Skip to content
API reference
/
/
Invalidate tokens

Overview

The AutoLeap API uses the REST standard, which means you interact with it by making requests over HTTP.

A request usually includes:

  • An HTTP method (like GET or POST)
  • A path (the address of the resource)
  • Optional headers and parameters (in the path, query string, or request body)

When you send a request, the API responds with:

  • A status code (to indicate success or failure)
  • Response headers
  • Sometimes a response body with useful data

The API reference describes the method, path, and parameters for each endpoint, and includes sample requests and responses you can use as a guide.

Languages
Servers
Production
https://partnerapi.myautoleap.com/v2/

Authentication

Authenticate with the AutoLeap Partner API to obtain access tokens.
All other endpoints require a valid access token.

Operations

Partner login

Request

Authenticates a partner and issues Access token

Bodyapplication/jsonrequired
partnerIdstringrequired
Example: "YOUR_PARTNER_ID"
authKeystringrequired
Example: "YOUR_AUTH_KEY"
curl -i -X POST \
  https://partnerapi.myautoleap.com/v2/partners/login \
  -H 'Content-Type: application/json' \
  -d '{
    "partnerId": "YOUR_PARTNER_ID",
    "authKey": "YOUR_AUTH_KEY"
  }'

Responses

Successfully authenticated

Bodyapplication/json
successboolean
dataobject
Response
application/json
{
  "success": true,
  "data": {
    "accessToken": "abc123xyz456",
    "refreshToken": "rT0k3n4950506"
  }
}

Refresh tokens

Request

Generates a new access token using the refresh token.

Bodyapplication/jsonrequired
refreshTokenstringrequired
curl -i -X POST \
  https://partnerapi.myautoleap.com/v2/partners/generateNewAccessToken \
  -H 'Content-Type: application/json' \
  -d '{
    "refreshToken": "rT0k3n..."
  }'

Responses

New tokens generated

Bodyapplication/json
successboolean
dataobject
Response
application/json
{
  "success": true,
  "data": {
    "accessToken": "newAccessToken123",
    "refreshToken": "newRefreshToken456"
  }
}

Invalidate tokens

Request

Logs out the partner and invalidates both the login and refresh tokens.

Security
BearerAuth
Bodyapplication/jsonrequired
refreshTokenstringrequired
curl -i -X POST \
  https://partnerapi.myautoleap.com/v2/partners/logout \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "refreshToken": "rT0k3n..."
  }'

Responses

Logged out

Bodyapplication/json
successboolean
messagestring
Response
application/json
{
  "success": true,
  "message": "Successfully logged out"
}

Profile

Retrieve partner profile details, including the companies and accounts you are authorized to access.

Operations

Customers

Retrieve and manage customer records for a given company.
Useful for syncing customer information across systems.

Operations

Vehicles

Retrieve and manage vehicles associated with customers.
Supports bulk creation and individual vehicle lookups.

Operations

Items

Access and manage items (parts, tires, labor, etc.) available within a company.
Includes bulk creation and detailed item retrieval.

Operations

Inventory Levels

View and update inventory levels for items across one or more locations.

Operations

Item Pricing

Retrieve and update pricing information for items.
Useful for keeping partner systems in sync with AutoLeap’s catalog pricing.

Operations

Appointments

Create and retrieve customer appointment requests across locations.
Enables seamless scheduling and booking integrations.

Operations

Repair Orders

Retrieve detailed information about repair orders (ROs).
Supports fetching all orders or a specific order by RO number.

Operations

Payments

Access payment details linked to repair orders.
Useful for reconciling transactions and financial reporting.

Operations

Technician Timesheets

Retrieve detailed timesheet logs for technicians within a company and an optional location, filtered by a date range.

Operations