The Tallyfy REST API lets developers build custom integrations with core platform features through code.
Tallyfy’s “API-first” approach means the public API gives you the same functionality that powers our web app. Everything we built for ourselves, you get too. We depend on these APIs just as much as you do - so they’re stable and well-maintained. As an independent platform committed to data portability, we ensure you always have full programmatic access to your workflows and data.
Tallyfy provides three authentication methods for API access:
User token authentication - Get a token for a specific Tallyfy user (from their profile or through the API). Your app works with that user’s exact permissions.
Note: Personal access tokens are invalidated when users log out. For long-running automations, use application tokens instead.
Application token authentication - Get app-level credentials (client ID and secret) so your application can act on behalf of multiple users. Ideal for server-to-server connections.
OAuth authentication flow - The industry-standard way to let users grant your app access to their Tallyfy data without sharing passwords. Recommended for third-party apps. Learn more.
Required headers
Every API request must include these headers:
Authorization: Bearer {your_access_token}
Accept: application/json
X-Tallyfy-Client: APIClient
Available API operations
The API provides access to core Tallyfy features:
Category
Operations
Process management
Launch processes, monitor status, cancel runs
Task operations
Complete tasks, update form data, manage comments
User management
Create/manage users, configure roles and permissions
Template control
Create/update templates, manage steps and form fields
Data export
Export process data, retrieve reporting information
File management
Upload files, manage attachments
API response format
Tallyfy API responses follow standard conventions:
All data returns as JSON.
Standard HTTP status codes indicate outcomes (200 for success, 4xx/5xx for errors).
Error responses include clear error messages.
List endpoints support pagination.
Rate limits
Tallyfy enforces rate limits per organization. If you’re hitting limits regularly, implement caching or batching - and contact support for high-volume use cases.
Getting started
Get your API credentials - Find your API keys/tokens at Settings > Integrations > REST API in Tallyfy.
Read the API docs - Browse the official API reference ↗ for endpoint details.
Check code examples - See practical examples on Tallyfy’s GitHub repo ↗ in various programming languages.
Tallyfy’s REST API enables you to connect workflow features to external systems using OAuth 2.0 authentication with required Bearer tokens and X-Tallyfy-Client headers while mapping API terminology like Checklists and Runs to their UI equivalents of Templates and Processes and handling token refresh and multi-organization context for reliable integrations.
Third-party apps can access Tallyfy’s API through an OAuth 2.0 client credentials flow where the app first obtains an application-level token using a client ID and secret and then exchanges it for user-specific tokens to perform workflow actions on behalf of individual users within a paid organization.
Tallyfy API authentication requires either a personal access token (from Settings lasting 6 months) or a client credentials OAuth flow (using client ID and secret for 7-day tokens) and every request must include Authorization Bearer token along with Accept and X-Tallyfy-Client headers to work properly.
Tallyfy’s REST API code samples are organized by resource category with working examples in six programming languages and every request requires a Bearer token along with Accept and X-Tallyfy-Client headers sent to the org-scoped base URL at go.tallyfy.com/api.