Programmatic access to your workspace.
A versioned REST API (v1) plus signed outbound webhooks, with SHA-256 hashed keys and per-key rate limits — everything you need to integrate DARCY with the rest of your stack.

Who it's for
Developers
Read and write to DARCY from your own tools.
Ops teams
Pipe DARCY events into Slack, Zapier or your data warehouse.
Integrators
Build vertical add-ons on a stable, versioned API.
Why teams love it
Outcomes, not just features.
Secure by design
SHA-256 hashed keys, HMAC-signed webhooks, per-key rate limits.
Versioned & stable
v1 endpoints with a clear deprecation policy.
Realtime events
Signed outbound webhooks fire the moment something changes.
Per-org scoping
Keys never see data outside their workspace.
How it works
Mint a key
Create per-integration API keys from the admin panel.
Call the REST API
Read/write invoices, leave, visitors and contacts over HTTPS.
Subscribe to webhooks
Register HMAC-signed endpoints for realtime events.
Everything included
REST
v1: invoices, leave, visitors, contacts
Core resources exposed with pagination and filters.
OpenAPI spec
Import into Postman, Insomnia or any generator.
Events
Signed outbound webhooks
HMAC signatures let you verify authenticity.
Rate limits & quotas per key
Protect production from noisy integrations.
Plays nicely with
Frequently asked questions
Do you have an OpenAPI spec?+
Yes — importable into Postman or any code generator.
How do I verify webhook signatures?+
Every webhook includes an HMAC-SHA256 signature over the payload using your secret.
Is there a sandbox?+
Use a separate workspace for staging; keys and webhooks are per-workspace.
What are the rate limits?+
Sensible defaults per key, tunable on Business/Enterprise plans.
Pairs well with
Try API & Webhooks free for 14 days
No credit card required for demo requests.