Basis includes a RESTful JSON API for integrating with external applications, automating data entry, and building custom reporting. All requests and responses use application/json, and every response is wrapped in a standard envelope.
Interactive reference: the API ships with Swagger UI at
/swaggerand ReDoc at/redoc, generated from the live OpenAPI definition. They document every endpoint, request body, and response schema — the authoritative reference. The sections below cover the essentials to get started.
The API uses JWT Bearer authentication. You log in once to obtain an access token, then send that token on every subsequent request.
POST /api/Users/login
Content-Type: application/json
{
"credential": "you@example.com",
"password": "your-password"
}
credential accepts either your email or username. A successful response returns an access token:
{
"success": true,
"message": "Success",
"data": {
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"expiresIn": 3600,
"user": { "id": "user-uuid", "email": "you@example.com", "displayName": "You" }
}
}
Include the access token in the Authorization header of every request:
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
Tokens expire after expiresIn seconds; log in again to obtain a fresh one.
| Edition | Base URL |
|---|---|
| Server (self-hosted) | https://your-domain.com/api |
| Cloud | https://your-tenant.basis-apps.net/api |
Most resources belong to a specific company (business), so their paths are scoped by a business ID:
/api/{businessId}/{resource}
To list the companies your account can access (and get their IDs):
GET /api/Businesses
Authorization: Bearer YOUR_TOKEN
Every response uses the same wrapper, so clients can handle success and errors uniformly:
{
"success": true,
"message": "Success",
"data": { },
"errors": null
}
On failure, success is false, data is null, and errors may contain field-level messages. List endpoints return paginated results inside data.
These are representative; the full surface covers most of the app's documents and master data.
| Resource | Path |
|---|---|
| Parties (customers/suppliers) | /api/{businessId}/parties |
| Items | /api/{businessId}/items |
| Chart of accounts | /api/{businessId}/chart-of-accounts |
| Sales | /api/{businessId}/sales |
| Sales orders | /api/{businessId}/sales-orders |
| Purchases | /api/{businessId}/purchases |
| Receipts | /api/{businessId}/receipts |
| Payments | /api/{businessId}/payments |
| Journals | /api/{businessId}/journals |
| Reports | /api/{businessId}/reports |
Each resource follows standard REST conventions:
GET /api/{businessId}/parties # list (paginated)
GET /api/{businessId}/parties/{id} # get one
POST /api/{businessId}/parties # create
PUT /api/{businessId}/parties/{id} # update
DELETE /api/{businessId}/parties/{id} # delete
Explore and try the full API live against your own installation:
https://<your-host>/swagger — browse endpoints, see schemas, and send authenticated test requests.https://<your-host>/redoc/index.html?url=/swagger/v1/swagger.json — a clean, readable reference view.https://<your-host>/swagger/v1/swagger.json — use it to generate a typed client for your language of choice.For a Cloud tenant, <your-host> is your subdomain, e.g. https://your-company.basis-apps.net/swagger. For the Server edition it is your own domain.