> ## Documentation Index > Fetch the complete documentation index at: https://docs.finsync.ar/llms.txt > Use this file to discover all available pages before exploring further. # Export client transaction history (CSV) > Downloads a CSV of transaction history for a client. **API key (`x-api-key`):** `clientId` must belong to the API key's company. No `history_days` cap is applied unless you pass `startDate` / `endDate`. **Bearer token:** Supabase JWT for an active ExternalClient link to `clientId`. The portal `history_days` limit applies when set (in addition to any explicit date range). ## OpenAPI ````yaml /openapi/openapi.json get /api/external-client/history openapi: 3.0.0 info: title: FinSync API Documentation version: 1.0.0 description: API documentation for FinSync application contact: name: FinSync Support email: support@finsync.com servers: - url: https://finsync.ar description: API server security: - apiKey: [] tags: - name: Clients description: Operations related to clients and their accounts - name: Accounts description: Operations related to account balances - name: Operations description: Operations for creating and managing financial operations - name: Operation Types description: Company operation types management - name: Transaction Types description: Company transaction types management - name: Superadmin description: Cross-tenant operations (JWT + email allowlist) - name: External client description: >- Exports for external (portal-linked) clients. Authenticate with `x-api-key` (company-owned client ID) or `Authorization: Bearer` (Supabase access token with an ExternalClient invite). paths: /api/external-client/history: get: tags: - External client summary: Export client transaction history (CSV) description: >- Downloads a CSV of transaction history for a client. **API key (`x-api-key`):** `clientId` must belong to the API key's company. No `history_days` cap is applied unless you pass `startDate` / `endDate`. **Bearer token:** Supabase JWT for an active ExternalClient link to `clientId`. The portal `history_days` limit applies when set (in addition to any explicit date range). parameters: - in: query name: clientId required: true schema: type: integer description: Client primary key - in: query name: companyClientId schema: type: integer description: Company-scoped client ID (alternative to `clientId`) - in: query name: startDate schema: type: string format: date description: >- Optional inclusive start date (`YYYY-MM-DD`). Use with `endDate` to limit export size. - in: query name: endDate schema: type: string format: date description: >- Optional inclusive end date (`YYYY-MM-DD`). Use with `startDate` to limit export size. responses: '200': description: UTF-8 CSV file (BOM prefixed for Excel) headers: Content-Disposition: description: >- Attachment filename, e.g. `transacciones--YYYY-MM-DD.csv` schema: type: string content: text/csv: schema: type: string format: binary '400': description: Missing or invalid `clientId` content: application/json: schema: type: object properties: error: type: string '401': description: >- Missing auth, invalid API key, or invalid bearer token (`Authentication required`, `Invalid API key`, `Invalid auth token`) content: application/json: schema: type: object properties: error: type: string '403': description: >- Forbidden — no ExternalClient link (bearer path) or client not in API key's company content: application/json: schema: type: object properties: error: type: string '500': description: Server error content: application/json: schema: type: object properties: error: type: string security: - apiKey: [] - bearerAuth: [] components: securitySchemes: apiKey: type: apiKey in: header name: x-api-key description: API Key for authentication bearerAuth: type: http scheme: bearer bearerFormat: JWT description: >- Supabase access token for logged-in users (employees for most dashboard APIs; allowlisted email for Superadmin routes; external portal users with an ExternalClient invite for `/api/external-client/history` and `/api/external-client/history/pdf`). ````