Public API
Create projects, sync clients, send handover packs, and read sign-off state from your own tools.
API access requires an Agency plan and a scoped API key from Finalizo settings.
Bearer keys
Keys start with fz_live_ or fz_test_.
Scoped access
Use read, write, or admin scopes per key.
REST JSON
Most responses return data, meta, and error.
Automation
Use REST endpoints or Zapier polling routes.
Base URL: https://finalizo.com/api/v1
/api/v1/openapi.jsonpublicDownload the OpenAPI 3.1 spec/api/v1/authreadValidate an API key/api/v1/mereadGet the authenticated workspace user/api/v1/projectsreadList projects. Query: status, limit, cursor/api/v1/projectswriteCreate a project and handover pack/api/v1/projects/:idreadGet project details/api/v1/projects/:idwriteUpdate project name, status, or launch date/api/v1/projects/:id/packreadGet handover pack items, resources, terms, and masked credentials/api/v1/projects/:id/pack/sendwriteMark the pack as sent and return the client URL/api/v1/projects/:id/signoffreadGet sign-off status for a project/api/v1/clientsreadList clients. Query: limit, cursor/api/v1/clientswriteCreate or update a client by email/api/v1/clients/:idreadGet a client and linked projects/api/v1/signoffsreadList sign-offs. Query: status, limit, cursor/api/v1/templatesreadList built-in handover templates/api/v1/zapier/actions/create-projectwriteZapier action: create project/api/v1/zapier/actions/send-packwriteZapier action: send pack/api/v1/zapier/triggers/pack-sentreadZapier polling trigger: pack sent/api/v1/zapier/triggers/pack-viewedreadZapier polling trigger: pack viewed/api/v1/zapier/triggers/client-signed-offreadZapier polling trigger: client signed offcurl https://finalizo.com/api/v1/projects \
-H "Authorization: Bearer fz_live_your_key_here"const response = await fetch("https://finalizo.com/api/v1/projects", {
headers: { Authorization: "Bearer fz_live_your_key_here" }
});
const payload = await response.json();curl https://finalizo.com/api/v1/projects \
-X POST \
-H "Authorization: Bearer fz_live_your_key_here" \
-H "Content-Type: application/json" \
-d '{
"name": "Website closeout",
"clientName": "Jane Smith",
"clientEmail": "jane@example.com",
"projectType": "Web Design",
"launchDate": "2026-06-01"
}'curl https://finalizo.com/api/v1/zapier/actions/create-project \
-X POST \
-H "Authorization: Bearer fz_live_your_key_here" \
-H "Content-Type: application/json" \
-d '{
"project_name": "Website closeout",
"client_name": "Jane Smith",
"client_email": "jane@example.com",
"project_type": "Web Design",
"launch_date": "2026-06-01"
}'curl https://finalizo.com/api/v1/zapier/actions/send-pack \
-X POST \
-H "Authorization: Bearer fz_live_your_key_here" \
-H "Content-Type: application/json" \
-d '{
"project_id": "project_abc123",
"personal_message": "The handover pack is ready for review."
}'Generate keys in App Settings. Store the token once when it is created, then send it on every request.
Authorization: Bearer fz_live_your_key_hereRead endpoints need the read scope. Mutating endpoints need write or admin.
Standard API errors include a request ID. Use it when asking support to inspect a failed integration.
{
"data": null,
"meta": {
"request_id": "req_abc123",
"timestamp": "2026-05-27T12:00:00.000Z"
},
"error": {
"code": "VALIDATION",
"message": "Invalid request body.",
"docs": "https://finalizo.com/developers#errors"
}
}Create a dedicated API key, give it the narrowest scope required, then test with GET /auth before wiring production workflows.
Open API key settings