Skip to content

CxReports API

The CxReports API allows developers to integrate CxReports into other applications seamlessly. Typical integration use cases include previewing reports inside iframes within client applications and downloading PDF reports.

Getting Started

To explore the API endpoints, you can use the Swagger API explorer. First, enable it in the configuration. The latest version can be found in our demo environment. It's best to enable Swagger locally and check the API of the installed version as it might not match the latest version.

Official API clients are available to help you connect to the API easily. Check the Developer Resources page for client packages in various programming languages and integration examples.


The API requires Bearer tokens for authentication. Each request must have the Authentication header in the form Bearer {token}.

To create a token, click on the User menu in the top right corner and select Personal Access Tokens.

API Endpoints

Retrieving Reports

  • GET /api/v1/ws/{workspaceId}/reports
    Retrieve a list of reports based on the provided parameters.

Exporting Reports to PDF

  • GET /api/v1/ws/{workspaceId}/reports/{id}/pdf
    Export the report to PDF.
  • GET /api/v1/ws/{workspaceId}/reports/{reportTypeCode}/pdf
    Look for the default report of the given report type and export it to PDF.

Temporary Data

  • POST /api/v1/ws/{workspaceId}/temporary-data
    Push a temporary data object that can be used in reports.

Other Endpoints

  • GET /api/v1/workspaces
    Retrieve a list of available workspaces.

  • GET /api/v1/ws/{workspaceId}/report-types
    List all report types.

  • POST /api/v1/nonce-tokens
    Create a single-use token that converts to a cookie and can be used for authentication in iframes.

For more detailed information on each endpoint, please refer to the Swagger API explorer.

Iframe Authentication

Personal Access Tokens (PATs) should only be used in secured environments, such as server-side, and should not be used in JavaScript (client-side). Instead, use the PAT to obtain a single-use Nonce token that can be used client-side. Nonce Tokens are commonly used to preview reports within other applications.

The process is as follows: 1. Use the POST /api/v1/nonce-tokens endpoint to create a Nonce. 2. Append the value received as a query string parameter called nonce={value}. 3. The token is converted to a cookie on the first request, allowing subsequent requests to be authenticated.

Check the example integration at GitHub - Consumer Demo App.