REST Endpoints

77 Endpoints · OpenAPI JSON

Alle Endpunkte außer POST /v1/auth/login, /forgot-password und /setup-password erfordern Authorization: Bearer <API-Key oder Session-Token>. Fehlercodes: 400 Validierung · 401 Nicht authentifiziert · 403 Kein Scope · 404 Nicht gefunden · 409 Konflikt

Auth

POST /v1/auth/forgot-password

POST /v1/auth/forgot-password

Body — email

Response — ok

POST /v1/auth/login

POST /v1/auth/login

Body — email, password

Response — token, user (id, email, role), tenant (id, company_name)

POST /v1/auth/logout

POST /v1/auth/logout

Body — kein Body

Response — ok

GET /v1/auth/me

GET /v1/auth/me

Response — user (id, email, role), tenant

POST /v1/auth/setup-password

POST /v1/auth/setup-password

Body — token, password

Response — ok

POST /v1/auth/verify-token

POST /v1/auth/verify-token

Response — 200/201 mit aktualisiertem Zustand oder Ergebnisobjekt.

Journal

POST /v1/bookings

POST /v1/bookings

Body — booking_date, description, lines[], optional skip_duplicate_check

Response — intent_id, event_count

POST /v1/bookings/with-document

POST /v1/bookings/with-document

Body — multipart: file, booking_date, description, lines (JSON), optional intent_category, skip_duplicate_check

Response — intent_id, event_count, document_id

GET /v1/documents/:id/file

GET /v1/documents/:id/file

Response — Datei-Stream (Originaldokument)

GET /v1/journal

GET /v1/journal

Query — account, startDate, endDate, search, limit

Response — entries[]

GET /v1/journal/:intent_id

GET /v1/journal/:intent_id

Response — intent_id, entries[], summary, linked_intents

POST /v1/journal/reverse

POST /v1/journal/reverse

Body — intent_id, optional reason

Response — reversal_intent_id, original_intent_id, event_count

GET /v1/review-queue

GET /v1/review-queue

Query — status (pending|confirmed|overridden|all)

Response — items[]

DELETE /v1/review-queue/:id

DELETE /v1/review-queue/:id

Response — Lösch-/Storno-Ergebnis (ok, reversed, …)

GET /v1/review-queue/:id

GET /v1/review-queue/:id

Response — Review-Item inkl. Rechnungs-/Dokumentdetails

POST /v1/review-queue/:id/adjust

POST /v1/review-queue/:id/adjust

Body — instruction

Response — booking_draft (angepasst)

POST /v1/review-queue/:id/confirm

POST /v1/review-queue/:id/confirm

Body — optional skip_duplicate_check

Response — status, intent_id, event_count

PATCH /v1/review-queue/:id/draft

PATCH /v1/review-queue/:id/draft

Body — lou_suggestion (voller Draft)

Response — lou_suggestion (normalisiert)

POST /v1/review-queue/:id/override

POST /v1/review-queue/:id/override

Body — booking_draft

Response — status, intent_id, event_count

GET /v1/review-queue/count

GET /v1/review-queue/count

Response — count

GET /v1/review-queue/next

GET /v1/review-queue/next

Query — after_id

Response — nächstes Review-Item

Bank

GET /v1/bank-accounts

GET /v1/bank-accounts

Response — accounts[]

POST /v1/bank-accounts

POST /v1/bank-accounts

Body — name, iban, optional bic, account_number

Response — angelegtes Bankkonto

GET /v1/bank-accounts/:id

GET /v1/bank-accounts/:id

Response — Bankkonto-Detail

PUT /v1/bank-accounts/:id

PUT /v1/bank-accounts/:id

Body — Teilupdate Bankkonto

Response — aktualisiertes Bankkonto

GET /v1/bank-accounts/:id/reconciliation

GET /v1/bank-accounts/:id/reconciliation

Query — from, to, limit

Response — Abstimmstatus + Kennzahlen

POST /v1/bank-accounts/:id/upload

POST /v1/bank-accounts/:id/upload

Body — multipart mit Kontoauszugsdatei (csv/xml/camt)

Response — Import-Resultat (imported, skipped, …)

GET /v1/bank-transactions

GET /v1/bank-transactions

Query — bank_account_id, from, to, status, search, limit, offset

Response — transactions[]

POST /v1/bank-transactions

POST /v1/bank-transactions

Body — bank_account_id, transactions[]

Response — Import-Resultat

GET /v1/bank-transactions/:id

GET /v1/bank-transactions/:id

Response — Transaktions-Detail

GET /v1/bank-transactions/:id/evidence

GET /v1/bank-transactions/:id/evidence

Response — Evidence-Daten (evidence_type, document_id, note, …)

PUT /v1/bank-transactions/:id/evidence

PUT /v1/bank-transactions/:id/evidence

Body — evidence_type, optional document_id, title, note

Response — gespeicherte Evidence

POST /v1/bank-transactions/:id/reconcile

POST /v1/bank-transactions/:id/reconcile

Body — intent_id oder Matching-Kandidat

Response — ok, mode, intent_id

POST /v1/bank-transactions/:id/unmatch

POST /v1/bank-transactions/:id/unmatch

Response — ok, ggf. reopened/reversal-Infos

POST /v1/bank-transactions/batch-reconcile

POST /v1/bank-transactions/batch-reconcile

Body — pairs[] (bank_transaction_id + target)

Response — Batch-Resultat (matched, skipped, errors)

POST /v1/bank-transactions/import-file

POST /v1/bank-transactions/import-file

Body — multipart Dateiimport (csv/xml/camt)

Response — Import-Resultat

GET /v1/bank-transactions/suggestions

GET /v1/bank-transactions/suggestions

Query — bank_account_id, limit, optional Zeitraum

Response — suggestions[]

Debitoren

GET /v1/debtors

GET /v1/debtors

Response — Liste aus id, name, address, vat_id, …

POST /v1/debtors

POST /v1/debtors

Body — name, address, optional vat_id, email

Response — angelegter Debitor

GET /v1/debtors/:id

GET /v1/debtors/:id

Response — 200 mit Detailobjekt; 404, falls nicht vorhanden.

PATCH /v1/debtors/:id

PATCH /v1/debtors/:id

Body — Teilupdate Debitor-Stammdaten

Response — aktualisierter Debitor

GET /v1/sales-invoices

GET /v1/sales-invoices

Query — debtor_id, status, from, to, limit

Response — invoices[]

POST /v1/sales-invoices

POST /v1/sales-invoices

Body — debtor_id, invoice_date, due_date, line_items[]

Response — invoice_id, booking_intent_id, document_id

GET /v1/sales-invoices/:id

GET /v1/sales-invoices/:id

Response — 200 mit Detailobjekt; 404, falls nicht vorhanden.

POST /v1/sales-invoices/:id/cancel

POST /v1/sales-invoices/:id/cancel

Response — ok, reversal_intent_id

GET /v1/sales-invoices/:id/pdf

GET /v1/sales-invoices/:id/pdf

Response — PDF-Datei-Stream

GET /v1/sales-invoices/:id/zugferd

GET /v1/sales-invoices/:id/zugferd

Response — ZUGFeRD XML-Datei-Stream

GET /v1/sales-invoices/open-items

GET /v1/sales-invoices/open-items

Query — debtor_id, optional Zeitraum

Response — open_items[] mit Betrag und Fälligkeit

Perioden

GET /v1/closing/tasks

GET /v1/closing/tasks

Response — 200 mit Listen-/Übersichtsobjekt.

POST /v1/closing/tasks

POST /v1/closing/tasks

Response — 200/201 mit aktualisiertem Zustand oder Ergebnisobjekt.

PATCH /v1/closing/tasks/:id

PATCH /v1/closing/tasks/:id

Response — 200/201 mit aktualisiertem Zustand oder Ergebnisobjekt.

GET /v1/periods

GET /v1/periods

Response — periods[] mit status und Buchungsanzahl

POST /v1/periods/:period/lock

POST /v1/periods/:period/lock

Response — ok, aktualisierte Periode

POST /v1/periods/:period/reopen

POST /v1/periods/:period/reopen

Response — ok, aktualisierte Periode

POST /v1/periods/:period/soft-lock

POST /v1/periods/:period/soft-lock

Response — ok, aktualisierte Periode

POST /v1/periods/:year/create-adjustment

POST /v1/periods/:year/create-adjustment

Response — 200/201 mit aktualisiertem Zustand oder Ergebnisobjekt.

Auswertungen

GET /v1/reports

GET /v1/reports

Query — type (susa|guv|bilanz|trial_balance), optional Zeitraum

Response — Report-Objekt je Typ

GET /v1/reports/datev-export

GET /v1/reports/datev-export

Query — Zeitraum-/Filterparameter

Response — Export-Datei oder Export-Payload

Config

GET /v1/api-keys

GET /v1/api-keys

Response — Liste aus id, label, scopes, key_prefix, created_at, last_used_at, call_count

POST /v1/api-keys

POST /v1/api-keys

Body — label, role, scopes[]

Response — Key-Metadaten + einmalig raw_key

DELETE /v1/api-keys/:id

DELETE /v1/api-keys/:id

Response — ok

GET /v1/oauth/apps

GET /v1/oauth/apps

Response — 200 mit Listen-/Übersichtsobjekt.

DELETE /v1/oauth/apps/:clientId

DELETE /v1/oauth/apps/:clientId

Response — 200 { ok: true } bei Erfolg.

GET /v1/oauth/clients

GET /v1/oauth/clients

Response — 200 mit Listen-/Übersichtsobjekt.

PUT /v1/oauth/clients/:clientId

PUT /v1/oauth/clients/:clientId

Response — 200/201 mit aktualisiertem Zustand oder Ergebnisobjekt.

GET /v1/tenant

GET /v1/tenant

Response — Tenant-Stammdaten (id, company_name, tax_id, …)

PATCH /v1/tenant

PATCH /v1/tenant

Body — Teilupdate von Tenant-Stammdaten

Response — aktualisierter Tenant

GET /v1/users

GET /v1/users

Response — Liste aus id, email, role, invited_at, last_login

DELETE /v1/users/:id

DELETE /v1/users/:id

Response — ok

PATCH /v1/users/:id

PATCH /v1/users/:id

Response — 200/201 mit aktualisiertem Zustand oder Ergebnisobjekt.

POST /v1/users/invite

POST /v1/users/invite

Body — email, role

Response — ok, invite_token

Kontenplan

GET /v1/accounts

GET /v1/accounts

Query — q, category, limit

Response — Liste von Konten (number, name, category, …)

POST /v1/accounts

POST /v1/accounts

Body — number, name, optional type, category

Response — angelegtes Konto

GET /v1/accounts/:number/entries

GET /v1/accounts/:number/entries

Query — startDate, endDate, limit

Response — entries[], balance

GET /v1/accounts/search

GET /v1/accounts/search

Query — q, optional limit

Response — Trefferliste (number, name)

Weitere Endpunkte

GET /v1/admin/tenants

GET /v1/admin/tenants

Response — 200 mit Listen-/Übersichtsobjekt.

DELETE /v1/admin/tenants/:id

DELETE /v1/admin/tenants/:id

Response — 200 { ok: true } bei Erfolg.