apideck-libraries/cascade-hr
providers/claude/plugin/skills/cascade-hr/SKILL.md
IRIS Cascade HR integration via Apideck's HRIS unified API — same methods work across every connector in HRIS, switch by changing `serviceId`. Use when the user wants to read or sync employees, departments, payrolls, and time-off records in IRIS Cascade HR. Routes through Apideck with serviceId "cascade-hr".
$ install --global
skillsauthnpx skillsauth add apideck-libraries/api-skills cascade-hrInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 27, 2026, 4:21 AM68.7s2 files scanned
SKILL.md
- name:
- cascade-hr
- description:
- |
- license:
- Apache-2.0
- alwaysApply:
- false
- author:
- apideck
- version:
- 1.0.0
- serviceId:
- cascade-hr
- unifiedApis:
- ["hris"]
- authType:
- oauth2
- tier:
- 2
- verified:
- true
IRIS Cascade HR (via Apideck)
Access IRIS Cascade HR through Apideck's HRIS unified API — one of 58 HRIS connectors that share the same method surface. Code you write here ports to BambooHR, Workday, Deel and 54 other HRIS connectors by changing a single serviceId string. Apideck handles auth, pagination, rate limiting, and retries so you don't write per-tenant IRIS Cascade HR plumbing.
Quick facts
- Apideck serviceId:
cascade-hr - Unified API: HRIS
- Auth type: oauth2
- Gotchas: page
- IRIS Cascade HR docs: https://www.iris.co.uk
- Homepage: https://www.iris.co.uk/products/iris-cascade-b/
When to use this skill
Activate this skill when the user explicitly wants to work with IRIS Cascade HR — for example, "sync employees in IRIS Cascade HR" or "list time-off requests in IRIS Cascade HR". This skill teaches the agent:
- Which Apideck unified API covers IRIS Cascade HR (HRIS)
- The correct
serviceIdto pass on every call (cascade-hr) - IRIS Cascade HR-specific auth and coverage caveats
For the full method surface (parameters, pagination, filtering), use your language SDK skill:
apideck-node,apideck-python,apideck-dotnet,apideck-java,apideck-go,apideck-php, orapideck-rest
For the raw OpenAPI spec:
- HRIS: https://specs.apideck.com/hris.yml · API Explorer
Minimal example (TypeScript)
import { Apideck } from "@apideck/unify";
const apideck = new Apideck({
apiKey: process.env.APIDECK_API_KEY,
appId: process.env.APIDECK_APP_ID,
consumerId: "your-consumer-id",
});
// List employees in IRIS Cascade HR
const { data } = await apideck.hris.employees.list({
serviceId: "cascade-hr",
});
Portable across 58 HRIS connectors
The Apideck HRIS unified API exposes the same methods for every connector in its catalog. Switching from IRIS Cascade HR to another HRIS connector is a one-string change — no rewrite, no new SDK.
// Today — IRIS Cascade HR
await apideck.hris.employees.list({ serviceId: "cascade-hr" });
// Tomorrow — same code, different connector
await apideck.hris.employees.list({ serviceId: "bamboohr" });
await apideck.hris.employees.list({ serviceId: "workday" });
This is the compounding advantage of using Apideck over integrating IRIS Cascade HR directly: code against the unified HRIS API once, gain access to every connector in it. New connectors Apideck adds become available to your app without code changes.
Authentication
- Type: OAuth 2.0
- Managed by: Apideck Vault — Apideck handles the full OAuth dance (authorization code flow, token exchange, refresh). Never ask the user for API keys or tokens directly.
- User setup: Users authorize via the Vault modal. Connection state progresses
available → added → authorized → callable. - Token refresh: automatic. Expired tokens are refreshed transparently on the next API call.
See apideck-best-practices for Vault setup, connection lifecycle, and handling re-auth flows.
Verifying coverage
Not every HRIS operation is supported by every connector. Always verify before assuming a method works:
curl 'https://unify.apideck.com/connector/connectors/cascade-hr' \
-H "Authorization: Bearer ${APIDECK_API_KEY}" \
-H "x-apideck-app-id: ${APIDECK_APP_ID}"
See apideck-connector-coverage for patterns around UnsupportedOperationError and connector-specific fallbacks.
Escape hatch: Proxy API
When an endpoint isn't covered by the HRIS unified API, use Apideck's Proxy to call IRIS Cascade HR directly — Apideck injects auth headers and handles token refresh. Set x-apideck-downstream-url to the target endpoint on IRIS Cascade HR's own API:
curl 'https://unify.apideck.com/proxy' \
-H "Authorization: Bearer ${APIDECK_API_KEY}" \
-H "x-apideck-app-id: ${APIDECK_APP_ID}" \
-H "x-apideck-consumer-id: ${CONSUMER_ID}" \
-H "x-apideck-service-id: cascade-hr" \
-H "x-apideck-downstream-url: <target endpoint on IRIS Cascade HR>" \
-H "x-apideck-downstream-method: GET"
See IRIS Cascade HR's API docs for available endpoints.
Sibling connectors
Other HRIS connectors that share this unified API surface (same method signatures, just change serviceId):
bamboohr, workday, deel (beta), hibob, personio, adp-ihcm (beta), adp-workforce-now (beta), paychex (beta), and 49 more.
See also
- HRIS OpenAPI spec · API Explorer
apideck-connector-coverage— programmatic coverage checksapideck-best-practices— architecture, Vault, pagination, error handlingapideck-node— TypeScript / Node SDK patterns- IRIS Cascade HR official docs
Related Skills
apideck-libraries/jira-teams
development
VerifiedTrustedCommunity
Jira Teams via Apideck's Proxy API + managed Vault auth — Apideck handles auth and proxies HTTP calls to Jira Teams's native API. Use when the user wants to call Jira Teams (no unified API resource mapping). Routes through Apideck with serviceId "jira-teams".
2SKILL.mdUpdated Apr 27, 2026
apideck-libraries/jira-service-desk
development
VerifiedTrustedCommunity
Jira Service Desk via Apideck's Proxy API + managed Vault auth — Apideck handles auth and proxies HTTP calls to Jira Service Desk's native API. Use when the user wants to call Jira Service Desk (no unified API resource mapping). Routes through Apideck with serviceId "jira-service-desk".
2SKILL.mdUpdated Apr 27, 2026
apideck-libraries/jira-data-center
development
VerifiedTrustedCommunity
Jira Data Center via Apideck's Proxy API + managed Vault auth — Apideck handles auth and proxies HTTP calls to Jira Data Center's native API. Use when the user wants to call Jira Data Center (no unified API resource mapping). Routes through Apideck with serviceId "jira-data-center".
2SKILL.mdUpdated Apr 27, 2026
apideck-libraries/jetbrains-youtrack
development
VerifiedTrustedCommunity
JetBrains YouTrack via Apideck's Proxy API + managed Vault auth — Apideck handles auth and proxies HTTP calls to JetBrains YouTrack's native API. Use when the user wants to call JetBrains YouTrack (no unified API resource mapping). Routes through Apideck with serviceId "jetbrains-youtrack".
2SKILL.mdUpdated Apr 27, 2026