Skip to main content
API docs by Redocly

Laabam One Public API (1.0.0)

Download OpenAPI specification:Download

URL: https://laabam.one License: Proprietary

The Laabam One API lets your systems and approved third parties read and write data in your company's Laabam One account — invoices, customers, products, payments — and send messages over SMS, WhatsApp and email.

Authentication

Every request sends two headers: X-Client-Id and X-Client-Secret (created in Settings → API Keys). The secret is shown once and stored hashed. A key belongs to exactly one company, so most endpoints do not take a company in the URL. The public website APIs (recruitment, leads, storefront) are the exception — they carry {company} in the path because they are embedded in public web pages.

Security

  • HTTPS/TLS 1.2+ only.
  • Least‑privilege scopes per key (resource:read / resource:write).
  • Per‑key rate limits (X-RateLimit-* headers, 429 + Retry-After).
  • Allowed origins (CORS) for browser keys; never ship the secret in client code.
  • Strict tenant isolation — a key can only ever see its own company's data.
  • Idempotency-Key on writes; HMAC‑signed webhooks.

Status legend

  • x-status: available — implemented and callable today.
  • x-status: planned — contract defined, not yet built.

Invoices

🔧 Planned. Create and manage invoices.

List invoices

Authorizations:
(ClientIdClientSecret)
query Parameters
limit
integer [ 1 .. 100 ]
Default: 25

Page size (1–100).

cursor
string

Opaque cursor from the previous response's paging.next_cursor.

status
string
Enum: "unpaid" "partial" "paid" "voided"
customer_id
string
from
string <date>
to
string <date>
sort
string

Field to sort by; prefix with - for descending (e.g. -invoice_date).

Responses

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "paging": {
    }
}

Create an invoice

Totals (tax, round‑off, grand total) are computed server‑side and are authoritative; client‑sent totals are ignored.

Authorizations:
(ClientIdClientSecret)
header Parameters
Idempotency-Key
string <uuid>

A unique UUID so retries don't double‑create/charge/send. Cached 24h.

Request Body schema: application/json
required
customer_id
required
string
currency
string
invoice_date
string <date>
due_date
string <date>
required
Array of objects (InvoiceItem)
notes
string

Responses

Request samples

Content type
application/json
{
  • "customer_id": "string",
  • "currency": "INR",
  • "invoice_date": "2019-08-24",
  • "due_date": "2019-08-24",
  • "items": [
    ],
  • "notes": "string"
}

Response samples

Content type
application/json
{
  • "data": {
    }
}

Get an invoice

Authorizations:
(ClientIdClientSecret)
path Parameters
id
required
string

Opaque resource identifier.

Responses

Response samples

Content type
application/json
{
  • "data": {
    }
}

Update a draft invoice

Authorizations:
(ClientIdClientSecret)
path Parameters
id
required
string

Opaque resource identifier.

Request Body schema: application/json
required
customer_id
required
string
currency
string
invoice_date
string <date>
due_date
string <date>
required
Array of objects (InvoiceItem)
notes
string

Responses

Request samples

Content type
application/json
{
  • "customer_id": "string",
  • "currency": "INR",
  • "invoice_date": "2019-08-24",
  • "due_date": "2019-08-24",
  • "items": [
    ],
  • "notes": "string"
}

Response samples

Content type
application/json
{
  • "data": {
    }
}

Void an invoice

Authorizations:
(ClientIdClientSecret)
path Parameters
id
required
string

Opaque resource identifier.

Responses

Response samples

Content type
application/json
{
  • "data": {
    }
}

Email / WhatsApp the invoice to the customer

Authorizations:
(ClientIdClientSecret)
path Parameters
id
required
string

Opaque resource identifier.

Request Body schema: application/json
optional
channel
string
Default: "email"
Enum: "email" "whatsapp"

Responses

Request samples

Content type
application/json
{
  • "channel": "email"
}

Response samples

Content type
application/json
{
  • "error": {
    }
}

Customers

🔧 Planned. Manage customer records.

List / search customers

Authorizations:
(ClientIdClientSecret)
query Parameters
limit
integer [ 1 .. 100 ]
Default: 25

Page size (1–100).

cursor
string

Opaque cursor from the previous response's paging.next_cursor.

q
string

Free‑text search (name / email / phone).

Responses

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "paging": {
    }
}

Create a customer

Authorizations:
(ClientIdClientSecret)
header Parameters
Idempotency-Key
string <uuid>

A unique UUID so retries don't double‑create/charge/send. Cached 24h.

Request Body schema: application/json
required
name
required
string
email
string <email>
phone
string
gstin
string
object (Address)

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "email": "user@example.com",
  • "phone": "string",
  • "gstin": "string",
  • "billing_address": {
    }
}

Response samples

Content type
application/json
{
  • "data": {
    }
}

Get a customer

Authorizations:
(ClientIdClientSecret)
path Parameters
id
required
string

Opaque resource identifier.

Responses

Response samples

Content type
application/json
{
  • "data": {
    }
}

Update a customer

Authorizations:
(ClientIdClientSecret)
path Parameters
id
required
string

Opaque resource identifier.

Request Body schema: application/json
required
name
required
string
email
string <email>
phone
string
gstin
string
object (Address)

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "email": "user@example.com",
  • "phone": "string",
  • "gstin": "string",
  • "billing_address": {
    }
}

Response samples

Content type
application/json
{
  • "data": {
    }
}

Soft‑delete a customer

Authorizations:
(ClientIdClientSecret)
path Parameters
id
required
string

Opaque resource identifier.

Responses

Response samples

Content type
application/json
{
  • "error": {
    }
}

Products

🔧 Planned. Manage products and stock.

List / search products

Authorizations:
(ClientIdClientSecret)
query Parameters
limit
integer [ 1 .. 100 ]
Default: 25

Page size (1–100).

cursor
string

Opaque cursor from the previous response's paging.next_cursor.

q
string
category_id
string

Responses

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "paging": {
    }
}

Create a product

Authorizations:
(ClientIdClientSecret)
Request Body schema: application/json
required
name
required
string
sku
string
category_id
string
unit_price
string
tax_rate
number
track_stock
boolean

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "sku": "string",
  • "category_id": "string",
  • "unit_price": "1500.00",
  • "tax_rate": 18,
  • "track_stock": true
}

Response samples

Content type
application/json
{
  • "data": {
    }
}

Get a product (with current stock)

Authorizations:
(ClientIdClientSecret)
path Parameters
id
required
string

Opaque resource identifier.

Responses

Response samples

Content type
application/json
{
  • "data": {
    }
}

Update a product

Authorizations:
(ClientIdClientSecret)
path Parameters
id
required
string

Opaque resource identifier.

Request Body schema: application/json
required
name
required
string
sku
string
category_id
string
unit_price
string
tax_rate
number
track_stock
boolean

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "sku": "string",
  • "category_id": "string",
  • "unit_price": "1500.00",
  • "tax_rate": 18,
  • "track_stock": true
}

Response samples

Content type
application/json
{
  • "data": {
    }
}

Adjust stock

Authorizations:
(ClientIdClientSecret)
path Parameters
id
required
string

Opaque resource identifier.

Request Body schema: application/json
required
quantity
required
number

Positive to add, negative to remove.

reason
required
string

Responses

Request samples

Content type
application/json
{
  • "quantity": 0,
  • "reason": "string"
}

Payments

🔧 Planned. Record and refund payments.

List payments

Authorizations:
(ClientIdClientSecret)
query Parameters
limit
integer [ 1 .. 100 ]
Default: 25

Page size (1–100).

cursor
string

Opaque cursor from the previous response's paging.next_cursor.

invoice_id
string
customer_id
string

Responses

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "paging": {
    }
}

Record a payment against an invoice

Updates the invoice due_amount/status and posts the accounting entry atomically.

Authorizations:
(ClientIdClientSecret)
header Parameters
Idempotency-Key
string <uuid>

A unique UUID so retries don't double‑create/charge/send. Cached 24h.

Request Body schema: application/json
required
invoice_id
required
string
amount
required
string
method
string
Enum: "cash" "bank_transfer" "upi" "card" "cheque"
paid_at
string <date>
reference
string

Responses

Request samples

Content type
application/json
{
  • "invoice_id": "string",
  • "amount": "3540.00",
  • "method": "cash",
  • "paid_at": "2019-08-24",
  • "reference": "string"
}

Response samples

Content type
application/json
{
  • "data": {
    }
}

Get a payment

Authorizations:
(ClientIdClientSecret)
path Parameters
id
required
string

Opaque resource identifier.

Responses

Response samples

Content type
application/json
{
  • "data": {
    }
}

Refund a payment

Authorizations:
(ClientIdClientSecret)
path Parameters
id
required
string

Opaque resource identifier.

header Parameters
Idempotency-Key
string <uuid>

A unique UUID so retries don't double‑create/charge/send. Cached 24h.

Request Body schema: application/json
optional
amount
string

Partial refund amount; omit for full refund.

Responses

Request samples

Content type
application/json
{
  • "amount": "string"
}

Response samples

Content type
application/json
{
  • "error": {
    }
}

Messaging

✅ SMS & WhatsApp available. Email planned. Security‑sensitive — dedicated send scopes, lower rate limits and a daily cap. Path carries the company slug.

Send an SMS

Sends an SMS via the company's gateway. For India DLT compliance, pass an approved sender_id plus the registered template_id (and pe_id), and ensure message matches the approved template text. Requires the messages:sms:send scope. Subject to the messaging rate limit + daily cap.

Authorizations:
(ClientIdClientSecret)
path Parameters
company
required
string

Your company slug (public website APIs only).

Request Body schema: application/json
required
to
required
string

Recipient number, digits only (8–15).

message
required
string <= 1000 characters
sender_id
string <= 11 characters
template_id
string

Registered DLT template id.

pe_id
string

DLT principal entity id.

type
string
Default: "transactional"
Enum: "transactional" "promotional"

Responses

Request samples

Content type
application/json
{
  • "to": "919800000000",
  • "message": "Your OTP is 123456",
  • "sender_id": "LBMONE",
  • "template_id": "1707xxxxxxxxxxxxx",
  • "pe_id": "string",
  • "type": "transactional"
}

Response samples

Content type
application/json
{
  • "data": {
    }
}

Send a WhatsApp message

Sends via the company's Meta Cloud API provider. Business‑initiated messages must use a Meta‑APPROVED template; free text is only delivered inside an open 24‑hour customer‑service window. Requires the messages:whatsapp:send scope.

Authorizations:
(ClientIdClientSecret)
path Parameters
company
required
string

Your company slug (public website APIs only).

Request Body schema: application/json
required
to
required
string
type
string
Default: "template"
Enum: "template" "text"
object

Required when type=template.

object

Required when type=text.

Responses

Request samples

Content type
application/json
{
  • "to": "919800000000",
  • "type": "template",
  • "template": {
    },
  • "text": {
    }
}

Response samples

Content type
application/json
{
  • "data": {
    }
}

Get message delivery status

Authorizations:
(ClientIdClientSecret)
path Parameters
company
required
string

Your company slug (public website APIs only).

id
required
string

The provider message id returned by a send call.

Responses

Response samples

Content type
application/json
{
  • "data": {
    }
}

Send an email

Authorizations:
(ClientIdClientSecret)
path Parameters
company
required
string

Your company slug (public website APIs only).

Request Body schema: application/json
required
required
Array of objects
subject
required
string
template_id
string
html
string

Server‑side sanitised before send.

object

Responses

Request samples

Content type
application/json
{
  • "to": [
    ],
  • "subject": "string",
  • "template_id": "string",
  • "html": "string",
  • "variables": {
    }
}

Response samples

Content type
application/json
{
  • "data": {
    }
}

Recruitment

✅ Available. Public, embeddable career‑site API.

List open jobs

Authorizations:
(ClientIdClientSecret)
path Parameters
company
required
string

Your company slug (public website APIs only).

Responses

Response samples

Content type
application/json
{
  • "data": [
    ]
}

Get a job

Authorizations:
(ClientIdClientSecret)
path Parameters
company
required
string

Your company slug (public website APIs only).

slug
required
string

Responses

Response samples

Content type
application/json
{
  • "data": {
    }
}

Submit an application

Authorizations:
(ClientIdClientSecret)
path Parameters
company
required
string

Your company slug (public website APIs only).

slug
required
string
Request Body schema: multipart/form-data
required
name
required
string
email
required
string <email>
phone
string
resume
string <binary>
cover_letter
string

Responses

Response samples

Content type
application/json
{
  • "error": {
    }
}

List departments

Authorizations:
(ClientIdClientSecret)
path Parameters
company
required
string

Your company slug (public website APIs only).

Responses

Leads

✅ Available. Capture leads from external sites.

Capture a lead

Authorizations:
(ClientIdClientSecret)
path Parameters
company
required
string

Your company slug (public website APIs only).

Request Body schema: application/json
required
name
required
string
email
string <email>
phone
string
source
string
message
string

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "email": "user@example.com",
  • "phone": "string",
  • "source": "string",
  • "message": "string"
}

Response samples

Content type
application/json
{
  • "error": {
    }
}

List allowed lead sources

Authorizations:
(ClientIdClientSecret)
path Parameters
company
required
string

Your company slug (public website APIs only).

Responses

Storefront

✅ Available. Headless storefront / checkout.

List catalog

Authorizations:
(ClientIdClientSecret)
path Parameters
company
required
string

Your company slug (public website APIs only).

Responses

Get a catalog product

Authorizations:
(ClientIdClientSecret)
path Parameters
company
required
string

Your company slug (public website APIs only).

productId
required
string

Responses

Response samples

Content type
application/json
{
  • "error": {
    }
}

Create an order / checkout

Authorizations:
(ClientIdClientSecret)
path Parameters
company
required
string

Your company slug (public website APIs only).

header Parameters
Idempotency-Key
string <uuid>

A unique UUID so retries don't double‑create/charge/send. Cached 24h.

Request Body schema: application/json
required
required
Array of objects
required
object

Responses

Request samples

Content type
application/json
{
  • "items": [
    ],
  • "customer": {
    }
}

Response samples

Content type
application/json
{
  • "error": {
    }
}

Order status

Authorizations:
(ClientIdClientSecret)
path Parameters
company
required
string

Your company slug (public website APIs only).

orderId
required
string

Responses

Response samples

Content type
application/json
{
  • "error": {
    }
}