Query Paylocity Data Using the OData SDK for PHP

The CData API Server, when paired with the ADO.NET Provider for Paylocity, exposes Paylocity data (or data from any of 200+ other ADO.NET Providers) as Web services. You can follow the procedure below to work with Paylocity data as PHP objects.

Set Up the API Server

Follow the steps below to begin producing secure Paylocity OData services:

Deploy

The API Server runs on your own server. On Windows, you can deploy using the stand-alone server or IIS. On a Java servlet container, drop in the API Server WAR file. See the help documentation for more information and how-tos.

The API Server is also easy to deploy on Microsoft Azure, Amazon EC2, and Heroku.

Connect to Paylocity

After you deploy the API Server and the ADO.NET Provider for Paylocity, provide authentication values and other connection properties needed to connect to Paylocity by clicking Settings -> Connections and adding a new connection in the API Server administration console.

Set the following to establish a connection to Paylocity:

• RSAPublicKey: Set this to the RSA Key associated with your Paylocity, if the RSA Encryption is enabled in the Paylocity account.

  This property is required for executing Insert and Update statements, and it is not required if the feature is disabled.

• UseSandbox: Set to true if you are using sandbox account.
• CustomFieldsCategory: Set this to the Customfields category. This is required when IncludeCustomFields is set to true. The default value for this property is PayrollAndHR.
• Key: The AES symmetric key(base 64 encoded) encrypted with the Paylocity Public Key. It is the key used to encrypt the content.

  Paylocity will decrypt the AES key using RSA decryption.
  It is an optional property if the IV value not provided, The driver will generate a key internally.

• IV: The AES IV (base 64 encoded) used when encrypting the content. It is an optional property if the Key value not provided, The driver will generate an IV internally.

Connect Using OAuth Authentication

You must use OAuth to authenticate with Paylocity. OAuth requires the authenticating user to interact with Paylocity using the browser. For more information, refer to the OAuth section in the Help documentation.

The Pay Entry API

The Pay Entry API is completely separate from the rest of the Paylocity API. It uses a separate Client ID and Secret, and must be explicitly requested from Paylocity for access to be granted for an account. The Pay Entry API allows you to automatically submit payroll information for individual employees, and little else. Due to the extremely limited nature of what is offered by the Pay Entry API, we have elected not to give it a separate schema, but it may be enabled via the UsePayEntryAPI connection property.

Please be aware that when setting UsePayEntryAPI to true, you may only use the CreatePayEntryImportBatch & MergePayEntryImportBatchgtable stored procedures, the InputTimeEntry table, and the OAuth stored procedures. Attempts to use other features of the product will result in an error. You must also store your OAuthAccessToken separately, which often means setting a different OAuthSettingsLocation when using this connection property.

You can then choose the Paylocity entities you want to allow the API Server access to by clicking Settings -> Resources.

Additionally, configure the API Server for compatibility with the OData SDK for PHP: Click Server -> Settings and in the OData section set Default Version to 2.0.

Authorize API Server Users

After determining the OData services you want to produce, authorize users by clicking Settings -> Users. The API Server uses authtoken-based authentication and supports the major authentication schemes. You can authenticate as well as encrypt connections with SSL. Access can also be restricted based on IP address; by default, only connections from the local machine are allowed.

For simplicity, we will authenticate to the API Server by setting the authtoken in the URL. This is not enabled by default; you will need to add the following lines to the API Server configuration file, settings.cfg.

The settings.cfg file is located in the data directory. In the .NET edition, the data directory is the app_data folder under the www folder. In the Java edition, the data directory's location depends on the operation system:

• Windows: C:\ProgramData\CData\Paylocity\
• Unix or Mac OS X: ~/cdata/Paylocity/

Work with Paylocity Entities as PHP Objects

Follow the steps below to use the ODataPHP SDK to create a proxy class that will connect to the Web services exposed by the API Server.

1. Pass the URL to a command like the one below:

   php C:\PHPLib\ODataphp\PHPDataSvcUtil.php /uri=https://your-server:8032/api.rsc/@your-authtoken/ /out=C:\PHPLib\ODataphp\PaylocityEntities.php

   The preceding command defines classes from the metadata returned in the response from the OData endpoint, then outputs the class definitions to the specified folder.

   Both the API Server and the OData SDK for PHP support forms and Windows authentication. The API Server uses authtokens to authenticate users authorized to access the OData endpoint. You can supply authtokens in HTTP Basic authentication or append them to the OData URL.

   You can configure authorized users in the Settings -> Users section of the API Server administration console.

2. You can now start accessing Paylocity data using an object-oriented interface in PHP. The code below creates a record of the Employee table and then retrieves the live data, showing the newly created record.

   require_once 'PaylocityEntities.php'; try{ $svc = new CData(); $employee = new Employee(); $employee->EmployeeId = '1234'; $svc->AddToEmployee($employee); $svc->SetSaveChangesOptions(SaveChangesOptions::None); $svc->SaveChanges(); $response = $svc->employee()->Execute(); foreach($response->Result as $employee) echo $employee->FirstName."
"; } catch (Exception $e) { //catch errors from the API Server echo $e->getError(), "\n"; }