API Reference

API Reference

This document describes the resources that make up the official FOSSBilling API.

A more complete guide to using the API is in progress. At this moment there are no major breaking API changes between the last BoxBilling release and current FOSSBilling preview builds and you can also refer to the BoxBilling API documentation.

API endpoints

FOSSBilling provides 3 main API endpoints:

  •*: The admin endpoint. Authenticated administrators can access this endpoint.
  •*: The client endpoint. Authenticated clients can access this endpoint.
  •*: The admin endpoint. Anybody can access this, even without being authenticated.


By default, FOSSBilling only allows HTTPS connections. This can be overridden in the config.php, but we strongly discourage this.

  • All Requests are made via POST method
  • All data is sent and received as JSON.
  • All methods names are lowercase and words are separated by an underscore.
  • Blank fields are included as null instead of being omitted.
  • All timestamps are returned in ISO 8601 format.


  • Usernames are admin or client
  • The authentication password is an API key which can be retrieved from your profile in the FOSSBilling Admin area.
  • The API uses cookies to store sessions.
  • Authentication credentials should be provided via HTTP authorization headers and be base64 encoded.
    • Example: If you want to access the admin API endpoint, you must send admin as the HTTP authentication username and provide your API key as the HTTP authentication password.


  • All Requests are made via the POST method.
  • Data can be sent as JSON string or POST form.
  • All data is received as JSON.