Authorize (Root)

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Query Parameters

client_id

string

required

Application's client ID.

audience

string

Identifier of the target API. Should be left empty by default.

scope

string

A space-separated list of permissions your app requires. Should be left empty by default.

Example:

"customers.read customers.write"

response_type

enum<string>

required

Available options:

code

redirect_uri

string

required

The URL to which Hyperline will redirect the browser after authorization has been granted by the user. It must match one of the callback URL you set when registering your app.

state

string

required

A random string generated by your app to prevent CSRF attacks. This value will be included in the query parameter when redirecting to the redirect_uri after authorizing your app.

resource

string

The canonical URI of the resource server (RFC 8707). For MCP clients, this should be the MCP server endpoint URL. Example: https://api.hyperline.co/mcp

Example:

"https://api.hyperline.co/mcp"

code_challenge

string

PKCE code challenge. Required for public clients (e.g., MCP clients).

code_challenge_method

enum<string>

PKCE code challenge method. S256 is recommended for security.

Available options:

S256,

plain

Response

302 - undefined

API documentation

Integrations

Analytics

Bank Accounts

Billable events

Companies

Coupons

Coupons > Promotion codes

Custom properties

Customers

Customers > Credits

Customers > Payment methods

Exports

Files

Integrations

Invoices

Invoices > Transactions

Invoicing entities

OAuth2

Organisations

Payments

Plans

Price configurations

Products

Quotes

Subscriptions

Subscriptions > Templates

Taxes

Third-party apps

Wallets

Webhooks

Authorizations

Query Parameters

Response