API and developer platform

The eDocify developer platform is for customers and partners that want to send documents, receive statuses, and integrate document results into their own systems.

API principles

API keys are tenant-scoped.
Every upload supports idempotency.
Every response includes correlation id.
Rate limits are visible.
Sandbox and production keys are separate.
Webhooks are signed.
API actions are audited.

Core API use cases

Upload document

Send a file with metadata:

tenant;
company;
client;
document type;
source reference;
idempotency key;
callback URL;
optional OCR/AI profile.

Query status

Get:

intake status;
OCR status;
verification status;
approval status;
export status;
archive status.

Download result

Download structured result:

header fields;
line items;
confidence;
validation warnings;
review reasons;
export payload;
archive id.

Webhooks

Recommended webhook events:

document.received;
document.ocr.completed;
document.needs_verification;
document.approved;
document.exported;
document.export_failed;
document.archived;
document.failed.

Idempotency

Idempotency prevents duplicate documents when the sender retries. The API should store:

key;
tenant;
source;
payload hash;
result document id;
expiration.

SDKs and examples

Recommended developer assets:

REST API reference;
Postman collection;
C# SDK;
JavaScript SDK;
webhook verification example;
sandbox account;
error code catalog.

Security

API keys stored hashed or encrypted.
Per-key scopes.
Rate limits per tenant and per key.
Optional IP allowlist.
Secret rotation.
Signed webhooks.
Audit log for all API writes.

Production readiness

The public API should become a separate product surface after the first certified accounting path is stable. Start with controlled partner integrations, then publish broader SDKs and documentation.

API principles​

Core API use cases​

Upload document​

Query status​

Download result​

Webhooks​

Idempotency​

SDKs and examples​

Security​

Production readiness​