API overview
Orsane exposes a small REST API for reading and creating tasks. Every endpoint lives under the same base URL and is authenticated with an API key plus the ID of the team you want to act on.
Base URL
Section titled “Base URL”All routes shown in this section are relative to that base URL.
Interactive reference
Section titled “Interactive reference”The full machine-generated reference is available as Swagger UI. You can use Try it out there to send live requests against your own team once the two auth headers are filled in.
Authentication
Section titled “Authentication”Every request must include the following header:
| Header | Value |
|---|---|
x-api-key | A personal API key. Create one in Settings → API keys. |
Each API key is bound to a single team at creation time — the team you have active when you click Create API key. The key only ever sees data from that team.
Requests without a valid x-api-key get 401 Unauthorized. If you’ve been
removed from the team the key was created in, you’ll get
403 Forbidden.
Endpoints
Section titled “Endpoints”| Method | Path | Description |
|---|---|---|
GET | /v1/lists | List task lists |
POST | /v1/lists | Create a task list |
GET | /v1/tasks | List tasks |
POST | /v1/tasks | Create a task |
GET | /v1/tasks/{taskId} | Get a task by id |
PATCH | /v1/tasks/{taskId} | Update a task |
GET | /v1/task-statuses | List task statuses |
GET | /v1/users | List users |
Conventions
Section titled “Conventions”A few things that hold across every endpoint:
- IDs. Task and list IDs are integers; user and team IDs are strings (UUIDs). Path parameters are always passed as strings and validated on the server.
- Timestamps. All timestamps are ISO 8601 strings in UTC
(
2026-05-08T12:34:56.000Z). - Errors. Errors return JSON of the shape
{ "error": "..." }with an appropriate HTTP status code. - Scoping. Every read is scoped to the team the API key is bound to — you’ll never see data from a team the key wasn’t created in.