API Reference
This section is powered by the OpenAPI schema inapi-reference/openapi.yml. Every endpoint, request schema, response schema, and status code shown in the API Reference tab is generated from the source of truth.
Postman Collection
The fastest way to explore and test the API is with the pre-built Postman collection. Every request includes automated test scripts that validate responses and chain environment variables (IDs, tokens) between requests.Download Collection
All Public API endpoints with examples, tests, and variable chaining.
Download Environment
Production environment with pre-configured variables.
What is covered
- The Public API (
/api/public/v1) provides endpoints for sent cases, received referrals, firms, documents, routing rules, analytics, and network management — all authenticated viaX-API-Key. - The Internal API (
/api/v1) covers authentication, session management, and API key administration — authenticated via JWT bearer tokens. - Shared request/response schemas and standardized error envelopes across both API layers.
Base URLs
| API | Base URL | Auth |
|---|---|---|
| Public API | https://api.casexchange.com/api/public/v1 | X-API-Key header |
| Internal API | https://api.casexchange.com/api/v1 | JWT Bearer token |
Authentication
Public API — include your API key in every request:/api/v1):
POST /api/v1/auth/loginGET /api/v1/auth/mePOST /api/v1/auth/refresh-session(when the access token expires)- Continue requests with
Authorization: Bearer <accessToken>
Response conventions
Public API responses use a consistent envelope withdata, meta (requestId + timestamp), and optional pagination. Errors use error.code + error.message. See:
- Response Format for the full envelope specification
- Error Handling for error codes, status codes, and troubleshooting
Rate limiting
Public API endpoints are rate limited per API key. Rate limit headers are included on every response:| Header | Description |
|---|---|
X-RateLimit-Limit | Maximum requests allowed in the current window |
X-RateLimit-Remaining | Remaining requests in the current window |
X-RateLimit-Reset | Unix timestamp when the window resets |
429 Too Many Requests response. Implement exponential backoff and respect the X-RateLimit-Reset header before retrying.
Webhooks
Webhooks are not currently available. To detect new referrals or status changes, pollGET /received-referrals or GET /status-updates with date range filters. We recommend polling intervals of 1-5 minutes depending on your use case.
Versioning
The Public API is currently atv1. New fields may be added to response objects without a version bump — your client should ignore unknown fields. Breaking changes (removed fields, changed types, removed endpoints) will be communicated in advance and will result in a new version path (/v2).
OpenAPI spec
The full OpenAPI 3.0 spec is available for download to generate client libraries or import into tools:How to navigate the endpoints
- Use the API Reference tab for autogenerated endpoint docs from OpenAPI tags.
- Open any endpoint page to inspect required headers, path/query params, request body schema, and documented responses.
- Use the Postman collection to run real requests against your environment with one click.
Examples
Representative cURL requests and success/error responses.
Error Handling
Troubleshooting patterns for validation, auth, permissions, and conflicts.
Response Format
Response envelope, pagination, and common schema conventions.
Workflows
End-to-end implementation flows across multiple endpoints.