Getting Started Guide

Last Updated: February 11, 2026

1. Introduction

Welcome developers! This guide will help you get started with the Trupocket API.

What is Trupocket?

• API-first personal finance platform - Built for developers and fintech startups
• RESTful API - Manage households, accounts, transactions, budgets, categories, payees, hashtags, and more
• Three subscription plans - Free, Premium, and Developer with different rate limits and features
• Comprehensive tracking - Full transaction register with budgeting, scheduled transactions, and detailed reporting

Quick Links

• Full API Documentation: /docs (Swagger/OpenAPI)
• Privacy Policy: trupocket.com/privacy-policy
• Terms of Service: trupocket.com/terms-of-service
• Support: support@trupocket.app

2. Authentication

Getting Started

1. Create an account at trupocket.app
2. Generate a Personal Access Token (PAT) from your account settings in the web app
3. Use the PAT in the Authorization header for all API requests

Personal Access Tokens (Recommended)

PATs provide long-lived API access for all use cases. Ideal for scripts, CI/CD, server-to-server integrations, and general API usage.

Token Format

• PATs start with tp_ prefix followed by 64 hexadecimal characters
• Example: tp_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6a7b8c9d0e1f2
• The full token is only shown once at creation - store it securely immediately

Plan Limits

• Free: 1 access token
• Premium: 3 access tokens
• Developer: Unlimited
• Enterprise: Unlimited

Creating a PAT

Create a PAT from the Trupocket web app settings, or via the API (requires an existing PAT):

POST /v1/users/access-tokens
Authorization: Bearer YOUR_ACCESS_TOKEN
Content-Type: application/json

{
  "name": "My Integration",
  "expiresAt": 1767225600
}

# expiresAt is optional (Unix timestamp). Omit for tokens that never expire.

# Response (201):
{
  "tokenID": "2BKHGx7z0pFFRyqPqQqRbCPp9xI",
  "name": "My Integration",
  "token": "tp_a1b2c3d4e5f6...",
  "tokenPrefix": "tp_a1b2c3d4",
  "expiresAt": 1767225600,
  "createdAt": 1704067200
}

# IMPORTANT: The "token" field is only returned at creation!
# Copy and store it securely - you cannot retrieve it later.

Using a PAT

curl -X GET "https://api.trupocket.app/v1/households" \
  -H "Authorization: Bearer tp_your_personal_access_token_here"

Managing PATs

# List all PATs
GET /v1/users/access-tokens

# Response:
{
  "accessTokens": [
    {
      "tokenID": "2BKHGx7z0pFFRyqPqQqRbCPp9xI",
      "name": "My Integration",
      "tokenPrefix": "tp_a1b2c3d4",
      "isActive": true,
      "expiresAt": 1767225600,
      "lastUsedAt": 1704153600,
      "createdAt": 1704067200
    }
  ],
  "total": 1,
  "limit": 3
}

# Update a PAT (rename, deactivate, or change expiration)
PATCH /v1/users/access-tokens/{tokenID}
{
  "name": "Renamed Integration",
  "isActive": false
}

# Delete a PAT
DELETE /v1/users/access-tokens/{tokenID}

PAT Security Best Practices

• Store PATs in environment variables, never in code or version control
• Use descriptive names to identify each token's purpose
• Set expiration dates for temporary integrations
• Delete unused tokens immediately
• Use separate tokens for different integrations
• Regularly audit your tokens via GET /v1/users/access-tokens

3. API Overview

Base URL: https://api.trupocket.app/v1

Response Format: JSON

Date/Time Format: Unix timestamps (seconds since epoch)

Currency Format: Integers in smallest denomination (cents for USD)

• Example: $12.34 = 1234
• Example: $100.00 = 10000

Rate Limits by Plan

Rate Limit Headers

X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 847
X-RateLimit-Reset: 1699564800

4. Core Concepts

Hierarchy

User
└── Household(s)
    ├── Accounts (checking, savings, credit cards)
    ├── Categories (for budgeting)
    ├── Payees (merchants, employers)
    ├── Hashtags (custom tags)
    ├── Transactions
    │   ├── Transaction Categories (split transactions)
    │   └── Transaction Hashtags
    └── Scheduled Transactions (recurring transactions)

Household Styles

• 0 (Detailed Tracking) - Full transaction register with budgeting
• Future: Simple Budgeting, Bill Reminder, Calculations

Household Purpose

• 0 (home) - Personal finances
• 1 (office) - Business finances
• 2 (home_office) - Mixed (sole proprietor, freelancer)

Account Types

• chkg - Checking account
• svgs - Savings account
• cc - Credit card

Transaction Cashflow

• expense - Money out
• income - Money in
• transfer - Between your accounts

💡 Hashtags: Dynamic Transaction Grouping

What are Hashtags?

Hashtags allow you to tag transactions with custom labels by including #hashtag in transaction memos. Unlike categories (which are budget-focused), hashtags provide flexible, cross-category grouping for analysis and reporting.

How Hashtags Work:

• Add hashtags anywhere in transaction memos: "Dinner with clients #business #taxdeductible"
• Hashtags are automatically extracted and indexed
• Filter transactions by hashtags using the API
• Track spending across multiple categories with a single tag
• No pre-creation required - hashtags are created automatically when first used

Categories vs Hashtags:

Common Use Cases:

• Tax Tracking: #taxdeductible, #business, #charitable
• Projects: #kitchen-remodel, #wedding, #vacation2024
• Clients (Business): #client-acme, #client-techcorp
• Events: #birthday, #conference, #holiday
• Shared Expenses: #roommate, #reimbursable
• Goals: #savingforhouse, #debtpayoff

Example Transaction with Hashtags:

{
  "payee": "Home Depot",
  "categories": [
    {
      "name": "Home Improvement",
      "amount": 25000,
      "memo": "Kitchen backsplash materials #kitchen-remodel #taxdeductible",
      "dontImpactBudget": false,
      "isCleared": true
    }
  ]
}

# This transaction:
# - Budgeted under "Home Improvement" category
# - Tagged for project tracking (#kitchen-remodel)
# - Tagged for tax purposes (#taxdeductible)
# - Can be filtered/reported on by either hashtag

Filtering by Hashtags:

# Get all transactions for kitchen remodel project
GET /v1/households/{householdID}/detailed-tracking/transactions?hashtags=kitchen-remodel

# Get all tax-deductible transactions
GET /v1/households/{householdID}/detailed-tracking/transactions?hashtags=taxdeductible

# Get transactions for multiple projects
GET /v1/households/{householdID}/detailed-tracking/transactions?hashtags=kitchen-remodel,vacation2024

Pro Tips:

• Use descriptive hashtags: #vacation-hawaii-2024 instead of #trip
• Combine with categories for powerful reporting: budget by category, analyze by hashtag
• Hashtags persist across categories - track a project that spans multiple expense types
• Use hashtags to mark transactions for later review: #needreceipt, #verify
• No limit on hashtag count per transaction - tag as much as needed

5. Quick Start Tutorial

Step 1: Get Your Access Token

# 1. Create an account at https://trupocket.app
# 2. Go to Settings > Access Tokens
# 3. Create a new Personal Access Token (PAT)
# 4. Copy and store the token securely - it's only shown once!

# Use your PAT in all API requests:
curl -X GET "https://api.trupocket.app/v1/users/who-am-i" \
  -H "Authorization: Bearer tp_your_personal_access_token_here"

# Response:
{
  "userID": "2BxFGhvDwSoabBEqf2V5ZgC3ifo",
  "firstName": "John",
  "email": "john@example.com",
  "planID": "free"
}

Step 2: Create a Household

POST /v1/households
Authorization: Bearer YOUR_ACCESS_TOKEN
Content-Type: application/json

{
  "name": "Personal Finances",
  "style": "dt",
  "purpose": "home"
}

# Response:
{
  "householdID": "2BKHJyVqwTkR1234567890ABCDE"
}

Step 3: Create a Checking Account

POST /v1/households/{householdID}/detailed-tracking/accounts
Authorization: Bearer YOUR_ACCESS_TOKEN
Content-Type: application/json

{
  "type": "chkg",
  "name": "Chase Checking",
  "balance": 500000
}

# balance: 500000 = $5,000.00
# Response:
{
  "accountID": "2BKHLmNpqRsTuvWxYzAbCdEfGhI"
}

Step 4: Create a Category

POST /v1/households/{householdID}/detailed-tracking/categories
Authorization: Bearer YOUR_ACCESS_TOKEN
Content-Type: application/json

{
  "name": "Groceries",
  "budgetAmount": 40000
}

# budgetAmount: 40000 = $400.00/month
# Response:
{
  "categoryID": "2BKHMnOpQrStUvWxYzAbCdEfGhI"
}

Step 5: Create a Payee

POST /v1/households/{householdID}/detailed-tracking/payees
Authorization: Bearer YOUR_ACCESS_TOKEN
Content-Type: application/json

{
  "name": "Whole Foods"
}

# Response:
{
  "payeeID": "2BKHOpQrStUvWxYzAbCdEfGhIjK"
}

Step 6: Create a Transaction

POST /v1/households/{householdID}/detailed-tracking/transactions
Authorization: Bearer YOUR_ACCESS_TOKEN
Content-Type: application/json

{
  "cashflow": "expense",
  "type": "debit_credit",
  "fromAccountID": "YOUR_ACCOUNT_ID",
  "payee": "Whole Foods",
  "date": 1699564800,
  "categories": [
    {
      "name": "Groceries",
      "amount": 8547,
      "memo": "Weekly groceries #organic",
      "dontImpactBudget": false,
      "isCleared": true
    }
  ]
}

# date: Unix timestamp for transaction date
# amount: 8547 = $85.47
# payee: Payee name (string, not ID)
# categories[].name: Category name (string, not ID)
# dontImpactBudget: false means this WILL impact the budget
# isCleared: true means this transaction has cleared the bank
# Transaction reduces account balance by $85.47
# Transaction reduces budget balance by $85.47
# Response:
{
  "transactionID": "2BKHPqRsTuVwXyZaBcDeFgHiJkL",
  "totalAmount": {
    "currency": "USD",
    "amount": 8547
  }
}

6. Common Workflows

Handle Expired or Invalid Token

# When you receive 401 Unauthorized:
# - If using a PAT: check that it hasn't been deactivated or expired
# - Generate a new PAT from the Trupocket web app if needed
# - PATs without an expiration date never expire unless manually deactivated

Get Household Summary

GET /v1/households/{householdID}
Authorization: Bearer YOUR_ACCESS_TOKEN

# Returns household with accounts, budgets, etc.

List All Transactions

GET /v1/households/{householdID}/detailed-tracking/transactions
Authorization: Bearer YOUR_ACCESS_TOKEN

# Optional filters:
# ?accounts={accountID}
# ?categories={categoryID}
# ?fromDate={YYYY-MM-DD}
# ?toDate={YYYY-MM-DD}

Get Account Balance

GET /v1/households/{householdID}/detailed-tracking/accounts/{accountID}
Authorization: Bearer YOUR_ACCESS_TOKEN

# Returns account with current balance

Get Budget Status

GET /v1/households/{householdID}/detailed-tracking/categories
Authorization: Bearer YOUR_ACCESS_TOKEN

# Returns all categories with budget details:
# - budget.amount (allocated)
# - budget.balance (remaining)

Create Scheduled Transaction (Recurring Bill)

POST /v1/households/{householdID}/detailed-tracking/scheduled-transactions
Authorization: Bearer YOUR_ACCESS_TOKEN
Content-Type: application/json

{
  "cashflow": "expense",
  "type": "ach",
  "fromAccountID": "YOUR_ACCOUNT_ID",
  "payee": "Rent Company",
  "frequency": 4,
  "frequencyDay": 1,
  "startDate": 1699564800,
  "shouldAutoGenerate": true,
  "categories": [
    {
      "name": "Rent",
      "amount": 150000,
      "memo": "Monthly rent",
      "impactBudget": true
    }
  ]
}

# payee: Payee name (string, not ID)
# frequency: 4 = monthly
# frequencyDay: 1 = 1st of month
# startDate: Unix timestamp for when schedule begins
# shouldAutoGenerate: true = automatically create transactions
# categories[].name: Category name (string, not ID)
# amount: 150000 = $1,500.00
# impactBudget: true = this WILL impact the budget (scheduled uses impactBudget, not dontImpactBudget)

7. Error Handling

HTTP Status Codes

• 200 - Success
• 201 - Created
• 400 - Bad Request (validation error)
• 401 - Unauthorized (invalid/expired token)
• 403 - Forbidden (insufficient permissions)
• 404 - Not Found
• 429 - Too Many Requests (rate limit exceeded)
• 500 - Internal Server Error

Error Response Format

All API errors return a flat JSON structure with the following fields:

• errorCode - Machine-readable error code (lowercase-kebab-case)
• errorMessage - Human-readable error description
• errorField - Field that caused the error (null if not field-specific)

{
  "errorCode": "validation-error",
  "errorMessage": "Invalid email format",
  "errorField": "email"
}

Common Errors

8. Code Examples

Quick Start with PATs (Recommended)

The simplest way to use the API is with Personal Access Tokens. No token refresh logic needed.

JavaScript/Node.js with PAT

const axios = require('axios');

const API_BASE = 'https://api.trupocket.app/v1';
const PAT = process.env.TRUPOCKET_PAT; // Store in environment variable

const client = axios.create({
  baseURL: API_BASE,
  headers: {
    'Authorization': `Bearer ${PAT}`,
    'Content-Type': 'application/json'
  }
});

// List households
const { data } = await client.get('/households');
console.log('Households:', data.households);

// Create a transaction
const transaction = await client.post(
  `/households/${householdId}/detailed-tracking/transactions`,
  {
    cashflow: 'expense',
    type: 'debit_credit',
    fromAccountID: accountId,
    payee: 'Coffee Shop',
    date: Math.floor(Date.now() / 1000),
    categories: [{ name: 'Food', amount: 500, memo: 'Morning coffee' }]
  }
);
console.log('Created:', transaction.data.transactionID);

Python with PAT

import os
import requests
import time

API_BASE = 'https://api.trupocket.app/v1'
PAT = os.environ['TRUPOCKET_PAT']  # Store in environment variable

headers = {
    'Authorization': f'Bearer {PAT}',
    'Content-Type': 'application/json'
}

# List households
response = requests.get(f'{API_BASE}/households', headers=headers)
print('Households:', response.json()['households'])

# Create a transaction
transaction = requests.post(
    f'{API_BASE}/households/{household_id}/detailed-tracking/transactions',
    headers=headers,
    json={
        'cashflow': 'expense',
        'type': 'debit_credit',
        'fromAccountID': account_id,
        'payee': 'Coffee Shop',
        'date': int(time.time()),
        'categories': [{'name': 'Food', 'amount': 500, 'memo': 'Morning coffee'}]
    }
)
print('Created:', transaction.json()['transactionID'])

Go

package main

import (
    "bytes"
    "encoding/json"
    "fmt"
    "io"
    "net/http"
    "os"
    "time"
)

const APIBase = "https://api.trupocket.app/v1"

type TrupocketClient struct {
    PAT string
}

type TransactionRequest struct {
    Cashflow      string               `json:"cashflow"`
    Type          string               `json:"type"`
    FromAccountID string               `json:"fromAccountID"`
    Payee         string               `json:"payee"`
    Date          int64                `json:"date"`
    Categories    []TransactionCategory `json:"categories"`
}

type TransactionCategory struct {
    Name             string `json:"name"`
    Amount           int64  `json:"amount"`
    Memo             string `json:"memo"`
    DontImpactBudget bool   `json:"dontImpactBudget"`
    IsCleared        bool   `json:"isCleared"`
}

func NewTrupocketClient(pat string) *TrupocketClient {
    return &TrupocketClient{PAT: pat}
}

func (c *TrupocketClient) makeRequest(method, endpoint string, body io.Reader) (*http.Response, error) {
    req, err := http.NewRequest(method, APIBase+endpoint, body)
    if err != nil {
        return nil, err
    }

    req.Header.Set("Authorization", "Bearer "+c.PAT)
    req.Header.Set("Content-Type", "application/json")

    return (&http.Client{}).Do(req)
}

func (c *TrupocketClient) CreateTransaction(householdID, accountID, categoryName, payeeName string) error {
    txn := TransactionRequest{
        Cashflow:      "expense",
        Type:          "debit_credit",
        FromAccountID: accountID,
        Payee:         payeeName,
        Date:          time.Now().Unix(),
        Categories: []TransactionCategory{
            {
                Name:             categoryName,
                Amount:           5000,
                Memo:             "Lunch",
                DontImpactBudget: false,
                IsCleared:        true,
            },
        },
    }

    body, _ := json.Marshal(txn)

    resp, err := c.makeRequest("POST", fmt.Sprintf("/households/%s/detailed-tracking/transactions", householdID), bytes.NewBuffer(body))
    if err != nil {
        return err
    }
    defer resp.Body.Close()

    if resp.StatusCode == http.StatusTooManyRequests {
        return fmt.Errorf("rate limit exceeded")
    } else if resp.StatusCode != http.StatusCreated {
        return fmt.Errorf("unexpected status: %d", resp.StatusCode)
    }

    fmt.Println("Transaction created successfully")
    return nil
}

func main() {
    client := NewTrupocketClient(os.Getenv("TRUPOCKET_PAT"))

    // List households
    resp, err := client.makeRequest("GET", "/households", nil)
    if err != nil {
        panic(err)
    }
    defer resp.Body.Close()

    fmt.Println("Status:", resp.StatusCode)
}

9. Webhooks (Developer Plan)

Coming Soon: Webhooks will allow you to receive real-time notifications when events occur in Trupocket. The following shows the planned webhook format.

Planned Webhook Events

• transaction.created
• transaction.updated
• transaction.deleted
• account.updated
• budget.exceeded
• scheduled_transaction.generated

Planned Webhook Payload Format

When implemented, webhook payloads will follow this structure:

{
  "event": "transaction.created",
  "timestamp": 1699564800,
  "data": {
    "householdID": "2BxFGhvDwSoabBEqf2V5ZgC3ifo",
    "transactionID": "2BxFGi9K3xyMp6QwVN8ZjR4LaPn",
    "amount": 5000,
    "cashflow": "expense"
  }
}

10. Best Practices

1. Authentication & Token Management

• Store PATs securely in environment variables, never in code or version control
• Use descriptive names for each PAT to track its purpose
• Set expiration dates for temporary integrations
• Regularly audit and deactivate unused tokens
• Never expose access tokens in client-side code

2. Currency Handling

• Always use integers in smallest denomination (cents)
• Never use floats for currency (precision errors)
• Convert to cents: Math.floor(dollars * 100)
• Convert to dollars: cents / 100

3. Timezone Handling

• All API requests send times as Unix timestamps (UTC)
• All times are interpreted using the household's timezone
• Transaction dates, scheduled transaction dates, and reports all use household timezone
• Set household timezone when creating a household (defaults to server timezone if not specified)
• Changing household timezone affects how future dates are interpreted

4. Transaction Balancing

• Always verify account balances after transactions
• For transfers, ensure both accounts update correctly
• Use isCleared field for tracking cleared/pending transactions

5. Rate Limiting

• Check X-RateLimit-Remaining header before bulk operations
• Implement exponential backoff for 429 responses
• Cache responses when possible
• Upgrade plan if consistently hitting limits

6. Error Recovery

• Handle 401 errors by checking token validity and alerting the user if the PAT needs rotation
• Retry failed requests with exponential backoff
• Log all API errors for debugging
• Handle partial failures in bulk operations

7. Security

• Never expose passwords or tokens in logs
• Use HTTPS for all API requests
• Validate all user input before sending to API
• Store credentials in environment variables

8. Data Validation

• Validate data formats before sending to the API
• Ensure amounts are positive integers
• Verify required fields before API calls
• Check account/category existence before transactions

9. Performance

• Batch operations when possible
• Use filters to limit response size
• Implement pagination for large datasets
• Cache frequently accessed data (accounts, categories)

11. Testing & Development

Testing Checklist

• Test PAT authentication
• Test handling of expired or deactivated tokens
• Test rate limit handling
• Test error responses
• Test transaction balance calculations
• Test timezone conversions
• Test currency conversions
• Test webhook delivery (if using webhooks)

Debugging Tips

• Use browser DevTools Network tab to inspect requests
• Check response headers for rate limit info
• Verify JSON payload format matches examples
• Test with curl first before implementing in code
• Check that IDs (householdID, accountID, etc.) are correct format (KSUID - 27 characters)
• Verify access token is being sent in Authorization header

12. API Limits & Quotas

Free Plan

• 20 API calls per day
• 60 transactions per month
• 1 household
• 90-day data history
• No webhooks

Premium Plan ($2.99/mo)

• 1,000 API calls per day
• Unlimited transactions
• Unlimited households
• 2-year data history
• No webhooks

Developer Plan ($29.99/mo)

• 10,000 API calls per day
• Unlimited transactions
• Unlimited households
• Unlimited data history
• Webhooks enabled
• Priority support

Exceeding Limits

• API calls beyond limit: 429 error, wait for reset
• Transactions beyond limit: 403 error, upgrade required
• Households beyond limit: 403 error, upgrade required

13. Support & Resources

Documentation

• Full API Reference: /docs (Swagger/OpenAPI)
• Getting Started Guide: /docs/getting-started (this page)
• Privacy Policy: trupocket.com/privacy-policy
• Terms of Service: trupocket.com/terms-of-service

Support

• Email: support@trupocket.app
• For all inquiries: API questions, bug reports, feature requests, and general support
• Priority support for Developer plan

Stay Updated

• API Changelog: Coming soon
• Developer Newsletter: Coming soon
• Status Page: Coming soon

What's Next?

Recommended Next Steps:

1. Review full API documentation at /docs
2. Create an account at trupocket.app and generate a PAT
3. Build a simple integration following the Quick Start Tutorial
4. Explore scheduled transactions for recurring bills
5. Implement webhooks (Developer plan)

Need Help?

• Email: support@trupocket.app
• We typically respond within 24 hours
• Priority support for Developer plan