API Changelog

All notable changes to the REST API will be documented in this page.

2026-04-29

Sandbox environment

This release removes the sandbox environment from the public API. The https://api.sandbox.transactionlink.io server has been decommissioned - all integrations should target https://api.transactionlink.io exclusively. The workspaceType field now only accepts LIVE.

Permissions model

Each API endpoint enforces a specific permission scope required on the resource. Table-level operations use can_read_data, can_edit_data, can_read_attachments, can_edit_attachments, and can_comment. Workflow operations require can_run on the workflow definition or can_view_workspace on the workspace. Organisation management endpoints require can_manage_users, can_reset_2fa, can_manage_workspace_access, or can_view_workspace depending on the operation. The required permission for each endpoint is listed in its description - requests made with a token that lacks the required scope will receive a 403 Forbidden response.

Permissions can be managed in appropriate section in dashboard.

User Management API

A new set of public endpoints for managing users within an organization. All endpoints require the can_manage_users permission on the organization.

GET /organizations/users

GET /organizations/users/{userId}

POST /organizations/users/{userId}/terminate

POST /organizations/users/{userId}/reinstate

PUT /organizations/users/{userId}/role

PUT /organizations/users/{userId}/profile

POST /organizations/users/{userId}/reset-mfa

Enrollment (Invitation) API

Endpoints for managing invitations sent to new users joining an organization. Requires can_manage_users permission.

GET /organizations/enrollments

POST /organizations/enrollments

POST /organizations/enrollments/{enrollmentId}/resend

POST /organizations/enrollments/{enrollmentId}/cancel

Workspace Membership API

Endpoints for managing which users belong to a workspace and with what role. Membership management requires can_manage_workspace_access; listing requires can_view_workspace.

PUT /workspaces/{workspaceId}/memberships/{userId}

DELETE /workspaces/{workspaceId}/memberships/{userId}

GET /workspaces/{workspaceId}/memberships

GET /organizations/workspaces/{workspaceId}/memberships

Organization API

Read-only endpoints for discovering available roles and workspaces.

GET /organizations/roles

GET /organizations/workspaces/{workspaceId}/roles

GET /organizations/workspaces

JWT Bearer tokens are now deprecated for all endpoints in favor of Organization Tokens (tot_). Organization tokens should be passed in the Authorization header.

Authorization: tot_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

JWT-based authentication will continue to work during a transition period but will be removed in a future release. All new integrations should use organization tokens exclusively.

2025-02-13

Breaking: Updated token and link endpoints with versioning in the Accept header

POST /token
POST /link
POST /link/send
POST /workflows/run

In the older version, these endpoints strictly relied on caseId for identification and did not require specifying an email address when sending links. This design was less flexible and bound each request to a single case context.

In the current version, indicated by using the header Accept: application/json;version=2, a recordId may be used (optionally) instead of caseId, offering more flexibility in linking tokens or generated links to various records. Additionally, when calling /link/send under version 2, an email must be provided to ensure proper delivery of the generated link. The older version (caseId-based) is now scheduled for deprecation.

The API for Cases has been marked as deprecated in favor of the new Records system and will be removed according to the scheduled timeline. Workflows can still be run independently, even without using Records.

2024-04-08

Breaking: Changing case structure

GET /cases/{caseId}

In the older version, the Case structure mirrored the workflow outcome exactly. Each workflow's completion would generate a case. This configuration helped users trace the case's origin and outcome easily, tied to a specific workflow.

In the current version, the Case structure has been redefined to adapt to the needs of the introduced Case Management system. Now, instead of making an exact replica of the workflow outcome, the case structure emphasizes managing the different aspects and stages of a case. This updated case structure allows for more flexibility and comprehensive management, offering intricate details of the case's intricate path and progress, which was missing in the old structure.

2024-01-24

API for workflow automation

We're introducing new API interfaces enabling the automation of workflow execution with integrations that don't require user interaction.

PreviousOrganization NextAPI Versioning

Last updated 1 month ago