Skip to content
Integrations

Public API v1.0 (legacy)

Last updated: May 2, 2026

Company Owners and Company Admins on the Elite plan.

API v1.0 gives you access to:

  • Clients — list, filter, and create clients
  • Contacts — list and create contact persons linked to clients
  • Client groups — read client group structures
  • Client fields — access custom field definitions and values for clients
  • Tasks — list and filter tasks
  • Task fields — access custom field definitions and values for tasks
  • Time entries — query tracked time data
  • Members — list team members
  • Member groups — read member group structures
  • Invoices — query invoice data
  • Contracts — query contract data
  • Products — list products
  • Product fields — access custom field definitions and values for products
  • Invoice sellers — read invoice seller profiles
  • Topics — list task topics
  • Webhooks — subscribe to real-time event notifications

All endpoints follow standard REST conventions and return JSON. v1.0 is mostly a reading API: only clients, contacts, tasks, and webhook subscriptions can be created, nothing can be updated, and the only thing you can delete is a webhook subscription (to unsubscribe). If you need to write back to Uku, use API v3.

  • Business Intelligence (BI) — pull tasks, time entries, contracts, and invoices into your BI or analytics platform to analyse client, employee, service, or topic profitability and plan capacity.
  • Custom integrations — connect Uku to internal tools or to accounting software not yet covered by Uku’s built-in integrations.
  • Custom dashboards — power internal team dashboards with live Uku data.
  • Data export pipelines — schedule regular extracts to a data warehouse.
  1. Go to Settings & Apps.
  2. Find Public API in the app list (Elite features section).
  3. Open the app and activate it for your company.
  1. Open the Public API app and go to the (old) API tab.
  2. Enter a Name for your API key pair (for example, “Reporting tool” or “Zapier integration”).
  3. Click Generate new API KEY.
  4. Your new API key and API secret appear in the table. Use the copy button to copy each value.

You can create multiple API key pairs for different integrations. Delete a key pair by clicking the trash icon in the table — this immediately revokes access for any integration using those credentials.

Send a POST request to the login endpoint with your API key and secret:

POST https://app.getuku.com/api/v1.0/login
Content-Type: application/json
{
"api_key": "your-api-key",
"api_secret": "your-api-secret"
}

The response contains a JWT token:

{
"data": {
"token": "eyJhbGciOiJIUzI1NiIs..."
}
}

Include the token in the Authorization header for all subsequent requests:

GET https://app.getuku.com/api/v1.0/clients
Authorization: Bearer eyJhbGciOiJIUzI1NiIs...

The interactive API documentation is available at app.getuku.com/docs/sandbox/. You can test endpoints, see request and response schemas, and try queries directly from your browser. Note that the webhook subscription endpoint is not listed there — it exists, but the sandbox doesn’t document it.

JWT tokens expire after 10 minutes. When a token expires, authenticate again to get a new one. Design your integration to handle re-authentication automatically.

  • Keep your API secret confidential. Treat it like a password. Never commit it to version control or share it in plain text.
  • Use separate key pairs for different integrations. If one is compromised, revoke its key without affecting others.
  • Tokens are short-lived. The 10-minute expiration window limits exposure if a token is intercepted.
  • Delete unused keys. If you decommission an integration, remove its API key pair immediately.
  • All requests require HTTPS. The API base URL uses TLS encryption. Never send credentials or tokens over plain HTTP.
  • API access is scoped to your company. Each key pair is tied to a specific company — you can only access data that belongs to your company.