REST API

Seamless integration into your tool landscape.

Connect Abomate with your existing systems via a full REST API. CRUD operations, Bearer Token Auth, and interactive documentation – all included.

Security First

Bearer Token Authentication.

Secure API access with individual Bearer Tokens. Each token has a unique abo_live_ prefix and can be configured granularly.

  • Secure token generation with abo_live_ prefix
  • Up to 20 API tokens per tenant
  • Configurable token expiration date
  • Last usage and activity visible
  • Revoke tokens at any time
app.abomate.io/settings – API-Tokens
API-Tokens (3)
+ Neuer Token
ERP-Integration
abo_live_7f3k...x9mq
Aktiv
Monitoring-Tool
abo_live_m2np...c4vz
Aktiv
Test-Token
abo_live_t5ab...w8yz
Läuft ab
Full Access

CRUD endpoints for all resources.

Create, read, update, and delete your contract data programmatically. The API covers all key resources – with consistent English JSON keys.

  • Licenses – Fully manage contracts (CRUD)
  • Categories – Organize contract categories (CRUD)
  • Departments – Manage departments (CRUD)
  • Contacts – Maintain contacts (CRUD)
  • Users – Retrieve user list (Read-only)
  • Stats – Query KPI data and analytics
API-Endpunkte – Übersicht
GET /api/v1/licenses
POST /api/v1/licenses
PUT /api/v1/licenses/{id}
DEL /api/v1/licenses/{id}
GET /api/v1/categories
GET /api/v1/departments
GET /api/v1/contacts
GET /api/v1/stats
Access Control

Granular permissions & rate limiting.

Control exactly what each API token can do – and how often. Protect your data with scope-based permissions and configurable rate limits.

Scope-Based Permissions

Grant each token only the permissions it needs. Read access, write access, or both – individually configurable per resource.

Configurable Rate Limiting

Default: 60 requests per minute. Individually adjustable per token so your integrations run reliably.

Complete Audit Log

Every mutation (POST, PUT, DELETE) is logged – with token ID, IP address, endpoint, and response code.

IP Brute-Force Protection

Automatic detection and blocking after 30 failed authentication attempts per IP within 5 minutes.

API Kill-Switch

Global emergency switch in the admin console to instantly disable the API – without revoking tokens.

Input Validation

Maximum field lengths, body size limit (1 MB), and MIME type checks protect against abuse and malformed data.

Developer-Friendly

Interactive API documentation.

The complete API documentation is built directly into the app. Test endpoints live, view request and response formats, and copy ready-made code snippets.

  • Built into the app – no external link needed
  • Live testing with your own token
  • Complete request/response examples
  • Error codes and troubleshooting
  • Copy-paste-ready cURL commands
app.abomate.io/api-docs
API-Dokumentation v1
Verträge Kategorien Kontakte
# Get all contracts
curl -X GET \
https://app.abomate.io/api/v1/licenses \
-H "Authorization: Bearer abo_live_..."
Code Examples

Get started in a few lines.

See how simple an API call looks – and what you get back.

GET Request
curl -X GET \
https://app.abomate.io/api/v1/licenses \
-H "Authorization: Bearer abo_live_7f3k...x9mq" \
-H "Content-Type: application/json"
200 Response
{
"success": true,
"data": [
{
"id": 1,
"name": "Microsoft 365",
"vendor": "Microsoft",
"cost": 1200.00,
"status": "active"
}
],
"total": 47
}
Pro Plan Feature

The API is part of the Pro plan.

The REST API is exclusively included in the Pro plan – along with all other premium features like multi-tenant, AI chat, and custom fields.

REST API

Full CRUD API with Bearer Token Auth

Multi-Tenant

Up to 10 companies in one account

AI Chat

Natural language questions to your data

Compare All Plans →

Ready to connect your systems?

Start with the Pro plan and integrate Abomate seamlessly into your existing infrastructure.

Start Free Trial Contact Us

14 days free · No credit card · Cancel anytime