Skip to content

Hypatos REST API (2.51.0)

Introduction

The Hypatos API is organized around REST. The majority of the endpoints provide CRUD functionality for resources. The API is also exposing Intent Resources which mimic user intents or actions.

The Hypatos API uses OAuth 2.0 Client Credential Grant to authenticate requests. Before making any requests to any endpoint a client must authenticate with the authorization server and requests an access token from the token endpoint.

  POST /auth/token HTTP/1.1
  Host: api.cloud.hypatos.ai
  Content-Type: application/x-www-form-urlencoded
  Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=

  grant_type=client_credentials

Authorization header contains client_id:client_secret encoded as explained in RFC Client Password section.

If the authorization server authenticated the client successfully, an access token is issued. Here is an example successful response:

  HTTP/1.1 200 OK
  Content-Type: application/json;charset=UTF-8
  Cache-Control: no-store
  Pragma: no-cache

  {
    "access_token": "mF_9.B5f-4.1JqM",
    "expires_in": 86400,
    "scope": "enrichment.write files.read",
    "token_type": "Bearer",
  }

This token can be used to authenticate the requests to API endpoints by sending a Bearer token in the Authorization HTTP header. The following example demonstrates how to use the access token to retrieve a list of documents.

  GET /v2/documents HTTP/1.1
  Host: api.cloud.hypatos.ai
  Authorization: Bearer mF_9.B5f-4.1JqM

Versioning

Changes to this API are released regularly. We use Semantic Versioning 2.0.0 scheme for versioning so that the clients can identify any backward-incompatible changes easily. Briefly summarized one can say, if the MAJOR version of the new API version didn't change you can expect the new version to be backward-compatible.

Rate limits

In order to maximise the stability of our API, we institue rate limits for all of API endpoints. Clients who send too many requests over a given period of time will see error responses that show up as status code 429 Too Many Requests.

When you see error responses with status code 429, it means you exhausted your current quota and need to withhold from sending further requests until the quota is reset. We encourage you not to wait until you get a 429 error but to monitor your quota in each request. In each response you receive from the API, you will find HTTP headers providing the details about your current quota. Here is the list of the HTTP headers:

  • x-ratelimit-limit: Indicates the quota associated to the client in the current time-window followed by the description of the quota policy.
  • x-ratelimit-remaining: Indicates the number of remaining requests in the current time-window
  • x-ratelimit-reset: Indicates the number of seconds until quota reset of the current time-window

Please note that IETF is currently in the process of publishing a standard for these headers. Please explore the draft for more details.

A basic technique to gracefully handle rate limits is watch for your quota permanently and increase the time between your request as the quota is decreasing. To recover from a 429 error you need a retry mechanism following an exponential backoff schedule.

Download OpenAPI description
openapi.json
openapi.yaml
Overview
License
Apache 2.0
Languages
Servers
API EU
https://api.cloud.hypatos.ai/v2
API US
https://api.cloud.hypatos.com/v2
Mock server
https://hypatos.redocly.app/_mock/openapi

Authorization

Endpoints for handling the OAuth 2.0 Client Credentials Grant flow.

Operations

Files

Endpoints for management of files

Operations

Documents

Endpoints for document management

Operations

Enrichment

Endpoints for data enrichment

Operations

Companies

Endpoints for company management

Operations

Retrieve a company by id

Request

Security
OAuth2(Required scopes:
companies.read
)
Path
idstring(CompaniesId)required

Id of the company to retrieve

Example: 63e6663823b4c1f5287398bb
curl -i -X GET \
  https://api.cloud.hypatos.ai/v2/companies/63e6663823b4c1f5287398bb \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Successful Response

Bodyapplication/json
namestring(Companies display name)required
Example: "Companies Name Inc."
idstring(Companies identifier)required
Example: "63e6663823b4c1f5287398bb"
activeboolean(Companies activity flag)required
Example: true
createdAtstring(Companies creation date)required
Example: "1990-12-31T15:46:19.384990Z"
Response
application/json
{
  "name": "Companies Name Inc.",
  "id": "63e6663823b4c1f5287398bb",
  "active": true,
  "createdAt": "1990-12-31T15:46:19.384990Z"
}

Retrieve a list of companies

Request

Note: For now pagination is not implemented

Security
OAuth2(Required scopes:
companies.read
)
curl -i -X GET \
  https://api.cloud.hypatos.ai/v2/companies \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Successful Response

Bodyapplication/json
dataArray of objects(Companies list)required
data[].​namestring(Companies display name)required
Example: "Companies Name Inc."
data[].​idstring(Companies identifier)required
Example: "63e6663823b4c1f5287398bb"
data[].​activeboolean(Companies activity flag)required
Example: true
data[].​createdAtstring(Companies creation date)required
Example: "1990-12-31T15:46:19.384990Z"
limitinteger(The limit used for this page of results. This will be the same as the limit query parameter unless it exceeds the maximal allowed value.)required
Example: 20
offsetinteger(The offset used for this page of results. This will be the same as the offset query parameter.)required
Example: 0
totalCountinteger(The total number of elements of the data attribute.)required
Example: 1000
Response
application/json
{
  "data": [
    { … }
  ],
  "limit": 20,
  "offset": 0,
  "totalCount": 1000
}

Projects

Endpoints for project management

Operations

E-Invoices

Endpoints for e-invoices

Operations

Documents XML

Endpoints serving project-scoped documents as XML

Operations

Emails

Operations

Document Routing

Operations

Users

Operations