Theyutes Logistics · ERPs
Every shipment, a GL entry.
Your accountant shouldn't have to log into a courier portal to reconcile delivery costs. Signed webhooks fire on every state change with the merchantReference your ERP already uses; every mutation gets an audit-log entry; idempotency keys make retries safe. Drop straight into NetSuite, SAP, Odoo, Microsoft Dynamics.
What breaks today
ERPs, in three honest lines.
Portal logins
Five carriers means five portals, five logins, five CSV exports.
Every dispatch fans out to a single signed webhook. Your ERP integration reads one stream, posts one journal entry per shipment, reconciles one invoice per period.
Replay risk
Network blips can fire the same shipment twice.
Pass an Idempotency-Key header on dispatch — duplicate calls return the original shipment id, not a new one. Webhook signatures include a timestamp so replays older than 5 minutes are rejected.
Audit gaps
Finance audits need who-did-what-when, not just the final status.
Every mutation is audit-logged with the API token, IP, user-agent, and a delta of the change. GET /api/v1/logistics/shipments/{id}/audit returns the full trail as JSON — perfect for SOX / IFRS evidence.
What we built for erps
Four primitives. One API.
Signed webhooks (HMAC-SHA256).
Every event ships with an X-Theyutes-Signature header you verify with your shared secret. The signed payload includes a timestamp so you can reject replays older than 5 minutes.
Idempotency keys on every mutation.
POST headers accept Idempotency-Key. Duplicate dispatch calls within 24 hours return the original shipment — never a duplicate booking. Safe to retry indefinitely on network failure.
Audit log on every change.
Every state transition is audit-logged with timestamp, API token, IP, and a JSON diff of the change. GET /api/v1/logistics/shipments/{id}/audit returns the full trail for SOX / IFRS evidence.
OpenAPI 3.1 spec + official SDKs.
/api/v1/openapi.json is the source of truth. Generate clients for any language with openapi-generator-cli, or use our Node and Python SDKs (typed methods, async iterators for tracking polls).
Sample call
The shortest path from your stack to a dispatched rider.
Inbound webhook to your ERP
json
POST /your-erp-webhook
X-Theyutes-Signature: sha256=4f3b…
X-Theyutes-Event: shipment.delivered
X-Theyutes-Timestamp: 1748520801
{
"event": "shipment.delivered",
"timestamp": "2026-05-29T14:33:21.000Z",
"data": {
"id": "shp_2k8h1mv9c3xq",
"merchantReference": "SO-2026-04421",
"status": "delivered",
"carrier": "uber",
"carrierName": "Uber Direct",
"costKobo": 360000,
"deliveredAt": "2026-05-29T14:33:00.000Z",
"deliveredTo": "Adaeze O.",
"signatureUrl": "https://theyutes.com/pod/shp_2k8h1mv9c3xq.png",
"auditTrailUrl": "https://theyutes.com/audit/shp_2k8h1mv9c3xq.json"
}
}HMAC verification (Node)
bash
import crypto from "node:crypto";
function verifyTheyutesWebhook(req, secret) {
const sig = req.headers["x-theyutes-signature"];
const ts = req.headers["x-theyutes-timestamp"];
const body = req.rawBody; // raw bytes, NOT JSON.parse
// Reject anything older than 5 minutes (replay protection).
if (Math.abs(Date.now() / 1000 - Number(ts)) > 300) {
return false;
}
const expected = "sha256=" + crypto
.createHmac("sha256", secret)
.update(`${ts}.${body}`)
.digest("hex");
return crypto.timingSafeEqual(
Buffer.from(sig), Buffer.from(expected),
);
}merchantReference is your own ERP order number — we round-trip it on every event so you can join shipments back to sales orders without a lookup table. signatureUrl + auditTrailUrl ride on the delivered event for finance reconciliation.
Pilot partners — coming soon
ERPs partner
Launching Q3 2026
ERPs partner
Other verticals
Same orchestrator. Different defaults.
Restaurants
Predictive dispatch so the rider arrives the moment the food is ready.
See restaurants
Pharmacy
Cold-chain routing, signed delivery, and a ten-minute SLA on rescue prescriptions.
See pharmacy
Electronics
Insured, signed-for delivery for phones, laptops, and high-value parcels.
See electronics
Marketplaces
One quote endpoint that splits across every seller's pickup — buyer sees one ETA.
See marketplaces
Questions
What erps integrators ask first.
Do you have a SAP / NetSuite / Odoo connector?
Official connectors are on the 2026 roadmap. Today the path is: subscribe to webhooks → verify HMAC → POST the shipment into your ERP as a journal entry. Our Node + Python SDKs cover the verification + posting in ~40 lines. We're happy to pair on the first integration via logistics@theyutes.com.
What's the webhook retry curve?
6 attempts on a 1m / 5m / 15m / 1h / 6h / 24h backoff. After 6 failures the delivery is marked failed and surfaced in the in-dashboard webhook log so your ops team can replay manually. The dispatcher runs as a Vercel cron tick.
Can the audit log be exported for SOX evidence?
Yes — GET /api/v1/logistics/shipments/{id}/audit returns the full per-shipment trail as JSON. Bulk export of a period's audit trail is available on Scale tier as a signed download URL (zipped CSV + JSON).
Built for erps. Ready in five minutes.
Mint a key, run one sample call, ship your first parcel.