Integrations Deep Dive

The technical contract.

For solution architects, IT, and integration engineers evaluating fit. Webhook payloads, OAuth scopes, sync intervals, conflict-resolution semantics, retry policies — and the failure modes we've actually hit.

Browse the API Integration marketplace

Per-integration

4 most-used integrations, deep-dive

Procore

Authentication

OAuth 2.0 with org-level + project-level scopes. Refresh-token rotation every 12h.

Sync model

Bi-directional event-driven via webhooks + 4h fallback poll. OmniTakeoff is source-of-truth for takeoff data; Procore is source-of-truth for project metadata + RFIs.

Conflict resolution

Last-writer-wins on metadata. Hard conflict on quantities (e.g., user edits same line in both systems within sync window) → flagged in /audit and surfaced to project owner. Never silently overwrite.

Webhook events / API surface

project.created → OmniTakeoff project + bid scaffold
rfi.created → OmniTakeoff RFI tracker entry
submittal.created → spec-link backref
drawing.published → re-take-off prompt + diff against prior

Rate limits + throttling

Procore: 1000 req/hr per token (we self-throttle to 600). OmniTakeoff outbound: 60 req/min per integration with token-bucket smoothing.

Failure modes we've hit + handle

Procore token refresh failure — surfaced in admin dashboard with 'reconnect' CTA after 1 silent retry
Webhook delivery delayed >2h — falls back to next 4h poll, no data loss but staleness visible in UI
Schema drift on Procore API — we pin to a stable API version + announce 30-day migration windows

Sage Intacct

Authentication

OAuth 2.0 with company-level scope. SOC 2 audit-trail entry on every sync.

Sync model

Bi-directional. Awarded bids flow OmniTakeoff → Intacct as projects + budgets. Project-level cost actuals flow Intacct → OmniTakeoff for retrospective accuracy analysis.

Conflict resolution

Sage is source-of-truth for accounting data; OmniTakeoff is source-of-truth for bid + estimate data. Conflicts resolved by data type. Manual override available for COA mapping disagreements.

Webhook events / API surface

Intacct doesn't natively webhook — we poll on a 15-min interval with delta sync
vendor.updated → vendor-database sync to OmniTakeoff
project.archived → marks OmniTakeoff project read-only
invoice.posted → AR view in OmniTakeoff project history

Rate limits + throttling

Intacct: 250 req/min per token. We use cursor-based pagination with delta tokens to minimize bandwidth.

Failure modes we've hit + handle

COA mapping drift — periodic CSM-led reconciliation with surfaced 'unmapped accounts' UI
Multi-entity Intacct setups — supported on Enterprise; requires per-entity mapping config
Billing-currency mismatch (rare) — flagged at project creation, requires manual resolution

Autodesk Construction Cloud (ACC)

Authentication

OAuth 2.0 with project-level + account-level scopes. ACC service-account model.

Sync model

Project drawings + spec PDFs sync from ACC to OmniTakeoff at takeoff start. Final bid + proposal documents flow back to ACC files folder. Bi-directional but explicitly time-windowed (not continuous).

Conflict resolution

ACC is source-of-truth for drawings + specs. OmniTakeoff produces derivative artifacts (takeoff lines, proposal docs) that flow back. Customer policy controls whether drawings are sync'd back from OmniTakeoff (default: no).

Webhook events / API surface

ACC supports webhook-style events via Forge — we subscribe to drawing.published + folder.updated
project.created via the Build Project Admin API
issue.created → linked to OmniTakeoff RFI tracker

Rate limits + throttling

Autodesk Forge API: per-token + per-app limits. We're under standard developer quota; ask CSM for enterprise-quota provisioning if needed.

Failure modes we've hit + handle

Large model imports (>500MB IFC) hit Forge processing time limits; we chunk + parallelize
Project-permission propagation is slow (Forge ~ 5 min) — surfaced as 'project syncing' UI state
RVT 2020/2021 customers must export to IFC for import; the importer auto-detects and prompts

Open REST API + Webhooks

Authentication

API keys (Pro), OAuth 2.0 with PKCE (Enterprise). HMAC-signed webhook payloads.

Sync model

Customer or partner controls. Documented at /api with OpenAPI 3.1 spec. Push events (webhooks) for state changes; polling endpoints for bulk sync.

Conflict resolution

Customer-defined. We provide ETag + If-Match semantics on update endpoints to enable optimistic concurrency. 409 Conflict on stale write.

Webhook events / API surface

bid.lifecycle_status_changed
takeoff.completed
review_queue.flagged_line_added
audit_log.entry_created
vendor.response_submitted
user.role_changed

Rate limits + throttling

120 req/min per API key on Pro; 600 req/min on Enterprise. Bulk endpoints have separate higher quota with explicit pagination.

Failure modes we've hit + handle

API-key rotation — 90-day grace period before old keys expire; rotation instructions in /docs
Webhook delivery failure — exponential backoff retry up to 24h, then dead-letter to admin email
Schema-breaking changes — never within a major version; v1 → v2 transitions get a 12-month overlap window

Cross-cutting

Patterns that apply across all integrations

Idempotency keys everywhere

Every state-changing API endpoint accepts an Idempotency-Key header. Replay-safe by default. Useful for outage recovery + customer-side retry logic.

Audit log captures every sync event

Inbound and outbound integration calls emit immutable audit log entries. Customer can browse the audit log via the /audit endpoint with full export on Enterprise.

PII redaction at the boundary

Drawings + bid metadata pass through a PII redaction layer before any third-party API call (LLM providers, OCR services). Customer-controlled allow-list per integration.

Architecture conversation?

Solution-architect time is bundled with Enterprise.

Customers on Enterprise plans get up to 10 hours of solution-architect time per quarter. Use it for integration architecture review, custom-API design, security-questionnaire walkthroughs, or migration planning.

Email integrations@API & Developer Hub