> ## Documentation Index
> Fetch the complete documentation index at: https://docs.qonto.com/llms.txt
> Use this file to discover all available pages before exploring further.
# Create a product
> OAuth scope: `product.write`
Creates a single product for the authenticated organization.
**Price plans:** this endpoint is available for all Qonto price plans.
## OpenAPI
````yaml post /v2/products
openapi: 3.1.1
info:
version: v2
title: Qonto
servers:
- url: https://thirdparty.qonto.com
description: Production URL
- url: https://thirdparty-sandbox.staging.qonto.co
description: Sandbox URL
security:
- OAuth:
- organization.read
- membership.read
- membership.write
- attachment.write
- internal_transfer.write
- payment.write
- supplier_invoice.write
- supplier_invoice.read
- client_invoices.read
- client_invoice.write
- client.read
- client.write
- product.read
- product.write
- request_review.write
- request_review.read
- team.read
- team.write
- request_transfers.write
- insurance_contract.read
- insurance_contract.write
- card.read
- card.write
- bank_account.write
- beneficiary.trust
- webhook
- payment_link.write
- payment_link.read
- sepa_direct_debit.read
- sepa_direct_debit.write
- terminal.read
- terminal.write
- SecretKey: []
paths:
/v2/products:
post:
tags:
- Products
summary: Create a product
description: |
OAuth scope: `product.write`
Creates a single product for the authenticated organization.
**Price plans:** this endpoint is available for all Qonto price plans.
parameters:
- $ref: '#/components/parameters/X-Qonto-Staging-Token'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/ProductCreatePayload'
responses:
'201':
description: Returns the product created.
content:
application/json:
schema:
type: object
properties:
product:
$ref: '#/components/schemas/Product'
required:
- product
'400':
$ref: '#/components/responses/400-Bad-request'
'401':
$ref: '#/components/responses/401-Unauthorized'
'403':
$ref: '#/components/responses/403-Forbidden'
'422':
$ref: '#/components/responses/422-Unprocessable-Entity'
'500':
$ref: '#/components/responses/500-Internal-Server-Error'
security:
- OAuth:
- product.write
- SecretKey: []
components:
parameters:
X-Qonto-Staging-Token:
name: X-Qonto-Staging-Token
in: header
description: >-
Required only for Sandbox API requests; to get one, please sign up to
the [Developer Portal](https://developers.qonto.com/).
schema:
type: string
schemas:
ProductCreatePayload:
type: object
description: Payload for creating a product.
required:
- title
- type
- unit_price
- vat_rate
properties:
title:
type: string
description: Title of the product.
maxLength: 120
example: Web Development Service
description:
type: string
description: Description of the product.
maxLength: 600
example: Full-stack web development service
internal_note:
type: string
description: Internal note for the product (not visible to clients).
maxLength: 50000
example: Preferred vendor for web projects
type:
type: string
description: Whether the product is a good or a service.
enum:
- good
- service
example: service
unit_price:
type: object
description: The unit price of the product.
required:
- value
- currency
properties:
value:
type: string
description: The decimal value of the unit price.
example: '150.00'
currency:
type: string
description: The ISO 4217 currency code.
example: EUR
vat_rate:
type: string
description: The VAT rate as a decimal (e.g. "0.2" for 20%).
example: '0.2'
unit:
type: string
description: The unit of measurement for the product (e.g. "kilogram", "hour").
example: hour
vat_exemption_code:
type: string
description: >-
VAT exemption code, applicable when `vat_rate` is "0". Required for
Italian organizations when the VAT rate is 0.
enum:
- N1
- N2
- N2.1
- N2.2
- N3
- N3.1
- N3.2
- N3.3
- N3.4
- N3.5
- N3.6
- N4
- N5
- N6
- N6.1
- N6.2
- N6.3
- N6.4
- N6.5
- N6.6
- N6.7
- N6.8
- N6.9
- N7
- S293B
- S262.1
- S259
- S283
- S261
- S262
- S263
- S19.1
- S4.1B
- S4.1A
- S4
- S13B
- S122
- S25
- S21
- S69
- S20
- S84.1.2
example: N1
links:
type: array
description: External links associated with the product.
items:
type: object
required:
- title
- url
properties:
title:
type: string
description: Title of the link.
example: Product page
url:
type: string
format: uri
description: URL of the link.
example: https://www.example.com/product
Product:
type: object
description: A product belonging to the organization.
required:
- id
- title
- type
- unit_price
- vat_rate
- organization_id
- created_at
- updated_at
properties:
id:
type: string
format: uuid
description: Unique identifier of the product.
example: a1b2c3d4-e5f6-7890-abcd-ef1234567890
title:
type: string
description: Title of the product.
maxLength: 120
example: Web Development Service
description:
type: string
description: Description of the product.
maxLength: 600
example: Full-stack web development service
internal_note:
type: string
description: Internal note for the product (not visible to clients).
maxLength: 50000
example: Preferred vendor for web projects
type:
type: string
description: Whether the product is a good or a service.
enum:
- good
- service
example: service
unit_price:
type: object
description: The unit price of the product.
required:
- value
- currency
properties:
value:
type: string
description: The decimal value of the unit price.
example: '150.00'
currency:
type: string
description: The ISO 4217 currency code.
example: EUR
vat_rate:
type: string
description: The VAT rate as a decimal (e.g. "0.2" for 20%).
example: '0.2'
unit:
type: string
description: The unit of measurement for the product (e.g. "kilogram", "hour").
example: hour
vat_exemption_code:
type: string
description: >-
VAT exemption code, applicable when `vat_rate` is "0". Required for
Italian organizations when the VAT rate is 0.
enum:
- N1
- N2
- N2.1
- N2.2
- N3
- N3.1
- N3.2
- N3.3
- N3.4
- N3.5
- N3.6
- N4
- N5
- N6
- N6.1
- N6.2
- N6.3
- N6.4
- N6.5
- N6.6
- N6.7
- N6.8
- N6.9
- N7
- S293B
- S262.1
- S259
- S283
- S261
- S262
- S263
- S19.1
- S4.1B
- S4.1A
- S4
- S13B
- S122
- S25
- S21
- S69
- S20
- S84.1.2
example: N1
links:
type: array
description: External links associated with the product.
items:
type: object
required:
- title
- url
properties:
title:
type: string
description: Title of the link.
example: Product page
url:
type: string
format: uri
description: URL of the link.
example: https://www.example.com/product
organization_id:
type: string
format: uuid
description: Unique identifier of the organization the product belongs to.
example: f1e2d3c4-b5a6-7890-abcd-ef1234567890
created_at:
type: string
format: date-time
description: Timestamp when the product was created.
example: '2026-01-15T10:30:00Z'
updated_at:
type: string
format: date-time
description: Timestamp when the product was last updated.
example: '2026-01-15T10:30:00Z'
BadRequestResponseBody:
type: object
properties:
errors:
type: array
items:
$ref: '#/components/schemas/BadRequestError'
required:
- errors
UnauthorizedResponseBody:
type: object
properties:
errors:
type: array
items:
$ref: '#/components/schemas/UnauthorizedError'
required:
- errors
ForbiddenResponseBody:
type: object
properties:
errors:
type: array
items:
$ref: '#/components/schemas/ForbiddenError'
required:
- errors
UnprocessableEntityError:
type: object
properties:
status:
type: string
example: unprocessable entity
code:
type: string
description: Error code.
example: missing_key
detail:
type: string
description: Human readable error that explains error `code`.
example: property is missing
message:
type: string
example: property id is missing
source:
type: object
properties:
pointer:
type: string
description: >-
The property and the item in an array (if applicable) that
causes the error.
example: id
required:
- code
- detail
x-examples:
Missing property:
code: missing_key
detail: property is missing
source:
pointer: /external_transfer/atrribute
BadRequestError:
type: object
properties:
code:
type: string
description: Error code.
detail:
type: string
description: Human readable error that explains error `code`.
source:
type: object
properties:
pointer:
type: string
description: >-
The property in the request body that caused the error
(optional).
parameter:
type: string
description: The query parameter that caused the error (optional).
required:
- code
- detail
x-examples:
Authorization field missing:
code: bad_request
detail: Authorization field missing
UnauthorizedError:
type: object
properties:
code:
type: string
description: Error code.
detail:
type: string
description: Human readable error that explains error `code`.
required:
- code
- detail
x-examples:
Invalid credentials:
code: unauthorized
detail: Invalid credentials
ForbiddenError:
type: object
properties:
code:
type: string
description: Error code.
detail:
type: string
description: Human readable error that explains error `code`.
required:
- code
- detail
x-examples:
Insufficient permissions:
code: forbidden
detail: User does not have sufficient permissions for this action.
responses:
400-Bad-request:
description: Returns a bad request error.
content:
application/json:
schema:
$ref: '#/components/schemas/BadRequestResponseBody'
examples:
Authorization field missing:
value:
errors:
- code: bad_request
detail: Authorization field missing
401-Unauthorized:
description: Returns an unauthorized error.
content:
application/json:
schema:
$ref: '#/components/schemas/UnauthorizedResponseBody'
examples:
authorization_header_missing:
value:
errors:
- code: authorization_header_missing
detail: authorization header missing
authorization_token_invalid:
value:
errors:
- code: authorization_token_invalid
detail: authorization token invalid
403-Forbidden:
description: Returns a forbidden error.
content:
application/json:
schema:
$ref: '#/components/schemas/ForbiddenResponseBody'
examples:
Insufficient permissions:
value:
errors:
- code: forbidden
detail: User does not have sufficient permissions for this action.
422-Unprocessable-Entity:
description: Returns an unprocessable entity error.
content:
application/json:
schema:
type: object
properties:
errors:
type: array
items:
$ref: '#/components/schemas/UnprocessableEntityError'
x-examples:
Example 1:
errors:
- code: missing_key
detail: reference is missing
source:
pointer: /external_transfer/reference
500-Internal-Server-Error:
description: Returns an internal server error.
securitySchemes:
OAuth:
type: oauth2
description: >
Bearer authorization header: `Bearer `, where `` is the
access token received from the authorization server at the end of the
[OAuth 2.0
flow](/get-started/business-api/authentication/oauth/oauth-flow).
flows:
authorizationCode:
refreshUrl: https://oauth.qonto.com/oauth2/token
authorizationUrl: https://oauth.qonto.com/oauth2/auth
scopes:
attachment.read: Retrieve attachments
attachment.write: Upload attachments and remove attachments from transactions
bank_account.write: Create, update and close bank accounts
beneficiary.trust: Trust SEPA beneficiaries
card.read: Retrieve cards
card.write: Create or update cards
client.read: Retrieve clients
client.write: Create clients
client_invoice.write: Create client invoices
client_invoices.read: Retrieve client invoices and credit notes
einvoicing.read: Retrieve e-invoicing settings
embed_auth_link.write: Create Embed auth links
insurance_contract.read: Retrieve insurance contracts
insurance_contract.write: Create and update insurance contracts
internal_transfer.write: >-
Create internal transfers (between 2 Qonto accounts of the same
organization)
international_transfer.write: Create international transfers
membership.read: Retrieve the authentified membership
membership.write: Invite team members
offline_access: Retrieve a refresh token
organization.read: >-
Retrieve organization, bank accounts, transactions, transfers,
beneficiaries, labels, memberships, requests & statements
payment.write: Create external transfers and untrust beneficiaries
payment_link.read: >-
Retrieve payment links, their payments, and the available payment
methods
payment_link.write: >-
Connect to the payment links provider, create and deactivate
payment links
product.read: Retrieve products
product.write: Create products
request_cards.write: Create card requests
request_review.write: Approve or decline requests
request_transfers.write: Create transfer requests
sepa_direct_debit.read: View SEPA Direct Debit payments
sepa_direct_debit.write: Manage SEPA Direct Debit payments
supplier_invoice.read: Retrieve supplier invoices
supplier_invoice.write: Create supplier invoices
team.read: Retrieve teams
team.write: Create teams
terminal.read: View your payment terminals
terminal.write: Configure your terminals and initiate payments
webhook: >-
Receive a notification each time a particular event occurs in
Qonto
tokenUrl: https://oauth.qonto.com/oauth2/token
SecretKey:
type: apiKey
description: cf. [API key](/get-started/business-api/authentication/api-key)
name: Authorization
in: header
````