REST API

ContactsLaw provides a REST API which underpins the functionality available in the Desktop App.

The REST API can also be used by third-party applications and integrations to perform operations within ContactsLaw.

Authentication

The REST API uses CPMS ID for authentication, leveraging industry-standard technologies such as OAuth 2.0 and OpenID Connect.

The authentication method (flow) depends on the use case:

• Applications and integrations that perform operations in ContactsLaw on behalf of an interactive user should authenticate using the authorisation code flow. This requires registering an interactive application with CPMS ID and prompting the user for credentials. In some cases, it may be possible to leverage an existing access token; e.g. for embedded content. Examples: Custom reports/dashboards, productivity tools, pre-filling services
• Applications and integrations that perform operations autonomously should authenticate using the client credentials flow. This requires registering an application (M2M) with CPMS ID, as well as a service account under which they will run in each subscription. Examples: Scheduled jobs, client portals, data synchronisation

In both cases, subscribers must authorise the application in CPMS ID before it can access their subscription.