splitwise / api-docs Goto Github PK

While going through the docs, the specific endpoint "get_friend/:id" has wrong path in the API.
It is given to be,

GET https://secure.splitwise.com/api/v3.0/get_group/:id
Get detailed info on one group that current_user belongs to

Whereas the path & documentation should be changed,

GET https://secure.splitwise.com/api/v3.0/get_friend/:id
Get detailed info on one friend that current_user has

Just wanted the next person reading the docs not face this simple mistake.
Thanks

I would like to know the max length of "details (Also known as notes)" allowed in POST /create_expense

Where can I get the API for user login? I don't see that in API documentation https://dev.splitwise.com/

Not sure why. My initial hunch is that it has something to do with branch management, like maybe the gh-pages branch gets wiped and recreated on every deploy, and that clears the saved value in our repo's settings.

In /get_friends API endpoint, we get details of friends along with a field groups which only contains groud_id and balance. But, it should contain group name as well so that the user can see the list of groups with group names instead of group_id.

It will be helpful if the response is similar to that of /get_groups endpoint which contains members list with users name.

When tried to fetch the oauth2 code from the splitwise python sdk, using getOAuth2AuthorizeURL , code part is missing from url.
see below.
https://www.splitwise.com/oauth/authorize?response_type=code&client_id=<client_id>&redirect_uri=<callback_url>&state=

I am able to successfully make a request to the create_expense API to create a new expense in a group, and I can actually see the newly created expense when I look at the group on Splitwise. I note down the expense ID (I've tried from both the response body of the create_expense request, as well as from the response of list_expenses for that particular expense).

When I try to perform a nearly identical update_expense request (where I just change one thing, for example I add a word to the "description" parameter), and I make sure I use the expense ID of the expense I had just created, I keep getting the error: "errorMessage": "updateExpense - updateExpense - Invalid API Request: you do not have permission to perform that action".

When I try to delete that same expense using the delete_expense API, I keep getting the error: "errorMessage": "deleteExpense - deleteExpense - does not exist, or has already been deleted". However, it definitely has not been deleted, because I see the expense is still there when I check in the group on Splitwise. Also, when I make another list_expenses request, that expense that supposedly "does not exist or has already been deleted" still is listed in the response (and the "deletedAt" and "deletedBy" fields are both null, indicating it is not deleted).

Why does the create_expense API work just fine for me, but the create_expense and delete_expense on the expense I just created don't work?

Hey!

This is definitely not a traditional issue, I was just poking around the repo and noticed there was an action that is running, and that has been running for almost 2 months. I am not sure if this is just a GHA bug. But, knowing how GHA bills minutes I thought I'd just flag it just in case its not :D

The action run: https://github.com/splitwise/api-docs/actions/runs/8378974745/job/22944811104

If this is just a bug, and I am making this issue for nothing, please let me know and I will close this straight away

Hey Team, I used the exact same code as mentioned at dev.beta.splitwise.com. From my local machine the user is getting directed to splitwise, he is asked for permission, but once he clicks on Authorize, he is taken to the splitwise website instead of being redirected back to the "redirect_uri".

I am developing a react native app. Is there a way to use Splitwise API on the app?
Integration with Splitwise is one of the crucial functionalities of my app.
Thanks in advance.

Currently you can't add a receipt to an expense using the api. I would like to use this functionality and would appreciate if it was added.

Hi!

I was poking around with the API to make my own app, and I tried to auto-generate a client from it with Restish. After configuring it to use the schema file you make available on https://dev.splitwise.com/, it was complaining about a few obvious and minor errors (like still mentioning yaml files instead of entities).

However, even after correcting the obvious lapses, it refused to work. When I pasted my fixed version of the schema to https://editor.swagger.io/, it does show a bunch of semantic errors. Here's what I see:

Semantic error at paths./undelete_group/{id}.post.responses.200.content.application/json.schema.properties.errors
Schemas with 'type: array', require a sibling 'items: ' field

Semantic error at paths./add_user_to_group.post.responses.200.content.application/json.schema.properties.errors.additionalProperties
Schemas with 'type: array', require a sibling 'items: ' field

Semantic error at paths./remove_user_from_group.post.responses.200.content.application/json.schema.properties.errors.additionalProperties
Schemas with 'type: array', require a sibling 'items: ' field

Semantic error at paths./create_friends.post.responses.200.content.application/json.schema.properties.errors
Schemas with 'type: array', require a sibling 'items: ' field

Semantic error at paths./create_friends.post.responses.400.content.application/json.schema.properties.users
Schemas with 'type: array', require a sibling 'items: ' field

Semantic error at paths./create_friends.post.responses.400.content.application/json.schema.properties.errors.additionalProperties
Schemas with 'type: array', require a sibling 'items: ' field

Structural error at paths./create_friends.post.responses.400.content.example
should NOT have additional properties
additionalProperty: users, errors

Semantic error at paths./delete_friend/{id}.post.responses.200.content.application/json.schema.properties.errors.additionalProperties
Schemas with 'type: array', require a sibling 'items: ' field

Structural error at paths./update_expense/{id}
should NOT have additional properties
additionalProperty: params

Semantic error at paths./update_expense/{id}
Declared path parameter "id" needs to be defined as a path parameter at either the path or operation level

Structural error at paths./delete_expense/{id}
should NOT have additional properties
additionalProperty: params

Semantic error at paths./delete_expense/{id}
Declared path parameter "id" needs to be defined as a path parameter at either the path or operation level

Structural error at paths./delete_expense/{id}.post.responses.200
should have required property 'description'
missingProperty: description

Structural error at paths./delete_expense/{id}.post.responses.200.content.application/json.schema.properties.success.required
should be an array of property names required within an object schema

Structural error at paths./undelete_expense/{id}
should NOT have additional properties
additionalProperty: params

Semantic error at paths./undelete_expense/{id}
Declared path parameter "id" needs to be defined as a path parameter at either the path or operation level

Structural error at paths./undelete_expense/{id}.post.responses.200
should have required property 'description'
missingProperty: description

Structural error at paths./delete_comment.post
should NOT have additional properties
additionalProperty: params

Structural error at paths./parse_sentence.post.requestBody.content.application/json.schema.oneOf.0.properties.input.required
should be an array of property names required within an object schema

Structural error at paths./parse_sentence.post.requestBody.content.application/json.schema.oneOf.1.properties.input.required
should be an array of property names required within an object schema

Structural error at paths./parse_sentence.post.requestBody.content.application/json.schema.oneOf.2.properties.input.required
should be an array of property names required within an object schema

Semantic error at components.responses.Not Found
Component names can only contain the characters A-Z a-z 0-9 - . _

The schema file ended up being just enough docs for me to understand what curls I wanted to make, but I feel it's probably worth the time to make the file error-free.

I understand how to create expenses where I do all of the math on my end (i.e. submit an "array" of involved users with what each spent and what they owe).

I've noticed in the documentation there is an optional parameter:

creation_method: iou, quickadd, payment, or split

Is there any way to use this so that I don't have to do the splitting math on my end. For instance, submit

• array of involved id
• cost
• description
• split method: "split"

and have the splitwise backend figure out who owes what?

If not, what is the point of this optional parameter?

Hello!

I'm having trouble using the API. Here's what I did:

• copy the ruby script as it is in the docs and fill in my consumer key and secret
• run it, clicked "Get code"
• copy the auth token from the url
• curl -XGET "https://secure.splitwise.com/api/v3.0/get_current_user" -H "Authorization: Bearer THE_TOKEN"

This results in:

{"error":"Your device's clock is off by more than 12 hours, and the server has rejected your request. Please correct the time on your device and try again."}

Adding the -v flag tu curl I see the following:

> GET /api/v3.0/get_current_user HTTP/1.1
> Host: secure.splitwise.com
> User-Agent: curl/7.54.0
> Accept: */*
> Authorization: Bearer THE_TOKEN
>
< HTTP/1.1 401 Unauthorized
< Connection: keep-alive
< Server: nginx
< Date: Sat, 04 Aug 2018 18:01:07 GMT
< Content-Type: application/json; charset=utf-8
< Transfer-Encoding: chunked
< X-Frame-Options: SAMEORIGIN
< X-Xss-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< Strict-Transport-Security: max-age=31536000
< Content-Disposition: inline; filename="response.json"
< Cache-Control: no-cache
< X-Request-Id: 9fef17ed-318e-4aa6-b4f2-b21d19e16bf3
< X-Runtime: 0.008373
< Via: 1.1 vegur

Am I doing something wrong?

Many of the methods seem to be entirely missing any documentation/examples:

http://dev.splitwise.com/?javascript#create_expense

Trying to get access token through Postman

I am following the below with no luck
#43 (comment)

I am able to get 200 when I run the below through Postman.
https://secure.splitwise.com/oauth/authorize
?redirect_uri=<callback_url>
&response_type=code
&state=<some_random_uuid>
&client_id=<splitwise_consumer_key>

However not able to figure out where will I get the code as mentioned in the below

To get an actual access-token from it, you need to POST to https://secure.splitwise.com/oauth/token

I tried running the https://secure.splitwise.com/oauth/authorize via browser and it get redirected to Splitwise . I am able to see the code in the address bar, but still getting 404 using it in Postman while doing POST to https://secure.splitwise.com/oauth/token

I would greatly appreciate any assistance you can provide...

We should update the docs to include

• apartment,
• house,
• home,
• trip,
• couple,
• and other

Hello,

I'm building a personal project of a Vue.JS front-end form to automate some of the settings I typically enter into splitwise.

I'm trying to do OAUTH2 authentication using https://github.com/Bearer/Pizzly . I can use Postman going through the Pizzly proxy (running locally) to do a GET /get_current_user just fine. But when I try to POST to create_expense (through the Pizzly proxy), I receive this error: "You must enter an amount":

Request Log (Postman)

POST http://localhost:8080/proxy/splitwise/create_expense
200
593 ms
POST /proxy/splitwise/create_expense HTTP/1.1
Pizzly-Auth-Id: 64350b70-2cdb-11eb-8198-150293bf7302
Accept: application/json
Content-Type: application/json
User-Agent: PostmanRuntime/7.26.5
Postman-Token: d39504db-0fe7-4996-ace6-fb1fa16eb490
Host: localhost:8080
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Content-Length: 415
{
    "cost": "1.00",
    "currency_code": "GBP",
    "description": "Niki proxy API from Postman",
    "payment": false,
    "group_id": "11912464",
    "split_equally": true,
    "users__0__user_id": "906803",
    "users__0__paid_share": "0.50",
    "users__0__owed_share": "0.50",
    "users__1__user_id": "6811318",
    "users__1__paid_share": "0.50",
    "users__1__owed_share": "0.50",
    "category_id": 12
}
HTTP/1.1 200 OK
X-Powered-By: Express
strict-transport-security: max-age=3600
Access-Control-Allow-Origin: *
connection: close
server: nginx
date: Sun, 22 Nov 2020 16:15:04 GMT
content-type: application/json; charset=utf-8
transfer-encoding: chunked
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: origin
content-disposition: inline; filename="response.json"
cache-control: no-cache, no-store
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
etag: W/"049fe9540d9cef1ef3e05a57584a5dd6"
x-request-id: 3dddff68-4c73-475d-a337-bbc399f90b59
x-runtime: 0.073046
via: 1.1 vegur
{"expenses":[],"errors":{"base":["You must enter an amount"]}}

Error:

{
    "expenses": [],
    "errors": {
        "base": [
            "You must enter an amount"
        ]
    }
}

I'm able to do a POST /create_expense with the same body JSON through Postman using the API Bearer token method with no issues.

POST /api/v3.0/create_expense HTTP/1.1
Accept: application/json
Authorization: Bearer <token>
Content-Type: application/json
User-Agent: PostmanRuntime/7.26.5
Postman-Token: 2814eefd-0524-419e-9195-ecf1ff1cdfe3
Host: secure.splitwise.com
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Content-Length: 401
{
    "cost": "1.00",
    "currency_code": "GBP",
    "description": "Niki test API",
    "payment": false,
    "group_id": "11912464",
    "split_equally": true,
    "users__0__user_id": "906803",
    "users__0__paid_share": "0.50",
    "users__0__owed_share": "0.50",
    "users__1__user_id": "6811318",
    "users__1__paid_share": "0.50",
    "users__1__owed_share": "0.50",
    "category_id": 12
}
HTTP/1.1 200 OK
Connection: keep-alive
Server: nginx
Date: Sun, 22 Nov 2020 16:25:07 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: origin
Content-Disposition: inline; filename="response.json"
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Etag: W/"c0b200032ecde421125af8e48b013e73"
X-Request-Id: dd2cb811-2874-4245-ab3c-2e574bc6d83c
X-Runtime: 0.265095
Strict-Transport-Security: max-age=3600
Content-Encoding: gzip
Via: 1.1 vegur
{"expenses":[<successful expense info>],"errors":{}}

Any ideas on where I can look next?

Thank you,
Nik

Is it possible to create a reimbursement transaction with the Splitwise API?

I usually do this by entering a negative amount in the web app (it doesn't work on Android), but if I try to enter a negative amount in a createExpense API call, it's rejected. I imagine there's another endpoint for that, but perhaps it's not publicly exposed?

Thank you :)

When I call this endpoint using POST and ApiKeyAuth, the response always says that I do not have permission to make that call, even though the group in question is one that I own and can create expenses within. Any ideas? At least at the current point in time I cannot invest in switching to OAuth.

What the title says: both on the web-app and the mobile-app it is possible to attach a picture to an expense, is this functionality exposed in the API? I am trying to write some scripts for personal use to automatize entry of expenses and it would be nice if I can do it all in one place.. otherwise I would need to go back into the app and update the generated expenses to add the pictures...

Hi, I'm new with your API but seems the example you have in your site is down: http://api-example.splitwise.com/

In other side, the endpoint
https://secure.splitwise.com/api/v3.0/get_access_token show a "File not found" message.

There is a problem with the API or I am not understand something?

Have you a updated example site for the API?

The '/oauth/authorize/' page is hard to view on mobile clients.

I could post the create expense request successfully but not reflected in Spiitwise

Expense create completed without error but not reflected in Splitwise
OAuth: Oauth 1.0
Api: create_expense
Request (Body parameters)
users__0__owed_share : 75.0
cost : 150.0
users__1__owed_share : 75.0
users__1__user_id : my user id
users__0__paid_share : 0.0
description : "test"
payment : false
users__1__paid_share : 150.0
users__0__user_id : friend user id

Response
Response{code=200, message='OK', body='null', headers={Transfer-Encoding=chunked, null=HTTP/1.1 200 OK, Server=nginx, X-Request-Id=2915a687-0d9b-4e6e-a9f0-18bf835d1dd5, X-Runtime=0.037593, X-Content-Type-Options=nosniff, Connection=keep-alive, Pragma=no-cache, Date=Fri, 03 Jan 2020 23:32:03 GMT, Via=1.1 vegur, Referrer-Policy=origin, X-Frame-Options=SAMEORIGIN, Strict-Transport-Security=max-age=31536000, Cache-Control=no-cache, no-store, max-age=0, must-revalidate, Content-Disposition=inline; filename="response.json", X-Xss-Protection=1; mode=block, Set-Cookie=, Vary=Accept-Encoding, Expires=Fri, 01 Jan 1990 00:00:00 GMT, Content-Type=application/json; charset=utf-8}}

This isn't really an issue with the current API for more of a request.

It would be great if we were able to create API tokens from our account settings to make it easier to start using the API.

I mean something like what Github provides in https://github.com/settings/tokens.

That way one could test out ideas or build whole integrations not intended for general use without going through the OAuth setup flow.

Is that reasonable? Thanks!

Hi,

I used POST method for the endpoint URL{ https://secure.splitwise.com/api/v3.0/create_group} but im getting following error as response body

{
"errors": {
"base": [
"Invalid API Request: you do not have permission to perform that action"
]
}
}

85/5000
What is the address of the webapi for the expenses? how is the request and response formed?

I see in the docs that I can create an expense with a group_id and the flag split_equally set to true to split equally between all members of that group, but I want to split equally between only some members of the group, without having to use the "by_shares" version. How can I do that?

Thanks in advance!

Hey there!
Recently I've tried to make a request for the 'https://secure.splitwise.com/oauth/token' endpoint (after the callback_uri called successfully of course) , but it seemed down from some reason and returns 404.

Maybe the problem is with the request, But I tried to copy exactly the standard token request format to no help.

May you please take a look at that?
I am appending the fetch request so you'll see what I'm doing.

Thank you and happy new year!

I am trying to access the authentication page using oauth1, I get the authorization url but when trying to do a redirect (with php header ('Location: $ url')) it shows me a 404 error and a CORS error.

Any advice?

Hi there, and thanks for the awesome work you've done with this API!

I'm building a script to import past, settled, expenses from a CSV file produced by the soon-to-be-defunct danish WeShare.

While some of the expenses are created without errors, some others fail with the message: "There are zero people involved in this expense! Make sure to add some before saving.", and can't seem to find any reason for that, as the users' info and shares are correctly passed in the request.

An example of a failing request is the following:

curl -X POST \
    -H "Content-Type: application/json" \
    -H "Authorization: Bearer ***" \
    -d '{
        "cost": 385,
        "description": "failing expense",
        "date": "2023-01-13T12:48:56.000Z",
        "group_id": ***,
        "users__0__user_id": ***,
        "users__0__paid_share": 192.5,
        "users__0__owed_share": 192.5,
        "users__1__user_id": ***,
        "users__1__paid_share": 192.5,
        "users__1__owed_share": 192.5,
    }' https://secure.splitwise.com/api/v3.0/create_expense

JSON response:

{
  "expenses": [],
  "errors": {
    "base": [
      "There are zero people involved in this expense! Make sure to add some before saving."
    ]
  }
}

This other example, though, goes through without errors:

curl -X POST \
    -H "Content-Type: application/json" \
    -H "Authorization: Bearer ***" \
    -d '{
        "cost": 56,
        "description": "successful expense",
        "date": "2023-01-15T14:29:10.000Z",
        "repeat_interval": "never",
        "currency_code": "DKK",
        "category_id": 18,
        "group_id": ***,
        "users__0__user_id": ***,
        "users__0__paid_share": 28,
        "users__0__owed_share": 28,
        "users__1__user_id": ***,
        "users__1__paid_share": 28,
        "users__1__owed_share": 28,
    }' https://secure.splitwise.com/api/v3.0/create_expense

JSON response:

{
  "expenses": [
    {...}
  ],
  "errors": {}
}

Any ideas why?

Thanks (:

Hello,

I'm hoping to write a client side app but it seems like it won't work?

I am able to authenticate okay but I am getting the following error when calling the api:

Access to fetch at 'https://secure.splitwise.com/api/v3.0/get_current_user' from origin 'http://127.0.0.1:5500' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

Is this a security measure on your end? Is there some way to get around it or will I need server code?

Here is my calling code:

function getCurrentUser(accessToken) {
  let url = "https://secure.splitwise.com/api/v3.0/get_current_user";
  let auth = "Bearer " + accessToken;

  var myHeaders = new Headers();
  myHeaders.append("Authorization", auth);

  var requestOptions = {
    method: "GET",
    headers: myHeaders,
    redirect: "follow",
  };

  fetch(url, requestOptions)
    .then((response) => response.json())
    .then((result) => console.log(result))
    .catch((error) => console.log("error", error));
}

Good Evening,

I was generating a python model based on the openai specification.
When I try to load a group into the model, I get the following error

pydantic_core._pydantic_core.ValidationError: 1 validation error for Group
members.0.registration_status
  Input should be 'confirmed', 'dummy' or 'invited' [type=enum, input_value='unsubscribed', input_type=str]

The registration status is defined like so in the schemas/user.yaml

  registration_status:
    type: string
    enum: [confirmed, dummy, invited]

However when I lookup the groups through the get_groups endpoint, I get the following group as an example

{
    'id': 0,
    'name': 'Ausgabe ohne Gruppe',
    'created_at': '2018-05-22T09:01:51Z',
    'updated_at': '2024-02-25T20:47:45Z',
    'members': [
        {
            'id': XXXXXXXXXXX,
            'first_name': 'XXXXXXXXXXXX',
            'last_name': 'XXXXXXXXXXXX',
            'picture': {
                'small': 'https://s3.amazonaws.com/splitwise/uploads/user/default_avatars/avatar-orange43-50px.png',
                'medium': 'https://s3.amazonaws.com/splitwise/uploads/user/default_avatars/avatar-orange43-100px.png',
                'large': 'https://s3.amazonaws.com/splitwise/uploads/user/default_avatars/avatar-orange43-200px.png'
            },
            'custom_picture': False,
            'email': 'XXXXXXXXXX',
            'registration_status': 'unsubscribed',
            'balance': []
        }
    ],
    'simplify_by_default': False,
    'original_debts': [],
    'simplified_debts': [],
    'avatar': {
        'small': 'https://s3.amazonaws.com/splitwise/uploads/group/default_avatars/v2021/avatar-nongroup-50px.png',
        'medium': 'https://s3.amazonaws.com/splitwise/uploads/group/default_avatars/v2021/avatar-nongroup-100px.png',
        'large': 'https://s3.amazonaws.com/splitwise/uploads/group/default_avatars/v2021/avatar-nongroup-200px.png',
        'xlarge': 'https://s3.amazonaws.com/splitwise/uploads/group/default_avatars/v2021/avatar-nongroup-500px.png',
        'xxlarge': 'https://s3.amazonaws.com/splitwise/uploads/group/default_avatars/v2021/avatar-nongroup-1000px.png',
        'original': None
    },
    'tall_avatar': {
        'xlarge': 'https://s3.amazonaws.com/splitwise/uploads/group/default_tall_avatars/avatar-nongroup-288px.png',
        'large': 'https://s3.amazonaws.com/splitwise/uploads/group/default_tall_avatars/avatar-nongroup-192px.png'
    },
    'custom_avatar': False,
    'cover_photo': {
        'xxlarge': 'https://s3.amazonaws.com/splitwise/uploads/group/default_cover_photos/coverphoto-nongroup-1000px.png',
        'xlarge': 'https://s3.amazonaws.com/splitwise/uploads/group/default_cover_photos/coverphoto-nongroup-500px.png'
    }
}

Can you check whether the schema definition is wrong or whether, something with the api is not correct?

cheers & thanks
marco

I'd like to use the create_expense endpoint to submit an expense for a group and have it split amongst all members. Does the splitwise API provide this functionality?

I'm really hoping I don't have to pull a list of all group members and then do all of the math on my end and then submit the expense in a separate request.

When I submit an expense with group_id populated, but no user I get an error...

POST is used to create a resource, so theoretically if I try to post a specific user ID, I should receive a 409 Conflict error code. Instead the endpoint should be a PATCH operation (which only requires fields that are being updated to be sent) or if you have something against PATCH, a PUT (which requires the entire object to be sent (even fields which aren't being updated).

Currently it seems the endpoint is behaving as a PATCH endpoint (with a POST verb) anyway.

Additionally you could consider updating the Delete a group endpoint to a DELETE verb

as the API won't know who to split with. The documentation currently implies these endpoints do accept those parameters in conjunction.

I'm trying to build an app in Retool that uses the Splitwise API directly as a resource. However, to set up an OpenAPI resource on Retool, there should be a URL that links directly to the specification file (swagger.json in this case) so that Retool can interpret it.

This URL should have the form https://dev.splitwise.com/swagger.json, for example. I think this can be set up easily with Redoc: see the "globally exposed Redoc object" option in step 3 of this Redoc guide.