Skip to content
/Authentication

Reach API (1.0.3)

API for accessing financial data and reporting for financing companies. Provides access to financial statements, chart of accounts, budgets, and operational metrics.

Download OpenAPI description
openapi.json
openapi.yaml
Languages
Servers
Mock server
https://developer.reachreporting.com/_mock/openapi/
http://localhost:{port}/
API Base URL
https://{baseUrl}/

Authentication

Endpoints for OAuth 2.0 authentication and authorization. These endpoints handle the OAuth discovery document, authorization flow, token exchange, and user information retrieval.

Operations

OAuth discovery document

Request

Retrieves OAuth 2.0 discovery document with authorization server configuration.

curl -i -X GET \
  https://developer.reachreporting.com/_mock/openapi/auth/oauth-discovery

Responses

Successful operation

Bodyapplication/json
issuerstring

The issuer URL of the authorization server

Example: "https://reachreporting.com"
authorization_endpointstring

The URL of the authorization endpoint

Example: "https://reachreporting.com/oauth2/authorize"
token_endpointstring

The URL of the token endpoint

Example: "https://reachreporting.com/oauth2/token"
grant_types_supportedArray of strings

The OAuth 2.0 grant types supported by the authorization server

Example: ["authorization_code","refresh_token"]
response_types_supportedArray of strings

The response types supported by the authorization server

Example: ["code"]
scopes_supportedArray of strings

The OAuth 2.0 scopes supported by the authorization server

Example: ["openid","profile","email","phone","read:company"]
token_endpoint_auth_methods_supportedArray of strings

The client authentication methods supported by the token endpoint

Example: ["client_secret_post"]
Response
application/json
{
  "issuer": "https://reachreporting.com",
  "authorization_endpoint": "https://reachreporting.com/oauth2/authorize",
  "token_endpoint": "https://reachreporting.com/oauth2/token",
  "grant_types_supported": [
    "authorization_code",
    "refresh_token"
  ],
  "response_types_supported": [
    "code"
  ],
  "scopes_supported": [
    "openid",
    "profile",
    "email",
    "phone",
    "read:company"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_post"
  ]
}

OAuth Authorization Endpoint

Request

Initiates the OAuth authorization flow. This endpoint redirects the user to an authorization page where they can grant or deny access. After user interaction, they are redirected back to the client's redirect_uri with an authorization code in the URL parameters.

Query
response_typestringrequired

The response type, must be "code" for authorization code flow

Value"code"
client_idstringrequired

The client identifier

redirect_uristring(uri)required

The redirect URI where the authorization code will be sent

scopestring

Space-separated list of OAuth scopes.

  • openid: Required for OpenID Connect
  • profile: Access to user profile information
  • email: Access to user email address
  • phone: Access to user phone number
  • read:company: Access to company information
statestring

State parameter should be a JSON object stringified, then base64 encoded, then URI encoded. Contains any application-specific data.

curl -i -X GET \
  'https://developer.reachreporting.com/_mock/openapi/oauth2/authorize?response_type=code&client_id=string&redirect_uri=http%3A%2F%2Fexample.com&scope=string&state=string'

Responses

Successful authorization

Bodyapplication/json
codestring

Authorization code

statestring

State parameter returned from request

Response
application/json
{
  "code": "string",
  "state": "string"
}

OAuth Token Endpoint

Request

Exchanges authorization code for access and refresh tokens.

Bodyapplication/x-www-form-urlencodedrequired
grant_typestringrequired

The grant type

Enum"authorization_code""refresh_token"
codestring

The authorization code received from the authorization endpoint (required when grant_type is authorization_code)

redirect_uristring(uri)

The same redirect URI used in the authorization request (required when grant_type is authorization_code)

client_idstringrequired

The client identifier

client_secretstringrequired

The client secret

refresh_tokenstring

The refresh token (required when grant_type is refresh_token)

curl -i -X POST \
  https://developer.reachreporting.com/_mock/openapi/oauth2/token \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d grant_type=authorization_code \
  -d code=string \
  -d redirect_uri=http://example.com \
  -d client_id=string \
  -d client_secret=string \
  -d refresh_token=string

Responses

Successful token exchange

Bodyapplication/json
access_tokenstring

The access token

token_typestring

The token type

Value"Bearer"
expires_ininteger

Token expiration time in seconds

scopestring

Space-separated list of granted OAuth scopes

refresh_tokenstring

Refresh token for obtaining new access tokens

Response
application/json
{
  "access_token": "string",
  "token_type": "Bearer",
  "expires_in": 0,
  "scope": "string",
  "refresh_token": "string"
}

Get User Information

Request

Retrieves authenticated user information and list of accessible companies.

curl -i -X GET \
  https://developer.reachreporting.com/_mock/openapi/oauth2/user-info

Responses

Successful operation

Bodyapplication/json
Idstring
Emailstring
FirstNamestring
LastNamestring
CompanyDetailsArray of objects(CompanyDetails)
Response
application/json
{
  "Id": "string",
  "Email": "string",
  "FirstName": "string",
  "LastName": "string",
  "CompanyDetails": [
    { … }
  ]
}

Company Information

Endpoints for retrieving basic company information such as company name and fiscal month end.

Operations

Reference Data

Endpoints for accessing reference data including chart of accounts, budgets, classes, departments, and non-financial metrics. These endpoints provide the foundational data structures used throughout the API.

Operations

Metrics

Endpoints for retrieving non-financial metrics and KPIs over specified date ranges.

Operations

Financial Statements

Endpoints for retrieving financial statements including Profit and Loss, Balance Sheet, and Cash Flow Statement. These endpoints support filtering by date range, accounting basis, budget, class, and department.

Operations