openapi: 3.0.3 info: title: Concord API description: >- The Concord REST API provides programmatic, read-oriented access to a Concord contract lifecycle management (CLM) account. It exposes the authenticated user, the organizations that user belongs to, the agreements (contracts) within an organization, an agreement's attachments and members, and organization-level reports, groups, and tags. All requests are authenticated with an API key passed in the `X-API-KEY` header; API key generation is available on paid plans only. Confirmed endpoints below were validated against the live production host (https://api.concordnow.com/api/rest/1), which returns HTTP 401 `{"statusCode":401,"restCode":"unauthorized"}` when called without a valid key. Concord's public developer reference is a rendered documentation portal (https://api.doc.concordnow.com/) and does not expose a machine-readable OpenAPI file; response schemas here are modeled from documented behavior and connector mappings, not copied from an official spec. The template document-generation operation is documented to exist but its exact path and request body are not published, so it is included and explicitly flagged as modeled/unconfirmed. version: '1.0' contact: name: Concord url: https://www.concord.app servers: - url: https://api.concordnow.com/api/rest/1 description: Production - url: https://uat.concordnow.com/api/rest/1 description: UAT / Sandbox security: - apiKeyAuth: [] tags: - name: Users description: The authenticated user and their organization memberships. - name: Organizations description: Organization-level resources - reports, groups, and tags. - name: Agreements description: Agreements (contracts), their attachments, and members. - name: Templates description: Document generation from automated templates (modeled/unconfirmed). paths: /user/me: get: operationId: getCurrentUser tags: - Users summary: Get the authenticated user description: >- Returns the profile of the user that owns the API key. Confirmed live (returns 401 without a valid key). responses: '200': description: The authenticated user. content: application/json: schema: $ref: '#/components/schemas/User' '401': $ref: '#/components/responses/Unauthorized' /user/me/organizations: get: operationId: listUserOrganizations tags: - Users summary: List the user's organizations description: >- Lists the organizations the authenticated user belongs to. The response payload nests the list under an `organizations` selector. responses: '200': description: A list of organizations. content: application/json: schema: type: object properties: organizations: type: array items: $ref: '#/components/schemas/Organization' '401': $ref: '#/components/responses/Unauthorized' /user/me/organizations/{organizationId}/agreements: parameters: - $ref: '#/components/parameters/OrganizationId' get: operationId: listAgreements tags: - Agreements summary: List agreements in an organization description: >- Lists the agreements (contracts) in the given organization for the authenticated user. The response nests items under an `items` selector and is paginated. parameters: - $ref: '#/components/parameters/Limit' - $ref: '#/components/parameters/Offset' responses: '200': description: A paginated list of agreements. content: application/json: schema: type: object properties: items: type: array items: $ref: '#/components/schemas/Agreement' '401': $ref: '#/components/responses/Unauthorized' /organizations/{organizationId}/agreements/{agreementUid}/attachments: parameters: - $ref: '#/components/parameters/OrganizationId' - $ref: '#/components/parameters/AgreementUid' get: operationId: listAgreementAttachments tags: - Agreements summary: List an agreement's attachments description: >- Returns the files attached to an agreement. The response nests the list under an `attachments` selector. responses: '200': description: A list of attachments. content: application/json: schema: type: object properties: attachments: type: array items: $ref: '#/components/schemas/Attachment' '401': $ref: '#/components/responses/Unauthorized' /organizations/{organizationId}/agreements/{agreementUid}/members: parameters: - $ref: '#/components/parameters/OrganizationId' - $ref: '#/components/parameters/AgreementUid' get: operationId: listAgreementMembers tags: - Agreements summary: List an agreement's members description: Returns the members (people) associated with an agreement. responses: '200': description: A list of agreement members. content: application/json: schema: type: array items: $ref: '#/components/schemas/Member' '401': $ref: '#/components/responses/Unauthorized' /organizations/{organizationId}/reports: parameters: - $ref: '#/components/parameters/OrganizationId' get: operationId: listOrganizationReports tags: - Organizations summary: List organization reports description: >- Returns the reports configured for an organization. The response nests the list under a `reports` selector. responses: '200': description: A list of reports. content: application/json: schema: type: object properties: reports: type: array items: type: object additionalProperties: true '401': $ref: '#/components/responses/Unauthorized' /organizations/{organizationId}/groups: parameters: - $ref: '#/components/parameters/OrganizationId' get: operationId: listOrganizationGroups tags: - Organizations summary: List organization groups description: >- Returns the groups within an organization. The response nests the list under a `groups` selector. responses: '200': description: A list of groups. content: application/json: schema: type: object properties: groups: type: array items: type: object additionalProperties: true '401': $ref: '#/components/responses/Unauthorized' /organizations/{organizationId}/tags: parameters: - $ref: '#/components/parameters/OrganizationId' get: operationId: listOrganizationTags tags: - Organizations summary: List organization tags description: >- Returns the tags defined within an organization. The response nests the list under a `tags` selector. responses: '200': description: A list of tags. content: application/json: schema: type: object properties: tags: type: array items: type: object additionalProperties: true '401': $ref: '#/components/responses/Unauthorized' /organizations/{organizationId}/templates/{templateUid}/documents: parameters: - $ref: '#/components/parameters/OrganizationId' - name: templateUid in: path required: true description: The UID of the automated template. schema: type: string post: operationId: createDocumentFromTemplate tags: - Templates summary: Create a document from an automated template (MODELED - UNCONFIRMED) description: >- MODELED / UNCONFIRMED. Concord documents that a document can be generated from an automated (Excel-driven) template using an API key and the template UID, but the exact request path, method, and body are not published in the crawlable public reference. This path and request schema are modeled to represent the capability and MUST be verified against the live account before use. x-concord-modeled: true requestBody: required: true content: application/json: schema: type: object description: >- Modeled request body. The real payload (template field values, title, etc.) is not published; shape MUST be confirmed. additionalProperties: true responses: '200': description: The created document/agreement (modeled). content: application/json: schema: $ref: '#/components/schemas/Agreement' '401': $ref: '#/components/responses/Unauthorized' components: securitySchemes: apiKeyAuth: type: apiKey in: header name: X-API-KEY description: >- API key generated in the Concord account (paid plans only) and sent in the `X-API-KEY` request header. Confirmed against the live production host, which returns 401 unauthorized without a valid key. parameters: OrganizationId: name: organizationId in: path required: true description: The ID of the organization. schema: type: string AgreementUid: name: agreementUid in: path required: true description: The UID of the agreement. schema: type: string Limit: name: limit in: query required: false description: Maximum number of items to return (pagination). schema: type: integer Offset: name: offset in: query required: false description: Number of items to skip (pagination). schema: type: integer responses: Unauthorized: description: >- Missing or invalid API key. The live API returns `{"statusCode":401,"restCode":"unauthorized"}`. content: application/json: schema: $ref: '#/components/schemas/Error' schemas: Error: type: object description: Modeled from the live 401 response body. properties: statusCode: type: integer restCode: type: string User: type: object description: Modeled representation of the authenticated user. properties: id: type: string email: type: string format: email firstName: type: string lastName: type: string Organization: type: object description: Modeled representation of a Concord organization. properties: id: type: string name: type: string Agreement: type: object description: >- Modeled representation of an agreement (contract). Concord agreements carry a UID, title, lifecycle status, and timestamps; exact field names are not published and MUST be confirmed against the live account. properties: uid: type: string title: type: string status: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time Attachment: type: object description: Modeled representation of an agreement attachment (file). properties: id: type: string name: type: string contentType: type: string Member: type: object description: Modeled representation of an agreement member. properties: id: type: string email: type: string format: email role: type: string