TimeTracker exposes a REST API for programmatic access to time tracking, projects, tasks, clients, reports, and more. The API is versioned under /api/v1, uses token-based authentication, and returns JSON.
Use the API to integrate with external tools, build custom dashboards, or drive the mobile and desktop apps. All endpoints require authentication via an API token (Bearer or X-API-Key header) unless noted. Pagination, filtering, and error responses are described in the full reference.
- Log in as an administrator.
- Go to Admin β Security & Access β Api-tokens (or
/admin/api-tokens). - Click Create Token, set name, user, and scopes (read/write per resource).
- Copy the token immediately; it is shown only once.
Token format: tt_ followed by 32 random characters.
Send the token on every request:
Bearer (recommended):
curl -H "Authorization: Bearer YOUR_API_TOKEN" \
https://your-domain.com/api/v1/projectsAPI key header:
curl -H "X-API-Key: YOUR_API_TOKEN" \
https://your-domain.com/api/v1/projects| Area | Endpoints (examples) | Description |
|---|---|---|
| Projects | /api/v1/projects |
List, create, get, update, delete projects |
| Time entries | /api/v1/time-entries |
List, create, get, update, delete time entries; timer start/stop |
| Tasks | /api/v1/tasks |
List, create, get, update, delete tasks |
| Clients | /api/v1/clients |
List, create, get, update, delete clients |
| Reports | /api/v1/reports |
Run reports and export data |
| Deals & leads | /api/v1/deals, /api/v1/leads |
CRM deals and leads |
| Contacts | /api/v1/clients/<id>/contacts |
Client contacts |
| Search | /api/v1/search |
Global search across projects, tasks, clients |
| Time approvals | /api/v1/time-entry-approvals |
Approve, reject, request approval for time entries |
Access is controlled by scopes (e.g. read:projects, write:time_entries). Create a token with the scopes you need; see API Token Scopes.
List projects:
curl -H "Authorization: Bearer YOUR_API_TOKEN" \
https://your-domain.com/api/v1/projectsCreate a time entry:
curl -X POST -H "Authorization: Bearer YOUR_API_TOKEN" \
-H "Content-Type: application/json" \
-d '{"project_id": 1, "start_time": "2025-01-27T09:00:00", "end_time": "2025-01-27T17:00:00", "notes": "Work on feature"}' \
https://your-domain.com/api/v1/time-entriesReplace your-domain.com with your TimeTracker host and YOUR_API_TOKEN with your token.
- REST API reference β All endpoints, request/response formats, pagination, errors
- API Consistency Audit β Response contracts, error format, pagination
- API Token Scopes β Scopes and permissions
- API Versioning β Versioning policy and usage