represents

Required headers for API replication

HeaderValuePurpose
AuthorizationBearer YOUR_TOKENAuthentication
X-Tallyfy-ClientAPIClientRequired identifier
Content-Typeapplication/jsonFormat specification
Acceptapplication/jsonResponse format

Testing your API understanding

To verify you’ve correctly understood an API call:

  1. Copy the endpoint URL, headers, and payload
  2. Use a tool like Postman, Insomnia, or cURL to recreate the request
  3. Compare your response with what you observed in DevTools
  4. Troubleshoot any differences in the responses

Example cURL command

For a typical API call, your cURL might look like:

Terminal window
curl -X POST "https://go.tallyfy.com/api/organizations/{orgID}/processes" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-H "X-Tallyfy-Client: APIClient" \
-d '{
"template_id": 12345,
"name": "Test Process",
"assignees": [{"email": "user@example.com"}]
}'

Advanced DevTools features

Throttling network speed

To test how your API implementation performs under different conditions:

  1. Click the Network Conditions tab in DevTools (or use the dropdown next to “Online”)
  2. Select a preset throttling profile or create a custom one
  3. Observe how the API behaves with slower connections

Exporting request data

To save a request for later reference:

  1. Right-click on the API request
  2. Select Copy > Copy as cURL
  3. Paste into a text file for future reference

Using Integuru for automated API integration

For developers looking to automate API interactions with Tallyfy or other platforms, Integuru provides an advanced solution. Integuru is an open-source AI agent that can generate integration code by reverse-engineering platforms’ internal API

Key features:

  • Automatically generates a dependency graph of API requests
  • Creates runnable Python code that reproduces your actions
  • Identifies relationships between different API calls
  • Handles authentication and session management

To use Integuru with Tallyfy:

  1. Install Integuru following the instructions on their GitHub repository
  2. Run python create_har.py to start a browser session
  3. Log into Tallyfy and perform the workflow action you want to automate
  4. Use the generated HAR file with Integuru to create Python code that reproduces the API calls

This approach can significantly accelerate API integration development by automatically analyzing the full sequence of API calls needed for complex operations.

Troubleshooting common issues

No requests appearing

If no API calls appear in DevTools:

  • Ensure DevTools is open before performing the action
  • Try enabling Preserve log option in the Network tab
  • Disable cache and perform a hard refresh (Ctrl+Shift+R or Cmd+Shift+R)
  • Verify you’re looking at the correct browser tab
  • Check if content blockers are interfering with network requests

Filtering problems

If filtering doesn’t show expected results:

  • Verify the filter string exactly matches part of the API URL
  • Try the built-in Fetch/XHR filter instead of text filtering
  • Clear all filters to check if requests appear at all
  • Ensure your browser isn’t blocking certain requests

Authentication errors

If calls return HTTP 401 or similar errors:

  • Verify your Tallyfy session is active
  • Check that your API token is valid and properly formatted
  • Ensure all required headers are included in your requests
  • Confirm your user account has permission for the requested action

CORS or preflight issues

For cross-origin implementation challenges:

  • Note any CORS preflight (OPTIONS) requests
  • Check response headers for CORS permissions
  • Understand allowed origins and methods

Security considerations

When working with API calls:

  • Never share authentication tokens publicly
  • Mask sensitive data in screenshots or shared requests
  • Be aware of data access implications when replicating calls
  • Remember that all actions through the API are tracked in audit logs

Integrations > Open API

The Tallyfy REST API enables developers to build custom integrations access core platform features and automate workflows through secure authentication methods while adhering to rate limits and technical requirements for making API requests.

Open Api > Integrate with Tallyfy using the API

The Tallyfy REST API enables workflow integration through user-based or application-based authentication methods while supporting multi-organization contexts and providing webhooks for event-driven functionality.

Open Api > API code samples

The Tallyfy REST API documentation provides code samples across multiple programming languages for integrating with the platform using proper authentication headers and base URL endpoints.

Miscellaneous > Troubleshooting

A comprehensive guide detailing various troubleshooting methods browser-specific solutions rate limits and cache management techniques to resolve common Tallyfy performance issues and errors.