{"activeVersionTag":"latest","latestAvailableVersionTag":"latest","collection":{"info":{"_postman_id":"a5812d21-18c4-4a4b-a686-c428f0126efb","name":"Sors API","description":"This API is used for communication with the **Sors** application database. It is based on REST principles – all data is exchanged using standard HTTP methods (`GET`, `POST`, `PUT`, `DELETE`) and JSON format. Use the described endpoints and instructions to interact with the data successfully.\n\nBefore testing, make sure to:\n\n- Use the correct base URL.\n    \n- Provide a valid API key in your requests.\n    \n\n## Base URL\n\n```\nhttps://api.sors.rs\n\n ```\n\n## Authentication\n\nThe API uses **API Key authentication**.\n\nEach request must include the **Authorization** header in the following format:\n\n- **Header:** `Authorization`\n    \n- **Header Sheme:** `ApiKey`\n    \n- **Header Parameter:** `{your_api_key}`\n    \n\n**Important:** The value must start with the word `ApiKey`, followed by a space, and then your actual key. You will receive your API key from **Softkom d.o.o.**\n\n##### Example:\n\n```\nAuthorization: ApiKey abcd1234efgh567\n\n ```\n\n## **Access to multiple databases**\n\nSince a single user can have access to multiple databases, the API key is associated with **all databases** available to that user.\n\n**Example:**  \nWhen a user creates a financial year closing, a new database is generated for each year.  \nFor instance:\n\n- `MyDatabase2023`\n    \n- `MyDatabase2024`\n    \n- `MyDatabase2025`\n    \n\nWith the same API key, the user can access all of these databases.\n\n## **Database for testing purposes**\n\nFor testing purposes, the _Demo2_ database is provided. Please note that you do **not** have exclusive access to this database. It is shared by multiple users, which means that data may be added, modified, or deleted at any time without your knowledge.\n\n## Response Envelope\n\nAll responses are returned in a unified JSON envelope that always contains the **`success`** field.\n\n### Successful Response\n\n``` json\n{\n  \"success\": true,\n  \"data\": { }\n}\n\n ```\n\n##### Fields\n\n- **`success`** _(boolean)_ — always `true` for successful responses.\n    \n- **`data`** _(object | array | string | number | null)_ — the operation result. Can contain a single object, a list, a primitive value, or `null`.\n    \n\n##### Example (object)\n\n``` json\n{\n  \"success\": true,\n  \"data\": {\n    \"Id\": 1,\n    \"Name\": \"Kupac DOO\",\n    \"VATNumber\": \"123456789\",\n    \"Address\": \"Bulevar 1, Beograd\",\n    \"PhoneNumber\": \"+38111222333\"\n  }\n}\n\n ```\n\n##### **Example (list)**\n\n``` json\n{\n  \"success\": true,\n  \"data\": [\n    { \"Id\": 1, \"Name\": \"Kupac DOO\" },\n    { \"Id\": 2, \"Name\": \"Firma d.o.o.\" }\n  ]\n}\n\n ```\n\n### Error Response\n\nAll error responses are returned in the same envelope.\n\n``` json\n{\n  \"success\": false,\n  \"errorMessage\": \"Error description\",\n  \"errorCode\": 400,\n  \"localErrorCode\": 1001\n}\n\n ```\n\n##### Fields\n\n- **`success`** _(boolean)_ — always `false` for error responses.\n    \n- **`errorMessage`** _(string)_ — error message.\n    \n- **`errorCode`** _(number)_ — HTTP status code (e.g., `400`, `401`, `404`, `500`).\n    \n- **`localErrorCode`** _(number)_ — internal error code (e.g., `1001`, `4001`, `4002`).\n    \n    - Numeric value, see the complete list in the **Local error code** folder at the bottom of the page.\n        \n\n**Example**\n\n``` json\n{\n  \"success\": false,\n  \"errorMessage\": \"Parameter 'Name' is required.\",\n  \"errorCode\": 400,\n  \"localErrorCode\": 1001\n}\n\n ```\n\n## Limitations\n\n### Request rate limit\n\nThe API enforces a request rate limit to ensure system stability and fair usage among all clients.  \n**Maximum allowed:** 20 requests per second per API key.\n\nWhen the limit is exceeded, the API returns **HTTP status code 406 – NotAcceptable** and **Local error code 4029** with the following message:\n\n```\nToo many requests – the maximum request rate limit has been exceeded.\n\n ```\n\n**Recommendation:** Implement a mechanism in your application that prevents sending more than 20 requests per second per API key.\n\n### Request limit for heavy operations\n\nThe API enforces a request limit for heavy operations to ensure system stability and fair usage among all clients. Certain API requests are considered **heavy operations** due to their complexity or the amount of data they process.  \n**Maximum allowed:** 60 requests per hour per API key.\n\nWhen the limit is exceeded, the API returns **HTTP status code 406 – Not Acceptable** and **local error code 4030** with the following message:\n\n``` antlr4\nToo many requests for a heavy operation – the request limit for a heavy operations has been exceeded.\n\n ```\n\n**Definition of heavy operations:**  \nOnly requests that perform database **read operations** (select) can be considered heavy operations. However, not all read requests are heavy operations. Requests that are likely to return a list containing more than 100 items are considered heavy operations.  \nAny request that perform database **write operation** (insert, update, delete) **is** **not** considered a heavy operation.\n\nFor example:\n\n- The _InventoryAllBU_ request is considered a heavy operation because it **is** likely to return more than 100 items.\n    \n- The _GetBusinessUnits_ request **is** **not** considered a heavy operation, since it typically returns only a small number of items.\n    \n\nFor each request described in this guide, it is specified whether the request is considered a heavy operation.\n\n**Recommendation:** Implement a mechanism in your application that tracks and limits the number of calls to heavy operations to a maximum of 60 per hour per API key.\n\n### Other limitations\n\nIf the server receives a large number of invalid or malformed requests, your requests may be temporarily blocked to protect the system from abuse.\n\n**Note:**  \nRepeated violations may result in longer suspension or permanent blocking of access.","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","isPublicCollection":false,"owner":"34472906","team":8281918,"collectionId":"a5812d21-18c4-4a4b-a686-c428f0126efb","publishedId":"2sB3HrkHMa","public":true,"publicUrl":"https://documenter-api.postman.tech/view/34472906/2sB3HrkHMa","privateUrl":"https://go.postman.co/documentation/34472906-a5812d21-18c4-4a4b-a686-c428f0126efb","customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"FF6C37"},"documentationLayout":"classic-double-column","customisation":{"metaTags":[{"name":"description","value":"Ovaj API omogućava aplikacijama da bezbedno čitaju i upisuju podatke iz programa Sors (npr. kupci, računi, kalkulacije…). Komunikacija je REST preko HTTPS-a, a podaci se razmenjuju u JSON formatu."},{"name":"title","value":"Dokumentacija za pristupanje programu Sors preko API."}],"appearance":{"default":"light","themes":[{"name":"dark","logo":null,"colors":{"top-bar":"212121","right-sidebar":"303030","highlight":"FF6C37"}},{"name":"light","logo":null,"colors":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"FF6C37"}}]}},"version":"8.10.1","publishDate":"2025-10-31T12:15:53.000Z","activeVersionTag":"latest","documentationTheme":"light","metaTags":{"title":"Dokumentacija za pristupanje programu Sors preko API.","description":"Ovaj API omogućava aplikacijama da bezbedno čitaju i upisuju podatke iz programa Sors (npr. kupci, računi, kalkulacije…). Komunikacija je REST preko HTTPS-a, a podaci se razmenjuju u JSON formatu."},"logos":{"logoLight":null,"logoDark":null}},"statusCode":200},"environments":[],"user":{"authenticated":false,"permissions":{"publish":false}},"run":{"button":{"js":"https://run.pstmn.io/button.js","css":"https://run.pstmn.io/button.css"}},"web":"https://www.getpostman.com/","team":{"logo":"https://res.cloudinary.com/postman/image/upload/t_team_logo_pubdoc/v1/team/e44251223d31e697aebe5abce6df90224b49f68844e5fa546f8d145c6ac1b76e","favicon":""},"isEnvFetchError":false,"languages":"[{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"HttpClient\"},{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"RestSharp\"},{\"key\":\"curl\",\"label\":\"cURL\",\"variant\":\"cURL\"},{\"key\":\"dart\",\"label\":\"Dart\",\"variant\":\"http\"},{\"key\":\"go\",\"label\":\"Go\",\"variant\":\"Native\"},{\"key\":\"http\",\"label\":\"HTTP\",\"variant\":\"HTTP\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"OkHttp\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"Unirest\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"Fetch\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"jQuery\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"XHR\"},{\"key\":\"c\",\"label\":\"C\",\"variant\":\"libcurl\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Axios\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Native\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Request\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Unirest\"},{\"key\":\"objective-c\",\"label\":\"Objective-C\",\"variant\":\"NSURLSession\"},{\"key\":\"ocaml\",\"label\":\"OCaml\",\"variant\":\"Cohttp\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"cURL\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"Guzzle\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"HTTP_Request2\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"pecl_http\"},{\"key\":\"powershell\",\"label\":\"PowerShell\",\"variant\":\"RestMethod\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"http.client\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"Requests\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"httr\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"RCurl\"},{\"key\":\"ruby\",\"label\":\"Ruby\",\"variant\":\"Net::HTTP\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"Httpie\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"wget\"},{\"key\":\"swift\",\"label\":\"Swift\",\"variant\":\"URLSession\"}]","languageSettings":[{"key":"csharp","label":"C#","variant":"HttpClient"},{"key":"csharp","label":"C#","variant":"RestSharp"},{"key":"curl","label":"cURL","variant":"cURL"},{"key":"dart","label":"Dart","variant":"http"},{"key":"go","label":"Go","variant":"Native"},{"key":"http","label":"HTTP","variant":"HTTP"},{"key":"java","label":"Java","variant":"OkHttp"},{"key":"java","label":"Java","variant":"Unirest"},{"key":"javascript","label":"JavaScript","variant":"Fetch"},{"key":"javascript","label":"JavaScript","variant":"jQuery"},{"key":"javascript","label":"JavaScript","variant":"XHR"},{"key":"c","label":"C","variant":"libcurl"},{"key":"nodejs","label":"NodeJs","variant":"Axios"},{"key":"nodejs","label":"NodeJs","variant":"Native"},{"key":"nodejs","label":"NodeJs","variant":"Request"},{"key":"nodejs","label":"NodeJs","variant":"Unirest"},{"key":"objective-c","label":"Objective-C","variant":"NSURLSession"},{"key":"ocaml","label":"OCaml","variant":"Cohttp"},{"key":"php","label":"PHP","variant":"cURL"},{"key":"php","label":"PHP","variant":"Guzzle"},{"key":"php","label":"PHP","variant":"HTTP_Request2"},{"key":"php","label":"PHP","variant":"pecl_http"},{"key":"powershell","label":"PowerShell","variant":"RestMethod"},{"key":"python","label":"Python","variant":"http.client"},{"key":"python","label":"Python","variant":"Requests"},{"key":"r","label":"R","variant":"httr"},{"key":"r","label":"R","variant":"RCurl"},{"key":"ruby","label":"Ruby","variant":"Net::HTTP"},{"key":"shell","label":"Shell","variant":"Httpie"},{"key":"shell","label":"Shell","variant":"wget"},{"key":"swift","label":"Swift","variant":"URLSession"}],"languageOptions":[{"label":"C# - HttpClient","value":"csharp - HttpClient - C#"},{"label":"C# - RestSharp","value":"csharp - RestSharp - C#"},{"label":"cURL - cURL","value":"curl - cURL - cURL"},{"label":"Dart - http","value":"dart - http - Dart"},{"label":"Go - Native","value":"go - Native - Go"},{"label":"HTTP - HTTP","value":"http - HTTP - HTTP"},{"label":"Java - OkHttp","value":"java - OkHttp - Java"},{"label":"Java - Unirest","value":"java - Unirest - Java"},{"label":"JavaScript - Fetch","value":"javascript - Fetch - JavaScript"},{"label":"JavaScript - jQuery","value":"javascript - jQuery - JavaScript"},{"label":"JavaScript - XHR","value":"javascript - XHR - JavaScript"},{"label":"C - libcurl","value":"c - libcurl - C"},{"label":"NodeJs - Axios","value":"nodejs - Axios - NodeJs"},{"label":"NodeJs - Native","value":"nodejs - Native - NodeJs"},{"label":"NodeJs - Request","value":"nodejs - Request - NodeJs"},{"label":"NodeJs - Unirest","value":"nodejs - Unirest - NodeJs"},{"label":"Objective-C - NSURLSession","value":"objective-c - NSURLSession - Objective-C"},{"label":"OCaml - Cohttp","value":"ocaml - Cohttp - OCaml"},{"label":"PHP - cURL","value":"php - cURL - PHP"},{"label":"PHP - Guzzle","value":"php - Guzzle - PHP"},{"label":"PHP - HTTP_Request2","value":"php - HTTP_Request2 - PHP"},{"label":"PHP - pecl_http","value":"php - pecl_http - PHP"},{"label":"PowerShell - RestMethod","value":"powershell - RestMethod - PowerShell"},{"label":"Python - http.client","value":"python - http.client - Python"},{"label":"Python - Requests","value":"python - Requests - Python"},{"label":"R - httr","value":"r - httr - R"},{"label":"R - RCurl","value":"r - RCurl - R"},{"label":"Ruby - Net::HTTP","value":"ruby - Net::HTTP - Ruby"},{"label":"Shell - Httpie","value":"shell - Httpie - Shell"},{"label":"Shell - wget","value":"shell - wget - Shell"},{"label":"Swift - URLSession","value":"swift - URLSession - Swift"}],"layoutOptions":[{"value":"classic-single-column","label":"Single Column"},{"value":"classic-double-column","label":"Double Column"}],"versionOptions":[],"environmentOptions":[{"value":"0","label":"No Environment"}],"canonicalUrl":"https://documenter.gw.postman.com/view/metadata/2sB3HrkHMa"}