Authentication
Bearer token and client credentials
Bearer tokens and client credentials can be created from Settings > My account in tracezilla.
Replace example-company and {token} including the curly brackets.
1
2
3
4
curl -X 'GET' \
'https://app.tracezilla.com/api/v1/example-company/invoices?booked_status%5Beq%5D=pending' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {token}'
Get token from Client Credential
To get a bearer token from your Client Credential, replace <Client ID> and Client Secret with the values from My Account settings:
1
2
3
4
5
6
curl -X POST "https://app.tracezilla.com/oauth/token" \
-H "Accept: application/json" \
-H "Content-Type: application/x-www-form-urlencoded" \
--data-urlencode "grant_type=client_credentials" \
--data-urlencode "client_id=<Client ID>" \
--data-urlencode "client_secret=<Client Secret>"
X-CSRF-TOKEN
Custom templates
In custom templates, you can inject an ephemeral CSRF token using the system_token liquid filter.
Example javascript:
1
2
3
4
5
6
7
8
9
const CSRF_TOKEN = 'csrf';
const res = await fetch(tracezillaEndpointUrl, {
endpointHttpMethod,
headers: {
"X-CSRF-TOKEN": CSRF_TOKEN,
"Content-Type": "application/json"
},
body: JSON.stringify(myRequestBody)
});
Swagger API docs
An X-CSRF-TOKEN is automatically supplied as a header if you’re using the Swagger API documentation to make requests from your browser as a Power Pack supporter.
1
2
3
4
curl -X 'GET' \
'https://app.tracezilla.com/api/v1/example-company/invoices?booked_status%5Beq%5D=pending' \
-H 'accept: application/json' \
-H 'X-CSRF-TOKEN: {yourCsrfToken}'