API
Read-only export API for analytics, audit, and integration.
Programmatic access to your improvement data — users, projects, ideas, audit history. Authenticated with a key you control. Scoped to your tenancy. Audited on every call.
What you can read
Four export endpoints.
GET /v1/exports/usersScope
read:usersMembership records
GET /v1/exports/projectsScope
read:projectsProjects with milestones, risks, benefits
GET /v1/exports/ideasScope
read:ideasIdea pipeline with votes and comments
GET /v1/exports/auditScope
read:adminTenant audit log
Each endpoint supports JSON or CSV output, ISO-8601 date filters, and pagination. Full request and response shapes are documented in the API reference.
Authentication
Bearer-token authentication. Tokens are issued from inside your OpXOS tenancy — go to Settings > Integrations > Public API > Manage API Keys, generate a key, scope it to what your integration needs, and the system writes the issuance to your audit log. OpX staff never see your keys.
GET /v1/exports/projects?status=active HTTP/1.1
Host: api.opxos.com
Authorization: Bearer opx_live_a8f3c01b9d2e4f...
Accept: application/json
Built for enterprise integration.
UK hosting
Hosted in eu-west-2, in transit and at rest.
Read-only
No write endpoints exist on the public API.
Per-call audit
Every successful call is captured in your audit log.
Versioned
/v1 is stable; breaking changes ship on /v2 with notice.
Honest scope
What's not in the v1 API.
Write operations
v1 is read-only. To push data into OpX, use the admin UI or contact your account team about bulk import.
Webhooks
Subscriptions are on the roadmap. Customers wanting real-time event delivery should contact us so we can scope the event types they need.
Third-party auth flows
v1 uses API-key authentication. Delegated auth for third-party / partner integrations is not in v1.
