API Getting Started

Getting Started with LegalServer APIs

LegalServer Clients

Take a look at the available APIs in the API Reference. LegalServer's recommended APIs are in the Core API section. v1    is in general use. v2    is available generally as well. Older APIs are available under the Legacy API section and are mostly marked as deprecated.

General Steps

Pick a simple API to test against. Use the -demo site for all testing, but beware that sensitive and confidential data probably exists on -demo sites as well.

Create an API User Role and give it the API Access permission and permission for the one API endpoint you want to test with. Not all APIs have specific role permissions.

Create an API user (just like a regular user) and give that user the API User role.

You can test the API using something like Insomnia, Postman, RapidAPI, or Curl.

The API parameters involved can either be transferred in a JSON body of the API call or via a URL query depending on whether you are using a POST/PATCH call or a GET operation.

Once you have the basics down, feel free to explore other APIs, and don't forget we have a flexible outgoing API tool that requires no programming skills and can be added as a block to any process.

API Users

Currently there is no system User Role for API accounts. Best practice is to create a new User Role by going to the Admin -> Lookups -> User Role and adding a custom User Role named API Access. Do not choose to copy permissions from any other role when creating it.

Then go to Users -> Actions -> Edit User Roles (Permissions) and select the API Access account. You will have to give it the permission for API Access and Login, but there are a number of other API Permissions:

Depending on the API you intend to use, you may also need to turn on permissions like View all Cases or View all non-client time. This is especially true when utilizing the Reports API. Start with the most restrictive permissions you can and then add just enough to get the API call working. You can utilize a tool like mentioned in the Testing section below to ensure the API works.

Then create a new user in LegalServer and give it the Role of API Access. It will need to be current and have the ability to Login. When logging in via API, the username will be case sensitive. You may find that only certain special characters will work for the password.

Third Party Partners

Before providing API credentials, LegalServer recommends that a contractual relationship including non-disclosure of client data be in place. Plan for the secure communication of API authentication information and the secure storage and deletion of any data transmitted to you via API from the client's site.

If third party developers need to ask for help from LegalServer staff, please ensure you have

• proof of your relationship with the LegalServer client, including nondisclosure agreements,
• a description of what fields you are trying to send or receive,
• the purpose and nature of your project, and
• the actual parameters or json test you've attempted to perform against a simple built-in API endpoint and the results.

Testing

Legalserver recommends testing this in an API tool like Insomnia, Postman, RapidAPI, etc. to ensure that you are building the API correctly and able to get the correct data out of the API. This lets you test the API call directly to ensure that it is working as you expect before integrating it into your production environment.

To get started with one of these tools, you can download the full API specifications by going to https://apidocs.legalserver.org.

If you have issues with the API not working as expected, please contact support@legalserver.org with the details of your specific API call so that we can try to reproduce and troubleshoot.