# POST /api/v1/orders

> Create order

- **Tag:** orders
- **Operation ID:** `create_order_api_v1_orders_post`

## Description

Create a new draft order with per-line billing rules.

## Authentication

Bearer token in `Authorization` header.
Required header: `x-business-id: <business uuid>`.

## Request body

Schema: `OrderCreate`

- `customer_id` (string · required) — Customer the order is for.
- `project_id` (string) — Project / job (optional).
- `order_description` (string) — Order description.
- `order_start_date` (string) — Order start (YYYY-MM-DD).
- `first_invoice_date` (string) — First invoice date (YYYY-MM-DD); anchors the term clock.
- `term_months` (integer) — Term length in months.
- `discount_cents` (integer) — Contract-level discount (cents).
- `tax_treatment` (string) — Tax treatment label.
- `currency` (string) — Currency code.
- `lines` (array · OrderLineInput) → `OrderLineInput` — Order-form lines.
  - `catalog_item_id` (string) — Catalog item this line is based on (optional).
  - `description` (string) — Line description.
  - `qty` (number | string · required) — Ordered quantity / hours.
  - `unit_price_cents` (integer · required) — Unit price in cents.
  - `billing_rule` (string) — flat, per_unit, recurring, usage_metered, or prepaid_block.
  - `billing_timing` (string) — Recurring only: each_period, first_upfront, all_upfront.
  - `ramp_schedule` (object) — Pre-agreed step qty/price schedule (frozen at signing).

## Responses

### 201 — Successful Response

Schema: `app__core__success__SuccessEnvelope_OrderResponse___1`

- `success` (boolean)
- `message` (string)
- `code` (string)
- `data` (app__api__v1__schemas__orders__OrderResponse)

### 400 — Bad Request - Invalid input

### 401 — Unauthorized - Authentication required

### 403 — Forbidden - Insufficient permissions

### 404 — Not Found - Resource does not exist

### 422 — Validation Error

Schema: `HTTPValidationError`

- `detail` (array · ValidationError) → `ValidationError`
  - `loc` (array · string | integer · required)
  - `msg` (string · required)
  - `type` (string · required)
  - `input` (object)
  - `ctx` (object)

## Code samples

### cURL

```bash
curl -X POST 'https://api.ondayzero.com/api/v1/orders' \
  -H 'Authorization: Bearer dz_your_token' \
  -H 'x-business-id: YOUR_BUSINESS_ID' \
  -H 'Content-Type: application/json' \
  -d '{
  "customer_id": "string"
}'
```

### JavaScript

```javascript
const response = await fetch('https://api.ondayzero.com/api/v1/orders', {
  method: 'POST',
  headers: {
    Authorization: 'Bearer dz_your_token',
    'x-business-id': 'YOUR_BUSINESS_ID',
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({
  "customer_id": "string"
}),
});
const data = await response.json();
```

### Python

```python
import httpx

headers = {
    "Authorization": "Bearer dz_your_token",
    "x-business-id": "YOUR_BUSINESS_ID",
}

payload = {
  "customer_id": "string"
}

response = httpx.post("https://api.ondayzero.com/api/v1/orders", headers=headers, json=payload)
data = response.json()
```

## See also

- HTML version: https://www.ondayzero.com/docs/reference/orders/create-order
- OpenAPI slice: https://www.ondayzero.com/docs/reference/orders/create-order/openapi.json
- Other endpoints in **orders**: https://www.ondayzero.com/docs/reference/orders
