> ## Documentation Index
> Fetch the complete documentation index at: https://docs.lastaccountingcompany.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Request a service connection change

> Files an intent about a service connection (e.g. asking LAC to set one up or change it). Accepted asynchronously and dispatched as an event. Requires a write-scoped key.



## OpenAPI

````yaml /openapi.yaml post /service-connections/requests
openapi: 3.1.0
info:
  title: LAC Customer API
  version: '2026-07-02'
  description: >
    The Last Accounting Company (LAC) is an AI-native accounting firm for
    Finnish SMBs:

    continuous reconciliation, daily close, real-time dashboards, and full Vero
    reporting.

    This API is the same surface the LAC customer portal UI uses. It gives you
    programmatic

    access to your books (read-only general-ledger views), financial statements,
    documents,

    invoicing, payroll, source-system connections, and the message channel to
    Björn, the

    accounting agent.


    ## Authentication


    Every request carries `Authorization: Bearer <token>`. Two token kinds are
    accepted:


    - **Portal API key** (`lac_sk_...`) — minted in portal Settings → API
    access. Keys have a
      scope of `read` or `write`. Read-scoped keys are refused on all mutating methods
      (POST/PATCH/DELETE). Write-scoped keys act as the `operator` role: they can never
      use payroll endpoints (reads included), change company settings, grant access, or
      manage API keys — those operations require an interactive admin/approver session.
    - **Firebase ID token** — the interactive session token used by the portal
    UI itself.


    API keys are pinned to a single company, so the `customer_id` parameter
    (query string on

    GETs, body field on writes) can always be omitted when authenticating with
    an API key.

    Interactive tokens with access to multiple companies use `customer_id` to
    select one.


    ## Conventions


    - All field names are `snake_case` on the wire.

    - Monetary amounts are **integer cents** (fields suffixed `_cents`).

    - Rates and percentages are **basis points** (fields suffixed
    `_basis_points`;
      10000 = 100%, e.g. Finnish standard VAT 25.5% = 2550).
    - Quantities on invoice lines are decimal strings (e.g. `"1"`, `"2.5"`).

    - Dates are `YYYY-MM-DD`; periods are `YYYY-MM`; ranges accept `YYYY-MM`,
    `YYYY-Qn`,
      `YYYY`, `all`, `this_month`, or `last_6_months`.

    ## Limits


    - Document uploads: at most 20 files and 25 MB per request.

    - Sheet pagination: `limit` is capped at 200 rows per page (0 =
    unpaginated).


    ## Errors


    Errors return a JSON envelope `{"error": "...", "detail": "..."}` with a
    conventional

    HTTP status code (401 missing/invalid token, 403 insufficient scope or role,
    404 not

    found, 422 validation failure).


    More at
    [docs.lastaccountingcompany.com](https://docs.lastaccountingcompany.com).
  contact:
    name: The Last Accounting Company
    url: https://docs.lastaccountingcompany.com
servers:
  - url: https://api.app.lastaccountingcompany.com/portal
    description: Production (note the /portal base path).
security:
  - apiKey: []
tags:
  - name: Company
    description: Company profile, identity, overview, and agent status.
  - name: Books
    description: >-
      Read-only windows into the canonical general ledger: the spreadsheet-style
      Books/VAT sheet, financial statements, and analytics. There is no
      cell-edit or batch-edit API — the books are maintained by LAC.
  - name: Documents
    description: Receipt/invoice/contract uploads and per-file ingest metadata.
  - name: Messages
    description: The chat channel to Björn, the accounting agent.
  - name: Filings
    description: Filing authorization, review requests, and produced output packages.
  - name: Invoicing
    description: >-
      Sales invoicing — drafts, sending (Maventa e-invoice / email PDF / PDF
      download), credit notes, reminders, recurring templates, and the
      invoice-customer register.
  - name: Payroll
    description: >-
      Payroll workspace — employees, tax cards, employer settings, draft runs,
      and payslips. Every payroll operation (reads included) requires an
      interactive admin/approver session and is NOT available to API keys.
  - name: Connections
    description: >-
      Source-system connections (bank, Stripe, Procountor, Fennoa, inbox/Gmail,
      Google Sheets) and service-connection requests/confirmations. Note: the
      browser-interactive OAuth start/complete flows (Yapily bank consent,
      Google OAuth) are portal-only and intentionally not part of this API — use
      the portal UI to establish a connection, then read and sync it here.
  - name: Imports
    description: Historical import runs (e.g. migrated books) and their artifacts.
  - name: API keys
    description: >-
      Manage portal API keys. These endpoints require an interactive admin
      session (Firebase token) and are NOT available to API-key bearers, which
      receive 403.
paths:
  /service-connections/requests:
    post:
      tags:
        - Connections
      summary: Request a service connection change
      description: >-
        Files an intent about a service connection (e.g. asking LAC to set one
        up or change it). Accepted asynchronously and dispatched as an event.
        Requires a write-scoped key.
      operationId: requestServiceConnection
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              required:
                - connection_key
                - request_type
              properties:
                customer_id:
                  type: string
                  description: Target company. Optional for API keys.
                connection_key:
                  type: string
                  description: Which service connection the request concerns.
                request_type:
                  type: string
                  description: The kind of request being made.
                note:
                  type: string
                metadata:
                  type: object
                  additionalProperties: true
      responses:
        '202':
          description: Request accepted.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ServiceConnectionAccepted'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
components:
  schemas:
    ServiceConnectionAccepted:
      type: object
      description: Acknowledgement of a service-connection request or confirmation.
      properties:
        connection:
          type: object
          additionalProperties: true
        connections:
          type: array
          items:
            type: object
            additionalProperties: true
        event_id:
          type: string
    Error:
      type: object
      description: Standard error envelope.
      properties:
        error:
          type: string
          description: Machine-readable error message.
        detail:
          type: string
          description: Human-readable detail.
  responses:
    Unauthorized:
      description: Missing or invalid bearer token.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    Forbidden:
      description: >-
        Insufficient scope or role — e.g. a read-scoped key on a mutating
        method, or an API key on an admin/approver-only endpoint.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
  securitySchemes:
    apiKey:
      type: http
      scheme: bearer
      bearerFormat: lac_sk_...
      description: >-
        Portal API key minted in portal Settings → API access. Scope `read` or
        `write`; pinned to one company. Send as `Authorization: Bearer
        lac_sk_...`.

````