API Documentation
Integrate Aureum Suite with your existing tools using our REST API and webhooks. API access requires the Grow plan or higher.
Authentication
All API requests require authentication via a Bearer token. Generate an API key in your admin panel under Settings.
curl -H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
https://your-tenant.aureumapp.com/api/propertiesBase URL: https://your-tenant.aureumapp.com
Rate limit: 100 requests per minute
Content type: application/json
Error Handling
| Status | Meaning |
|---|---|
| 200 | Success |
| 201 | Created |
| 400 | Bad request — missing or invalid parameters |
| 401 | Unauthorized — invalid or missing API key |
| 403 | Forbidden — feature not available on your plan |
| 404 | Not found |
| 429 | Rate limit exceeded |
| 500 | Internal server error |
Error response format:
{
"error": "Human-readable error message",
"upgrade": true, // present if plan upgrade needed
"requiredPlan": "Grow" // which plan is required
}Endpoints
GET
/api/propertiesList all properties for the authenticated tenant.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| status | string | No | Filter by status: ACTIVE, PENDING, SOLD, COMING_SOON |
| featured | boolean | No | Filter featured listings only |
Response
[
{
"id": "clx...",
"title": "Modern Villa in Beverly Hills",
"address": "123 Palm Dr",
"city": "Beverly Hills",
"state": "CA",
"price": 4500000,
"status": "ACTIVE",
"bedrooms": 5,
"bathrooms": 4,
"sqft": 4200,
"isFeatured": true,
"createdAt": "2025-01-15T..."
}
]POST
/api/propertiesCreate a new property listing.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| title | string | Yes | Property title |
| address | string | Yes | Street address |
| city | string | Yes | City |
| state | string | Yes | State |
| zip | string | No | ZIP code |
| price | number | No | Listing price in dollars |
| bedrooms | number | No | Number of bedrooms |
| bathrooms | number | No | Number of bathrooms |
| sqft | number | No | Square footage |
| propertyType | string | No | SINGLE_FAMILY, CONDO, TOWNHOUSE, LAND, COMMERCIAL |
| status | string | No | ACTIVE, PENDING, SOLD, COMING_SOON (default: ACTIVE) |
Response
{
"id": "clx...",
"title": "Modern Villa in Beverly Hills",
"slug": "modern-villa-in-beverly-hills",
"status": "ACTIVE",
"createdAt": "2025-01-15T..."
}GET
/api/contactsList all contacts for the authenticated tenant.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| type | string | No | Filter by type: BUYER, SELLER, INVESTOR, VENDOR, OTHER |
| tag | string | No | Filter by tag |
| search | string | No | Search by name or email |
Response
[
{
"id": "clx...",
"firstName": "John",
"lastName": "Smith",
"email": "john@example.com",
"phone": "+1-555-0100",
"type": "BUYER",
"tags": ["vip", "beverly-hills"],
"score": 85,
"createdAt": "2025-01-10T..."
}
]POST
/api/contactsCreate a new contact.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| firstName | string | Yes | First name |
| lastName | string | Yes | Last name |
| string | No | Email address | |
| phone | string | No | Phone number |
| type | string | No | BUYER, SELLER, INVESTOR, VENDOR, OTHER (default: BUYER) |
| tags | string[] | No | Array of tags |
Response
{
"id": "clx...",
"firstName": "John",
"lastName": "Smith",
"createdAt": "2025-01-10T..."
}GET
/api/leadsList all leads for the authenticated tenant.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| status | string | No | Filter by status: new, contacted, qualified, converted, lost |
| source | string | No | Filter by source |
Response
[
{
"id": "clx...",
"name": "Jane Doe",
"email": "jane@example.com",
"phone": "+1-555-0200",
"source": "website",
"status": "new",
"message": "Interested in the Beverly Hills listing",
"createdAt": "2025-01-12T..."
}
]GET
/api/tasksList all tasks for the authenticated tenant.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| status | string | No | Filter: pending, in_progress, completed |
| assignedToId | string | No | Filter by assigned user ID |
Response
[
{
"id": "clx...",
"title": "Follow up with John Smith",
"type": "call",
"priority": "HIGH",
"status": "pending",
"dueDate": "2025-01-20T...",
"createdAt": "2025-01-15T..."
}
]Webhooks
Webhooks send real-time HTTP POST requests to your URL when events occur. Configure webhooks in your admin panel under Admin → Webhooks. Webhooks require the Elite plan.
| Event | Description |
|---|---|
| lead.created | A new lead was submitted through a form or API |
| lead.updated | A lead's status or details were changed |
| contact.created | A new contact was added |
| contact.updated | A contact's details were modified |
| property.created | A new property listing was created |
| property.updated | A property's details or status changed |
| showing.created | A new showing was scheduled |
| showing.updated | A showing was updated or status changed |
| task.created | A new task was created |
| task.completed | A task was marked as completed |
Payload Format
{
"event": "lead.created",
"timestamp": "2025-01-15T10:30:00.000Z",
"data": {
"id": "clx...",
"name": "Jane Doe",
"email": "jane@example.com",
"source": "website",
"status": "new",
"message": "Interested in the Beverly Hills listing"
}
}Verifying Signatures
Each webhook delivery includes an X-Aureum-Signature header containing an HMAC-SHA256 signature of the request body using your webhook's signing secret.
// Node.js verification example
const crypto = require('crypto');
function verifySignature(body, signature, secret) {
const expected = crypto
.createHmac('sha256', secret)
.update(body)
.digest('hex');
return crypto.timingSafeEqual(
Buffer.from(signature),
Buffer.from(expected)
);
}Ready to integrate?
Get started with the Grow plan for API access, or Elite for webhooks and priority support.