Skip to content

Hypatos REST API (2.51.0)

Introduction

The Hypatos API is organized around REST. The majority of the endpoints provide CRUD functionality for resources. The API is also exposing Intent Resources which mimic user intents or actions.

The Hypatos API uses OAuth 2.0 Client Credential Grant to authenticate requests. Before making any requests to any endpoint a client must authenticate with the authorization server and requests an access token from the token endpoint.

  POST /auth/token HTTP/1.1
  Host: api.cloud.hypatos.ai
  Content-Type: application/x-www-form-urlencoded
  Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=

  grant_type=client_credentials

Authorization header contains client_id:client_secret encoded as explained in RFC Client Password section.

If the authorization server authenticated the client successfully, an access token is issued. Here is an example successful response:

  HTTP/1.1 200 OK
  Content-Type: application/json;charset=UTF-8
  Cache-Control: no-store
  Pragma: no-cache

  {
    "access_token": "mF_9.B5f-4.1JqM",
    "expires_in": 86400,
    "scope": "enrichment.write files.read",
    "token_type": "Bearer",
  }

This token can be used to authenticate the requests to API endpoints by sending a Bearer token in the Authorization HTTP header. The following example demonstrates how to use the access token to retrieve a list of documents.

  GET /v2/documents HTTP/1.1
  Host: api.cloud.hypatos.ai
  Authorization: Bearer mF_9.B5f-4.1JqM

Versioning

Changes to this API are released regularly. We use Semantic Versioning 2.0.0 scheme for versioning so that the clients can identify any backward-incompatible changes easily. Briefly summarized one can say, if the MAJOR version of the new API version didn't change you can expect the new version to be backward-compatible.

Rate limits

In order to maximise the stability of our API, we institue rate limits for all of API endpoints. Clients who send too many requests over a given period of time will see error responses that show up as status code 429 Too Many Requests.

When you see error responses with status code 429, it means you exhausted your current quota and need to withhold from sending further requests until the quota is reset. We encourage you not to wait until you get a 429 error but to monitor your quota in each request. In each response you receive from the API, you will find HTTP headers providing the details about your current quota. Here is the list of the HTTP headers:

  • x-ratelimit-limit: Indicates the quota associated to the client in the current time-window followed by the description of the quota policy.
  • x-ratelimit-remaining: Indicates the number of remaining requests in the current time-window
  • x-ratelimit-reset: Indicates the number of seconds until quota reset of the current time-window

Please note that IETF is currently in the process of publishing a standard for these headers. Please explore the draft for more details.

A basic technique to gracefully handle rate limits is watch for your quota permanently and increase the time between your request as the quota is decreasing. To recover from a 429 error you need a retry mechanism following an exponential backoff schedule.

Download OpenAPI description
openapi.json
openapi.yaml
Overview
License
Apache 2.0
Languages
Servers
API EU
https://api.cloud.hypatos.ai/v2
API US
https://api.cloud.hypatos.com/v2
Mock server
https://hypatos.redocly.app/_mock/openapi

Authorization

Endpoints for handling the OAuth 2.0 Client Credentials Grant flow.

Operations

Files

Endpoints for management of files

Operations

Documents

Endpoints for document management

Operations

Enrichment

Endpoints for data enrichment

Operations

Companies

Endpoints for company management

Operations

Projects

Endpoints for project management

Operations

E-Invoices

Endpoints for e-invoices

Operations

Documents XML

Endpoints serving project-scoped documents as XML

Operations

Emails

Operations

Document Routing

Operations

Users

Operations

Retrieve user information by id

Request

Security
OAuth2(Required scopes:
users.read
)
Path
idstring(User identifier)required
Example: 6295dcd39db1ab740c3e296c
curl -i -X GET \
  https://api.cloud.hypatos.ai/v2/users/6295dcd39db1ab740c3e296c \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Successful Response

Bodyapplication/json
idstring(User identifier)required
Example: "660572bc7a3cd6803f112252"
emailstring(User email)required
Example: "firstname.lastname@company.inc"
namestring(User display name)required
Example: "Firstname Lastname"
companiesAccessArray of objects(User companies memberships)required
companiesAccess[].​companyIdstring(User identifier)required
Example: "660572bc7a3cd6803f112252"
companiesAccess[].​companyNamestring(Company name)required
Example: "Company Inc."
companiesAccess[].​activeboolean(If user is active for particular company)required
Example: true
companiesAccess[].​createdAtstring(User membership creation date)required
Example: "2023-03-28T15:46:19.384990Z"
companiesAccess[].​rolesArray of strings(User roles in particular company)required
Items Enum"installationAdmin""installationClerk""admin""clerk""manager""supportSpecialist"
Example: ["clerk"]
activeboolean(If user is active)required
Example: true
isInternalboolean(If user is considered internal Hypatos one)required
Example: false
Response
application/json
{
  "id": "660572bc7a3cd6803f112252",
  "email": "firstname.lastname@company.inc",
  "name": "Firstname Lastname",
  "companiesAccess": [
    {}
  ],
  "active": true,
  "isInternal": false
}

Retrieve a users list for given search criteria

Request

Security
OAuth2(Required scopes:
users.read
)
Query
searchstring(Search text used to find users.)
activeboolean(Is active flag used to filter users.)
rolesArray of strings(User roles used to filter on.)
Items Enum"installationAdmin""installationClerk""admin""clerk""manager""supportSpecialist"
limitinteger(The limit used for this page of results.)>= 0
Default 20
offsetinteger(The offset used for this page of results.)>= 0
Default 0
curl -i -X GET \
  'https://api.cloud.hypatos.ai/v2/users?search=string&active=true&roles=installationAdmin&limit=20&offset=0' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Successful Response

Bodyapplication/json
dataArray of objects(Data)required
data[].​idstring(User identifier)required
Example: "660572bc7a3cd6803f112252"
data[].​emailstring(User email)required
Example: "firstname.lastname@company.inc"
data[].​namestring(User display name)required
Example: "Firstname Lastname"
data[].​companiesAccessArray of objects(User companies memberships)required
data[].​companiesAccess[].​companyIdstring(User identifier)required
Example: "660572bc7a3cd6803f112252"
data[].​companiesAccess[].​companyNamestring(Company name)required
Example: "Company Inc."
data[].​companiesAccess[].​activeboolean(If user is active for particular company)required
Example: true
data[].​companiesAccess[].​createdAtstring(User membership creation date)required
Example: "2023-03-28T15:46:19.384990Z"
data[].​companiesAccess[].​rolesArray of strings(User roles in particular company)required
Items Enum"installationAdmin""installationClerk""admin""clerk""manager""supportSpecialist"
Example: ["clerk"]
data[].​activeboolean(If user is active)required
Example: true
data[].​isInternalboolean(If user is considered internal Hypatos one)required
Example: false
totalCountinteger(Totalcount)required
limitinteger(Limit)required
offsetinteger(Offset)required
Response
application/json
{
  "data": [
    {}
  ],
  "totalCount": 0,
  "limit": 0,
  "offset": 0
}