Skip to content

API Overview

HARi CRM exposes a full REST API for integration and automation.

Base URL

Section titled “Base URL”
https://<your-workspace>.haricrm.com/api

Authentication

Section titled “Authentication”

All API requests require a Bearer token:

Terminal window
# Login
curl -X POST https://acme.haricrm.com/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{"email": "you@company.com", "password": "your-password"}'


# Response
{
  "access_token": "eyJ...",
  "refresh_token": "abc...",
  "expires_in": 3600
}


# Use the token
curl https://acme.haricrm.com/api/records/contact \
  -H "Authorization: Bearer eyJ..."

API Keys

Section titled “API Keys”

For server-to-server integration, create an API key in Settings:

Terminal window
curl https://acme.haricrm.com/api/records/contact \
  -H "Authorization: Bearer hari_a1b2c3..."

API keys use the hari_ prefix and have the same permissions as the user who created them.

OpenAPI Specification

Section titled “OpenAPI Specification”

The full API spec is available at:

GET /api/openapi

This returns the OpenAPI 3.0 JSON with all 233 endpoints documented. Use it with Swagger UI, Postman, or any OpenAPI-compatible tool.

Schema Discovery

Section titled “Schema Discovery”

For AI agents and CLI tools:

GET /api/schema/endpoints

Returns a condensed map of all endpoints with method, path, summary, and body schema.

Data API (TreeQL)

Section titled “Data API (TreeQL)”

CRUD operations on any entity:

Terminal window
# List records
GET /api/records/{entity}?page=1&page_size=25


# Get one record
GET /api/records/{entity}/{id}


# Create
POST /api/records/{entity}
Body: { "field": "value", ... }


# Update
PUT /api/records/{entity}/{id}
Body: { "field": "new_value" }


# Delete
DELETE /api/records/{entity}/{id}

Filtering

Section titled “Filtering”
Terminal window
# Single filter
GET /api/records/contact?filter=source,eq,website


# Multiple filters
GET /api/records/contact?filter=source,eq,website&filter1=_score,gt,20


# Operators: eq, neq, gt, gte, lt, lte, cs (contains), sw (starts with)

Sorting

Section titled “Sorting”
Terminal window
GET /api/records/contact?sort=created_at,desc
Section titled “Including related data”
Terminal window
GET /api/records/contact?include=first_name,last_name,email_address,company_id

Webhooks

Section titled “Webhooks”

Subscribe to events for real-time notifications:

Terminal window
# Subscribe
POST /api/webhooks/subscribe
{
  "target_url": "https://hooks.zapier.com/...",
  "entity": "contact",
  "event": "post_save"
}


# Events: pre_save, post_save, pre_delete, post_delete

Rate Limits

Section titled “Rate Limits”
  • Authenticated requests: 300/minute
  • Login attempts: 5 per email per 15 minutes
  • Bulk operations: 20/minute