BasisBasis
Developer

REST API

Basis exposes a full REST API for integration, automation, and building custom frontends. All data available in the UI is also available through the API.

Swagger UI screenshot
Interactive Swagger UI at /swagger when running Basis API

Swagger / OpenAPI

The interactive API documentation is available at /swagger on your Basis server. It lists every endpoint with request/response schemas and a Try it out button.

https://your-basis-server/swagger

Authentication

All API calls (except POST /auth/login) require a JWT Bearer token in the Authorization header.

Get a token

POST /auth/login
Content-Type: application/json

{
  "email": "admin@yourco.com",
  "password": "your-password"
}

Response:

{
  "token": "eyJhbGciOiJIUzI1NiIs...",
  "expiresAt": "2026-04-08T10:00:00Z"
}

Use the token

GET /sales-invoices
Authorization: Bearer eyJhbGciOiJIUzI1NiIs...
X-Business-Id: {businessId}

The X-Business-Id header identifies which company's data to operate on. You can find business IDs from GET /businesses.

Key endpoint groups

GroupBase path
Auth/auth
Businesses/businesses
Chart of Accounts/accounts
Parties (Customers/Suppliers)/parties
Items/items
Sales Invoices/sales-invoices
Credit Notes/credit-notes
Purchase Invoices/purchase-invoices
Debit Notes/debit-notes
Payments/payments
Receipts/receipts
Journal Entries/journals
Contra Entries/contra-entries
Sales Orders/sales-orders
Purchase Orders/purchase-orders
Delivery Notes/delivery-notes
Receipt Notes/receipt-notes
Reports/reports/pl, /reports/bs, /reports/ar-aging …
Users & Permissions/users, /permissions

Pagination

List endpoints accept page and pageSize query parameters. Default page size is 50.

GET /sales-invoices?page=2&pageSize=25

Responses include a pagination object with totalCount, totalPages, currentPage.

Error responses

Errors follow a consistent format:

{
  "status": 400,
  "title": "Validation failed",
  "errors": {
    "date": ["The Date field is required."],
    "lines": ["At least one line is required."]
  }
}
The token expiry is controlled by JwtSettings:ExpirationMinutes in appsettings.Custom.json. Default is 60 minutes. For long-running integrations, implement token refresh by re-calling POST /auth/login before expiry.