Use the API from Zapier

E1 does not publish a Zapier app for the External API. You can still use the API from a Zap by combining two Zapier built-ins:

• Webhooks by Zapier — for the OAuth2 token request and the API call itself.
• Storage by Zapier — to cache the bearer token between runs so you’re not requesting a new one on every trigger.

This guide assumes you already have a client_id, client_secret, and a companyId from E1. If not, contact support@estimateone.com.

Caution

Treat your client_secret as a password. Paste it directly into Zapier action steps so it’s stored encrypted at rest — don’t put it in step inputs you might accidentally pipe into a downstream service. See Security — Credential handling.

Architecture overview

A typical Zap looks like this:

1. Trigger — Schedule by Zapier (daily, hourly), or any trigger that should fan out to fetch fresh data.
2. Storage by Zapier — Get Value — read the cached bearer token, if any.
3. Filter / Paths — branch based on whether the cached token exists and is fresh.
4. Webhooks by Zapier — POST (token endpoint) — request a new token if needed.
5. Storage by Zapier — Set Value — cache the new token.
6. Webhooks by Zapier — GET (Supplier API) — call the API with the token.
7. Your destination action — write the matched projects into your CRM, sheet, Slack channel, etc.

A simpler “no caching” variant just chains step 4 → step 6 every run. That works fine for low-frequency Zaps (daily) but burns a token on every trigger.

Step-by-step: simple variant (no caching)

Use this if your Zap runs no more than a few times per hour.

1. Trigger

Pick whichever trigger fits — Schedule by Zapier with a daily or hourly schedule is the most common.

2. Webhooks by Zapier — POST (token request)

Add a Webhooks by Zapier action, choose POST, and configure:

Field	Value
URL	https://auth.api.estimateone.com/oauth2/token
Payload Type	Form
Data	grant_type = client_credentials
	client_id = your client_id
	client_secret = your client_secret
	scope = speci-finder/read
Headers	(none required — Content-Type is set by Zapier when Payload Type = Form)

Test the action. The response should include access_token, token_type, and expires_in. Note the field path — typically 1. Access Token in Zapier’s variable picker.

3. Webhooks by Zapier — GET (Supplier API)

Add another Webhooks by Zapier action, choose GET, and configure:

Field	Value
URL	https://api.estimateone.com/api/supplier/v1/companies/{companyId}/speci-finder/results (replace {companyId} with your actual ID)
Headers	Authorization = Bearer + the access token from the previous step
	x-e1-client-id = your client_id

Test the action. You should see a data array of matched projects.

4. Use the data

Add your destination action — Google Sheets, HubSpot, Slack, or whatever. Map fields from data[] into your destination.

To iterate over matched projects, use a Looping by Zapier step between the API call and the destination action.

Step-by-step: cached-token variant

Add this if your Zap fires more frequently and you want to amortise the token request across runs. Tokens are valid for one hour, so caching makes sense for Zaps running every few minutes.

Storage value names to use

Name	Purpose
e1_token	The cached access_token.
e1_token_expires_at	Unix epoch seconds when the cached token will expire.

Step shape

1. Storage by Zapier — Get Value for e1_token and e1_token_expires_at.
2. Filter by Zapier with two ORed paths:
   • Path A — token is valid: e1_token_expires_at is greater than current time + 60.
   • Path B — token is missing or near expiry: do the token request, then set the new values into Storage.
3. Webhooks by Zapier — GET as in the simple variant, using the (now-fresh) token.

Computing the expiry: when you store e1_token, also compute now + expires_in - 60 and store it as e1_token_expires_at. Use a Formatter by Zapier — Numbers step to add the values.

Handling errors

The API returns standard HTTP status codes (see Errors):

• 200 OK with data: [] — succeeded but nothing matched. Common; not an error. Add a Filter step downstream so the Zap doesn’t continue when there’s nothing to write.
• 401 Unauthorised — token expired or invalid. If you cached the token, the cache is stale; clear e1_token from Storage and let the next run re-issue.
• 429 Too Many Requests — you’ve blown the rate limit (100 req per 5 min). Slow your trigger cadence; see Rate limits.
• 5xx — Zapier will surface as a step failure. Zaps automatically retry transient failures; persistent ones land in your “Zap History” for inspection.

Polling cadence

Daily or hourly is the right cadence for most Supplier API integrations — keywords change infrequently, and matches don’t need sub-minute refresh. Anything faster is over-engineering. See Data freshness — Recommended polling cadence.

What you can’t do from Zapier

• Webhooks from E1. The API is pull-based; there’s no event source you can subscribe to. Trigger your Zap on a schedule.
• Multiple users from a single credential. A Supplier API credential is bound to one assigned user. To fan out across users, request one credential per user from E1 and run one Zap per credential. See Authorization — The assigned user.