Authentication
All API requests require a valid API key sent in the Authorization header:
Authorization: Bearer cm_live_your_api_key_here
Key format: cm_live_ + 64 hex characters
Scopes: read (view data), write (create/update), admin (approve/reject, manage webhooks)
Rate limit: 100 requests per minute per key
Pagination
List endpoints return paginated results. Use page and per_page parameters.
{
"data": [...],
"meta": {
"page": 1,
"per_page": 25,
"total": 100
}
}Error Codes
Errors return a consistent JSON structure:
{
"error": {
"code": "not_found",
"message": "Deal not found"
}
}| Code | HTTP Status | Description |
|---|---|---|
| unauthorized | 401 | Missing or invalid API key |
| forbidden | 403 | Insufficient permissions or inactive account |
| not_found | 404 | Resource not found |
| validation_error | 400 | Invalid request parameters |
| rate_limited | 429 | Too many requests (100/min limit) |
| internal_error | 500 | Unexpected server error |
Deals
Manage sales deals and their commission calculations.
Comp Plans
View compensation plans and their configurations.
Users
List and view sales reps and team members.
Commissions
Aggregated commission data across your organization.
SPIFFs
View SPIFFs (Sales Performance Incentive Fund) and leaderboards.
Webhooks
Manage webhook subscriptions to receive real-time event notifications.
Webhook Events
| Event | Description |
|---|---|
| deal.created | A new deal is created |
| deal.approved | A deal is approved |
| deal.rejected | A deal is rejected |
| commission.calculated | Commissions are recalculated |
| spiff.completed | A SPIFF contest ends |