LAI API

API DOCUMENTATION

The LAI API contains a collection of API methods that return various types of data from the LAI platform. Up-to-date documentation of available API methods is published here:

https://leanagileintelligence.com/swagger

API methods are grouped by similarity into Scopes (such as Reporting).


QUICK START

This Quick Start guide will teach you how to retrieve access tokens and use them to make API calls.

Step 1. create an api key

An API Key is an Organization-wide key similar to a username and password to authenticate and access data in the Organization. Think of it like a member that can be managed by any Administrator in the system.

API Key save.jpg
  1. Have an Administrator of your LAI Organization log into their account

  2. Click ‘Account’ in the header menu

  3. Scroll down to API Keys and Click ‘Add’

  4. Create a name for the API Key. This is not included in the authentication process. It is simply a way to remember what the API Key was used for and can be changed at any time by an Administrator.

  5. Click ‘Save’ and securely save the generated Client ID and Client Secret. These will be used to authenticate.

step 2. authenticate

Authenticate with the REST API by using a REST Client such as Postman. A REST Client is a quick way to validate that you have access to the API. In practice, these calls would be made from a software program of your choice that uses the REST protocol.

Send a POST Request to https://leanagileintelligence.com/oauth2/token with parameters in the body of the request.

  • grant_type: client_credentials

  • client_id: (the Client ID generated in Step 1)

  • client_secret: (the Client Secret generated in Step 1)

  • scope: reporting

    • The scope is used to limit the API Calls that the Token will have access to. As of today, only one valid scope type exists “reporting”. If you do not specify “reporting” then that Token will not have access to any Reporting API calls. Multiple scopes are separated by comma with no spaces.

In response, you should retrieve back a Token in the body of the API

  • access_token: this is what you will use to make API Calls

  • expires_in: this is how long the Token is valid for (in seconds). See below for more details on how this works

step 3. make an api call

Now that you have an access token, you can make calls to the API. The following API call was used as an example, but any API call can be made using this authentication method.

Send a GET request to https://leanagileintelligence.com/api/v1/AssessmentResponsesForEntity?entityName=myEntityName

  • The Header should contain Authorization of Bearer myToken where myToken is the access_token retrieved in Step 2.

  • Returns assessment responses for the Entity in the body of the response.

step 4. refresh token

All Tokens that are retrieved in Step 2 have an expires_in property that tell you when the Token will no longer be valid. The value is in seconds and is set to 3600 (or 1 hour). If you need access to the API after the Token expires, repeat Step 2 to get a new Token.


FREQUENTLY ASKED QUESTIONS

What is the Lean Agile Intelligence application programming interface (lai api)?

The LAI API is a way for an external software application to interact with Lean Agile Intelligence. Rather than a member accessing Lean Agile Intelligence through a browser, a software application can make requests and receive responses.

HOW DOES IT WORK?

The API uses the REST protocol over HTTPS and can therefore be accessed from any platform or programming language. Responses are returned as JSON objects. For authentication, an API Key and OAuth2 authentication process with Client Credentials grant type is used.

How do i view the available API CALLS?

All methods are published at https://leanagileintelligence.com/swagger

what is the api version number and which should i choose?

The API version is a way for us to enhance our API without breaking existing consumers. If you are just starting out, you should always choose the latest available version. If you have already implemented the API, then upgrade when you want access to a feature that is only available in a newer version.

what is scope used for?

Scope is supplied when requesting an access token. Scope dictates what API calls can be made by the Token. Note that it does not dictate permission of the API Key because any Scope can be requested when requesting a Token. It is a mechanism to limit the Token’s access to the Organization’s data. In today’s implementation, there is only one scope (reporting), but in the future this will allow the request to include what scopes it wants access to and have the platform accept or reject based on API Key permissions.