LeadLink CRM

API Reference

Complete REST API documentation for integrating LeadLink CRM into your applications

Base URL

https://leadlinkcrm.net/api

Quick Start

Get started with our REST API in minutes. All API requests require authentication using a JWT token or API key.

Authentication

Include your JWT token in the Authorization header of every request:

Authorization: Bearer YOUR_JWT_TOKEN

Get your JWT token by logging in via POST /auth/login or use an API key from your company settings.

Example: Login Request
curl -X POST https://leadlinkcrm.net/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "user@example.com",
    "password": "your-password",
    "tenantId": "your-tenant-id"
  }'
Example: Login Response
{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "user": {
    "id": "user_123",
    "email": "user@example.com",
    "name": "John Doe",
    "role": "Admin",
    "tenantId": "tenant_123"
  },
  "firebaseAuthToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9..."
}
Example: Authenticated Request
curl -X GET https://leadlinkcrm.net/api/users \
  -H "Authorization: Bearer YOUR_JWT_TOKEN" \
  -H "Content-Type: application/json"

API Endpoints

Authentication Endpoints

POST
/auth/login

Authenticate a user and receive a JWT token

Request Body:

{
  "email": "string",
  "password": "string",
  "tenantId": "string (optional)"
}

Response:

{
  "token": "JWT token",
  "user": "User object",
  "firebaseAuthToken": "Firebase custom token (optional)"
}
Not Required
POST
/auth/register

Register a new user account

Request Body:

{
  "email": "string",
  "password": "string",
  "name": "string",
  "tenantId": "string"
}
Not Required
POST
/auth/refresh-token

Refresh an expired JWT token

Request Body:

{
  "refreshToken": "string"
}
Required

Webhooks

Receive real-time notifications about events in your company. Configure webhooks in your company settings or via the API.

Available Events:

  • lead.created
  • lead.updated
  • lead.converted
  • user.created
  • user.updated

Security:

  • • HMAC signature verification
  • • Configurable secret keys
  • • Retry mechanism for failed deliveries
  • • Event filtering and filtering

Rate Limits & Best Practices

Rate Limits
  • 100 requests/minute per API key
  • 1000 requests/hour per company
  • • Rate limit headers included in responses
  • • 429 status code when limit exceeded
Best Practices
  • • Store JWT tokens securely
  • • Implement exponential backoff
  • • Use webhooks instead of polling
  • • Handle errors gracefully

Ready to integrate?

Get your API key and start building integrations today. All plans include API access.