Programmatically retrieve your invoices and payment transactions, and integrate Data Handler into your own applications and automated workflows.
The Data Handler LLC REST API lets you read your invoice and transaction data using standard HTTP methods. All response bodies use JSON. The API is versioned — the current version is v1.
API access requires a paid plan that includes API support. You can create and manage API keys from Settings → API Keys.
All requests must include a secret API key as a Bearer token in the Authorization header. Never expose your secret key in client-side code or public repositories.
Authorization: Bearer sk_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxWhen creating an API key you define its scope — the exact paths and methods the key is permitted to call. Scope entries use the format METHOD:/path and support wildcards and path parameters:
GET:/v1/invoices
GET:/v1/transactions
*:*A request that doesn't match any scope entry is rejected with 403 Forbidden.
Optionally restrict an API key to specific IP ranges by adding CIDR blocks (e.g. 203.0.113.0/24). If any CIDR blocks are configured, requests from IPs outside those ranges are rejected with 403 Forbidden.
https://api.datahandlerllc.com/v1/The API uses a leaky bucket algorithm. Each key has a configurable request-per-minute limit (default: 60). When the limit is exceeded the API returns 429 Too Many Requests with a Retry-After header indicating how many seconds to wait.
HTTP/1.1 429 Too Many Requests
Retry-After: 12All responses include an errors array. On success it is empty. On failure it contains one or more error objects:
{
"errors": [
{
"message": "Entry not found.",
"type": "invalid_request_error"
}
]
}| type | Meaning |
|---|---|
| auth_error | Missing or invalid API key |
| security_error | HTTPS required, IP blocked, or scope denied |
| invalid_request_error | Missing parameter, wrong type, resource not found |
| rate_limit_error | Too many requests |
| api_error | Unexpected server-side error |
Verify that the API is reachable and your credentials are valid. Like all API endpoints, requires authentication.
curl https://api.datahandlerllc.com/v1/ping \
-H "Authorization: Bearer sk_live_..."{
"timestamp": "Sat, 01 Mar 2026 12:00:00 GMT",
"errors": []
}An invoice represents a bill issued to your account. Invoices carry line items and any payment transactions applied against them. Invoices are read-only via the API.
Returns a paginated list of invoices for the account, newest first. 25 invoices per page.
| Parameter | Type | Description | |
|---|---|---|---|
| page | integer | optional | Page number. Default 1. |
| status | integer | optional | Filter by status: 1 unpaid, 2 paid, 3 void, 4 partially paid. |
curl "https://api.datahandlerllc.com/v1/invoices?page=1&status=1" \
-H "Authorization: Bearer sk_live_xxxx"{
"invoices": [
{
"uuid": "01234567-89ab-cdef-0123-456789abcdef",
"full_id": "INV-00042",
"status": 1,
"status_label": "unpaid",
"subtotal_amount": "1500.00",
"discount_amount": "0.00",
"tax_amount": "0.00",
"applied_amount": "0.00",
"total_amount": "1500.00",
"memo": "March development retainer",
"created_at": "2026-03-01T14:00:00+00:00",
"updated_at": "2026-03-01T14:00:00+00:00"
}
],
"total": 1,
"page": 1,
"per_page": 25,
"errors": []
}Returns a single invoice by UUID, including its line items and transactions.
curl https://api.datahandlerllc.com/v1/invoices/01234567-89ab-cdef-0123-456789abcdef \
-H "Authorization: Bearer sk_live_xxxx"{
"invoice": {
"uuid": "01234567-89ab-cdef-0123-456789abcdef",
"full_id": "INV-00042",
"status": 2,
"status_label": "paid",
"subtotal_amount": "1500.00",
"discount_amount": "0.00",
"tax_amount": "0.00",
"applied_amount": "1500.00",
"total_amount": "1500.00",
"memo": "March development retainer",
"created_at": "2026-03-01T14:00:00+00:00",
"updated_at": "2026-03-05T09:30:00+00:00",
"line_items": [
{
"uuid": "aabbccdd-eeff-0011-2233-445566778899",
"description": "Development services — March",
"quantity": 1,
"unit_price": "1500.00",
"total_price": "1500.00",
"status": 1
}
],
"transactions": [
{
"uuid": "99887766-5544-3322-1100-ffeeddccbbaa",
"type": 1,
"type_label": "credit_card",
"status": 2,
"status_label": "captured",
"amount": "1500.00",
"refund_amount": "0.00",
"created_at": "2026-03-05T09:30:00+00:00"
}
]
},
"errors": []
}A transaction represents a payment event — a charge, check payment, refund, or failed attempt — usually tied to an invoice. Transactions are read-only via the API.
Returns a paginated list of transactions for the account, newest first. 25 transactions per page.
| Parameter | Type | Description | |
|---|---|---|---|
| page | integer | optional | Page number. Default 1. |
| status | integer | optional | Filter by status: 1 authorized, 2 captured, 3 refunded, 4 failed. |
| type | integer | optional | Filter by type: 1 credit card, 2 check. |
curl "https://api.datahandlerllc.com/v1/transactions?status=2" \
-H "Authorization: Bearer sk_live_xxxx"{
"transactions": [
{
"uuid": "99887766-5544-3322-1100-ffeeddccbbaa",
"invoice_uuid": "01234567-89ab-cdef-0123-456789abcdef",
"type": 1,
"type_label": "credit_card",
"status": 2,
"status_label": "captured",
"amount": "1500.00",
"refund_amount": "0.00",
"refunded_at": null,
"created_at": "2026-03-05T09:30:00+00:00"
}
],
"total": 1,
"page": 1,
"per_page": 25,
"errors": []
}Returns a single transaction by UUID.
curl https://api.datahandlerllc.com/v1/transactions/99887766-5544-3322-1100-ffeeddccbbaa \
-H "Authorization: Bearer sk_live_xxxx"{
"transaction": {
"uuid": "99887766-5544-3322-1100-ffeeddccbbaa",
"invoice_uuid": "01234567-89ab-cdef-0123-456789abcdef",
"type": 1,
"type_label": "credit_card",
"status": 2,
"status_label": "captured",
"amount": "1500.00",
"refund_amount": "0.00",
"refunded_at": null,
"created_at": "2026-03-05T09:30:00+00:00"
},
"errors": []
}Webhooks push event notifications to your server as they happen, so you don't need to poll the API. Create webhook endpoints from Settings → Webhooks. Each endpoint subscribes to the event types you select and receives an HTTPS POST with a JSON payload for every matching event.
{
"id": "0196c9e2-7a31-7cde-8f12-3456789abcde",
"type": "invoice.paid",
"created": 1772800200,
"data": {
"object": { ... }
}
}| Event | Fires when |
|---|---|
| invoice.created | An invoice is issued to your account |
| invoice.paid | An invoice is paid in full |
| invoice.voided | An invoice is voided |
| transaction.captured | A payment is captured successfully |
| transaction.failed | A payment attempt fails |
| transaction.refunded | A payment is refunded |
| user.created | Your account is created |
| user.updated | Your account profile is updated |
| user.deleted | Your account is deleted |
| team_member.created | A team member is added to your account |
| team_member.deleted | A team member is removed from your account |
Every delivery is signed with your endpoint's secret (shown once when the endpoint is created). Verify the signature before trusting the payload:
X-DataHandler-Signature: sha256=<HMAC-SHA256 of the raw request body, keyed with your endpoint secret>
X-DataHandler-Event: invoice.paidCompute hash_hmac('sha256', $rawBody, $secret) (or your language's equivalent) and compare it against the value after sha256= using a constant-time comparison. Respond with a 2xx status within 10 seconds; failed deliveries are retried with exponential backoff, up to 6 attempts total.