Skip to main content
Upload an expense XML file (CFDI) to automatically extract and register expense data. This endpoint processes Mexican tax invoices (CFDIs) and creates expense records from them.
This endpoint reuses the invoice upload logic. The system automatically determines if the XML represents an expense or income based on the RFC information.

Authentication

Requires a valid JWT token in the Authorization header. 
Authorization: Bearer YOUR_JWT_TOKEN

Request Body

profileId
string
required
The UUID of the profile to associate the expense with. The profile must belong to the authenticated user.
xml
string
required
The XML content of the CFDI (Comprobante Fiscal Digital por Internet). Should be the raw XML string.

Response

message
string
Success message indicating the expense was uploaded successfully.
data
object
The created expense object.
id
string
UUID of the expense.
profile_id
string
UUID of the associated profile.
tipo_origen
string
Origin type, always “XML” for uploaded expenses.
fecha
string
Date of the expense (ISO 8601 format).
mes
number
Month of the expense (1-12).
año
number
Year of the expense.
total
number
Total amount of the expense.
subtotal
number
Subtotal amount (before taxes).
iva
number
IVA (VAT) percentage.
iva_amount
number
IVA amount in currency.
uuid
string
Fiscal folio UUID from the CFDI.
tipo
string
Payment type: “PUE” (Pago en Una Exhibición), “PPD” (Pago en Parcialidades o Diferido), or “COMPLEMENTO_PAGO”.
rfc_emisor
string
RFC (tax ID) of the issuer.
nombre_emisor
string
Name of the issuer.
rfc_receptor
string
RFC of the receiver.
nombre_receptor
string
Name of the receiver.
concepto
string
Description or concept of the expense.
validacion
object
Validation status of the expense.
rfcVerificado
boolean
Whether the RFC was verified.
regimenFiscalVerificado
boolean
Whether the tax regime was verified.
uuidDuplicado
boolean
Whether this UUID already exists.
valido
boolean
Overall validation status.
advertencias
array
List of warning messages.
errores
array
List of error messages.

Rate Limiting

This endpoint has a rate limit of 300 requests per 5 minutes per user.

Example Request

cURL
curl -X POST https://api.tresacontafy.com/api/expenses/upload \
  -H "Authorization: Bearer YOUR_JWT_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "profileId": "123e4567-e89b-12d3-a456-426614174000",
    "xml": "<?xml version=\"1.0\" encoding=\"UTF-8\"?>..."
  }'

Error Responses

401
error
Unauthorized - Invalid or missing JWT token.
404
error
Profile not found or doesn’t belong to the user.
400
error
Bad request - Invalid XML format or missing required fields.
429
error
Too many requests - Rate limit exceeded.

Build docs developers (and LLMs) love

Get started for freeTalk to us