Poštár

Dokumentace API

API docs by Redocly

Dativery Pepposh API (1.0.0)

Download OpenAPI specification:

Multi-tenant Peppol document exchange service. Most endpoints require authentication via OAuth 2.0 Client Credentials (obtain a token from POST /api/auth/token).

Localization:

  • Frontend clients should send the selected UI language in the Accept-Language header.
  • The server uses this header to localize user-facing responses and falls back to the default locale when the requested language is not supported.

Domain model:

  • A tenant is the top-level customer workspace or organization account. Users, billing, API keys, logs, reports, and configuration are scoped to a tenant.
  • A participant is a concrete business entity managed inside a tenant. Participants represent the legal or operational sender/receiver on the Peppol network and hold business identity, verification state, and Peppol registration.
  • One tenant can manage multiple participants. Most document exchange happens for a specific participant, while tenant endpoints manage the shared container around them.

Permissions model (practical):

  • User roles are hierarchical: owner > admin > member > sender > reader.
  • owner/admin: full tenant administration and operational actions.
  • member: operational write access without tenant administration.
  • sender: send-focused operational access.
  • reader: read-only access.
  • API keys use scope + permissions. scope=tenant applies across tenant resources, scope=participant limits access to one participant.
  • Standard API key permissions map to guards: read -> requireRead, write/member/sender -> requireMember, admin -> requireAdmin.
  • Developer API key permissions are document-capability based (send_documents, receive_documents, receive_all_documents, read_all_documents, read_participant_info, admin) and can be constrained by outbound ownership.

Auth

Authentication and account management

Issue OAuth token pair

Issues a short-lived access token and long-lived refresh token. Supports both OAuth 2.0 client_credentials and authorization_code grants. For authorization_code, credentials may be supplied either via Authorization: Basic or request body fields. Successful responses are returned as raw OAuth token payloads.

Request Body schema:
required
One of
grant_type
required
string
Value: "client_credentials"
client_id
required
string

API key clientId

client_secret
required
string

API key clientSecret

scope
string

Optional subset of permitted scopes.

Responses

Request samples

Content type
{
  • "grant_type": "authorization_code",
  • "code": "string",
  • "redirect_uri": "http://example.com",
  • "client_id": "string",
  • "client_secret": "string"
}

Response samples

Content type
application/json
{
  • "access_token": "string",
  • "token_type": "Bearer",
  • "expires_in": 900,
  • "scope": "document:send document:receive"
}

Users

User profile and user management

List users sharing a tenant with the caller

Authorizations:
oauth2
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

Responses

Response samples

Content type
application/json
{
  • "users": [
    ],
  • "count": 0
}

Get a user profile by ID

Authorizations:
oauth2
path Parameters
userId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "id": "string",
  • "extId": "string",
  • "email": "user@example.com",
  • "firstName": "string",
  • "lastName": "string",
  • "language": "en",
  • "phone": "string",
  • "jobTitle": "string",
  • "company": "string",
  • "avatar": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "otpEnabled": true,
  • "participants": [
    ]
}

List participants assigned to a user

Authorizations:
oauth2
path Parameters
userId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "participants": [
    ],
  • "count": 0
}

List tenants a user belongs to

Authorizations:
oauth2
path Parameters
userId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "tenants": [
    ],
  • "count": 0
}

Get current user profile

Authorizations:
oauth2

Responses

Response samples

Content type
application/json
{
  • "id": "string",
  • "extId": "string",
  • "email": "user@example.com",
  • "firstName": "string",
  • "lastName": "string",
  • "language": "en",
  • "phone": "string",
  • "jobTitle": "string",
  • "company": "string",
  • "avatar": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "otpEnabled": true,
  • "participants": [
    ]
}

Update current user profile

Authorizations:
oauth2
Request Body schema: application/json
required
firstName
string <= 100 characters

First name

lastName
string <= 100 characters

Last name

language
string
Enum: "en" "cs" "sk" "de"

Preferred application language

phone
string or null

Phone number in E.164 format; send null or an empty string to clear it

jobTitle
string or null <= 150 characters

Job title; send null or an empty string to clear it

company
string or null <= 200 characters

Company name; send null or an empty string to clear it

avatar
string or null

Avatar image as a base64 data URL or raw base64 image string; send null or an empty string to clear it

Responses

Request samples

Content type
application/json
{
  • "firstName": "string",
  • "lastName": "string",
  • "language": "en",
  • "phone": "string",
  • "jobTitle": "string",
  • "company": "string",
  • "avatar": "string"
}

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Lookup

Peppol network participant lookup

Look up Peppol participant by country and ICO

path Parameters
country
required
string

Country code (e.g. cz, sk)

ico
required
string
query Parameters
extended
boolean

When set, includes additional data such as businessCard.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Batch lookup (up to 50 identifiers)

Authorizations:
oauth2None
query Parameters
extended
boolean

When set, includes additional data such as businessCard in each result.

Request Body schema: application/json
required
identifiers
required
Array of strings <= 50 items

Responses

Request samples

Content type
application/json
{
  • "identifiers": [
    ]
}

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Lookup by Peppol ID

Authorizations:
oauth2None
path Parameters
peppolId
required
string
Example: 0192:12345678
query Parameters
extended
boolean

When set, includes additional data such as businessCard.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Lookup by VAT ID

path Parameters
vatId
required
string
Example: CZ12345678
query Parameters
extended
boolean

When set, includes additional data such as businessCard.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Tenants

Tenant management. A tenant is the top-level customer workspace or organization account that contains users, participants, API keys, logs, reports, and shared settings.

List tenants for the current user

Authorizations:
oauth2
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Create a new tenant

Authorizations:
oauth2
Request Body schema: application/json
required
extId
string
name
required
string
accessPointId
string <uuid>

Optional access point to associate with the tenant.

language
string = 2 characters

Responses

Request samples

Content type
application/json
{
  • "extId": "string",
  • "name": "string",
  • "accessPointId": "702dc7ac-1b25-441d-b256-1463188d42e1",
  • "language": "st"
}

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Get tenant details

Authorizations:
oauth2
path Parameters
tenantId
required
string

Responses

Response samples

Content type
application/json
{
  • "id": "string",
  • "extId": "string",
  • "name": "string",
  • "slug": "string",
  • "language": "string",
  • "accessPointId": "702dc7ac-1b25-441d-b256-1463188d42e1",
  • "isActive": true,
  • "blocked": true,
  • "blockedReason": "string",
  • "rateLimit": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "deletedAt": "2019-08-24T14:15:22Z",
  • "role": "string",
  • "allowToSkipVerification": "no",
  • "allowToSkipVerificationReason": "tenant_config"
}

Update tenant (admin only)

Authorizations:
oauth2
path Parameters
tenantId
required
string
Request Body schema: application/json
required
extId
string
name
string
language
string = 2 characters
accessPointId
string or null <uuid>

Optional access point to associate with the tenant, or null to clear it.

isActive
boolean

Responses

Request samples

Content type
application/json
{
  • "extId": "string",
  • "name": "string",
  • "language": "st",
  • "accessPointId": "702dc7ac-1b25-441d-b256-1463188d42e1",
  • "isActive": true
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "extId": "string",
  • "name": "string",
  • "slug": "string",
  • "language": "string",
  • "accessPointId": "702dc7ac-1b25-441d-b256-1463188d42e1",
  • "isActive": true,
  • "blocked": true,
  • "blockedReason": "string",
  • "rateLimit": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "deletedAt": "2019-08-24T14:15:22Z",
  • "role": "string",
  • "allowToSkipVerification": "no",
  • "allowToSkipVerificationReason": "tenant_config"
}

Delete tenant (admin only)

Authorizations:
oauth2
path Parameters
tenantId
required
string

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

List users in a tenant (admin only)

Authorizations:
oauth2
path Parameters
tenantId
required
string
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Add a user to tenant (admin only)

Authorizations:
oauth2
path Parameters
tenantId
required
string
Request Body schema: application/json
required
userId
required
string

User UUID or external reference in ext:{extId} format.

role
string
Enum: "admin" "member" "viewer"

Responses

Request samples

Content type
application/json
{
  • "userId": "string",
  • "role": "admin"
}

Response samples

Content type
application/json
{
  • "success": true
}

Update user role in tenant (admin only)

Authorizations:
oauth2
path Parameters
tenantId
required
string
userId
required
string
Request Body schema: application/json
required
role
required
string
Enum: "admin" "member" "viewer"

Responses

Request samples

Content type
application/json
{
  • "role": "admin"
}

Response samples

Content type
application/json
{
  • "success": true
}

Remove a user from tenant (admin only)

Authorizations:
oauth2
path Parameters
tenantId
required
string
userId
required
string

Responses

Response samples

Content type
application/json
{
  • "success": true
}

Participants

Participant management within a tenant. A participant is a concrete business entity under a tenant that sends or receives Peppol documents and has its own identity, verification state, and Peppol registration.

Create or update a participant by external ID (API key)

Creates or updates a participant within the tenant bound to the API key (upsert operation). The extId field is required and it identifies the participant—if a participant with that external ID already exists in the tenant, it will be updated with the new fields instead of creating a duplicate. Can only be used with an API key that is tied to exactly one tenant. When mark-as-verified=true is provided and the tenant's allowToSkipVerification mode is not no, the server will try to complete the non-interactive verification flow immediately after creation. In valid mode it runs the Czech business-identity verification checks before marking the participant as verified; in all mode it fully bypasses the remaining verification steps. If the tenant is not allowed to skip verification or the participant country is not supported for the requested flow, the participant is still created and the query flag is ignored.

Authorizations:
None
query Parameters
mark-as-verified
boolean

When true, attempts to mark the newly created participant as verified immediately after creation, using the tenant's allowToSkipVerification mode. Unsupported countries such as SK, or tenants without the skip-verification privilege, are ignored without failing the create request.

Request Body schema: application/json
required
extId
string
name
required
string
code
string
registrationNumber
string
bankAccount
string
registrationInfo
string
taxId
string
vatId
string
streetWithNo
string
address2
string
city
string
region
string
postCode
string
countryCode
string
telephone
string
contactPhone
string
contactEmail
string
website
string
logoUrl
string
language
string = 2 characters
object (ParticipantPeppolSettingsInput)

Responses

Request samples

Content type
application/json
{
  • "extId": "string",
  • "name": "string",
  • "code": "string",
  • "registrationNumber": "string",
  • "bankAccount": "string",
  • "registrationInfo": "string",
  • "taxId": "string",
  • "vatId": "string",
  • "streetWithNo": "string",
  • "address2": "string",
  • "city": "string",
  • "region": "string",
  • "postCode": "string",
  • "countryCode": "string",
  • "telephone": "string",
  • "contactPhone": "string",
  • "contactEmail": "string",
  • "website": "string",
  • "logoUrl": "string",
  • "language": "st",
  • "peppol": {
    }
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "extId": "string",
  • "tenantId": "string",
  • "name": "string",
  • "code": "string",
  • "registrationNumber": "string",
  • "bankAccount": "string",
  • "registrationInfo": "string",
  • "taxId": "string",
  • "vatId": "string",
  • "streetWithNo": "string",
  • "address2": "string",
  • "city": "string",
  • "region": "string",
  • "postCode": "string",
  • "countryCode": "string",
  • "telephone": "string",
  • "contactPhone": "string",
  • "contactEmail": "user@example.com",
  • "website": "string",
  • "logoUrl": "string",
  • "language": "string",
  • "isVerified": true,
  • "blocked": true,
  • "blockedReason": "string",
  • "rateLimit": "string",
  • "verifiedRegistrationNumber": "string",
  • "verifiedTaxId": "string",
  • "verifiedVatId": "string",
  • "emailVerified": true,
  • "emailVerifiedAt": "2019-08-24T14:15:22Z",
  • "registrationVerified": true,
  • "registrationVerifiedAt": "2019-08-24T14:15:22Z",
  • "bankAccountVerified": true,
  • "bankAccountVerifiedAt": "2019-08-24T14:15:22Z",
  • "authorizedPersonVerified": true,
  • "authorizedPersonVerifiedAt": "2019-08-24T14:15:22Z",
  • "phoneVerified": true,
  • "phoneVerifiedAt": "2019-08-24T14:15:22Z",
  • "peppolRegistration": "none",
  • "isCorporation": true,
  • "isVatPayer": true,
  • "adissrBankAccounts": [
    ],
  • "rejectInvalidRegistrations": true,
  • "rejectInvalidBankAccounts": true,
  • "acceptInvoices": true,
  • "acceptOrders": true,
  • "acceptDespatchAdvices": true,
  • "acceptOrderConfirmations": true,
  • "acceptReceiptAdvices": true,
  • "acceptOrderModifications": true,
  • "acceptCatalogues": true,
  • "extraPeppolIds": [
    ],
  • "extraDocumentTypes": [
    ],
  • "peppol": {
    },
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string",
  • "deletedAt": "2019-08-24T14:15:22Z"
}

List participants available to the authenticated user

API-key variant of participant listing. When X-Peppol-Participant-Id is provided, the server resolves the participant from the Peppol identifier and returns the matching accessible participant.

Authorizations:
None
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Get participant details

Authorizations:
oauth2None
path Parameters
participantId
required
string
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "id": "string",
  • "extId": "string",
  • "tenantId": "string",
  • "name": "string",
  • "code": "string",
  • "registrationNumber": "string",
  • "bankAccount": "string",
  • "registrationInfo": "string",
  • "taxId": "string",
  • "vatId": "string",
  • "streetWithNo": "string",
  • "address2": "string",
  • "city": "string",
  • "region": "string",
  • "postCode": "string",
  • "countryCode": "string",
  • "telephone": "string",
  • "contactPhone": "string",
  • "contactEmail": "user@example.com",
  • "website": "string",
  • "logoUrl": "string",
  • "language": "string",
  • "isVerified": true,
  • "blocked": true,
  • "blockedReason": "string",
  • "rateLimit": "string",
  • "verifiedRegistrationNumber": "string",
  • "verifiedTaxId": "string",
  • "verifiedVatId": "string",
  • "emailVerified": true,
  • "emailVerifiedAt": "2019-08-24T14:15:22Z",
  • "registrationVerified": true,
  • "registrationVerifiedAt": "2019-08-24T14:15:22Z",
  • "bankAccountVerified": true,
  • "bankAccountVerifiedAt": "2019-08-24T14:15:22Z",
  • "authorizedPersonVerified": true,
  • "authorizedPersonVerifiedAt": "2019-08-24T14:15:22Z",
  • "phoneVerified": true,
  • "phoneVerifiedAt": "2019-08-24T14:15:22Z",
  • "peppolRegistration": "none",
  • "isCorporation": true,
  • "isVatPayer": true,
  • "adissrBankAccounts": [
    ],
  • "rejectInvalidRegistrations": true,
  • "rejectInvalidBankAccounts": true,
  • "acceptInvoices": true,
  • "acceptOrders": true,
  • "acceptDespatchAdvices": true,
  • "acceptOrderConfirmations": true,
  • "acceptReceiptAdvices": true,
  • "acceptOrderModifications": true,
  • "acceptCatalogues": true,
  • "extraPeppolIds": [
    ],
  • "extraDocumentTypes": [
    ],
  • "peppol": {
    },
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string",
  • "deletedAt": "2019-08-24T14:15:22Z"
}

Update participant

When you change fields that are important for validation like name, registrationNumber, vatId and countryCode, you must invoke verification process so the changed values will get propagated to businessCards in Peppol network.

Authorizations:
oauth2None
path Parameters
participantId
required
string
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Request Body schema: application/json
required
extId
string
name
string
code
string
registrationNumber
string
bankAccount
string
registrationInfo
string
taxId
string
vatId
string
streetWithNo
string
address2
string
city
string
region
string
postCode
string
countryCode
string
telephone
string
contactPhone
string
contactEmail
string <email>
website
string
logoUrl
string
language
string = 2 characters
rateLimit
string
rejectInvalidRegistrations
boolean

When true, inbound documents are rejected if the sender's registration number cannot be confirmed in the national business registry. Only enforced for CZ/SK senders.

rejectInvalidBankAccounts
boolean

When true, inbound documents are rejected if the sender's VAT ID is no longer an active VAT payer (checked via EU VIES).

object (ParticipantPeppolSettingsInput)

Responses

Request samples

Content type
application/json
{
  • "extId": "string",
  • "name": "string",
  • "code": "string",
  • "registrationNumber": "string",
  • "bankAccount": "string",
  • "registrationInfo": "string",
  • "taxId": "string",
  • "vatId": "string",
  • "streetWithNo": "string",
  • "address2": "string",
  • "city": "string",
  • "region": "string",
  • "postCode": "string",
  • "countryCode": "string",
  • "telephone": "string",
  • "contactPhone": "string",
  • "contactEmail": "user@example.com",
  • "website": "string",
  • "logoUrl": "string",
  • "language": "st",
  • "rateLimit": "string",
  • "rejectInvalidRegistrations": true,
  • "rejectInvalidBankAccounts": true,
  • "peppol": {
    }
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "extId": "string",
  • "tenantId": "string",
  • "name": "string",
  • "code": "string",
  • "registrationNumber": "string",
  • "bankAccount": "string",
  • "registrationInfo": "string",
  • "taxId": "string",
  • "vatId": "string",
  • "streetWithNo": "string",
  • "address2": "string",
  • "city": "string",
  • "region": "string",
  • "postCode": "string",
  • "countryCode": "string",
  • "telephone": "string",
  • "contactPhone": "string",
  • "contactEmail": "user@example.com",
  • "website": "string",
  • "logoUrl": "string",
  • "language": "string",
  • "isVerified": true,
  • "blocked": true,
  • "blockedReason": "string",
  • "rateLimit": "string",
  • "verifiedRegistrationNumber": "string",
  • "verifiedTaxId": "string",
  • "verifiedVatId": "string",
  • "emailVerified": true,
  • "emailVerifiedAt": "2019-08-24T14:15:22Z",
  • "registrationVerified": true,
  • "registrationVerifiedAt": "2019-08-24T14:15:22Z",
  • "bankAccountVerified": true,
  • "bankAccountVerifiedAt": "2019-08-24T14:15:22Z",
  • "authorizedPersonVerified": true,
  • "authorizedPersonVerifiedAt": "2019-08-24T14:15:22Z",
  • "phoneVerified": true,
  • "phoneVerifiedAt": "2019-08-24T14:15:22Z",
  • "peppolRegistration": "none",
  • "isCorporation": true,
  • "isVatPayer": true,
  • "adissrBankAccounts": [
    ],
  • "rejectInvalidRegistrations": true,
  • "rejectInvalidBankAccounts": true,
  • "acceptInvoices": true,
  • "acceptOrders": true,
  • "acceptDespatchAdvices": true,
  • "acceptOrderConfirmations": true,
  • "acceptReceiptAdvices": true,
  • "acceptOrderModifications": true,
  • "acceptCatalogues": true,
  • "extraPeppolIds": [
    ],
  • "extraDocumentTypes": [
    ],
  • "peppol": {
    },
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string",
  • "deletedAt": "2019-08-24T14:15:22Z"
}

Delete participant (admin only)

Authorizations:
oauth2None
path Parameters
participantId
required
string
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "message": "string"
}

Get participant Peppol registration status

Returns current Peppol registration details for a participant, including whether it is registered, date of registration, and all active Peppol IDs.

Authorizations:
oauth2None
path Parameters
participantId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Register participant to Peppol

Registers a fully-verified participant to Peppol. All 5 verification steps must be completed (email, registration, bankAccount, authorizedPerson, phone). Creates a peppolIds record (iso6523-actorid-upis::{ICD}:{registrationNumber}) and stores the requested participant Peppol registration scope. Requires PEPPOL_AP_ENDPOINT_URL environment variable to be set.

Authorizations:
oauth2None
path Parameters
participantId
required
string <uuid>
Request Body schema: application/json
optional
peppolRegistration
string
Default: "all"
Enum: "sending-only" "all"

Requested Peppol registration scope. Use sending-only for outbound-only registration or all for send-and-receive registration.

Responses

Request samples

Content type
application/json
{
  • "peppolRegistration": "sending-only"
}

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Unregister participant from Peppol

Removes the participant's Peppol registration. Deactivates all peppolIds records, deletes SMP service metadata, and sets participant.peppolRegistration to none.

Authorizations:
oauth2None
path Parameters
participantId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

List users assigned to a participant

Authorizations:
oauth2
path Parameters
participantId
required
string <uuid>
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "users": [
    ],
  • "count": 0
}

Assign a user to a participant

Authorizations:
oauth2
path Parameters
participantId
required
string <uuid>
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Request Body schema: application/json
required
userId
required
string <uuid>
role
string
Default: "reader"
Enum: "admin" "member" "sender" "reader" "viewer"

Responses

Request samples

Content type
application/json
{
  • "userId": "2c4a230c-5085-4924-a3e1-25fb4fc5965b",
  • "role": "admin"
}

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Update a participant user's role

Authorizations:
oauth2
path Parameters
participantId
required
string <uuid>
userId
required
string <uuid>
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Request Body schema: application/json
required
role
required
string
Enum: "admin" "member" "sender" "reader" "viewer"

Responses

Request samples

Content type
application/json
{
  • "role": "admin"
}

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Remove a user from a participant

Authorizations:
oauth2
path Parameters
participantId
required
string <uuid>
userId
required
string <uuid>
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Initiate participant company verification wizard

Multi-step verification flow: (1) email verified, (2) business identity, (3) authorized person. Returns current stage with per-stage issues and a verificationUrl for finishing the flow in the web UI. When the optional callback query parameter is provided, the generated verificationUrl preserves it and the web flow redirects back to that URL after verification is finished or when the user cancels. You can call this endpoint multiple times to continue the flow where you left off, or to re-run failed steps after fixing the reported issues. When the flow is completed, the participant is automatically registered to Peppol and can send/receive documents via the network.

Authorizations:
oauth2None
path Parameters
participantId
required
string <uuid>
query Parameters
lang
string
Default: "cs"
Enum: "cs" "en" "sk"

Language for email notifications and error messages

callback
string <uri>

Optional absolute http/https URL. When valid, it is appended to the returned verificationUrl and used as the redirect target after verification is finished or cancelled.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Mark participant as verified (KYC/AML skip)

Marks a participant as fully verified by bypassing the bank-account micro-payment and authorised-person confirmation steps.

This endpoint is available exclusively to tenants whose allowToSkipVerification mode is not no:

  • Completed external KYC (Know Your Customer) and AML (Anti-Money Laundering) checks for their users
  • Signed a special operator contract granting the skip-verification privilege

Mode behaviour:

  • valid – ARES + ADISSPR business-identity validation is still performed; the company must be active and found in the Czech business registry.
  • all – full bypass; all interactive and business-identity checks are skipped.

Country support:

  • CZ (Czech Republic) – fully supported
  • SK (Slovakia) – SK companies must complete verification via the standard flow with Finančná správa.

Steps performed internally:

  1. Validates participant belongs to the caller's tenant
  2. Checks participant.countryCode is CZ
  3. If mode is valid: runs ARES + ADISSPR validation (company must be active and found)
  4. Sets all verification flags to true (email, registration, bankAccount, authorizedPerson, phone)
  5. Sets isVerified = true
  6. Creates an audit event participant_marked_as_verified

Access control: JWT authentication required, tenant admin role.

Authorizations:
oauth2
path Parameters
participantId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Get participant verification status

Authorizations:
oauth2None
path Parameters
participantId
required
string

Responses

Response samples

Content type
application/json
{
  • "status": "string",
  • "verification": {
    }
}

Create or update a participant by external ID in route (API key)

Creates or updates a participant within the tenant bound to the API key (upsert operation). The external ID is provided in the route path, and the participant is identified by this external ID—if a participant with that external ID already exists in the tenant, it will be updated with the request body fields instead of creating a duplicate. Can only be used with an API key that is tied to exactly one tenant. When mark-as-verified=true is provided and the tenant's allowToSkipVerification mode is not no, the server will try to complete the non-interactive verification flow immediately after creation.

Authorizations:
None
path Parameters
extId
required
string

External identifier for the participant (from URL path)

query Parameters
mark-as-verified
boolean

When true, attempts to mark the newly created participant as verified immediately after creation, using the tenant's allowToSkipVerification mode.

Request Body schema: application/json
required
extId
string
name
required
string
code
string
registrationNumber
string
bankAccount
string
registrationInfo
string
taxId
string
vatId
string
streetWithNo
string
address2
string
city
string
region
string
postCode
string
countryCode
string
telephone
string
contactPhone
string
contactEmail
string
website
string
logoUrl
string
language
string = 2 characters
object (ParticipantPeppolSettingsInput)

Responses

Request samples

Content type
application/json
{
  • "extId": "string",
  • "name": "string",
  • "code": "string",
  • "registrationNumber": "string",
  • "bankAccount": "string",
  • "registrationInfo": "string",
  • "taxId": "string",
  • "vatId": "string",
  • "streetWithNo": "string",
  • "address2": "string",
  • "city": "string",
  • "region": "string",
  • "postCode": "string",
  • "countryCode": "string",
  • "telephone": "string",
  • "contactPhone": "string",
  • "contactEmail": "string",
  • "website": "string",
  • "logoUrl": "string",
  • "language": "st",
  • "peppol": {
    }
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "extId": "string",
  • "tenantId": "string",
  • "name": "string",
  • "code": "string",
  • "registrationNumber": "string",
  • "bankAccount": "string",
  • "registrationInfo": "string",
  • "taxId": "string",
  • "vatId": "string",
  • "streetWithNo": "string",
  • "address2": "string",
  • "city": "string",
  • "region": "string",
  • "postCode": "string",
  • "countryCode": "string",
  • "telephone": "string",
  • "contactPhone": "string",
  • "contactEmail": "user@example.com",
  • "website": "string",
  • "logoUrl": "string",
  • "language": "string",
  • "isVerified": true,
  • "blocked": true,
  • "blockedReason": "string",
  • "rateLimit": "string",
  • "verifiedRegistrationNumber": "string",
  • "verifiedTaxId": "string",
  • "verifiedVatId": "string",
  • "emailVerified": true,
  • "emailVerifiedAt": "2019-08-24T14:15:22Z",
  • "registrationVerified": true,
  • "registrationVerifiedAt": "2019-08-24T14:15:22Z",
  • "bankAccountVerified": true,
  • "bankAccountVerifiedAt": "2019-08-24T14:15:22Z",
  • "authorizedPersonVerified": true,
  • "authorizedPersonVerifiedAt": "2019-08-24T14:15:22Z",
  • "phoneVerified": true,
  • "phoneVerifiedAt": "2019-08-24T14:15:22Z",
  • "peppolRegistration": "none",
  • "isCorporation": true,
  • "isVatPayer": true,
  • "adissrBankAccounts": [
    ],
  • "rejectInvalidRegistrations": true,
  • "rejectInvalidBankAccounts": true,
  • "acceptInvoices": true,
  • "acceptOrders": true,
  • "acceptDespatchAdvices": true,
  • "acceptOrderConfirmations": true,
  • "acceptReceiptAdvices": true,
  • "acceptOrderModifications": true,
  • "acceptCatalogues": true,
  • "extraPeppolIds": [
    ],
  • "extraDocumentTypes": [
    ],
  • "peppol": {
    },
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string",
  • "deletedAt": "2019-08-24T14:15:22Z"
}

List participants

When X-Peppol-Participant-Id is provided, the server resolves the participant from the Peppol identifier within the tenant and returns only the matching accessible participant.

Authorizations:
oauth2
path Parameters
tenantId
required
string
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Create a participant (admin only)

Creates a new participant in the specified tenant. When mark-as-verified=true is provided and the tenant's allowToSkipVerification mode is not no, the server will try to complete the non-interactive verification flow immediately after creation. In valid mode it runs the Czech business-identity verification checks before marking the participant as verified; in all mode it fully bypasses the remaining verification steps. If the tenant is not allowed to skip verification or the participant country is not supported for the requested flow, the participant is still created and the query flag is ignored.

Authorizations:
oauth2
path Parameters
tenantId
required
string
query Parameters
mark-as-verified
boolean

When true, attempts to mark the newly created participant as verified immediately after creation, using the tenant's allowToSkipVerification mode. Unsupported countries such as SK, or tenants without the skip-verification privilege, are ignored without failing the create request.

Request Body schema: application/json
required
extId
string
name
required
string
code
string
registrationNumber
string
bankAccount
string
registrationInfo
string
taxId
string
vatId
string
streetWithNo
string
address2
string
city
string
region
string
postCode
string
countryCode
string
telephone
string
contactPhone
string
contactEmail
string
website
string
logoUrl
string
language
string = 2 characters
object (ParticipantPeppolSettingsInput)

Responses

Request samples

Content type
application/json
{
  • "extId": "string",
  • "name": "string",
  • "code": "string",
  • "registrationNumber": "string",
  • "bankAccount": "string",
  • "registrationInfo": "string",
  • "taxId": "string",
  • "vatId": "string",
  • "streetWithNo": "string",
  • "address2": "string",
  • "city": "string",
  • "region": "string",
  • "postCode": "string",
  • "countryCode": "string",
  • "telephone": "string",
  • "contactPhone": "string",
  • "contactEmail": "string",
  • "website": "string",
  • "logoUrl": "string",
  • "language": "st",
  • "peppol": {
    }
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "extId": "string",
  • "tenantId": "string",
  • "name": "string",
  • "code": "string",
  • "registrationNumber": "string",
  • "bankAccount": "string",
  • "registrationInfo": "string",
  • "taxId": "string",
  • "vatId": "string",
  • "streetWithNo": "string",
  • "address2": "string",
  • "city": "string",
  • "region": "string",
  • "postCode": "string",
  • "countryCode": "string",
  • "telephone": "string",
  • "contactPhone": "string",
  • "contactEmail": "user@example.com",
  • "website": "string",
  • "logoUrl": "string",
  • "language": "string",
  • "isVerified": true,
  • "blocked": true,
  • "blockedReason": "string",
  • "rateLimit": "string",
  • "verifiedRegistrationNumber": "string",
  • "verifiedTaxId": "string",
  • "verifiedVatId": "string",
  • "emailVerified": true,
  • "emailVerifiedAt": "2019-08-24T14:15:22Z",
  • "registrationVerified": true,
  • "registrationVerifiedAt": "2019-08-24T14:15:22Z",
  • "bankAccountVerified": true,
  • "bankAccountVerifiedAt": "2019-08-24T14:15:22Z",
  • "authorizedPersonVerified": true,
  • "authorizedPersonVerifiedAt": "2019-08-24T14:15:22Z",
  • "phoneVerified": true,
  • "phoneVerifiedAt": "2019-08-24T14:15:22Z",
  • "peppolRegistration": "none",
  • "isCorporation": true,
  • "isVatPayer": true,
  • "adissrBankAccounts": [
    ],
  • "rejectInvalidRegistrations": true,
  • "rejectInvalidBankAccounts": true,
  • "acceptInvoices": true,
  • "acceptOrders": true,
  • "acceptDespatchAdvices": true,
  • "acceptOrderConfirmations": true,
  • "acceptReceiptAdvices": true,
  • "acceptOrderModifications": true,
  • "acceptCatalogues": true,
  • "extraPeppolIds": [
    ],
  • "extraDocumentTypes": [
    ],
  • "peppol": {
    },
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string",
  • "deletedAt": "2019-08-24T14:15:22Z"
}

Documents

Document listing, delivery, conversion, and acknowledgement

Download document in its original format

Returns the stored source document payload. Supported source formats include UBL, ISDOC, ISDOCX, POHODA, MRP, MONEY_S3, CII, FACTUR_X, ORDER_X, and ZUGFERD.

Authorizations:
oauth2None
path Parameters
documentId
required
string

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Download document in specified format

Download the document converted to the specified format. Supported formats: isdoc, pohoda, mrp, money-s3, datev, cii, factur-x, zugferd, order-x, isdocx, ubl-json.

Authorizations:
oauth2None
path Parameters
format
required
string
Enum: "isdoc" "pohoda" "mrp" "money-s3" "datev" "cii" "factur-x" "zugferd" "order-x" "isdocx" "ubl-json"

Target download format.

documentId
required
string

Responses

Download document converted to PDF

Authorizations:
oauth2None
path Parameters
documentId
required
string

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Send a draft document

Sends an outbound draft document via the Peppol network. Validates that the document is in draft status, direction is outbound, the sender participant is verified, senderPeppolId belongs to the participant, the UBL content is valid, and the receiver is reachable on the Peppol network. On success the document status transitions to pending.

Authorizations:
oauth2None
path Parameters
documentId
required
string

Responses

Response samples

Content type
application/json
{
  • "data": {
    }
}

Send a document via PEPPOL

Creates an outbound document and enqueues it for PEPPOL transmission. Payload is uploaded directly in request body. Receiver, document type, invoice/credit note kind, and document number are auto-detected from document content when possible. Query parameters can override detected values. The sender's Peppol ID is resolved from the authenticated participant unless senderParticipantId is provided.

Authorizations:
oauth2None
query Parameters
receiverParticipantId
string
Example: receiverParticipantId=0245:9876543210

Optional receiver Peppol ID override in ICD:value format. When omitted, receiver is auto-detected from document content.

documentTypeId
string
Example: documentTypeId=urn:oasis:names:specification:ubl:schema:xsd:Invoice-2::Invoice##urn:cen.eu:en16931:2017#compliant#urn:fdc:peppol.eu:2017:poacc:billing:3.0::2.1

Optional document type identifier override. When omitted, type is auto-detected from document content.

documentNumber
string
Example: documentNumber=INV-2026-001

Optional document number override. When omitted, number is auto-detected from document content when possible.

senderParticipantId
string
Example: senderParticipantId=0245:1234567890

Optional sender Peppol ID override. Must belong to the authenticated participant.

processId
string
Example: processId=urn:fdc:peppol.eu:2017:poacc:billing:01:1.0

Optional process/profile override. When omitted, process is inferred from payload and/or document type.

wait-for-result
boolean
Default: false

When set, response returns current SQL-backed document status payload (same shape as /api/documents/{documentId}/status). If a duplicate invoice number already exists, returns status of the existing document instead of creating a new one.

overwrite
boolean
Default: false

When true, allows creating a new outbound document even if another outbound document with the same detected/overridden document number already exists for the same sender.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Request Body schema:
required
string

Raw XML document content (UTF-8).

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Send a document via PEPPOL

Creates an outbound document and enqueues it for PEPPOL transmission. Payload is uploaded directly in request body. Receiver, document type, invoice/credit note kind, and document number are auto-detected from document content when possible. Query parameters can override detected values. The sender's Peppol ID is resolved from the authenticated participant unless senderParticipantId is provided.

Authorizations:
oauth2None
query Parameters
receiverParticipantId
string
Example: receiverParticipantId=0245:9876543210

Optional receiver Peppol ID override in ICD:value format. When omitted, receiver is auto-detected from document content.

documentTypeId
string
Example: documentTypeId=urn:oasis:names:specification:ubl:schema:xsd:Invoice-2::Invoice##urn:cen.eu:en16931:2017#compliant#urn:fdc:peppol.eu:2017:poacc:billing:3.0::2.1

Optional document type identifier override. When omitted, type is auto-detected from document content.

documentNumber
string
Example: documentNumber=INV-2026-001

Optional document number override. When omitted, number is auto-detected from document content when possible.

senderParticipantId
string
Example: senderParticipantId=0245:1234567890

Optional sender Peppol ID override. Must belong to the authenticated participant.

processId
string
Example: processId=urn:fdc:peppol.eu:2017:poacc:billing:01:1.0

Optional process/profile override. When omitted, process is inferred from payload and/or document type.

wait-for-result
boolean
Default: false

When set, response returns current SQL-backed document status payload (same shape as /api/documents/{documentId}/status). If a duplicate invoice number already exists, returns status of the existing document instead of creating a new one.

overwrite
boolean
Default: false

When true, allows creating a new outbound document even if another outbound document with the same detected/overridden document number already exists for the same sender.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Request Body schema:
required
string

Raw XML document content (UTF-8).

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Send document in specified format

Upload and send a document. The format path parameter specifies the source format (e.g. pohoda, mrp, money-s3, cii, factur-x, zugferd, order-x, isdocx, ubl-json). Supported formats: isdoc, pohoda, mrp, money-s3, datev, cii, factur-x, zugferd, order-x, isdocx, ubl-json.

Authorizations:
oauth2None
path Parameters
format
required
string
Enum: "isdoc" "pohoda" "mrp" "money-s3" "datev" "cii" "factur-x" "zugferd" "order-x" "isdocx" "ubl-json"

Source format of the uploaded document.

query Parameters
receiverParticipantId
string
Example: receiverParticipantId=0245:9876543210

Optional receiver Peppol ID override in ICD:value format. When omitted, receiver is auto-detected from document content.

documentTypeId
string
Example: documentTypeId=urn:oasis:names:specification:ubl:schema:xsd:Invoice-2::Invoice##urn:cen.eu:en16931:2017#compliant#urn:fdc:peppol.eu:2017:poacc:billing:3.0::2.1

Optional document type identifier override. When omitted, type is auto-detected from document content.

documentNumber
string
Example: documentNumber=INV-2026-001

Optional document number override. When omitted, number is auto-detected from document content when possible.

senderParticipantId
string
Example: senderParticipantId=0245:1234567890

Optional sender Peppol ID override. Must belong to the authenticated participant.

processId
string
Example: processId=urn:fdc:peppol.eu:2017:poacc:billing:01:1.0

Optional process/profile override. When omitted, process is inferred from payload and/or document type.

wait-for-result
boolean
Default: false

When set, response returns current SQL-backed document status payload (same shape as /api/documents/{documentId}/status). If a duplicate invoice number already exists, returns status of the existing document instead of creating a new one.

overwrite
boolean
Default: false

When true, allows creating a new outbound document even if another outbound document with the same detected/overridden document number already exists for the same sender.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Request Body schema:
required
string

Raw XML document content (UTF-8).

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Send document in specified format

Upload and send a document. The format path parameter specifies the source format (e.g. pohoda, mrp, money-s3, cii, factur-x, zugferd, order-x, isdocx, ubl-json).

Authorizations:
oauth2None
path Parameters
format
required
string
Enum: "pohoda" "mrp" "money-s3" "cii" "factur-x" "zugferd" "order-x" "isdocx" "ubl-json"

Source format of the uploaded document.

query Parameters
receiverParticipantId
string
Example: receiverParticipantId=0245:9876543210

Optional receiver Peppol ID override in ICD:value format. When omitted, receiver is auto-detected from document content.

documentTypeId
string
Example: documentTypeId=urn:oasis:names:specification:ubl:schema:xsd:Invoice-2::Invoice##urn:cen.eu:en16931:2017#compliant#urn:fdc:peppol.eu:2017:poacc:billing:3.0::2.1

Optional document type identifier override. When omitted, type is auto-detected from document content.

documentNumber
string
Example: documentNumber=INV-2026-001

Optional document number override. When omitted, number is auto-detected from document content when possible.

senderParticipantId
string
Example: senderParticipantId=0245:1234567890

Optional sender Peppol ID override. Must belong to the authenticated participant.

processId
string
Example: processId=urn:fdc:peppol.eu:2017:poacc:billing:01:1.0

Optional process/profile override. When omitted, process is inferred from payload and/or document type.

wait-for-result
boolean
Default: false

When set, response returns current SQL-backed document status payload (same shape as /api/documents/{documentId}/status). If a duplicate invoice number already exists, returns status of the existing document instead of creating a new one.

overwrite
boolean
Default: false

When true, allows creating a new outbound document even if another outbound document with the same detected/overridden document number already exists for the same sender.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Request Body schema:
required
string

Raw XML document content (UTF-8).

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Send an ISDOC document via PEPPOL (auto-converted to UBL)

Accepts ISDOC XML content and converts it to UBL before validation and transmission.

Authorizations:
oauth2None
query Parameters
receiverParticipantId
string
Example: receiverParticipantId=0245:9876543210

Optional receiver Peppol ID override in ICD:value format. When omitted, receiver is auto-detected from document content.

documentTypeId
string
Example: documentTypeId=urn:oasis:names:specification:ubl:schema:xsd:Invoice-2::Invoice##urn:cen.eu:en16931:2017#compliant#urn:fdc:peppol.eu:2017:poacc:billing:3.0::2.1

Optional document type identifier override. When omitted, type is auto-detected from document content.

documentNumber
string
Example: documentNumber=INV-2026-001

Optional document number override. When omitted, number is auto-detected from document content when possible.

senderParticipantId
string
Example: senderParticipantId=0245:1234567890

Optional sender Peppol ID override. Must belong to the authenticated participant.

processId
string
Example: processId=urn:fdc:peppol.eu:2017:poacc:billing:01:1.0

Optional process/profile override. When omitted, process is inferred from payload and/or document type.

wait-for-result
boolean
Default: false

When set, response returns current SQL-backed document status payload (same shape as /api/documents/{documentId}/status). If a duplicate invoice number already exists, returns status of the existing document instead of creating a new one.

overwrite
boolean
Default: false

When true, allows creating a new outbound document even if another outbound document with the same detected/overridden document number already exists for the same sender.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Request Body schema:
required
string

Raw XML document content (UTF-8).

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Send an ISDOC document via PEPPOL (auto-converted to UBL)

Accepts ISDOC XML content and converts it to UBL before validation and transmission.

Authorizations:
oauth2None
query Parameters
receiverParticipantId
string
Example: receiverParticipantId=0245:9876543210

Optional receiver Peppol ID override in ICD:value format. When omitted, receiver is auto-detected from document content.

documentTypeId
string
Example: documentTypeId=urn:oasis:names:specification:ubl:schema:xsd:Invoice-2::Invoice##urn:cen.eu:en16931:2017#compliant#urn:fdc:peppol.eu:2017:poacc:billing:3.0::2.1

Optional document type identifier override. When omitted, type is auto-detected from document content.

documentNumber
string
Example: documentNumber=INV-2026-001

Optional document number override. When omitted, number is auto-detected from document content when possible.

senderParticipantId
string
Example: senderParticipantId=0245:1234567890

Optional sender Peppol ID override. Must belong to the authenticated participant.

processId
string
Example: processId=urn:fdc:peppol.eu:2017:poacc:billing:01:1.0

Optional process/profile override. When omitted, process is inferred from payload and/or document type.

wait-for-result
boolean
Default: false

When set, response returns current SQL-backed document status payload (same shape as /api/documents/{documentId}/status). If a duplicate invoice number already exists, returns status of the existing document instead of creating a new one.

overwrite
boolean
Default: false

When true, allows creating a new outbound document even if another outbound document with the same detected/overridden document number already exists for the same sender.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Request Body schema:
required
string

Raw XML document content (UTF-8).

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Send a document via Peppol

Creates an outbound document and enqueues it for PEPPOL transmission. Payload is uploaded directly in request body. Receiver, document type, invoice/credit note kind, and document number are auto-detected from document content when possible. Query parameters can override detected values. The sender's Peppol ID is resolved from the authenticated participant unless senderParticipantId is provided.

Authorizations:
oauth2None
path Parameters
participantId
required
string
query Parameters
receiverParticipantId
string
Example: receiverParticipantId=0245:9876543210

Optional receiver Peppol ID override in ICD:value format. When omitted, receiver is auto-detected from document content.

documentTypeId
string
Example: documentTypeId=urn:oasis:names:specification:ubl:schema:xsd:Invoice-2::Invoice##urn:cen.eu:en16931:2017#compliant#urn:fdc:peppol.eu:2017:poacc:billing:3.0::2.1

Optional document type identifier override. When omitted, type is auto-detected from document content.

documentNumber
string
Example: documentNumber=INV-2026-001

Optional document number override. When omitted, number is auto-detected from document content when possible.

senderParticipantId
string
Example: senderParticipantId=0245:1234567890

Optional sender Peppol ID override. Must belong to the authenticated participant.

processId
string
Example: processId=urn:fdc:peppol.eu:2017:poacc:billing:01:1.0

Optional process/profile override. When omitted, process is inferred from payload and/or document type.

wait-for-result
boolean
Default: false

When set, response returns current SQL-backed document status payload (same shape as /api/documents/{documentId}/status). If a duplicate invoice number already exists, returns status of the existing document instead of creating a new one.

overwrite
boolean
Default: false

When true, allows creating a new outbound document even if another outbound document with the same detected/overridden document number already exists for the same sender.

Request Body schema:
required
string

Raw XML document content (UTF-8).

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Send a document via Peppol

Creates an outbound document and enqueues it for PEPPOL transmission. Payload is uploaded directly in request body. Receiver, document type, invoice/credit note kind, and document number are auto-detected from document content when possible. Query parameters can override detected values. The sender's Peppol ID is resolved from the authenticated participant unless senderParticipantId is provided.

Authorizations:
oauth2None
path Parameters
participantId
required
string
query Parameters
receiverParticipantId
string
Example: receiverParticipantId=0245:9876543210

Optional receiver Peppol ID override in ICD:value format. When omitted, receiver is auto-detected from document content.

documentTypeId
string
Example: documentTypeId=urn:oasis:names:specification:ubl:schema:xsd:Invoice-2::Invoice##urn:cen.eu:en16931:2017#compliant#urn:fdc:peppol.eu:2017:poacc:billing:3.0::2.1

Optional document type identifier override. When omitted, type is auto-detected from document content.

documentNumber
string
Example: documentNumber=INV-2026-001

Optional document number override. When omitted, number is auto-detected from document content when possible.

senderParticipantId
string
Example: senderParticipantId=0245:1234567890

Optional sender Peppol ID override. Must belong to the authenticated participant.

processId
string
Example: processId=urn:fdc:peppol.eu:2017:poacc:billing:01:1.0

Optional process/profile override. When omitted, process is inferred from payload and/or document type.

wait-for-result
boolean
Default: false

When set, response returns current SQL-backed document status payload (same shape as /api/documents/{documentId}/status). If a duplicate invoice number already exists, returns status of the existing document instead of creating a new one.

overwrite
boolean
Default: false

When true, allows creating a new outbound document even if another outbound document with the same detected/overridden document number already exists for the same sender.

Request Body schema:
required
string

Raw XML document content (UTF-8).

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Send document in specified format

Upload and send a document on behalf of a participant. The format path parameter specifies the source format. Supported formats: isdoc, pohoda, mrp, money-s3, datev, cii, factur-x, zugferd, order-x, isdocx, ubl-json.

Authorizations:
oauth2None
path Parameters
format
required
string
Enum: "isdoc" "pohoda" "mrp" "money-s3" "datev" "cii" "factur-x" "zugferd" "order-x" "isdocx" "ubl-json"

Source format of the uploaded document.

participantId
required
string
query Parameters
receiverParticipantId
string
Example: receiverParticipantId=0245:9876543210

Optional receiver Peppol ID override in ICD:value format. When omitted, receiver is auto-detected from document content.

documentTypeId
string
Example: documentTypeId=urn:oasis:names:specification:ubl:schema:xsd:Invoice-2::Invoice##urn:cen.eu:en16931:2017#compliant#urn:fdc:peppol.eu:2017:poacc:billing:3.0::2.1

Optional document type identifier override. When omitted, type is auto-detected from document content.

documentNumber
string
Example: documentNumber=INV-2026-001

Optional document number override. When omitted, number is auto-detected from document content when possible.

senderParticipantId
string
Example: senderParticipantId=0245:1234567890

Optional sender Peppol ID override. Must belong to the authenticated participant.

processId
string
Example: processId=urn:fdc:peppol.eu:2017:poacc:billing:01:1.0

Optional process/profile override. When omitted, process is inferred from payload and/or document type.

wait-for-result
boolean
Default: false

When set, response returns current SQL-backed document status payload (same shape as /api/documents/{documentId}/status). If a duplicate invoice number already exists, returns status of the existing document instead of creating a new one.

overwrite
boolean
Default: false

When true, allows creating a new outbound document even if another outbound document with the same detected/overridden document number already exists for the same sender.

Request Body schema:
required
string

Raw XML document content (UTF-8).

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Send document in specified format

Upload and send a document on behalf of a participant. The format path parameter specifies the source format.

Authorizations:
oauth2None
path Parameters
format
required
string
Enum: "pohoda" "mrp" "money-s3" "cii" "factur-x" "zugferd" "order-x" "isdocx" "ubl-json"

Source format of the uploaded document.

participantId
required
string
query Parameters
receiverParticipantId
string
Example: receiverParticipantId=0245:9876543210

Optional receiver Peppol ID override in ICD:value format. When omitted, receiver is auto-detected from document content.

documentTypeId
string
Example: documentTypeId=urn:oasis:names:specification:ubl:schema:xsd:Invoice-2::Invoice##urn:cen.eu:en16931:2017#compliant#urn:fdc:peppol.eu:2017:poacc:billing:3.0::2.1

Optional document type identifier override. When omitted, type is auto-detected from document content.

documentNumber
string
Example: documentNumber=INV-2026-001

Optional document number override. When omitted, number is auto-detected from document content when possible.

senderParticipantId
string
Example: senderParticipantId=0245:1234567890

Optional sender Peppol ID override. Must belong to the authenticated participant.

processId
string
Example: processId=urn:fdc:peppol.eu:2017:poacc:billing:01:1.0

Optional process/profile override. When omitted, process is inferred from payload and/or document type.

wait-for-result
boolean
Default: false

When set, response returns current SQL-backed document status payload (same shape as /api/documents/{documentId}/status). If a duplicate invoice number already exists, returns status of the existing document instead of creating a new one.

overwrite
boolean
Default: false

When true, allows creating a new outbound document even if another outbound document with the same detected/overridden document number already exists for the same sender.

Request Body schema:
required
string

Raw XML document content (UTF-8).

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Send a document via Peppol

Creates an outbound document and enqueues it for PEPPOL transmission. Payload is uploaded directly in request body. Receiver, document type, invoice/credit note kind, and document number are auto-detected from document content when possible. Query parameters can override detected values. The sender's Peppol ID is resolved from the authenticated participant unless senderParticipantId is provided.

Authorizations:
oauth2None
path Parameters
tenantId
required
string
participantId
required
string
query Parameters
receiverParticipantId
string
Example: receiverParticipantId=0245:9876543210

Optional receiver Peppol ID override in ICD:value format. When omitted, receiver is auto-detected from document content.

documentTypeId
string
Example: documentTypeId=urn:oasis:names:specification:ubl:schema:xsd:Invoice-2::Invoice##urn:cen.eu:en16931:2017#compliant#urn:fdc:peppol.eu:2017:poacc:billing:3.0::2.1

Optional document type identifier override. When omitted, type is auto-detected from document content.

documentNumber
string
Example: documentNumber=INV-2026-001

Optional document number override. When omitted, number is auto-detected from document content when possible.

senderParticipantId
string
Example: senderParticipantId=0245:1234567890

Optional sender Peppol ID override. Must belong to the authenticated participant.

processId
string
Example: processId=urn:fdc:peppol.eu:2017:poacc:billing:01:1.0

Optional process/profile override. When omitted, process is inferred from payload and/or document type.

wait-for-result
boolean
Default: false

When set, response returns current SQL-backed document status payload (same shape as /api/documents/{documentId}/status). If a duplicate invoice number already exists, returns status of the existing document instead of creating a new one.

overwrite
boolean
Default: false

When true, allows creating a new outbound document even if another outbound document with the same detected/overridden document number already exists for the same sender.

Request Body schema:
required
string

Raw XML document content (UTF-8).

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Send a document via Peppol

Creates an outbound document and enqueues it for PEPPOL transmission. Payload is uploaded directly in request body. Receiver, document type, invoice/credit note kind, and document number are auto-detected from document content when possible. Query parameters can override detected values. The sender's Peppol ID is resolved from the authenticated participant unless senderParticipantId is provided.

Authorizations:
oauth2None
path Parameters
tenantId
required
string
participantId
required
string
query Parameters
receiverParticipantId
string
Example: receiverParticipantId=0245:9876543210

Optional receiver Peppol ID override in ICD:value format. When omitted, receiver is auto-detected from document content.

documentTypeId
string
Example: documentTypeId=urn:oasis:names:specification:ubl:schema:xsd:Invoice-2::Invoice##urn:cen.eu:en16931:2017#compliant#urn:fdc:peppol.eu:2017:poacc:billing:3.0::2.1

Optional document type identifier override. When omitted, type is auto-detected from document content.

documentNumber
string
Example: documentNumber=INV-2026-001

Optional document number override. When omitted, number is auto-detected from document content when possible.

senderParticipantId
string
Example: senderParticipantId=0245:1234567890

Optional sender Peppol ID override. Must belong to the authenticated participant.

processId
string
Example: processId=urn:fdc:peppol.eu:2017:poacc:billing:01:1.0

Optional process/profile override. When omitted, process is inferred from payload and/or document type.

wait-for-result
boolean
Default: false

When set, response returns current SQL-backed document status payload (same shape as /api/documents/{documentId}/status). If a duplicate invoice number already exists, returns status of the existing document instead of creating a new one.

overwrite
boolean
Default: false

When true, allows creating a new outbound document even if another outbound document with the same detected/overridden document number already exists for the same sender.

Request Body schema:
required
string

Raw XML document content (UTF-8).

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Get aggregated document counts by status for a participant in tenant scope

Authorizations:
oauth2None
path Parameters
tenantId
required
string
participantId
required
string
query Parameters
direction
string
Enum: "inbound" "outbound"
documentTypes
string
Example: documentTypes=invoice,creditnote

Comma-separated list of document types to include. Use * for all types. Defaults to all types. Supported values: invoice, creditnote, order, order-response, order-change, order-cancellation, despatch-advice, receipt-advice, catalogue, mlr, invoice-response, other.

excludeDocumentTypes
string
Example: excludeDocumentTypes=mlr

Comma-separated list of document types to exclude from statistics. Supported values: invoice, creditnote, order, order-response, order-change, order-cancellation, despatch-advice, receipt-advice, catalogue, mlr, invoice-response, other.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Send document in specified format

Upload and send a document on behalf of a tenant participant. The format path parameter specifies the source format. Supported formats: isdoc, pohoda, mrp, money-s3, datev, cii, factur-x, zugferd, order-x, isdocx, ubl-json.

Authorizations:
oauth2None
path Parameters
format
required
string
Enum: "isdoc" "pohoda" "mrp" "money-s3" "datev" "cii" "factur-x" "zugferd" "order-x" "isdocx" "ubl-json"

Source format of the uploaded document.

tenantId
required
string
participantId
required
string
query Parameters
receiverParticipantId
string
Example: receiverParticipantId=0245:9876543210

Optional receiver Peppol ID override in ICD:value format. When omitted, receiver is auto-detected from document content.

documentTypeId
string
Example: documentTypeId=urn:oasis:names:specification:ubl:schema:xsd:Invoice-2::Invoice##urn:cen.eu:en16931:2017#compliant#urn:fdc:peppol.eu:2017:poacc:billing:3.0::2.1

Optional document type identifier override. When omitted, type is auto-detected from document content.

documentNumber
string
Example: documentNumber=INV-2026-001

Optional document number override. When omitted, number is auto-detected from document content when possible.

senderParticipantId
string
Example: senderParticipantId=0245:1234567890

Optional sender Peppol ID override. Must belong to the authenticated participant.

processId
string
Example: processId=urn:fdc:peppol.eu:2017:poacc:billing:01:1.0

Optional process/profile override. When omitted, process is inferred from payload and/or document type.

wait-for-result
boolean
Default: false

When set, response returns current SQL-backed document status payload (same shape as /api/documents/{documentId}/status). If a duplicate invoice number already exists, returns status of the existing document instead of creating a new one.

overwrite
boolean
Default: false

When true, allows creating a new outbound document even if another outbound document with the same detected/overridden document number already exists for the same sender.

Request Body schema:
required
string

Raw XML document content (UTF-8).

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Send document in specified format

Upload and send a document on behalf of a tenant participant. The format path parameter specifies the source format.

Authorizations:
oauth2None
path Parameters
format
required
string
Enum: "pohoda" "mrp" "money-s3" "cii" "factur-x" "zugferd" "order-x" "isdocx" "ubl-json"

Source format of the uploaded document.

tenantId
required
string
participantId
required
string
query Parameters
receiverParticipantId
string
Example: receiverParticipantId=0245:9876543210

Optional receiver Peppol ID override in ICD:value format. When omitted, receiver is auto-detected from document content.

documentTypeId
string
Example: documentTypeId=urn:oasis:names:specification:ubl:schema:xsd:Invoice-2::Invoice##urn:cen.eu:en16931:2017#compliant#urn:fdc:peppol.eu:2017:poacc:billing:3.0::2.1

Optional document type identifier override. When omitted, type is auto-detected from document content.

documentNumber
string
Example: documentNumber=INV-2026-001

Optional document number override. When omitted, number is auto-detected from document content when possible.

senderParticipantId
string
Example: senderParticipantId=0245:1234567890

Optional sender Peppol ID override. Must belong to the authenticated participant.

processId
string
Example: processId=urn:fdc:peppol.eu:2017:poacc:billing:01:1.0

Optional process/profile override. When omitted, process is inferred from payload and/or document type.

wait-for-result
boolean
Default: false

When set, response returns current SQL-backed document status payload (same shape as /api/documents/{documentId}/status). If a duplicate invoice number already exists, returns status of the existing document instead of creating a new one.

overwrite
boolean
Default: false

When true, allows creating a new outbound document even if another outbound document with the same detected/overridden document number already exists for the same sender.

Request Body schema:
required
string

Raw XML document content (UTF-8).

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

List documents across accessible tenants and participants

X-Peppol-Participant-Id can be used instead of participantId to resolve the participant from a Peppol identifier.

Authorizations:
oauth2None
query Parameters
tenantId
string

Optional tenant filter.

participantId
string <uuid>
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

direction
string
Enum: "inbound" "outbound"
status
string
documentTypes
string
Example: documentTypes=invoice,creditnote

Comma-separated list of document types to include. Use * for all types. Defaults to invoice,creditnote. Supported values: invoice, creditnote, order, order-response, order-change, order-cancellation, despatch-advice, receipt-advice, catalogue, mlr, invoice-response, other.

excludeDocumentTypes
string
Example: excludeDocumentTypes=mlr

Comma-separated list of document types to exclude from results. Useful for hiding response document types (e.g. mlr,order-response) from inbox views. Supported values: invoice, creditnote, order, order-response, order-change, order-cancellation, despatch-advice, receipt-advice, catalogue, mlr, invoice-response, other.

documentNumber
string
format
string
dateFrom
string <date-time>
dateTo
string <date-time>
search
string
messageId
string <uuid>

Filter by exact Peppol SBDH message identifier (UUID). Useful for correlating a response document (MLR, ILR, Order Response) with the original document it references.

order
string
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Get aggregated document counts by status

Returns grouped document statistics in the form { status, count }, scoped by the authenticated principal and optional filters.

Authorizations:
oauth2None
query Parameters
tenantId
string

Optional tenant filter.

participantId
string <uuid>
direction
string
Enum: "inbound" "outbound"
documentTypes
string
Example: documentTypes=invoice,creditnote

Comma-separated list of document types to include. Use * for all types. Defaults to all types. Supported values: invoice, creditnote, order, order-response, order-change, order-cancellation, despatch-advice, receipt-advice, catalogue, mlr, invoice-response, other.

excludeDocumentTypes
string
Example: excludeDocumentTypes=mlr

Comma-separated list of document types to exclude from statistics. Supported values: invoice, creditnote, order, order-response, order-change, order-cancellation, despatch-advice, receipt-advice, catalogue, mlr, invoice-response, other.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Get a document

Authorizations:
oauth2None
path Parameters
documentId
required
string

Responses

Response samples

Content type
application/json
{
  • "id": "string",
  • "extId": "string",
  • "tenantId": "string",
  • "senderId": "string",
  • "receiverId": "string",
  • "senderPeppolId": "string",
  • "receiverPeppolId": "string",
  • "documentTypeIdentifier": "string",
  • "documentType": "invoice",
  • "documentNumber": "string",
  • "originalFormat": "UBL",
  • "status": "string",
  • "validationStatus": "need-validation",
  • "direction": "inbound",
  • "isRead": true,
  • "metadata": { },
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string",
  • "readAt": "2019-08-24T14:15:22Z",
  • "messageId": "string"
}

Update a document

Authorizations:
oauth2None
path Parameters
documentId
required
string
Request Body schema: application/json
required
documentNumber
string
documentType
string
status
string
metadata
object

Responses

Request samples

Content type
application/json
{
  • "documentNumber": "string",
  • "documentType": "string",
  • "status": "string",
  • "metadata": { }
}

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Delete a document

Permanently deletes a document. Only documents in draft or failed status can be deleted.

Authorizations:
oauth2None
path Parameters
documentId
required
string

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Send MLR confirmation (transmission-level)

Marks an inbound document as confirmed. If the document has PEPPOL IDs, sends a PEPPOL MLR (Message Level Response, BIS 36) with response code AP (Accepted) to the original sender. Idempotent.

Authorizations:
oauth2None
path Parameters
documentId
required
string

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Send MLR rejection (transmission-level)

Rejects an inbound document. If the document has PEPPOL IDs, sends a PEPPOL MLR (Message Level Response, BIS 36) with response code RE (Rejected) to the original sender. Idempotent.

Authorizations:
oauth2None
path Parameters
documentId
required
string
Request Body schema: application/json
optional
reason
string

Optional rejection reason

Responses

Request samples

Content type
application/json
{
  • "reason": "string"
}

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Accept document (business-level)

Sends a business-level acceptance response for an inbound document. For invoice documents (invoice, credit-note, debit-note), sends an Invoice Message Response (IMR, BIS 63) with code AP. For order documents, sends an OrderResponse (BIS 28) with code AP. Requires the document to have PEPPOL IDs.

Authorizations:
oauth2None
path Parameters
documentId
required
string
Request Body schema: application/json
optional
responseCode
string
Default: "AP"
Enum: "AB" "IP" "UQ" "CA" "RE" "AP" "PD"

Response code to send. Defaults to AP (Accepted). For invoice documents (IMR, BIS 63) valid values are: AB (Acknowledgement of receipt), IP (In process), UQ (Under query), CA (Conditionally accepted), RE (Rejected), AP (Accepted), PD (Payment initiated). For order documents (OrderResponse, BIS 28) valid values are: AP (Accepted), RE (Rejected).

note
string

Optional acceptance note

effectiveDate
string <date>

Optional effective date (ISO 8601 date)

Responses

Request samples

Content type
application/json
{
  • "responseCode": "AP",
  • "note": "string",
  • "effectiveDate": "2019-08-24"
}

Response samples

Content type
application/json
{
  • "data": {
    }
}

Reject a document (business-level)

Sends a business-level rejection response for an inbound document. For invoice documents, sends an Invoice Message Response (IMR, BIS 63) with code RE (Rejected). For order documents, sends an OrderResponse (BIS 28) with code RE. The response code can be overridden via the request body. Requires the document to have PEPPOL IDs.

Authorizations:
oauth2None
path Parameters
documentId
required
string
Request Body schema: application/json
optional
responseCode
string
Default: "RE"
Enum: "AB" "IP" "UQ" "CA" "RE" "AP" "PD"

Response code to send. Defaults to RE (Rejected). For invoice documents (IMR, BIS 63) valid values are: AB (Acknowledgement of receipt), IP (In process), UQ (Under query), CA (Conditionally accepted), RE (Rejected), AP (Accepted), PD (Payment initiated). For order documents (OrderResponse, BIS 28) valid values are: AP (Accepted), RE (Rejected).

note
string

Optional note to include in the business response.

effectiveDate
string <date>

Optional effective date (ISO 8601 date)

Responses

Request samples

Content type
application/json
{
  • "responseCode": "RE",
  • "note": "Invoice does not match the purchase order.",
  • "effectiveDate": "2019-08-24"
}

Response samples

Content type
application/json
{
  • "data": {
    }
}

Send business response (custom)

Sends a custom business-level response for an inbound document. For invoice documents, uses IMR (BIS 63). For order documents, uses OrderResponse (BIS 28). Requires the document to have PEPPOL IDs.

Authorizations:
oauth2None
path Parameters
documentId
required
string
Request Body schema: application/json
required
responseCode
required
string

For invoices: AB, IP, UQ, CA, RE, AP, PD. For orders: AP, RE.

note
string

Optional note

effectiveDate
string <date>

Optional effective date (ISO 8601 date)

Responses

Request samples

Content type
application/json
{
  • "responseCode": "string",
  • "note": "string",
  • "effectiveDate": "2019-08-24"
}

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Mark a document as read (dismiss from inbox)

Marks an inbound document as read (sets isRead to true, status to confirmed). Once acknowledged, the document is removed from GET /api/documents/inbox with status=pending or status=received, and will appear under status=acknowledged instead. If the document has PEPPOL IDs, an MLR (BIS 36) with response code AP is sent to the original sender as a side-effect. Idempotent — if the document is already read, no change is made but the call succeeds.

Authorizations:
oauth2None
path Parameters
documentId
required
string

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Clone an outbound document as draft

Creates a new outbound draft by cloning an existing outbound document.

Authorizations:
oauth2None
path Parameters
documentId
required
string

Responses

Response samples

Content type
application/json
{
  • "data": {
    }
}

Download document transport envelope

Downloads the full envelope JSON metadata from the preferred Peppol log entry for this document. The API prefers successful transmission logs; if none exist, it uses the newest log entry.

Authorizations:
oauth2None
path Parameters
documentId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Forward a received document as outbound draft

Creates a new outbound draft from an inbound document by swapping sender and receiver metadata for re-sending.

Authorizations:
oauth2None
path Parameters
documentId
required
string

Responses

Response samples

Content type
application/json
{
  • "data": {
    }
}

List Peppol transmission logs for a document

Returns all Peppol transmission log entries that reference this document.

Authorizations:
oauth2None
path Parameters
documentId
required
string <uuid>
query Parameters
status
string
Enum: "received" "sent" "delivery_failed" "permanent_failure"

Filter by transmission status.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Download document transport receipt

Downloads the receipt XML from the preferred Peppol log entry for this document. The API prefers successful transmission logs; if none exist, it uses the newest log entry. Receipt selection order is primaryReceipt first, then the first item in receipts.

Authorizations:
oauth2None
path Parameters
documentId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Get document delivery/transmission status

Returns document status with flattened transmission and outbound queue metadata on the document payload.

Authorizations:
oauth2None
path Parameters
documentId
required
string
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "documentId": "string",
  • "direction": "inbound",
  • "format": "string",
  • "documentTypeIdentifier": "string",
  • "documentType": "invoice",
  • "senderPeppolId": "string",
  • "receiverPeppolId": "string",
  • "status": "string",
  • "validationStatus": "need-validation",
  • "isRead": true,
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "messageId": "string",
  • "transmissionId": "string",
  • "messageStatus": "string",
  • "messageSentAt": "2019-08-24T14:15:22Z",
  • "messageReceivedAt": "2019-08-24T14:15:22Z",
  • "messageError": "string",
  • "sendQueueStatus": {
    }
}

Validate a document and persist validation status

Validates stored UBL XML content for the document, updates document.validationStatus to valid/invalid, and returns validation result. When the document is already marked as valid, the endpoint immediately returns a successful validation result without re-running validation.

Authorizations:
oauth2None
path Parameters
documentId
required
string
header Parameters
Accept-Language
string
Example: en

Preferred response language. Supported values are en, cs, de, sk, pl, hu, fr, it, es, ro, hr, sl, ua, pt, dk, fi, gr, lu, no, se, and nl. Unsupported values fall back to the default locale.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

List inbound documents for a participant

Returns inbound documents where the resolved participant is the receiver. The participant must be identified via one of: a participant-scoped API key, the X-Peppol-Participant-Id header, or a JWT with participant IDs.

Authorizations:
oauth2None
query Parameters
limit
integer [ 1 .. 200 ]
Default: 50

Maximum number of items to return (1–200).

pageToken
string

Cursor token returned by a previous request for forward pagination.

status
string
Example: status=acknowledged

Filter by document status. Use acknowledged to return only acknowledged documents, pending or received for not-yet-acknowledged documents, or any custom status value.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

List documents for a participant

Authorizations:
oauth2None
path Parameters
participantId
required
string
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

direction
string
Enum: "inbound" "outbound"
status
string
documentTypes
string
Example: documentTypes=invoice,creditnote

Comma-separated list of document types to include. Use * for all types. Defaults to invoice,creditnote. Supported values: invoice, creditnote, order, order-response, order-change, order-cancellation, despatch-advice, receipt-advice, catalogue, mlr, invoice-response, other.

excludeDocumentTypes
string
Example: excludeDocumentTypes=mlr

Comma-separated list of document types to exclude from results. Useful for hiding response document types (e.g. mlr,order-response) from inbox views. Supported values: invoice, creditnote, order, order-response, order-change, order-cancellation, despatch-advice, receipt-advice, catalogue, mlr, invoice-response, other.

documentNumber
string
format
string
Enum: "UBL" "ISDOC" "ISDOCX" "POHODA" "CII" "FACTUR_X" "ORDER_X" "ZUGFERD"
dateFrom
string <date-time>
dateTo
string <date-time>
search
string
messageId
string <uuid>

Filter by exact Peppol SBDH message identifier (UUID). Useful for correlating a response document (MLR, ILR, Order Response) with the original document it references.

order
string

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Get aggregated document counts by status for a participant

Authorizations:
oauth2None
path Parameters
participantId
required
string
query Parameters
direction
string
Enum: "inbound" "outbound"
documentTypes
string
Example: documentTypes=invoice,creditnote

Comma-separated list of document types to include. Use * for all types. Defaults to all types. Supported values: invoice, creditnote, order, order-response, order-change, order-cancellation, despatch-advice, receipt-advice, catalogue, mlr, invoice-response, other.

excludeDocumentTypes
string
Example: excludeDocumentTypes=mlr

Comma-separated list of document types to exclude from statistics. Supported values: invoice, creditnote, order, order-response, order-change, order-cancellation, despatch-advice, receipt-advice, catalogue, mlr, invoice-response, other.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Import document files as drafts

Imports one or more files and stores them as draft documents. Supported input formats include ISDOC, ISDOCX, UBL XML, CII/XRechnung, Factur-X, ZUGFeRD, Order-X, and Pohoda XML. PDFs with embedded XML (for example Factur-X/ZUGFeRD PDF/A-3 or PDF+ISDOC) are also supported.

Authorizations:
oauth2None
path Parameters
participantId
required
string
query Parameters
allowDuplicates
boolean
Default: false

When true, documents with duplicate document number and type are imported as new drafts instead of being rejected.

Request Body schema: multipart/form-data
required
files
required
Array of strings <binary> [ items <binary > ]

One or more invoice/order files to import

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Get unread inbound documents for a participant

Authorizations:
oauth2None
path Parameters
participantId
required
string
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

List documents for a tenant

Authorizations:
oauth2
path Parameters
tenantId
required
string
query Parameters
participantId
string <uuid>
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

direction
string
Enum: "inbound" "outbound"
status
string
documentTypes
string
Example: documentTypes=invoice,creditnote

Comma-separated list of document types to include. Use * for all types. Defaults to invoice,creditnote. Supported values: invoice, creditnote, order, order-response, order-change, order-cancellation, despatch-advice, receipt-advice, catalogue, mlr, invoice-response, other.

excludeDocumentTypes
string
Example: excludeDocumentTypes=mlr

Comma-separated list of document types to exclude from results. Useful for hiding response document types (e.g. mlr,order-response) from inbox views. Supported values: invoice, creditnote, order, order-response, order-change, order-cancellation, despatch-advice, receipt-advice, catalogue, mlr, invoice-response, other.

documentNumber
string
format
string
dateFrom
string <date-time>
dateTo
string <date-time>
search
string
messageId
string <uuid>

Filter by exact Peppol SBDH message identifier (UUID). Useful for correlating a response document (MLR, ILR, Order Response) with the original document it references.

order
string

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

API Keys

API key management across root, tenant, and participant scopes

List API keys across accessible tenants

X-Peppol-Participant-Id can be used instead of participantId to resolve the participant from a Peppol identifier.

Authorizations:
oauth2
query Parameters
tenantId
string

Optional tenant filter.

participantId
string <uuid>
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Create an API key

X-Peppol-Participant-Id can be used instead of participantId in the request body. If both are provided, they must identify the same participant.

Authorizations:
oauth2
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Request Body schema: application/json
required
tenantId
string <uuid>
participantId
string <uuid>
name
required
string
scope
string
Enum: "tenant" "participant"

Key context. tenant allows tenant-wide access according to permissions. participant restricts access to participant-scoped resources.

permissions
required
Array of strings
Items Enum: "admin" "read_participant_info" "send_documents" "receive_documents" "receive_all_documents" "read_all_documents"

Developer API key capabilities. admin is full access; send_documents is outbound sending; receive_documents is inbound non-acknowledged visibility; receive_all_documents includes acknowledged inbound; read_all_documents allows full document read; read_participant_info is participant metadata access.

rateLimit
string
isActive
boolean
expiresAt
string <date-time>

Responses

Request samples

Content type
application/json
{
  • "tenantId": "f97df110-f4de-492e-8849-4a6af68026b0",
  • "participantId": "9f6624b5-5f99-42b6-899f-30f2b369cbd7",
  • "name": "string",
  • "scope": "tenant",
  • "permissions": [
    ],
  • "rateLimit": "string",
  • "isActive": true,
  • "expiresAt": "2019-08-24T14:15:22Z"
}

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Get an API key by ID

Authorizations:
oauth2
path Parameters
apiKeyId
required
string

Responses

Response samples

Content type
application/json
{
  • "id": "string",
  • "clientId": "string",
  • "name": "string",
  • "tenantId": "string",
  • "participantId": "string",
  • "scope": "string",
  • "permissions": "string",
  • "rateLimit": "string",
  • "isActive": true,
  • "blocked": true,
  • "blockedReason": "string",
  • "expiresAt": "2019-08-24T14:15:22Z",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string",
  • "lastUsedAt": "2019-08-24T14:15:22Z"
}

Update an API key

Authorizations:
oauth2
path Parameters
apiKeyId
required
string
Request Body schema: application/json
required
name
string
participantId
string or null <uuid>
scope
string
Enum: "tenant" "participant"

Key context. tenant allows tenant-wide access according to permissions. participant restricts access to participant-scoped resources.

permissions
Array of strings
Items Enum: "admin" "read_participant_info" "send_documents" "receive_documents" "receive_all_documents" "read_all_documents"

Developer API key capabilities. admin is full access; send_documents is outbound sending; receive_documents is inbound non-acknowledged visibility; receive_all_documents includes acknowledged inbound; read_all_documents allows full document read; read_participant_info is participant metadata access.

rateLimit
string or null
isActive
boolean
expiresAt
string or null <date-time>

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "participantId": "9f6624b5-5f99-42b6-899f-30f2b369cbd7",
  • "scope": "tenant",
  • "permissions": [
    ],
  • "rateLimit": "string",
  • "isActive": true,
  • "expiresAt": "2019-08-24T14:15:22Z"
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "clientId": "string",
  • "name": "string",
  • "tenantId": "string",
  • "participantId": "string",
  • "scope": "string",
  • "permissions": "string",
  • "rateLimit": "string",
  • "isActive": true,
  • "blocked": true,
  • "blockedReason": "string",
  • "expiresAt": "2019-08-24T14:15:22Z",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string",
  • "lastUsedAt": "2019-08-24T14:15:22Z"
}

Delete an API key

Authorizations:
oauth2
path Parameters
apiKeyId
required
string

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

List API keys for a participant

Authorizations:
oauth2
path Parameters
participantId
required
string
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Create an API key for a participant

Authorizations:
oauth2
path Parameters
participantId
required
string
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Request Body schema: application/json
required
name
required
string
permissions
required
Array of strings
Items Enum: "admin" "read_participant_info" "send_documents" "receive_documents" "receive_all_documents" "read_all_documents"

Developer API key capabilities. admin is full access; send_documents is outbound sending; receive_documents is inbound non-acknowledged visibility; receive_all_documents includes acknowledged inbound; read_all_documents allows full document read; read_participant_info is participant metadata access.

rateLimit
string
isActive
boolean
expiresAt
string <date-time>

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "permissions": [
    ],
  • "rateLimit": "string",
  • "isActive": true,
  • "expiresAt": "2019-08-24T14:15:22Z"
}

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

List API keys for a tenant

X-Peppol-Participant-Id can be used instead of participantId to resolve the participant from a Peppol identifier within the tenant.

Authorizations:
oauth2
path Parameters
tenantId
required
string
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

participantId
string <uuid>
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Create an API key

Authorizations:
oauth2
path Parameters
tenantId
required
string
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Request Body schema: application/json
required
name
required
string
participantId
string <uuid>
scope
string
Enum: "tenant" "participant"

Key context. tenant allows tenant-wide access according to permissions. participant restricts access to participant-scoped resources.

permissions
required
Array of strings
Items Enum: "admin" "read_participant_info" "send_documents" "receive_documents" "receive_all_documents" "read_all_documents"

Developer API key capabilities. admin is full access; send_documents is outbound sending; receive_documents is inbound non-acknowledged visibility; receive_all_documents includes acknowledged inbound; read_all_documents allows full document read; read_participant_info is participant metadata access.

rateLimit
string
isActive
boolean
expiresAt
string <date-time>

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "participantId": "9f6624b5-5f99-42b6-899f-30f2b369cbd7",
  • "scope": "tenant",
  • "permissions": [
    ],
  • "rateLimit": "string",
  • "isActive": true,
  • "expiresAt": "2019-08-24T14:15:22Z"
}

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Affiliate Tokens

Tenant and participant affiliate token management.

List affiliate tokens across accessible tenants

X-Peppol-Participant-Id can be used instead of participantId to resolve the participant from a Peppol identifier.

Authorizations:
oauth2
query Parameters
tenantId
string <uuid>

Optional tenant filter.

participantId
string <uuid>
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Create an affiliate token

Creates an affiliate token for a participant. Requires tenant admin role.

Authorizations:
oauth2
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Request Body schema: application/json
required
tenantId
string <uuid>
participantId
required
string <uuid>
name
required
string
validTo
string <date-time>
isActive
boolean
token
string <uuid>

Responses

Request samples

Content type
application/json
{
  • "tenantId": "f97df110-f4de-492e-8849-4a6af68026b0",
  • "participantId": "9f6624b5-5f99-42b6-899f-30f2b369cbd7",
  • "name": "string",
  • "validTo": "2019-08-24T14:15:22Z",
  • "isActive": true,
  • "token": "b5507016-7da2-4777-a161-1e8042a6a377"
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "tenantId": "f97df110-f4de-492e-8849-4a6af68026b0",
  • "participantId": "9f6624b5-5f99-42b6-899f-30f2b369cbd7",
  • "name": "string",
  • "validTo": "2019-08-24T14:15:22Z",
  • "isActive": true,
  • "token": "b5507016-7da2-4777-a161-1e8042a6a377",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "createdBy": "25a02396-1048-48f9-bf93-102d2fb7895e",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "updatedBy": "b0efe45f-0520-4e21-90f0-7e35f137732e"
}

Get affiliate token detail

Authorizations:
oauth2
path Parameters
affiliateTokenId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "tenantId": "f97df110-f4de-492e-8849-4a6af68026b0",
  • "participantId": "9f6624b5-5f99-42b6-899f-30f2b369cbd7",
  • "name": "string",
  • "validTo": "2019-08-24T14:15:22Z",
  • "isActive": true,
  • "token": "b5507016-7da2-4777-a161-1e8042a6a377",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "createdBy": "25a02396-1048-48f9-bf93-102d2fb7895e",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "updatedBy": "b0efe45f-0520-4e21-90f0-7e35f137732e"
}

Update an affiliate token

Authorizations:
oauth2
path Parameters
affiliateTokenId
required
string <uuid>
Request Body schema: application/json
required
participantId
string <uuid>
name
string
validTo
string or null <date-time>
isActive
boolean
token
string <uuid>

Responses

Request samples

Content type
application/json
{
  • "participantId": "9f6624b5-5f99-42b6-899f-30f2b369cbd7",
  • "name": "string",
  • "validTo": "2019-08-24T14:15:22Z",
  • "isActive": true,
  • "token": "b5507016-7da2-4777-a161-1e8042a6a377"
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "tenantId": "f97df110-f4de-492e-8849-4a6af68026b0",
  • "participantId": "9f6624b5-5f99-42b6-899f-30f2b369cbd7",
  • "name": "string",
  • "validTo": "2019-08-24T14:15:22Z",
  • "isActive": true,
  • "token": "b5507016-7da2-4777-a161-1e8042a6a377",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "createdBy": "25a02396-1048-48f9-bf93-102d2fb7895e",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "updatedBy": "b0efe45f-0520-4e21-90f0-7e35f137732e"
}

Delete an affiliate token

Authorizations:
oauth2
path Parameters
affiliateTokenId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Event Logs

Audit and event log access

List tenant-level audit/event logs across accessible tenants

Returns tenant-scoped audit/event logs. For participant-scoped logs, use /api/participants/{participantId}/event-logs.

Authorizations:
oauth2
query Parameters
tenantId
string

Optional tenant filter.

participantId
string

Filter by participant ID.

userId
string

Filter by user ID.

eventType
string

Filter by event type.

severity
string
Enum: "info" "peppol" "document" "security" "warning" "error"

Filter by severity level.

limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Get an event log by ID

Authorizations:
oauth2
path Parameters
eventLogId
required
string

Responses

Response samples

Content type
application/json
{
  • "id": "string",
  • "tenantId": "string",
  • "participantId": "string",
  • "userId": "string",
  • "user": {
    },
  • "eventType": "string",
  • "severity": "info",
  • "message": "string",
  • "metadata": { },
  • "createdAt": "2019-08-24T14:15:22Z"
}

List audit/event logs for a participant

Authorizations:
oauth2
path Parameters
participantId
required
string
query Parameters
userId
string

Filter by user ID.

eventType
string

Filter by event type.

severity
string
Enum: "info" "peppol" "document" "security" "warning" "error"

Filter by severity level.

limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

List tenant-level audit/event logs for a tenant

Returns tenant-scoped audit/event logs for the selected tenant. For participant-scoped logs, use /participants/{participantId}/event-logs.

Authorizations:
oauth2
path Parameters
tenantId
required
string
query Parameters
participantId
string

Filter by participant ID.

userId
string

Filter by user ID.

eventType
string

Filter by event type.

severity
string
Enum: "info" "peppol" "document" "security" "warning" "error"

Filter by severity level.

limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Reports

Peppol reporting endpoints. This section is required only when using our platform as a white-label Peppol AP.

Download a Peppol report XML by ID

Downloads the stored report XML payload as an attachment.

Authorizations:
oauth2
path Parameters
reportId
required
string

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Send a generated Peppol report

Sends the stored report XML to OpenPeppol reporting recipient. For access-point-scoped reports, sender participant is resolved from accessPoint.primaryParticipantId. For legacy tenant-scoped reports, participantId request body field is still accepted.

Authorizations:
oauth2
path Parameters
reportId
required
string
Request Body schema: application/json
optional
participantId
string <uuid>

Legacy fallback for tenant-scoped reports. Ignored for access-point-scoped reports.

Responses

Request samples

Content type
application/json
{
  • "participantId": "9f6624b5-5f99-42b6-899f-30f2b369cbd7"
}

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Generate an access-point Peppol report (EUSR or TSR)

Generates a report XML for the selected access point and period. Reporter ID is resolved from accessPoint.peppolApSeatId, then PEPPOL_AP_SEAT_ID as fallback.

Authorizations:
oauth2
path Parameters
apId
required
string <uuid>
reportType
required
string
Enum: "eusr" "tsr"
Request Body schema: application/json
optional
year
integer [ 2000 .. 3000 ]
month
integer [ 1 .. 12 ]
overwrite
boolean
Default: false

Responses

Request samples

Content type
application/json
{
  • "year": 2000,
  • "month": 1,
  • "overwrite": false
}

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

List Peppol reports for a participant's tenant

Authorizations:
oauth2None
path Parameters
participantId
required
string <uuid>
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

createdSince
string <date-time>

Filter reports created after this ISO 8601 timestamp.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

List Peppol reports across accessible tenants

Authorizations:
oauth2
query Parameters
tenantId
string

Optional tenant filter.

limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

reportType
string
Enum: "eusr" "tsr"
status
string
Enum: "generated" "submitted" "failed"
year
integer

Reporting period year. Must be used together with month.

month
integer [ 1 .. 12 ]

Reporting period month (1-12). Must be used together with year.

createdSince
string <date-time>

Filter reports created after this ISO 8601 timestamp.

participantId
string <uuid>

Filter by participant (resolves to the participant's tenant).

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Get a Peppol report by ID

Authorizations:
oauth2
path Parameters
reportId
required
string

Responses

Response samples

Content type
application/json
{
  • "id": "string",
  • "tenantId": "string",
  • "reportType": "eusr",
  • "reporterId": "string",
  • "periodStart": "2019-08-24",
  • "periodEnd": "2019-08-24",
  • "reportXml": "string",
  • "status": "generated",
  • "transmissionId": "string",
  • "submittedAt": "2019-08-24T14:15:22Z",
  • "errorMessage": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z"
}

List Peppol reports for a tenant

Authorizations:
oauth2
path Parameters
tenantId
required
string
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

reportType
string
Enum: "eusr" "tsr"
status
string
Enum: "generated" "submitted" "failed"
year
integer

Reporting period year. Must be used together with month.

month
integer [ 1 .. 12 ]

Reporting period month (1-12). Must be used together with year.

createdSince
string <date-time>

Filter reports created after this ISO 8601 timestamp.

participantId
string <uuid>

Reserved for future filtering by participant.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Generate a tenant Peppol report (EUSR or TSR)

Generates a report XML for the selected tenant and period, stores it in peppol_reports, and returns the created report row. By default, the previous month is used. For tenants linked to an access point, access-point admin/owner permissions are required.

Authorizations:
oauth2
path Parameters
tenantId
required
string
reportType
required
string
Enum: "eusr" "tsr"
Request Body schema: application/json
optional
year
integer [ 2000 .. 3000 ]
month
integer [ 1 .. 12 ]
reporterId
string

Optional explicit reporter ID. If omitted, accessPoint.peppolApSeatId is used for linked tenants, then PEPPOL_AP_SEAT_ID as fallback.

overwrite
boolean
Default: false

When false, returns the latest existing report for the same tenant or access-point context/type/period instead of creating a new one.

Responses

Request samples

Content type
application/json
{
  • "year": 2000,
  • "month": 1,
  • "reporterId": "string",
  • "overwrite": false
}

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Peppol Logs

Peppol transmission log access

List Peppol transmission logs for a participant

Authorizations:
oauth2None
path Parameters
participantId
required
string <uuid>
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

createdSince
string <date-time>

Filter logs created after this ISO 8601 timestamp.

status
string
Enum: "received" "sent" "delivery_failed" "permanent_failure"

Filter by transmission status.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

List Peppol transmission logs across accessible tenants

X-Peppol-Participant-Id can be used instead of participantId to resolve the participant from a Peppol identifier.

Authorizations:
oauth2
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

tenantId
string <uuid>

Filter by tenant ID.

participantId
string <uuid>

Filter by participant ID.

createdSince
string <date-time>

Filter logs created after this ISO 8601 timestamp.

status
string
Enum: "received" "sent" "delivery_failed" "permanent_failure"

Filter by transmission status.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Get a Peppol log entry by ID

Authorizations:
oauth2
path Parameters
logId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "tenantId": "f97df110-f4de-492e-8849-4a6af68026b0",
  • "participantId": "9f6624b5-5f99-42b6-899f-30f2b369cbd7",
  • "messageId": "string",
  • "transmissionId": "string",
  • "senderPeppolId": "string",
  • "receiverPeppolId": "string",
  • "documentTypeIdentifier": "string",
  • "protocol": "string",
  • "status": "string",
  • "errorMessage": "string",
  • "documentId": "4704590c-004e-410d-adf7-acb7ca0a7052",
  • "relatedDocumentId": "f378d447-e861-41e5-b4ef-eeeefde286d7",
  • "kind": "string",
  • "createdAt": "2019-08-24T14:15:22Z"
}

List Peppol transmission logs for a tenant

X-Peppol-Participant-Id can be used instead of participantId to resolve the participant from a Peppol identifier within the tenant.

Authorizations:
oauth2
path Parameters
tenantId
required
string <uuid>
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

participantId
string <uuid>

Filter by participant ID.

status
string
Enum: "received" "sent" "delivery_failed" "permanent_failure"

Filter by transmission status.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Webhooks

Webhook subscriptions

List webhooks for a participant

Authorizations:
oauth2
path Parameters
participantId
required
string
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Register a webhook for a participant

Authorizations:
oauth2
path Parameters
participantId
required
string
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Request Body schema: application/json
required
extId
string
tenantId
string <uuid>
participantId
string <uuid>
url
string <uri>
events
required
Array of strings non-empty
Items Enum: "document.received" "mlr" "invoice.response" "order.response" "document.sent" "document.delivered" "document.failed" "account.verified" "certificate.expiring"
documentTypes
Array of strings
Items Enum: "*" "invoice" "creditnote" "order" "order-response" "order-change" "order-cancellation" "despatch-advice" "receipt-advice" "catalogue" "mlr" "invoice-response" "other"

Optional list of document type categories to filter document events. Use ["*"] to explicitly receive all types. When empty or omitted, all document types are delivered. Has no effect on account.verified and certificate.expiring events.

Responses

Request samples

Content type
application/json
{
  • "extId": "string",
  • "tenantId": "f97df110-f4de-492e-8849-4a6af68026b0",
  • "participantId": "9f6624b5-5f99-42b6-899f-30f2b369cbd7",
  • "url": "http://example.com",
  • "events": [
    ],
  • "documentTypes": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "tenantId": "string",
  • "participantId": "string",
  • "developerApplicationId": "6ef97728-d15f-414a-90f1-e5b529f25259",
  • "url": "string",
  • "events": [
    ],
  • "documentTypes": [
    ],
  • "secret": "string",
  • "isActive": true,
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string"
}

List webhooks for a tenant

X-Peppol-Participant-Id can be used instead of participantId to resolve the participant from a Peppol identifier within the tenant.

Authorizations:
oauth2
path Parameters
tenantId
required
string
query Parameters
participantId
string <uuid>
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Register a webhook for a tenant

Authorizations:
oauth2
path Parameters
tenantId
required
string
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Request Body schema: application/json
required
extId
string
tenantId
string <uuid>
participantId
string <uuid>
url
string <uri>
events
required
Array of strings non-empty
Items Enum: "document.received" "mlr" "invoice.response" "order.response" "document.sent" "document.delivered" "document.failed" "account.verified" "certificate.expiring"
documentTypes
Array of strings
Items Enum: "*" "invoice" "creditnote" "order" "order-response" "order-change" "order-cancellation" "despatch-advice" "receipt-advice" "catalogue" "mlr" "invoice-response" "other"

Optional list of document type categories to filter document events. Use ["*"] to explicitly receive all types. When empty or omitted, all document types are delivered. Has no effect on account.verified and certificate.expiring events.

Responses

Request samples

Content type
application/json
{
  • "extId": "string",
  • "tenantId": "f97df110-f4de-492e-8849-4a6af68026b0",
  • "participantId": "9f6624b5-5f99-42b6-899f-30f2b369cbd7",
  • "url": "http://example.com",
  • "events": [
    ],
  • "documentTypes": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "tenantId": "string",
  • "participantId": "string",
  • "developerApplicationId": "6ef97728-d15f-414a-90f1-e5b529f25259",
  • "url": "string",
  • "events": [
    ],
  • "documentTypes": [
    ],
  • "secret": "string",
  • "isActive": true,
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string"
}

List webhooks

X-Peppol-Participant-Id can be used instead of participantId to resolve the participant from a Peppol identifier.

Authorizations:
oauth2
query Parameters
tenantId
string

Optional tenant filter.

participantId
string <uuid>
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Register a webhook

Authorizations:
oauth2
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Request Body schema: application/json
required
extId
string
tenantId
string <uuid>
participantId
string <uuid>
url
string <uri>
events
required
Array of strings non-empty
Items Enum: "document.received" "mlr" "invoice.response" "order.response" "document.sent" "document.delivered" "document.failed" "account.verified" "certificate.expiring"
documentTypes
Array of strings
Items Enum: "*" "invoice" "creditnote" "order" "order-response" "order-change" "order-cancellation" "despatch-advice" "receipt-advice" "catalogue" "mlr" "invoice-response" "other"

Optional list of document type categories to filter document events. Use ["*"] to explicitly receive all types. When empty or omitted, all document types are delivered. Has no effect on account.verified and certificate.expiring events.

Responses

Request samples

Content type
application/json
{
  • "extId": "string",
  • "tenantId": "f97df110-f4de-492e-8849-4a6af68026b0",
  • "participantId": "9f6624b5-5f99-42b6-899f-30f2b369cbd7",
  • "url": "http://example.com",
  • "events": [
    ],
  • "documentTypes": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "tenantId": "string",
  • "participantId": "string",
  • "developerApplicationId": "6ef97728-d15f-414a-90f1-e5b529f25259",
  • "url": "string",
  • "events": [
    ],
  • "documentTypes": [
    ],
  • "secret": "string",
  • "isActive": true,
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string"
}

Get a webhook by ID

Authorizations:
oauth2
path Parameters
webhookId
required
string

Responses

Response samples

Content type
application/json
{
  • "id": "string",
  • "extId": "string",
  • "tenantId": "string",
  • "participantId": "string",
  • "developerApplicationId": "6ef97728-d15f-414a-90f1-e5b529f25259",
  • "url": "string",
  • "events": [
    ],
  • "documentTypes": [
    ],
  • "isActive": true,
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string"
}

Update a webhook

Authorizations:
oauth2
path Parameters
webhookId
required
string
Request Body schema: application/json
required
extId
string
url
string <uri>
events
Array of strings non-empty
Items Enum: "document.received" "mlr" "invoice.response" "order.response" "document.sent" "document.delivered" "document.failed" "account.verified" "certificate.expiring"
documentTypes
Array of strings or null
Enum: "*" "invoice" "creditnote" "order" "order-response" "order-change" "order-cancellation" "despatch-advice" "receipt-advice" "catalogue" "mlr" "invoice-response" "other"

Optional list of document type categories to filter document events. Use ["*"] to explicitly receive all types. Set to null or empty array to remove the filter.

isActive
boolean

Responses

Request samples

Content type
application/json
{
  • "extId": "string",
  • "url": "http://example.com",
  • "events": [
    ],
  • "documentTypes": [
    ],
  • "isActive": true
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "extId": "string",
  • "tenantId": "string",
  • "participantId": "string",
  • "developerApplicationId": "6ef97728-d15f-414a-90f1-e5b529f25259",
  • "url": "string",
  • "events": [
    ],
  • "documentTypes": [
    ],
  • "isActive": true,
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string"
}

Delete a webhook

Authorizations:
oauth2
path Parameters
webhookId
required
string

Responses

Response samples

Content type
application/json
{
  • "message": "string"
}

Allowed Emails

Per-participant allowlist of sender email addresses whose ISDOC/PDF.ISDOC attachments are delivered to the Peppol network.

List allowed emails across accessible tenants

Returns allowed-email entries. Filter by participantId and optionally tenantId.

Authorizations:
oauth2
query Parameters
tenantId
string <uuid>

Optional tenant filter.

participantId
string <uuid>

Optional participant filter. Required for participant-scoped users.

limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Create an allowed email

Creates an allowed-email entry for a participant accessible to the authenticated tenant user.

Authorizations:
oauth2
Request Body schema: application/json
required
email
required
string <email> <= 255 characters

Responses

Request samples

Content type
application/json
{
  • "email": "user@example.com"
}

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Update an allowed email

Authorizations:
oauth2
path Parameters
allowedEmailId
required
string <uuid>
Request Body schema: application/json
required
isActive
boolean

Responses

Request samples

Content type
application/json
{
  • "isActive": true
}

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Delete an allowed email

Authorizations:
oauth2
path Parameters
allowedEmailId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": true
}

List allowed emails for a participant

Authorizations:
oauth2
path Parameters
participantId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Add an allowed email for a participant

Authorizations:
oauth2
path Parameters
participantId
required
string <uuid>
Request Body schema: application/json
required
email
required
string <email> <= 255 characters

Responses

Request samples

Content type
application/json
{
  • "email": "user@example.com"
}

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Email Gateways

Per-participant inbound email gateway addresses used to receive incoming documents by email.

List email gateways across accessible tenants

Returns email-gateway entries. Filter by participantId and optionally tenantId.

Authorizations:
oauth2
query Parameters
tenantId
string <uuid>

Optional tenant filter.

participantId
string <uuid>

Optional participant filter. Required for participant-scoped users.

limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Create an email gateway

Creates an email-gateway entry for a participant accessible to the authenticated tenant user.

Authorizations:
oauth2
Request Body schema: application/json
required
object (CreateEmailGatewayRequest)

Request body for creating a new email gateway entry. The email local part is generated on the server.

Responses

Request samples

Content type
application/json
{ }

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Update an email gateway

Authorizations:
oauth2
path Parameters
emailGatewayId
required
string <uuid>
Request Body schema: application/json
required
isActive
boolean

Responses

Request samples

Content type
application/json
{
  • "isActive": true
}

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Delete an email gateway

Authorizations:
oauth2
path Parameters
emailGatewayId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": true
}

List email gateways for a participant

Authorizations:
oauth2
path Parameters
participantId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Add an email gateway for a participant

Authorizations:
oauth2
path Parameters
participantId
required
string <uuid>
Request Body schema: application/json
required
object (CreateEmailGatewayRequest)

Request body for creating a new email gateway entry. The email local part is generated on the server.

Responses

Request samples

Content type
application/json
{ }

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Notifications

Per-participant notification channels (email, SMS) for delivery events.

List notifications across accessible tenants

Returns notification channels. Filter by participantId and optionally tenantId.

Authorizations:
oauth2
query Parameters
tenantId
string <uuid>

Optional tenant filter.

participantId
string <uuid>

Optional participant filter. Required for participant-scoped users.

limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Create a notification channel

Creates a notification channel for a participant accessible to the authenticated tenant user.

Authorizations:
oauth2
Request Body schema: application/json
required
type
required
string
Enum: "email" "sms"
address
string <= 255 characters
sendReceivedInvoices
boolean
Default: true
sendDeliveryStatus
boolean
Default: true
sendOtherDocumentTypes
boolean
Default: true
attachmentType
string
Default: "original"
Enum: "none" "original" "pdf" "isdoc" "isdocx" "cii" "factur-x" "order-x" "zugferd"

Attachment variant used for email notifications. Ignored for SMS.

Responses

Request samples

Content type
application/json
{
  • "type": "email",
  • "address": "string",
  • "sendReceivedInvoices": true,
  • "sendDeliveryStatus": true,
  • "sendOtherDocumentTypes": true,
  • "attachmentType": "none"
}

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Update a notification channel

Authorizations:
oauth2
path Parameters
notificationId
required
string <uuid>
Request Body schema: application/json
required
type
string
Enum: "email" "sms"
address
string <= 255 characters
isActive
boolean
sendReceivedInvoices
boolean
sendDeliveryStatus
boolean
sendOtherDocumentTypes
boolean
attachmentType
string
Enum: "none" "original" "pdf" "isdoc" "isdocx" "cii" "factur-x" "order-x" "zugferd"

Responses

Request samples

Content type
application/json
{
  • "type": "email",
  • "address": "string",
  • "isActive": true,
  • "sendReceivedInvoices": true,
  • "sendDeliveryStatus": true,
  • "sendOtherDocumentTypes": true,
  • "attachmentType": "none"
}

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Delete a notification channel

Authorizations:
oauth2
path Parameters
notificationId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": true
}

List notifications for a participant

Authorizations:
oauth2
path Parameters
participantId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Add a notification channel for a participant

Authorizations:
oauth2
path Parameters
participantId
required
string <uuid>
Request Body schema: application/json
required
type
required
string
Enum: "email" "sms"
address
string <= 255 characters
sendReceivedInvoices
boolean
Default: true
sendDeliveryStatus
boolean
Default: true
sendOtherDocumentTypes
boolean
Default: true
attachmentType
string
Default: "original"
Enum: "none" "original" "pdf" "isdoc" "isdocx" "cii" "factur-x" "order-x" "zugferd"

Attachment variant used for email notifications. Ignored for SMS.

Responses

Request samples

Content type
application/json
{
  • "type": "email",
  • "address": "string",
  • "sendReceivedInvoices": true,
  • "sendDeliveryStatus": true,
  • "sendOtherDocumentTypes": true,
  • "attachmentType": "none"
}

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Notification Logs

Read-only log of queued and delivered participant notifications.

List notification logs across accessible tenants

Returns notification log entries. Filter by participantId and optionally tenantId.

Authorizations:
oauth2
query Parameters
tenantId
string <uuid>

Optional tenant filter.

participantId
string <uuid>

Optional participant filter. Required for participant-scoped users.

limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Get a notification log by ID

Authorizations:
oauth2
path Parameters
notificationLogId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "date": "2019-08-24T14:15:22Z",
  • "tenantId": "f97df110-f4de-492e-8849-4a6af68026b0",
  • "participantId": "9f6624b5-5f99-42b6-899f-30f2b369cbd7",
  • "documentId": "4704590c-004e-410d-adf7-acb7ca0a7052",
  • "type": "email",
  • "address": "string",
  • "subject": "string",
  • "body": "string",
  • "status": "to-send",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z"
}

List notification logs for a notification channel

Authorizations:
oauth2
path Parameters
notificationId
required
string <uuid>
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

List notification logs for a participant

Authorizations:
oauth2
path Parameters
participantId
required
string <uuid>
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Invitations

User invitations

Create an invitation

X-Peppol-Participant-Id can be used instead of participantId in the request body. If both are provided, they must identify the same participant.

Authorizations:
oauth2
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Request Body schema: application/json
required
email
required
string <email>
tenantId
string <uuid>
participantId
string <uuid>
role
string
Enum: "admin" "member" "viewer"

Responses

Request samples

Content type
application/json
{
  • "email": "user@example.com",
  • "tenantId": "f97df110-f4de-492e-8849-4a6af68026b0",
  • "participantId": "9f6624b5-5f99-42b6-899f-30f2b369cbd7",
  • "role": "admin"
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "email": "user@example.com",
  • "token": "string",
  • "tenantId": "string",
  • "participantId": "string",
  • "invitedBy": "string",
  • "role": "string",
  • "status": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string",
  • "expiresAt": "2019-08-24T14:15:22Z",
  • "acceptedAt": "2019-08-24T14:15:22Z"
}

List invitations across accessible tenants and participants

X-Peppol-Participant-Id can be used instead of participantId to resolve the participant from a Peppol identifier.

Authorizations:
oauth2
query Parameters
tenantId
string

Optional tenant filter.

participantId
string <uuid>
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Get an invitation by ID

Authorizations:
oauth2
path Parameters
invitationId
required
string

Responses

Response samples

Content type
application/json
{
  • "id": "string",
  • "email": "user@example.com",
  • "token": "string",
  • "tenantId": "string",
  • "participantId": "string",
  • "invitedBy": "string",
  • "role": "string",
  • "status": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string",
  • "expiresAt": "2019-08-24T14:15:22Z",
  • "acceptedAt": "2019-08-24T14:15:22Z"
}

Update an invitation's role

Authorizations:
oauth2
path Parameters
invitationId
required
string
Request Body schema: application/json
required
role
required
string
Enum: "admin" "member" "viewer"

Responses

Request samples

Content type
application/json
{
  • "role": "admin"
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "email": "user@example.com",
  • "token": "string",
  • "tenantId": "string",
  • "participantId": "string",
  • "invitedBy": "string",
  • "role": "string",
  • "status": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string",
  • "expiresAt": "2019-08-24T14:15:22Z",
  • "acceptedAt": "2019-08-24T14:15:22Z"
}

Revoke an invitation

Authorizations:
oauth2
path Parameters
invitationId
required
string

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Resend an invitation

Generates a new token and expiry for an expired or pending invitation and re-sends the invitation email. Requires admin role for tenant-scoped invitations.

Authorizations:
oauth2
path Parameters
invitationId
required
string

Responses

Response samples

Content type
application/json
{
  • "id": "string",
  • "email": "user@example.com",
  • "token": "string",
  • "tenantId": "string",
  • "participantId": "string",
  • "invitedBy": "string",
  • "role": "string",
  • "status": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string",
  • "expiresAt": "2019-08-24T14:15:22Z",
  • "acceptedAt": "2019-08-24T14:15:22Z"
}

List invitations for a participant

Authorizations:
oauth2
path Parameters
participantId
required
string
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Create an invitation for a participant

Authorizations:
oauth2
path Parameters
participantId
required
string
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Request Body schema: application/json
required
email
required
string <email>
role
string
Enum: "admin" "member" "viewer"

Responses

Request samples

Content type
application/json
{
  • "email": "user@example.com",
  • "role": "admin"
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "email": "user@example.com",
  • "token": "string",
  • "tenantId": "string",
  • "participantId": "string",
  • "invitedBy": "string",
  • "role": "string",
  • "status": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string",
  • "expiresAt": "2019-08-24T14:15:22Z",
  • "acceptedAt": "2019-08-24T14:15:22Z"
}

List invitations for a tenant

Authorizations:
oauth2
path Parameters
tenantId
required
string
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

pageToken
string
Example: pageToken=0

Alias of offset. It has the same meaning as offset.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Create an invitation for a tenant (admin only)

Authorizations:
oauth2
path Parameters
tenantId
required
string
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Request Body schema: application/json
required
email
required
string <email>
participantId
string <uuid>
role
string
Enum: "admin" "member" "viewer"

Responses

Request samples

Content type
application/json
{
  • "email": "user@example.com",
  • "participantId": "9f6624b5-5f99-42b6-899f-30f2b369cbd7",
  • "role": "admin"
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "email": "user@example.com",
  • "token": "string",
  • "tenantId": "string",
  • "participantId": "string",
  • "invitedBy": "string",
  • "role": "string",
  • "status": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string",
  • "expiresAt": "2019-08-24T14:15:22Z",
  • "acceptedAt": "2019-08-24T14:15:22Z"
}

Grant Authorization

OAuth 2.0 Authorization Code flow for third-party applications. Allows a developer application to request delegated access to a participant on behalf of a logged-in user. The flow: (1) GET /auth/grant to fetch consent context, (2) POST /auth/grant/authorize (user-authenticated) to issue a short-lived code and redirect, (3) POST /auth/grant/token to exchange the code for access/refresh tokens, (4) POST /auth/grant/refresh to rotate tokens.

Get consent context

Returns the information a consent screen needs to render: application details, required permissions, available participants, and whether the user is already authenticated. An optional Bearer JWT can be included to include participant data.

query Parameters
client_id
required
string

The client ID of the developer application requesting access.

redirect_uri
required
string <uri>

The callback URL to redirect to after authorization. Must be in the application's allowed callback URLs.

response_type
string
Value: "code"
countryCode
string
Example: countryCode=CZ

Two-letter ISO country code of the company to pre-select (e.g. "CZ"). Must be provided together with rn. Matched against the participant's country code (case-insensitive). Ignored when vatId is provided and matches.

rn
string
Example: rn=12345678

Company registration number to pre-select. Must be provided together with countryCode. Matched (case-insensitive, whitespace-normalized) against the participant's registration number or verified registration number.

vatId
string
Example: vatId=CZ12345678

EU VAT ID to pre-select (e.g. "CZ12345678"). Checked first — if a match is found, countryCode/rn are ignored. Matched (case-insensitive, whitespace-normalized) against the participant's EU VAT ID or verified EU VAT ID.

Responses

Response samples

Content type
application/json
{
  • "authenticated": true,
  • "requiresLogin": true,
  • "participantLocked": true,
  • "clientType": "apiKey",
  • "client": {
    },
  • "participants": [
    ],
  • "preselectedParticipantId": "94bc9094-80ff-4479-8db2-e8bfc680dfe2",
  • "redirectUrlError": "string"
}

Authorize and issue a grant code

Requires the user to be logged in (Bearer JWT). Creates a short-lived authorization code, then redirects the user-agent to redirect_uri?code=<code>[&state=<state>].

Authorizations:
oauth2
Request Body schema: application/json
required
client_id
required
string

The client ID of the developer application.

redirect_uri
required
string <uri>

Must match the redirect URI registered for the application.

participantId
required
string <uuid>

The participant the user is granting access to.

state
string

Optional opaque value for CSRF protection; echoed back in the redirect.

Responses

Request samples

Content type
application/json
{
  • "client_id": "string",
  • "redirect_uri": "http://example.com",
  • "participantId": "9f6624b5-5f99-42b6-899f-30f2b369cbd7",
  • "state": "string"
}

Response samples

Content type
application/json
{
  • "error": {
    }
}

Rotate grant refresh token

Validates and revokes the provided refresh token, then issues a fresh pair of access/refresh tokens with the same scope. Implements refresh token rotation.

Request Body schema:
required
refresh_token
required
string

The refresh token obtained from a previous token issuance.

Responses

Request samples

Content type
{
  • "refresh_token": "string"
}

Response samples

Content type
application/json
{
  • "access_token": "string",
  • "token_type": "Bearer",
  • "expires_in": 900,
  • "scope": "document:send document:receive"
}

Exchange authorization code for tokens

Exchanges a short-lived authorization code for an access token and a refresh token. The grant_type must be authorization_code.

Request Body schema:
required
client_id
required
string
client_secret
required
string
code
required
string

The authorization code received from the redirect.

redirect_uri
required
string <uri>

Must exactly match the redirect_uri used in the authorization step.

grant_type
required
string
Value: "authorization_code"

Responses

Request samples

Content type
{
  • "client_id": "string",
  • "client_secret": "string",
  • "code": "string",
  • "redirect_uri": "http://example.com",
  • "grant_type": "authorization_code"
}

Response samples

Content type
application/json
{
  • "access_token": "string",
  • "token_type": "Bearer",
  • "expires_in": 900,
  • "scope": "document:send document:receive"
}

SAPI

SAPI-SK v1.0 compatible endpoints for machine-to-machine document exchange. Authentication uses OAuth 2.0 client_credentials flow (POST /sapi/auth/token). Document endpoints require a Bearer access token and the X-Peppol-Participant-Id header.

Send a document via PEPPOL (SAPI)

Creates an outbound document and enqueues it for PEPPOL transmission. Requires scope document:send. The senderParticipantId in the metadata must match the Peppol ID resolved from X-Peppol-Participant-Id. The sending participant must be fully verified before documents can be submitted.

Authorizations:
oauth2
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Idempotency-Key
required
string
Example: 550e8400-e29b-41d4-a716-446655440000

Client-generated unique key for idempotent submission. Requests with the same key and identical payload within 24 hours return the original response.

Request Body schema: application/json
required
required
object
payload
required
string

UBL XML document content (UTF-8).

payloadFormat
required
string
Value: "XML"
payloadEncoding
string
checksum
string

Optional SHA-256 hex digest of the payload.

Responses

Request samples

Content type
application/json
{
  • "metadata": {
    },
  • "payload": "string",
  • "payloadFormat": "XML",
  • "payloadEncoding": "string",
  • "checksum": "e3b0c44298fc1c149afb..."
}

Response samples

Content type
application/json
{
  • "providerDocumentId": "9c7bc5b3-1b1b-4dd7-9940-b8bf59ae8e23",
  • "status": "ACCEPTED",
  • "receivedAt": "2019-08-24T14:15:22Z",
  • "timestamp": "2019-08-24T14:15:22Z"
}

Renew access token using a refresh token

Issues a new access + refresh token pair and revokes the supplied refresh token (rotation).

Request Body schema:
required
refresh_token
required
string

Responses

Request samples

Content type
{
  • "refresh_token": "string"
}

Response samples

Content type
application/json
{
  • "access_token": "string",
  • "token_type": "Bearer",
  • "expires_in": 900,
  • "scope": "document:send document:receive"
}

Revoke a refresh token

Marks the provided refresh token as revoked. Per RFC 7009 §2.2, this endpoint always returns 200 even for unknown or already-expired tokens.

Request Body schema:
required
token
string

Refresh token to revoke.

Responses

Request samples

Content type
{
  • "token": "string"
}

Response samples

Content type
application/json
{
  • "success": true,
  • "message": "Token revoked successfully",
  • "timestamp": "2019-08-24T14:15:22Z"
}

Issue SAPI access + refresh token pair

OAuth 2.0 client_credentials grant. Exchange your API key clientId / clientSecret for a short-lived access token (15 min) and a long-lived refresh token (30 days).

Request Body schema:
required
grant_type
required
string
Value: "client_credentials"
client_id
required
string

API key clientId

client_secret
required
string

API key clientSecret

scope
string

Optional subset of permitted scopes.

Responses

Request samples

Content type
{
  • "grant_type": "client_credentials",
  • "client_id": "key_abc123",
  • "client_secret": "secret_xyz",
  • "scope": "document:receive"
}

Response samples

Content type
application/json
{
  • "access_token": "string",
  • "token_type": "Bearer",
  • "expires_in": 900,
  • "scope": "document:send document:receive"
}

Inspect an access token

Returns validity metadata for the supplied Bearer access token, including whether a refresh is recommended (< 3 minutes remaining).

Authorizations:
oauth2

Responses

Response samples

Content type
application/json
{
  • "valid": true,
  • "token_type": "access",
  • "client_id": "string",
  • "issued_at": "2019-08-24T14:15:22Z",
  • "expires_at": "2019-08-24T14:15:22Z",
  • "expires_in_seconds": 542,
  • "should_refresh": false,
  • "refresh_recommended_at": "2019-08-24T14:15:22Z"
}

List received documents (SAPI)

Returns a page of inbound documents for the participant identified by X-Peppol-Participant-Id. Requires scope document:receive.

Authorizations:
oauth2
query Parameters
limit
integer [ 1 .. 100 ]
Default: 20

Maximum items per page.

pageToken
string

Cursor from the previous response for forward pagination.

status
string
Enum: "RECEIVED" "ACKNOWLEDGED"

Filter by acknowledgement status.

header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "documents": [
    ],
  • "nextPageToken": "string"
}

Get a received document with payload (SAPI)

Returns metadata and the raw XML payload for a single inbound document. Requires scope document:receive.

Authorizations:
oauth2
path Parameters
documentId
required
string <uuid>
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "metadata": {
    },
  • "payload": "string",
  • "payloadFormat": "application/xml"
}

Acknowledge a received document (SAPI)

Marks a received document as acknowledged. Idempotent — calling it again on an already-acknowledged document returns the same response. Requires scope document:receive.

Authorizations:
oauth2
path Parameters
documentId
required
string <uuid>
header Parameters
X-Peppol-Participant-Id
string
Example: 0245:1234567890

Alternative participant selector in the form ICD:value (for example 0245:1234567890). When the endpoint also accepts participantId, both values must resolve to the same participant.

Responses

Response samples

Content type
application/json
{
  • "documentId": "4704590c-004e-410d-adf7-acb7ca0a7052",
  • "status": "ACKNOWLEDGED",
  • "acknowledgedDateTime": "2019-08-24T14:15:22Z"
}

Access Points

List accessible access points

Authorizations:
oauth2
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Create an access point

Authorizations:
oauth2
Request Body schema: application/json
required
name
required
string [ 1 .. 255 ] characters
description
string or null
termsLink
string or null
privacyLink
string or null
apDomainName
string or null
smpDomainName
string or null
peppolApSeatId
string or null <= 255 characters
isActive
boolean
primaryTenantId
string or null <uuid>
primaryParticipantId
string or null <uuid>

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "description": "string",
  • "termsLink": "string",
  • "privacyLink": "string",
  • "apDomainName": "string",
  • "smpDomainName": "string",
  • "peppolApSeatId": "string",
  • "isActive": true,
  • "primaryTenantId": "40a27eae-1e52-42e9-ae65-69b14dcde6bb",
  • "primaryParticipantId": "77681da5-e6d1-48ad-8fc3-8bb735ade6e6"
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "string",
  • "description": "string",
  • "termsLink": "string",
  • "privacyLink": "string",
  • "apDomainName": "string",
  • "smpDomainName": "string",
  • "peppolApSeatId": "string",
  • "isActive": true,
  • "blocked": true,
  • "blockedReason": "string",
  • "primaryTenantId": "40a27eae-1e52-42e9-ae65-69b14dcde6bb",
  • "primaryParticipantId": "77681da5-e6d1-48ad-8fc3-8bb735ade6e6",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string"
}

Get access point detail

Authorizations:
oauth2
path Parameters
apId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "string",
  • "description": "string",
  • "termsLink": "string",
  • "privacyLink": "string",
  • "apDomainName": "string",
  • "smpDomainName": "string",
  • "peppolApSeatId": "string",
  • "isActive": true,
  • "blocked": true,
  • "blockedReason": "string",
  • "primaryTenantId": "40a27eae-1e52-42e9-ae65-69b14dcde6bb",
  • "primaryParticipantId": "77681da5-e6d1-48ad-8fc3-8bb735ade6e6",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string"
}

Update an access point

Authorizations:
oauth2
path Parameters
apId
required
string <uuid>
Request Body schema: application/json
required
name
string [ 1 .. 255 ] characters
description
string or null
termsLink
string or null
privacyLink
string or null
apDomainName
string or null
smpDomainName
string or null
peppolApSeatId
string or null <= 255 characters
isActive
boolean
primaryTenantId
string or null <uuid>
primaryParticipantId
string or null <uuid>

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "description": "string",
  • "termsLink": "string",
  • "privacyLink": "string",
  • "apDomainName": "string",
  • "smpDomainName": "string",
  • "peppolApSeatId": "string",
  • "isActive": true,
  • "primaryTenantId": "40a27eae-1e52-42e9-ae65-69b14dcde6bb",
  • "primaryParticipantId": "77681da5-e6d1-48ad-8fc3-8bb735ade6e6"
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "string",
  • "description": "string",
  • "termsLink": "string",
  • "privacyLink": "string",
  • "apDomainName": "string",
  • "smpDomainName": "string",
  • "peppolApSeatId": "string",
  • "isActive": true,
  • "blocked": true,
  • "blockedReason": "string",
  • "primaryTenantId": "40a27eae-1e52-42e9-ae65-69b14dcde6bb",
  • "primaryParticipantId": "77681da5-e6d1-48ad-8fc3-8bb735ade6e6",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string"
}

List access point certificates

Authorizations:
oauth2
path Parameters
apId
required
string <uuid>
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Create an access point certificate

Authorizations:
oauth2
path Parameters
apId
required
string <uuid>
Request Body schema: application/json
required
name
required
string [ 1 .. 255 ] characters
validFrom
string or null <date-time>
validTo
string or null <date-time>
apCertificate
string or null
smpCertificate
string or null
apPrivateKey
string or null

Write-only plaintext private key. It is encrypted before storage and never returned by API.

smpPrivateKey
string or null

Write-only plaintext private key. It is encrypted before storage and never returned by API.

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "validFrom": "2019-08-24T14:15:22Z",
  • "validTo": "2019-08-24T14:15:22Z",
  • "apCertificate": "string",
  • "smpCertificate": "string",
  • "apPrivateKey": "string",
  • "smpPrivateKey": "string"
}

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Get access point certificate

Authorizations:
oauth2
path Parameters
apId
required
string <uuid>
certId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Update access point certificate

Authorizations:
oauth2
path Parameters
apId
required
string <uuid>
certId
required
string <uuid>
Request Body schema: application/json
required
name
string [ 1 .. 255 ] characters
validFrom
string or null <date-time>
validTo
string or null <date-time>
apCertificate
string or null
smpCertificate
string or null
apPrivateKey
string or null

Write-only plaintext private key. It is encrypted before storage and never returned by API.

smpPrivateKey
string or null

Write-only plaintext private key. It is encrypted before storage and never returned by API.

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "validFrom": "2019-08-24T14:15:22Z",
  • "validTo": "2019-08-24T14:15:22Z",
  • "apCertificate": "string",
  • "smpCertificate": "string",
  • "apPrivateKey": "string",
  • "smpPrivateKey": "string"
}

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Delete access point certificate

Authorizations:
oauth2
path Parameters
apId
required
string <uuid>
certId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

List access point users

Authorizations:
oauth2
path Parameters
apId
required
string <uuid>
query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Add a user to an access point

Authorizations:
oauth2
path Parameters
apId
required
string <uuid>
Request Body schema: application/json
required
userId
required
string <uuid>
role
required
string
Enum: "owner" "admin" "member" "reader"

Responses

Request samples

Content type
application/json
{
  • "userId": "2c4a230c-5085-4924-a3e1-25fb4fc5965b",
  • "role": "owner"
}

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Update access point user role

Authorizations:
oauth2
path Parameters
apId
required
string <uuid>
userId
required
string <uuid>
Request Body schema: application/json
required
role
required
string
Enum: "owner" "admin" "member" "reader"

Responses

Request samples

Content type
application/json
{
  • "role": "owner"
}

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Remove a user from an access point

Authorizations:
oauth2
path Parameters
apId
required
string <uuid>
userId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

List Peppol transmission logs for an access point

Authorizations:
oauth2
path Parameters
apId
required
string <uuid>

Access point ID.

query Parameters
limit
integer >= 0
Default: 50

Maximum number of items to return.

offset
integer >= 0
Default: 0

Zero-based offset into the result set.

status
string
Enum: "received" "sent" "delivery_failed" "permanent_failure"

Filter by transmission status.

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Get a single Peppol transmission log for an access point

Authorizations:
oauth2
path Parameters
apId
required
string <uuid>

Access point ID.

logId
required
string <uuid>

Peppol log entry ID.

Responses

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "tenantId": "f97df110-f4de-492e-8849-4a6af68026b0",
  • "participantId": "9f6624b5-5f99-42b6-899f-30f2b369cbd7",
  • "messageId": "string",
  • "transmissionId": "string",
  • "senderPeppolId": "string",
  • "receiverPeppolId": "string",
  • "documentTypeIdentifier": "string",
  • "protocol": "string",
  • "status": "string",
  • "errorMessage": "string",
  • "documentId": "4704590c-004e-410d-adf7-acb7ca0a7052",
  • "relatedDocumentId": "f378d447-e861-41e5-b4ef-eeeefde286d7",
  • "kind": "string",
  • "createdAt": "2019-08-24T14:15:22Z"
}

Developers

List developers

Authorizations:
oauth2

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Create a developer

Authorizations:
oauth2
Request Body schema: application/json
required
name
required
string
description
string or null
isActive
boolean

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "description": "string",
  • "isActive": true
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "tenantId": "f97df110-f4de-492e-8849-4a6af68026b0",
  • "name": "string",
  • "description": "string",
  • "isActive": true,
  • "rateLimit": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string"
}

Get developer by ID

Authorizations:
oauth2
path Parameters
developerId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "tenantId": "f97df110-f4de-492e-8849-4a6af68026b0",
  • "name": "string",
  • "description": "string",
  • "isActive": true,
  • "rateLimit": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string"
}

Update developer

Authorizations:
oauth2
path Parameters
developerId
required
string <uuid>
Request Body schema: application/json
required
name
string
description
string or null
isActive
boolean

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "description": "string",
  • "isActive": true
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "tenantId": "f97df110-f4de-492e-8849-4a6af68026b0",
  • "name": "string",
  • "description": "string",
  • "isActive": true,
  • "rateLimit": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string"
}

List developer applications

Authorizations:
oauth2
path Parameters
developerId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Create developer application

Authorizations:
oauth2
path Parameters
developerId
required
string <uuid>
Request Body schema: application/json
required
name
required
string
description
string or null
redirectUris
Array of strings
isActive
boolean

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "description": "string",
  • "redirectUris": [
    ],
  • "isActive": true
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "developerId": "835c9fb0-a0ff-4023-8ee5-bb5c770bf07e",
  • "name": "string",
  • "description": "string",
  • "requiredPermissions": "string",
  • "allowedLogoutUrls": "string",
  • "allowedOrigins": "string",
  • "allowedCallbackUrls": "string",
  • "isActive": true,
  • "blocked": true,
  • "blockedReason": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string"
}

Update developer application

Authorizations:
oauth2
path Parameters
developerId
required
string <uuid>
applicationId
required
string <uuid>
Request Body schema: application/json
required
name
string
description
string or null
requiredPermissions
string

Comma-separated list of required permissions.

allowedLogoutUrls
Array of strings
allowedOrigins
Array of strings
allowedCallbackUrls
Array of strings
isActive
boolean

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "description": "string",
  • "requiredPermissions": "string",
  • "allowedLogoutUrls": [
    ],
  • "allowedOrigins": [
    ],
  • "allowedCallbackUrls": [
    ],
  • "isActive": true
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "developerId": "835c9fb0-a0ff-4023-8ee5-bb5c770bf07e",
  • "name": "string",
  • "description": "string",
  • "requiredPermissions": "string",
  • "allowedLogoutUrls": "string",
  • "allowedOrigins": "string",
  • "allowedCallbackUrls": "string",
  • "isActive": true,
  • "blocked": true,
  • "blockedReason": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string"
}

Delete developer application

Authorizations:
oauth2
path Parameters
developerId
required
string <uuid>
applicationId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

List developer application API keys

Authorizations:
oauth2
path Parameters
developerId
required
string <uuid>
applicationId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Create developer application API key

Authorizations:
oauth2
path Parameters
developerId
required
string <uuid>
applicationId
required
string <uuid>
Request Body schema: application/json
required
name
required
string
rateLimit
string or null
isActive
boolean
expiresAt
string or null <date-time>

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "rateLimit": "string",
  • "isActive": true,
  • "expiresAt": "2019-08-24T14:15:22Z"
}

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Update developer API key

Authorizations:
oauth2
path Parameters
developerId
required
string <uuid>
applicationId
required
string <uuid>
developerApiKeyId
required
string <uuid>
Request Body schema: application/json
required
name
string
rateLimit
string or null
isActive
boolean
expiresAt
string or null <date-time>

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "rateLimit": "string",
  • "isActive": true,
  • "expiresAt": "2019-08-24T14:15:22Z"
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "developerApplicationId": "6ef97728-d15f-414a-90f1-e5b529f25259",
  • "clientId": "string",
  • "name": "string",
  • "rateLimit": "string",
  • "isActive": true,
  • "blocked": true,
  • "blockedReason": "string",
  • "expiresAt": "2019-08-24T14:15:22Z",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "updatedBy": "string",
  • "lastUsedAt": "2019-08-24T14:15:22Z"
}

Delete developer API key

Authorizations:
oauth2
path Parameters
developerId
required
string <uuid>
applicationId
required
string <uuid>
developerApiKeyId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

List developer users

Authorizations:
oauth2
path Parameters
developerId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}

Add user to developer

Authorizations:
oauth2
path Parameters
developerId
required
string <uuid>
Request Body schema: application/json
required
userId
required
string <uuid>
role
required
string
Enum: "owner" "admin" "user" "viewer"

Responses

Request samples

Content type
application/json
{
  • "userId": "2c4a230c-5085-4924-a3e1-25fb4fc5965b",
  • "role": "owner"
}

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Update developer user role

Authorizations:
oauth2
path Parameters
developerId
required
string <uuid>
userId
required
string <uuid>
Request Body schema: application/json
required
role
required
string
Enum: "owner" "admin" "user" "viewer"

Responses

Request samples

Content type
application/json
{
  • "role": "owner"
}

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Remove user from developer

Authorizations:
oauth2
path Parameters
developerId
required
string <uuid>
userId
required
string <uuid>

Responses

Response samples

Content type
application/json
{
  • "success": false,
  • "error": {
    }
}

Formats

List supported invoice formats

Returns invoice formats supported by send/download endpoints.

Authorizations:
oauth2None

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": [
    ]
}