OpenAPI Documentation

Our interactive OpenAPI documentation provides an overview of our available endpoints, shows how their response models are structured, and allows you to test requests directly from your web browser.

Please note there are two instances of our OpenAPI documentation: one for tripletex.no and one for api-test.tripletex.tech. Ensure you’re using the OpenAPI documentation corresponding to the environment where your credentials were created. Links to each environment are available under Resources at the top of this page.

If you encounter an issue, we recommend testing the same request in the OpenAPI documentation to rule out any problems in your code.

Note: Due to the design of our Data Transfer Objects (DTOs), sub-objects may have mandatory fields. These fields are only required when creating new objects. To reference an existing object, use the id attribute.

Authenticating in the OpenAPI Documentation

To authenticate in the OpenAPI documentation, you’ll need a consumer token and an employee token. These tokens are provided upon registration for access to the test environment at api-test.tripletex.tech, or you may use your consumer token received from us upon production approval, along with an employee token from a Tripletex production account. More information on tokens and authentication can be found here.

To create a session token, perform a request to PUT /session/token/:create. This endpoint requires no authentication. Click “Try it out” and provide your consumer token, employee token, and an expiration date. The expiration date must be later than today. Your session token will expire at midnight on the specified date.

Upon pressing “Execute,” your session token will appear in the response body as “token,” below expirationDate.

With your session token generated, authenticate by clicking the padlock icon on an endpoint requiring authentication, or via the Authorize button at the top of the page. Enter “0” (zero) as the username and your session token as the password.

Note: If using an accountant token, there is a different authentication process for accessing client accounts. After authenticating with 0 + session token, use GET company/>withClientAccess to obtain a list of all accessible clients, then use the companyId of the desired company as the username along with the session token. This process is also explained at the top of the OpenAPI documentation page.

Performing a request

To perform a request in the documentation, locate the desired endpoint and method after authenticating, then click “Try it out” to unlock the attributes. Fill in the required attributes (mandatory ones marked with an asterisk) and press “Execute” to run it. The response will display below.

Possible error codes

Certain requests may return error codes. Below is a list explaining what they mean, also available at the top of the OpenAPI documentation page:

• 200 OK
• 201 Created – From POSTs that create new resources.
• 204 No Content – No response, e.g., "/:anAction" or DELETE.

400 Bad Request

• 4000 Bad Request Exception
• 11000 Illegal Filter Exception
• 12000 Path Param Exception
• 24000 Cryptography Exception

401 Unauthorized – Authentication required and failed or not provided.

• 3000 Authentication Exception

403 Forbidden – Authorization denial.

• 9000 Security Exception

404 Not Found – Resource doesn’t exist.

• 6000 Not Found Exception

409 Conflict – For edit conflicts due to multiple simultaneous updates.

• 7000 Object Exists Exception
• 8000 Revision Exception
• 10000 Locked Exception
• 14000 Duplicate Entry

422 Bad Request – Required fields or malformed payload issues.

• 15000 Value Validation Exception
• 16000 Mapping Exception
• 17000 Sorting Exception
• 18000 Validation Exception
• 21000 Param Exception
• 22000 Invalid JSON Exception
• 23000 Result Set Too Large Exception

429 Too Many Requests – Request rate limit exceeded.

500 Internal Error – Unexpected condition encountered.

• 1000 Exception

If you’re uncertain about resolving an error, please consult our FAQ to see if it’s already addressed.