LegalAudit Public API
Submit audits, fetch dossiers, stream WORM audit logs into your SIEM, and subscribe to outbound webhooks. Designed for enterprise integrations (case management, SOAR, SIEM ingest) — not the dashboard.
Last reviewed 2026-05-20
Browsable, request-builder reference rendered live from the OpenAPI 3.1 spec.
Machine-readable JSON — drop into Postman, Insomnia, or openapi-generator.
Pre-configured requests with bearer auth and sample bodies.
Authentication
Every request authenticates with an org-scoped API key issued from the dashboard under Settings → API keys. Pass the token in an Authorization: Bearer header:
Authorization: Bearer la_live_<prefix>_<secret>Tokens are scoped to a single organization plus one or more scopes: read:audits, write:audits, read:reports, read:audit-log, manage:webhooks. Each response includes X-RateLimit-* headers based on your plan tier.
Webhooks
Subscribe to audit.completed, dossier.ready, and payment.completed. Each delivery carries an X-Legalaudit-Signature: sha256=… header computed as HMAC-SHA256(secret, raw_body). Retries follow exponential back-off (1m, 5m, 15m, 1h, 6h — 5 attempts).
Create subscriptions from the dashboard or POST /api/orgs/[id]/webhooks.
SIEM export
Every UTC day at 02:30 we produce one NDJSON file per tenant under a per-org prefix. The file contains the full WORM-chained audit log for that day — including sequenceNumber, entryHash, and previousHash so your SIEM can independently verify integrity. We email a 24-hour signed URL to each org owner.
Need lower-latency ingest? Use the GET /api/v1/audit-log endpoint — it streams the same data on demand with NDJSON pagination cursors.
Get started
Issue an API key, paste it into Postman, and submit your first audit in under five minutes.