> ## Documentation Index
> Fetch the complete documentation index at: https://docs.incentives.leap.energy/llms.txt
> Use this file to discover all available pages before exploring further.

# List Attachments

> List attachments for one or more applications.

## Overview

List attachments for one or more applications.

<Note>
  * Use `application_id` for a single application (requires `attachment_type`)
  * Use `application_ids` for bulk listing (comma-separated, `attachment_type` is optional)
</Note>

For attachment types and workflow details, see the [Attachments Workflow section](/api-reference/guides/api-guide#attachments-workflow) in the API Guide.


## OpenAPI

````yaml GET /applications/attachments
openapi: 3.0.3
info:
  title: Leap Energy API
  description: >-
    The Leap Energy API provides a unified interface for managing rebate
    incentives and applications.


    ## Incentives API

    Search for and calculate incentive amounts across multiple utility programs.
    Given a customer

    address and building type, the API identifies applicable utility programs
    and calculates potential

    incentive amounts for various device and tier combinations. When your
    organization has a webhook URL

    configured (Webhook Config API), each successful lookup triggers a POST to
    your URL with the response

    and optional custom fields (`webhook_custom_fields`).


    ## Applications API

    Manage rebate applications on behalf of customers. Applications represent a
    customer's request

    for a rebate under a specific utility program, including customer
    information, device details,

    and application metadata.
  version: 2.0.0
  contact:
    name: Leap Energy
    url: https://leap.energy
servers:
  - url: https://api.incentives.leap.energy/alpha
    description: Production API
security:
  - ApiKeyAuth: []
  - BearerAuth: []
paths:
  /applications/attachments:
    get:
      summary: List attachments
      description: >-
        List attachments for one or more applications.


        **Authentication:**

        Requires API key authentication via `x-api-key` header. The application
        must belong to your organization.


        **Query Parameters:**

        - Use `application_id` for a single application (requires
        `attachment_type`)

        - Use `application_ids` for bulk listing (comma-separated,
        `attachment_type` is optional)
      operationId: listAttachments
      parameters:
        - name: application_id
          in: query
          description: >-
            Application ID to list attachments for. Requires attachment_type
            parameter.
          required: false
          schema:
            type: integer
          example: 123
        - name: application_ids
          in: query
          description: >-
            Comma-separated list of application IDs for bulk listing.
            attachment_type is optional.
          required: false
          schema:
            type: string
          example: 123,456,789
        - name: attachment_type
          in: query
          description: Filter by attachment type. Required when using application_id.
          required: false
          schema:
            type: string
            enum:
              - INVOICE_EQUIPMENT
              - INVOICE_INSTALL
              - PERMIT
              - PHOTO_NAMEPLATE
              - PHOTO_INSTALL
              - PHOTO_METER
              - AHRI_CERT
              - NEAT_REPORT
              - INCOME_FORM
              - W9
              - OTHER
              - VEHICLE_PURCHASE
              - UTILITY_BILL
              - VEHICLE_REGISTRATION
              - TARIFF_CONFIRMATION
          example: INVOICE_EQUIPMENT
      responses:
        '200':
          description: Successfully retrieved attachments
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Attachment'
        '400':
          description: Invalid request
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
        '401':
          $ref: '#/components/responses/UnauthorizedError'
        '403':
          $ref: '#/components/responses/ForbiddenError'
        '500':
          $ref: '#/components/responses/InternalServerError'
components:
  schemas:
    Attachment:
      type: object
      description: Attachment/document associated with an application
      required:
        - id
        - application_id
      properties:
        id:
          type: integer
          description: Unique identifier for the attachment
          example: 456
        application_id:
          type: integer
          description: ID of the application this attachment belongs to
          example: 123
        attachment_type:
          type: string
          enum:
            - INVOICE_EQUIPMENT
            - INVOICE_INSTALL
            - PERMIT
            - PHOTO_NAMEPLATE
            - PHOTO_INSTALL
            - PHOTO_METER
            - AHRI_CERT
            - NEAT_REPORT
            - INCOME_FORM
            - W9
            - OTHER
            - MODEL_TECH_SPECS
            - VEHICLE_PURCHASE
            - UTILITY_BILL
            - VEHICLE_REGISTRATION
            - TARIFF_CONFIRMATION
          description: Type of attachment
          example: INVOICE_EQUIPMENT
        filename:
          type: string
          description: Original filename
          example: invoice.pdf
        path:
          type: string
          description: Storage path of the file
          example: app-123/a1b2c3d4-e5f6-7890-abcd-ef1234567890-invoice.pdf
        content_type:
          type: string
          description: MIME type of the file
          example: application/pdf
        size:
          type: integer
          nullable: true
          description: File size in bytes
          example: 245760
        created_at:
          type: string
          format: date-time
          description: Timestamp when attachment was created
          example: '2025-01-10T10:00:00Z'
        updated_at:
          type: string
          format: date-time
          description: Timestamp when attachment was last updated
          example: '2025-01-15T14:30:00Z'
    Error:
      type: object
      required:
        - code
        - message
        - requestId
      properties:
        code:
          type: string
          description: Error code identifying the type of error
          example: not_found
        message:
          type: string
          description: Human-readable error message
          example: Application 123 not found
        details:
          description: Additional error details (optional)
          example: Additional context about the error
        requestId:
          type: string
          description: Unique request identifier for tracking and debugging
          example: 550e8400-e29b-41d4-a716-446655440000
  responses:
    UnauthorizedError:
      description: API key is missing or invalid
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    ForbiddenError:
      description: >-
        Access forbidden - resource does not belong to your organization or
        insufficient permissions
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    InternalServerError:
      description: Internal server error
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
  securitySchemes:
    ApiKeyAuth:
      type: apiKey
      in: header
      name: x-api-key
      description: >
        API key for authentication. Include your Leap API key in the `x-api-key`
        header: `x-api-key: leap_live_...`
    BearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT
      description: Clerk JWT token for portal authentication

````