API Reference

This section contains the API documentation for integrating with AnyBiz.

Overview

AnyBiz provides a RESTful API built with oRPC (OpenAPI-compatible RPC). The API supports:

Authentication - Session-based authentication via Better Auth
Organization Context - All API calls operate within an organization context
Type-Safe Contracts - Full TypeScript support with Valibot validation

API Categories

Authentication

Login/Logout
Registration
Session management

Organization

Organization management
Member management
Subscription management

Features

Point of Sale (POS)
Invoices (list, get, create, finalize, send to eFaktura)
Business Partners
Settings (organization, eFaktura, fiscalization)
Events SDK (/api/events/sdk/*) for external map embedding and checkout flow
Internal: POST /api/internal/sef-subscribe (cron; requires X-Cron-Secret or Authorization: Bearer with SEF_CRON_SECRET)

Getting Started

To use the AnyBiz API:

Authenticate - Obtain a session by logging in
Select Organization - Set the active organization context
Make API Calls - Use the documented endpoints

OpenAPI Specification

The full OpenAPI specification can be generated from the oRPC contracts. See the Development documentation for details on how to generate and use the OpenAPI spec.

Base URL

https://api.anybiz.com/api

For local development:

http://localhost:3000/api

Authentication

All API requests require authentication. Include the session cookie in your requests:

curl -X GET "https://api.anybiz.com/api/organization/current" \
  -H "Cookie: session=your-session-token"

Rate Limiting

API calls are subject to rate limiting. Please ensure your integration handles rate limit responses appropriately.

Error Handling

All API errors follow a consistent format:

{
  "error": {
    "code": "ERROR_CODE",
    "message": "Human-readable error message"
  }
}

Common error codes:

UNAUTHORIZED - Authentication required
FORBIDDEN - Insufficient permissions
NOT_FOUND - Resource not found
VALIDATION_ERROR - Invalid request data