Back to home

API Reference

Technical documentation for the ONEXUR API.

Overview

The ONEXUR API is organized around REST. It accepts JSON-encoded request bodies, returns JSON-encoded responses, and uses standard HTTP response codes.

Base URL

https://api.onexur.com/v1

Authentication

The API uses API keys for authentication. Include your API key in the Authorization header:

Authorization: Bearer YOUR_API_KEY

API keys can be generated in your organisation settings. Keep your API keys secure and do not expose them in client-side code.

Endpoints

Users

GET /users

List all users in your organisation

GET /users/:id

Retrieve a specific user

POST /users

Create a new user

Expenses

GET /expenses

List all expenses

POST /expenses

Submit a new expense

PATCH /expenses/:id/approve

Approve an expense

Documents

GET /documents

List all documents

POST /documents

Upload a new document

Webhooks

Configure webhooks to receive real-time notifications about events in your organisation. Webhook endpoints can be configured in your organisation settings.

Supported events:

  • user.created, user.updated, user.deleted
  • expense.submitted, expense.approved, expense.rejected
  • document.created, document.updated

Rate Limits

The API is rate limited to 1000 requests per minute per API key. Rate limit information is included in response headers:

  • X-RateLimit-Limit: Maximum requests per window
  • X-RateLimit-Remaining: Remaining requests in current window
  • X-RateLimit-Reset: Time when the rate limit resets

SDKs

Official client libraries are available for JavaScript, Python, Ruby, and Go. See the respective SDK documentation for installation and usage instructions.

API Support

For API support, contact us at api@onexur.com