Skip to content

Open API

Integrating with the Tallyfy REST API (For Developers)

The Tallyfy REST API lets developers interact with Tallyfy features using code. Because Tallyfy was built “API-first”, the web app you use actually uses this same public API. This means the API is well-tested and covers most core features.

Why the API is valuable

The Tallyfy API is essential for organizations that need customized workflow solutions beyond what’s available in the standard interface. It enables you to embed Tallyfy capabilities into your own applications, automate complex multi-system workflows, and create tailored experiences for your teams. Rather than forcing users to switch between systems, the API allows you to bring Tallyfy functionality directly into the tools they already use. This level of customization and automation can significantly improve adoption, productivity, and data consistency across your organization.

Using the API allows you to build custom connections, automate complex workflows between Tallyfy and other systems, and extend Tallyfy beyond its standard features.

(Note: This section is technical and intended for developers or those working with them.)

API Basics

EnvironmentBase URLDocumentation Link
Productionhttps://go.tallyfy.com/api/Tallyfy API Reference

How to Authenticate (Log In) to the API

Tallyfy offers three ways for your code to securely access the API:

  1. User Token: Get a token for a specific Tallyfy user (from their profile or via API). Your code acts as that user, with their permissions.
  2. Application Token (Enterprise Plans): Get credentials for your application itself (client ID & secret). Your app can act on behalf of multiple users. Good for server-to-server connections or apps used by many people.
  3. OAuth Flow (Enterprise Plans): The standard secure way for users to grant your application access to their Tallyfy data without sharing their password. Recommended for third-party apps. Learn more.

Required Information in API Requests (Headers)

Every API request your code sends must include:

Authorization: Bearer {your_access_token} // Your user or app token
Content-Type: application/json // Tells Tallyfy you're sending JSON data
X-Tallyfy-Client: APIClient // **Required** - Identifies the request source

What You Can Do with the API

The API lets you control most Tallyfy features, including:

CategoryExamples
ProcessesStart processes, check status, cancel runs
TasksComplete tasks, update forms, add comments
UsersCreate/manage users, set roles & permissions
TemplatesCreate/update templates, manage steps & settings
DataExport process data, get analytics info
FilesUpload files, manage attachments

API Responses

When Tallyfy responds to your API request:

  • It sends data in JSON format.
  • It includes standard HTTP status codes (like 200 for success, 4xx/5xx for errors).
  • Error responses include helpful messages.
  • Lists of items (like tasks or processes) support paging (getting results in chunks).

API Usage Limits (Rate Limiting)

To ensure stability, there are limits on how many API requests you can make:

  • Max 100 requests per minute (per organization).
  • Max 1,000 requests per hour (per organization).
  • API responses tell you how close you are to the limit.

Getting Started with the API

  1. Get your API keys/tokens from Settings > Integrations > REST API in Tallyfy.
  2. Read the official API documentation for details on specific commands (endpoints).
  3. Look at code examples on Tallyfy’s GitHub.

The articles below provide more details on specific API uses.

After understanding the API basics, we recommend these next steps:

Open Api > Integrate with Tallyfy using the API

The Tallyfy REST API enables workflow automation through multiple authentication methods including user-based and application-based tokens while providing programmatic access to process management tasks and user administration features.

Open Api > API code samples

Code examples demonstrate API operations for Tallyfy across multiple programming languages while requiring proper authentication headers and tokens for base URL access.