API Reference

REST API for automating your firm — TEAM and ENTERPRISE plans. Base URL: https://streamlinereports.com/api/v1

Plan required: All /api/v1/* endpoints require a TEAM or ENTERPRISE plan. Create API keys at Settings → Developer.

Authentication

All requests must include an Authorization header with a Bearer token:

Authorization: Bearer sr_live_YOUR_KEY_HERE

Creating an API key

  1. Go to Settings → Developer (TEAM plan required; admin role required).
  2. Click Create API key.
  3. Give it a name and choose a scope: Read only or Read + Write.
  4. Copy the key — it's shown exactly once. Store it in your secret manager.

Scopes

ScopeWhat it allows
readGET endpoints only — list and fetch clients, reports, templates, webhooks, firm info
writeAll GET endpoints plus POST, PATCH, DELETE — create reports, send, update clients, manage templates and webhook endpoints

Key format

Keys start with sr_live_ followed by 32 random bytes in base64url encoding. The prefix enables automatic detection by GitHub secret scanning and Trufflehog — if you accidentally commit a key, it will be flagged.

First request

curl https://streamlinereports.com/api/v1/clients \
  -H "Authorization: Bearer sr_live_YOUR_KEY"

Rate limits

PlanRequests per hourAPI keysWebhook endpoints
TEAM1,00035
ENTERPRISE10,000Unlimited20

Rate limit state is tracked per API key. When you exceed the limit, the API returns 429 Too Many Requestswith a Retry-After: 3600 header plus these headers:

X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 1715289600

Response format

All responses use the same JSON envelope:

// Success
{ "data": { ... }, "error": null }

// List
{ "data": [...], "meta": { "total": 142, "page": 1, "perPage": 50, "hasMore": true }, "error": null }

// Error
{ "data": null, "error": { "code": "NOT_FOUND", "message": "Report not found" } }

Errors

CodeHTTPMeaning
UNAUTHORIZED401Missing or invalid API key
PLAN_REQUIRED403Feature requires TEAM or ENTERPRISE plan
INSUFFICIENT_SCOPE403Key lacks write scope for this endpoint
NOT_FOUND404Resource not found or belongs to another firm
CONFLICT409Duplicate — e.g. report already exists for this client + period
VALIDATION_ERROR422Request body failed validation
RATE_LIMITED429Too many requests — check Retry-After header
PLAN_LIMIT402Plan limit reached (e.g. PDF generation quota)
LIMIT_REACHED403Per-plan resource limit (e.g. max API keys or webhooks)
INTERNAL_ERROR500Unexpected server error

Clients

GET/api/v1/clientsread

Returns a paginated list of your firm's clients.

ParamTypeDescription
statusstringUP_TO_DATE, REPORT_DUE, or OVERDUE
limitintegerResults per page (max 100, default 50)
pageintegerPage number (default 1)
curl "https://streamlinereports.com/api/v1/clients?status=OVERDUE" \
  -H "Authorization: Bearer sr_live_..."
PATCH/api/v1/clients/:idwrite

Updates a client. Only fields included in the body are changed.

FieldTypeDescription
displayNamestringClient display name
emailstringContact email. Pass null to clear.
notesstringInternal notes. Pass null to clear.
defaultTemplateIdstringReport template to auto-apply. Pass null to clear.
reportDueDayintegerDay of month report is due (1–31)
curl -X PATCH "https://streamlinereports.com/api/v1/clients/clm_abc123" \
  -H "Authorization: Bearer sr_live_..." \
  -H "Content-Type: application/json" \
  -d '{ "defaultTemplateId": "tpl_xyz", "reportDueDay": 10 }'

Fires a client.updated webhook event on success.

Reports

GET/api/v1/reportsread

Returns a paginated list of reports.

ParamTypeDescription
clientIdstringFilter by client
statusstringDRAFT, GENERATING, COMPLETE, ERROR, or SENT
periodstringFilter by period in YYYY-MM format
limitintegerMax 100, default 50
pageintegerDefault 1
curl "https://streamlinereports.com/api/v1/reports?clientId=clm_abc123&status=SENT" \
  -H "Authorization: Bearer sr_live_..."
POST/api/v1/reportswrite

Creates a new report. One report per client + period — returns 409 CONFLICT if a duplicate exists.

FieldRequiredDescription
clientIdID of the client this report is for
periodReporting period in YYYY-MM format
templateIdClone blocks from this report template
curl -X POST "https://streamlinereports.com/api/v1/reports" \
  -H "Authorization: Bearer sr_live_..." \
  -H "Content-Type: application/json" \
  -d '{ "clientId": "clm_abc123", "period": "2026-03", "templateId": "tpl_xyz" }'
GET/api/v1/reports/:idread

Returns a single report including a summary of its blocks. Raw financial data is not exposed.

DELETE/api/v1/reports/:idwrite

Deletes a report. Sent reports (status: SENT) cannot be deleted — returns 403 FORBIDDEN.

POST/api/v1/reports/:id/generatewrite

Triggers PDF generation. Uses a fast-path cache — if the report content is unchanged, returns COMPLETE immediately. Otherwise enqueues generation and returns 202 QUEUED.

// Immediate (cached)
{ "data": { "status": "COMPLETE", "downloadUrl": "https://..." } }

// Queued
{ "data": { "status": "QUEUED", "jobId": "job_..." } }

Poll GET /reports/:id until status is COMPLETE, then fetch the PDF URL. A report.generated webhook fires when done.

Rate limited to 10 generation jobs per minute per firm (shared with dashboard usage).

POST/api/v1/reports/:id/sendwrite

Sends a report to an email address. Report must have a generated PDF (status: COMPLETE).

FieldRequiredDescription
toRecipient email address
subjectEmail subject (defaults to "[Client] — [Period] Financial Report")
bodyEmail body text

Fires a report.sent webhook event on success.

GET/api/v1/reports/:id/pdfread

Returns a signed download URL for the report PDF. URL is valid for 1 hour.

{ "data": { "url": "https://...", "filename": "Acme_2026-03.pdf", "expiresIn": 3600 } }

Report templates

Report templates define a reusable block layout. System templates are read-only.

GET/api/v1/report-templatesread

Lists all report templates — system templates and firm-created templates.

POST/api/v1/report-templateswrite

Creates a blank report template. Add blocks afterwards with POST /report-templates/:id/blocks.

FieldRequiredDescription
templateNameTemplate name
defaultPeriodTypenone, monthly, quarterly, or annual
curl -X POST "https://streamlinereports.com/api/v1/report-templates" \
  -H "Authorization: Bearer sr_live_..." \
  -H "Content-Type: application/json" \
  -d '{ "templateName": "Monthly — Standard", "defaultPeriodType": "monthly" }'

# Then add blocks one at a time:
curl -X POST "https://streamlinereports.com/api/v1/report-templates/tpl_xyz/blocks" \
  -H "Authorization: Bearer sr_live_..." \
  -H "Content-Type: application/json" \
  -d '{ "type": "PL" }'

Valid block types include COVER_PAGE, PL, BALANCE_SHEET, CASH_FLOW, AR_AGING — the full list is in the ReportBlock schema of the OpenAPI spec.

GET/api/v1/report-templates/:idread

Returns a single template with its full block list.

POST/api/v1/report-templates/:id/blockswrite

Adds a block to a template. System templates cannot be modified.

DELETE/api/v1/report-templates/:idwrite

Deletes a firm-created template. System templates cannot be deleted.

Email templates

Email templates store reusable subject lines and body text with variables.{{client_name}}, {{firm_name}}, and {{period}} are substituted at send time.

GET/api/v1/email-templatesread

Lists all email templates for the firm.

POST/api/v1/email-templateswrite

Creates a new email template.

curl -X POST "https://streamlinereports.com/api/v1/email-templates" \
  -H "Authorization: Bearer sr_live_..." \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Monthly close",
    "subject": "{{client_name}} — {{period}} Financial Report",
    "body": "Hi {{client_name}},\n\nAttached is your {{period}} report.\n\n{{firm_name}}"
  }'
GET/api/v1/email-templates/:idread

Returns a single email template.

PATCH/api/v1/email-templates/:idwrite

Updates an email template. System templates cannot be modified.

DELETE/api/v1/email-templates/:idwrite

Deletes a firm-created email template. System templates cannot be deleted.

Webhook endpoints

Manage webhook endpoints programmatically via the API, or use Settings → Developer in the dashboard. See the Webhooks guide for delivery, signatures, and retries.

GET/api/v1/webhooksread

Lists all registered webhook endpoints for the firm. Endpoints auto-paused after repeated delivery failures show pausedAt and disabledReason.

POST/api/v1/webhookswrite

Registers a new endpoint. URL must be https:// and not resolve to a private IP address. Returns the signing secret — shown only once.

curl -X POST "https://streamlinereports.com/api/v1/webhooks" \
  -H "Authorization: Bearer sr_live_..." \
  -H "Content-Type: application/json" \
  -d '{
    "url": "https://your-server.com/webhooks/streamline",
    "events": ["report.sent", "report.generated"],
    "description": "n8n report pipeline"
  }'
DELETE/api/v1/webhooks/:idwrite

Deactivates a webhook endpoint. Delivery history is retained and the endpoint still appears in the list with isActive: false.

GET/api/v1/webhooks/:id/deliveriesread

Returns the last 100 delivery attempts for an endpoint.

Firm

GET/api/v1/firmread

Returns basic information about your firm. Does not include billing details or OAuth tokens.

{
  "data": {
    "id": "clm_...",
    "name": "Your Firm",
    "plan": "TEAM",
    "seats": { "included": 3, "purchased": 1, "max": 10 }
  }
}

OpenAPI spec

A machine-readable OpenAPI 3.1 spec is available at:

GET https://streamlinereports.com/api/v1/openapi.json

No authentication required. Import it directly into:

  • Claude Projects — Settings → Tools → Add custom tool → paste the URL
  • GPT Actions — paste the URL in the action's schema field
  • n8n — HTTP Request node → Import from OpenAPI
  • Postman / Insomnia — Import → URL

Changelog

v1.3.0

Breaking: Subscribers endpoints and subscriber.* webhook events removed. Webhook delivery limits (1,000/day per firm) and auto-pause after 100 consecutive failures; endpoints expose pausedAt/disabledReason. Spec fixes: CUSTOM_CODE block type documented, phantom GET /clients/:id removed.

v1.2.0

Stricter request validation — out-of-contract bodies and query params now return 422 VALIDATION_ERRORinstead of being silently coerced.

v1.1.0

Report create/delete/generate endpoints. Client PATCH. Report template CRUD + block management. Email template CRUD. OpenAPI spec updated.

v1.0.0 — Initial release

Clients (read), Reports (read, send, pdf), Subscribers (read/write), Webhooks management, Firm (read), OpenAPI spec. API key management in dashboard.