Skip to main content
Invoice Comment Add API
curl --request POST \
  --url https://api.pazy.io/v1.0/invoice/:invoiceId/comment

Documentation Index

Fetch the complete documentation index at: https://docs.pazy.io/llms.txt

Use this file to discover all available pages before exploring further.

Authentication

All requests require an API key in the request headers. Headers: 
Authorization: Api-Key YOUR_API_KEY
Content-Type: application/json

Request

Content-Type: application/json

Path Parameters

ParameterTypeRequiredDescription
invoiceIdstringYesUnique identifier of the invoice to comment on

Body Parameters

ParameterTypeRequiredDescription
commentstringYesThe comment text (1–1500 characters). May contain @<userId> mentions — see Mentions below.

Mentions

Comments support user mentions in the form @<userId> (the user’s id / slug). When rendered via the Invoice Comments API, valid @<userId> tokens are replaced with the user’s display name (e.g., @John Doe). Mentions whose user id does not exist in your organization are kept in the text as-is — they are not rejected.

Code Examples

curl -X POST https://api.pazy.io/v1.0/invoice/<invoiceId>/comment \
  -H "Authorization: Api-Key YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "comment": "Please review this invoice @<userId>"
  }'

Success Response

HTTP Status: 200 OK Response Fields:
FieldTypeDescription
okbooleanIndicates whether the request was successful
insertbooleanIndicates the comment was inserted on the invoice

Response Example

{
  "ok": true,
  "insert": true
}

Error Responses

Missing Comment

HTTP Status: 400 Bad Request 
{
  "ok": false,
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Validation failed: /body: must have required property 'comment'"
  }
}

Invalid Comment Type

HTTP Status: 400 Bad Request 
{
  "ok": false,
  "error": {
    "code": "INVALID_TYPE",
    "message": "Comment should be a string"
  }
}

Invoice Not Found

HTTP Status: 404 Not Found 
{
  "ok": false,
  "error": {
    "code": "INVOICE_NOT_FOUND",
    "message": "Invoice not found"
  }
}

Access Denied

HTTP Status: 403 Forbidden 
{
  "ok": false,
  "error": {
    "code": "ACCESS_DENIED",
    "message": "Access denied: You can only view your own invoices or invoices where you are the vendor owner"
  }
}
Returned when the caller is not an admin / bookkeeper, did not create the invoice, and is not the owner of its vendor.

Authentication Errors

HTTP Status: 401 Unauthorized 
{
  "ok": false,
  "error": {
    "code": "MISSING_CREDENTIALS",
    "message": "Missing Credentials"
  }
}

{
  "ok": false,
  "error": {
    "code": "INVALID_API_KEY",
    "message": "Invalid API Key"
  }
}

Permission Errors

HTTP Status: 403 Forbidden 
{
  "ok": false,
  "error": {
    "code": "INSUFFICIENT_PERMISSIONS",
    "message": "Permission check failed - PERMISSION_CHECK_FAILED"
  }
}

Internal Error

HTTP Status: 500 Internal Server Error 
{
  "ok": false,
  "error": {
    "code": "INTERNAL_ERROR",
    "message": "Internal error"
  }
}

Best Practices

  • Keep comments under 1500 characters — longer text is rejected with VALIDATION_ERROR
  • Use @<userId> to address specific users — fetch the id from the User List API or User Details API
  • The comment author is the user tied to the API key — there is no userId field in the body
  • Use the Invoice Comments API to retrieve the thread with mentions resolved to user names