Skip to main content


The VOLO API provides a programmatic way for integrators to interact with the back-end of the system. Everything that can be done through the VOLO website is also accessible through the API, so there is a lot of potential for third party integrations.


Please carefully read the Terms & Conditions before using the API.

Security & Authentication

The communication with every endpoint is established via HTTPS and encrypted with a 2048 bit key.

There are two levels of authentication in our system, Application authentication and User Authentication.

The application authentication level allows us to monitor and manage the applications that are interacting with our system, thus allowing us to understand how our API is being used and also to prevent abusive behaviour.

The user authentication is to assure that the level of access that a user has in the API is exactly the same as if he was using our website for the Managed Access Control System.

A full description on how to sign requests can be found here.

Rate Limit

Each registered application can have, by default, 10 simultaneous connections to our system. This number can be changed according to your application requirements. The number of connections is sent as part of the response of the register application endpoint.

Furthermore, some endpoints have another level of rate restriction, ensuring that you can only perform a limited number of requests per minute.

If you exceed the rate limit of your application or the endpoint, you will receive a 503 Service Unavailable. If you try to circumvent the rate limit imposed to your application, your API usage may be suspended. Please read the Terms and Conditions for further detail.