Skip to main content
POST
/
v2
/
tasks
curl --request POST \ --url https://api.zenzap.co/v2/tasks \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: application/json' \ --header 'X-Signature: <api-key>' \ --header 'X-Timestamp: <x-timestamp>' \ --data ' { "topicId": "550e8400-e29b-41d4-a716-446655440000", "title": "Review documentation" } '
{
  "id": "880e8400-e29b-41d4-a716-446655440003",
  "topicId": "550e8400-e29b-41d4-a716-446655440000",
  "title": "Review documentation",
  "createdAt": 1699564800000
}

Documentation Index

Fetch the complete documentation index at: https://docs.zenzap.co/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

Authorization
string
header
required

Use your API key as the Bearer token. You can view your API key and secret in your Zenzap organization API key settings.

X-Signature
string
header
required

HMAC-SHA256 signature for request verification.

Headers

X-Signature
string
required

HMAC signature of the request for authentication and replay protection.

Replay Protection: The signature includes a timestamp to prevent replay attacks. Requests with timestamps older than 5 minutes are rejected.

The signature payload differs by HTTP method:

  • POST/PUT/PATCH/DELETE: HMAC-SHA256 of {timestamp}.{body}
  • GET: HMAC-SHA256 of {timestamp}.{uri}

The signature is calculated as:

  1. Get the current Unix timestamp in milliseconds
  2. Determine the payload:
    • For POST/PUT/PATCH/DELETE: Use {timestamp}.{body} where body is the request body
    • For GET: Use {timestamp}.{uri} where uri is the full request URI (e.g., /v2/members?limit=10)
  3. Calculate HMAC-SHA256 of the combined payload using your API secret
  4. Hex-encode the output
  5. Include the timestamp in the X-Timestamp header

Example for GET request to /v2/members?limit=10:

timestamp = 1699564800000
payload = "1699564800000./v2/members?limit=10"
signature = HMAC-SHA256(secret, payload)
X-Signature: hex(signature)
X-Timestamp: 1699564800000

Example for POST request with body {"topicId":"123","text":"Hello"}:

timestamp = 1699564800000
payload = '1699564800000.{"topicId":"123","text":"Hello"}'
signature = HMAC-SHA256(secret, payload)
X-Signature: hex(signature)
X-Timestamp: 1699564800000

For multipart/form-data requests, sign the exact raw request body bytes (including boundaries and file bytes) as transmitted.

Pattern: ^[a-f0-9]{64}$
Example:

"a3d5f8e7c2b1d4f6a8e9c7b5d3f1a2e4b6c8d0f2e4a6b8c0d2e4f6a8b0c2d4e6"

X-Timestamp
integer<int64>
required

Unix timestamp in milliseconds when the request was created. Used for replay protection - requests older than 5 minutes are rejected.

Example:

1699564800000

Body

application/json
topicId
string<uuid>
required

The ID of the topic where the task should be created

Example:

"550e8400-e29b-41d4-a716-446655440000"

title
string
required

The task title

Maximum string length: 256
Example:

"Review documentation"

description
string

Optional task description

Maximum string length: 10000
Example:

"Review and update all API documentation"

assignee
string<uuid>

Optional user ID to assign the task to

Example:

"550e8400-e29b-41d4-a716-446655440001"

dueDate
integer<int64>

Optional due date as Unix timestamp in milliseconds

Example:

1699564800000

externalId
string

Optional external identifier for tracking purposes

Maximum string length: 100
Example:

"jira-PROJ-123"

Response

Task created successfully

id
string<uuid>

The created task ID

topicId
string<uuid>

The topic ID where the task was created

title
string

The task title

createdAt
integer<int64>

Unix timestamp in milliseconds