Using the Inbound Documents API : Opus 2 Platform

Minimum Software Version	8.15.0
Solution(s)	Cases International ✓ Cases US ✓ Institutions ⨉

Third party software vendors can integrate with Opus 2 via REST API. Once set up, a user can get a token from the application and then they can give that to a third party application that has been set up to read and write content via the API as an alternative to logging in and viewing and editing content through the user interface.

For the Documents API, there are two types of connections, inbound and outbound. This article describes the INBOUND Documents API for integrations whereby third-party vendors can control users and data in the Platform v8 environment.

To see examples of requests and responses using cURL for each endpoint, see the attached PDF of the Swagger output for this API at the bottom of this article.

Prerequisites

To use the Inbound Documents REST API, an Operator must switch on the following settings:

System-wide setting: Allowing access to the integrations API

Project specific setting: Download docs via API

Create a user (token owner) who has Read Write access to the project containing the resource being read or written.

Structure of the API URL

The API URL is structured as follows:

{tenant url}/ENDPOINT -i -X VERB \  -H ‘X-API-Token:TOKEN -d {data}

where:

{tenant URL}	Required	The tenant URL for to accessing the server. Example: https://xyz.api-example.com
Endpoint	Required	Examples: Users See table of endpoints.
-i	Required	Curl syntax option to request that the response to the request is included along with the headers.
-X	Required	Curl syntax option to specify that an HTTP verb follows.
HTTP verb	Required	Example: GET. See table of HTTP verbs.
-H	Required	Curl syntax option for sending a header value.
X-API-token	Required	The authentication token. Example: 'X-Tenant-Token: abcdefGI1NiJ9.eyJsYXN0TG9naW4iOiIyMDIxLTA3LTAxIDE yOjAxOjAxIiwidGVhbXMiOlsidGVhbSJdLCJ0ZW5hbnRJZC I6InRlbmFudElkIiwic3VwZXJhZ etc
-d	Verb dependent	Curl syntax option for sending data, for example, when using POST.

Client codes

400 Bad Request response: You sent invalid JSON or the incorrect type of JSON values. Example: Invalid timestamp format. Use format xxxxx.

409 You cannot delete the only version of a document

Error codes

403: You do not have permission to delete this file

404: Request for a non-existent entity. Example: Document version not found.

500: Backend error

Return codes

Code	Description
200	Success
201	Create Success
401	Unauthorised. Example: The provided API token is invalid.
400	Validation failed. Example: Invalid version ID Format

HTTP verbs

Verb	Description
HEAD	Can be issued against any resource to get just the HTTP header info.
GET	Used for retrieving resources.
POST	Used for retrieving resources.
PATCH	Used for updating resources with partial JSON data. For instance, an Issue resource has title and body attributes. A PATCH request may accept one or more of the attributes to update the resource. PATCH is a relatively new and uncommon HTTP verb, so resource endpoints also accept POST requests.
PUT	Used for replacing resources or collections. For PUT requests with no body attribute, be sure to set the Content-Length header to zero.
DELETE	Used for deleting resources.

Working with tokens and making requests

The token should be sent as the X-Api-Token header. This identifies the user making the request and determines if the request will be accepted. Once the user making the request (the owner of the token) has been identified, then the request proceeds with the permissions and access rights of that user. Not all API requests are accessible to all users.

For a request to complete successfully, the token owner must have access to the project containing the resource being read or written and must have the appropriate capabilities within that project to create, read, or update the resource according to the operation being performed. Therefore, this user should be created by default on each project created within Opus 2 as part of the project template settings as per the Prerequisites above.

Payload fields for token API

Path	Type	Description
Name	String	The name of the token
userId	String	The Platform user ID that the token was generated for.

Payload JSON for token API

{"userId":"userId","name":"ATokenName"}

API	Action	Endpoint and HTTP Verb
Tokens	Add a token to a request	tokens + POST
	Get all token details	tokens + GET
	Delete a token	tokens + DELETE

Inbound documents API endpoints

API	Action	Endpoint and HTTP Verb
Users	Query (Read) all roles in the document	roles + GET
	Query all users in the document	users + GET
	Query a user in the document by Id	user/id/userId + GET
	Query a user in the document by email	user/byemail?email=user@user.com + GET
	Add a user(s)	users + POST

API	Action	Endpoint and HTTP Verb
User teams	Query (Read) all teams in the document	teams + GET
	Query all users in a team	teams/teamId/users + GET
	Add a new user to a team	teams/teamId/users/email + PUT
	Delete a user from a team	teams/teamId/users/email + DELETE

API	Action	Endpoint and HTTP Verb
Projects	Query (Read) all projects	projects + GET
	Query a single project	projects/projectId/ + GET
	Add a project	projects + POST
	Query teams in a project (user groups)	projects/projectId/teams + GET
	Add a project team	projects/projectId/teams/teamId + PUT
	Delete a project team	projects/projectId/teams/teamId + DELETE
	Query all project users	projects/projectId/users +GET
	Add a user to a project	projects/projectId/users/email + PUT
	Delete a user from a project	projects/projectId/users/email + DELETE

API	Action	Endpoint and HTTP Verb
Templates	Query all templates in a document	templates + GET

API	Action	Endpoint and HTTP Verb
Folders	Query (Read) all folders in the project	projects/projectId/folders + GET
	Query a single folder in the project	projects/projectId/folders/the%20folder + GET
	Add a folder to a project	projects/projectId/folders + POST
	Delete a folder from a project	projects/projectId/folders/folderId/ + DELETE

API	Action	Endpoint and HTTP Verb
Documents	Query (Read) all documents in a project	projects/projectId/documents + GET
	Query documents using a date filter	projects/projectId/documents?afterDate= + GET
	Add a document to a project, avoiding duplicates	projects/projectId/documents?rejectDuplicate=true + POST
	Query documents in a specific folder	projects/projectId/documents/folder/folderId + GET
	Query documents in a folder using a date filter	projects/projectId/documents/folder/folderId?afterDate= + GET
	Query a single document in a folder	projects/projectId/documents/documentID + GET
	Move document into another folder	projects/projectId/documents/documentID/folderId + PUT
	Replace document with a new version of the document	projects/projectId/documents/documentID/replace + POST

API	Action	Endpoint and HTTP Verb
Fields	Read metadata fields in a project	projects/projectId/fields + GET
	Update metadata fields in a document	projects/projectId/documents/documentId/fields/fieldId + PUT

Performance considerations

There are no API-specific performance considerations. Operations resulting from calls to the API are handled by the same back-end services as interactive events from users accessing the system via the web interface, and have the same performance profile as the application as a whole.

API rate limiting

The system supports API rate limiting to prevent applications using the API from overwhelming the system and harming the interactive user experience. This is configurable on a per-client basis with a initial default rate limit of 50 requests per minute.

The API follows a conventional REST model but does not implement any particular specification. Pagination is supported on all the endpoints that can return significant volumes of data (documents, folders, worksheet record etc).

Related articles

Features only accessible in Operator mode

Obtaining a REST API authentication token

If you require functionality not provided by the existing REST API, contact Opus 2 Platform Support.