Developer APIs

Build with tulz.org

Free REST APIs for invoice generation, QR codes, hashing, and more. No auth required today — just grab a free key for usage tracking.

4 APIs available
Unlimited now
CORS enabled
100/day free quota (coming soon)

Your free API key

Generated locally in your browser — no email, no sign-up. Use it as the X-API-Key header. Currently unlimited — rate limits activate only when paid plans launch.

Currently free for everyone

All APIs are open and unlimited right now. When paid plans launch, you'll get 100 free calls/day per API key. Every response already includes X-Usage-Count, X-Usage-Limit, and X-Usage-Remaining headers so you can monitor usage today.

Available APIs

Invoice Generator

Finance
POSTPOST /api/invoice

Generate professional HTML invoices. Supports currencies, tax, discount, custom branding. Returns inline-CSS HTML or a JSON envelope with calculated totals.

Docs

Example

fetch("https://tulz.org/api/invoice", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "X-API-Key": "YOUR_KEY"
  },
  body: JSON.stringify({
    from: { name: "Acme Corp" },
    to: { name: "Client Inc" },
    items: [{ description: "Design", quantity: 1, rate: 500 }]
  })
}).then(r => r.text()).then(html => console.log(html));

QR Code

Utility
POSTPOST /api/v1/qr

Generate QR codes as SVG (vector, infinitely scalable) or PNG data URL. Supports custom colors, error correction levels, and quiet zone.

Docs

Example

fetch("https://tulz.org/api/v1/qr", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "X-API-Key": "YOUR_KEY"
  },
  body: JSON.stringify({
    text: "https://tulz.org",
    format: "svg",
    darkColor: "#1e40af"
  })
}).then(r => r.text()).then(svg => document.body.innerHTML = svg);

Hash

Security
POSTPOST /api/v1/hash

Hash any string with MD5, SHA-1, SHA-256, SHA-384, or SHA-512. Returns hex or base64. Pass `all: true` to get all algorithms at once.

Docs

Example

fetch("https://tulz.org/api/v1/hash", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "X-API-Key": "YOUR_KEY"
  },
  body: JSON.stringify({
    text: "hello world",
    algorithm: "sha256"
  })
}).then(r => r.json()).then(d => console.log(d.hash));

Password Generator

Security
POSTPOST /api/v1/password

Generate cryptographically secure passwords. Configure length, charset (uppercase, lowercase, numbers, symbols), batch size (up to 50), and entropy info.

Docs

Example

fetch("https://tulz.org/api/v1/password", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "X-API-Key": "YOUR_KEY"
  },
  body: JSON.stringify({
    length: 20,
    count: 5,
    symbols: true
  })
}).then(r => r.json()).then(d => console.log(d.passwords));

Quick start

curl -X POST https://tulz.org/api/v1/qr \
  -H "Content-Type: application/json" \
  -H "X-API-Key: YOUR_KEY" \
  -d '{"text":"https://yoursite.com","format":"svg"}' \
  -o logo.svg

Response headers

Every API response includes these headers so you can track quota usage even before limits are enforced.

HeaderDescription
X-Usage-CountRequests made today by your key/IP (resets at UTC midnight).
X-Usage-LimitYour daily free quota (100 once limits activate).
X-Usage-RemainingCalls left today. Will never block while ENFORCE_LIMIT is off.
X-Usage-ResetAlways "daily-utc" — window resets at 00:00 UTC.

More APIs coming soon

Barcode generation, PDF manipulation, currency conversion, and more. Every tool on tulz.org is a candidate for a developer API.

Browse all 120+ tools