Create a new PartnerAdminClient instance.
Configured ApiKeyClient with API key
Optionalconfig: ClientConfigOptional client configuration (baseURL, timeout, etc.)
ProtectedaddAbstract method to add authentication headers. Can be async to support token refresh before requests.
Add a next step to a template.
The unique template ID
Next step association data
The template next step association
ProtectedbuildBuild axios config with optional per-request timezone override
Optionaloptions: RequestOptionsOptionalbaseConfig: AxiosRequestConfig<any>Create a new automation.
Automations define automated actions triggered by events in Contio.
Automation creation data
Request to create a new automation
Example:
const automation = await adminClient.createAutomation({
name: 'Create CRM Contact',
description: 'Create contacts from meeting action items',
trigger_type: 'action_item_match',
actions: [
{
type: 'phrase_match',
config: {
phrases: ['create contact', 'add contact', 'new contact']
}
}
]
});
Array of automation actions
Optionaldescription?: stringUse 'action_item_match' for phrase-based matching
The newly created automation
Create IdP configuration for this partner app.
Configures SAML/OIDC identity provider settings for SSO.
IdP configuration including provider type, metadata URL, etc.
The created IdP configuration
Create a new template.
Templates define reusable meeting structures with associated next steps.
Template creation data
The newly created template
Create a new toolkit.
Toolkits are collections of related entities (templates, next steps, action buttons) that can be installed and uninstalled as a unit.
Toolkit creation data including name, slug, version, and manifest
The newly created toolkit
Create a new draft version for a toolkit.
Only one DRAFT version can exist at a time. Once created, update the draft with updateToolkitVersion and publish it with publishToolkitVersion.
The unique toolkit ID
Version creation data (version_label, manifest, optional changelog)
The newly created draft version
ProtecteddeleteMake a DELETE request
Optionaloptions: RequestOptionsDiscard a draft toolkit version.
Permanently deletes a DRAFT version. Only draft versions can be discarded. This action is irreversible.
The unique toolkit ID
The unique version ID (must be in DRAFT status)
Export a portable manifest from selected entity IDs (assembly-mode).
Builds a portable toolkit manifest from the given entity IDs. Dependencies (e.g. action buttons referenced by next steps) are auto-discovered.
Export request with entity IDs (at least one array must be non-empty)
The portable manifest with metadata, summary, and optional warnings
Export an existing toolkit as a portable manifest.
Resolves the toolkit's manifest into a portable format with $id/$ref
identifiers, suitable for re-import into a different toolkit.
The unique toolkit ID
The portable manifest with metadata, summary, and optional warnings
ProtectedgetMake a GET request
Optionalparams: objectOptionaloptions: RequestOptionsGet partner app information.
Returns the current configuration and status of your partner app.
The partner app details including name, status, and configuration
Get a specific automation by ID.
The unique automation ID
The automation with full details
Get a paginated list of automations.
Optionalparams: AutomationListParamsOptional filter and pagination parameters
Optionallimit?: numberOptionaloffset?: numberPaginated list of automations
Get audit history for credential operations
Returns a log of all credential operations including rotations, access, and rollbacks. Useful for security monitoring and compliance.
Optionalparams: CredentialAuditHistoryParamsOptional filters for credential type, action, pagination
Audit events with pagination info
// Get recent credential operations
const history = await admin.getCredentialHistory({
limit: 20,
credential_type: 'api_key'
});
history.events.forEach(event => {
console.log(`${event.created_at}: ${event.action} by ${event.initiated_by}`);
if (event.reason) {
console.log(` Reason: ${event.reason}`);
}
});
// Check for rotations in the last 24 hours
const recentRotations = history.events.filter(e =>
e.action === 'rotated' &&
new Date(e.created_at) > new Date(Date.now() - 24 * 60 * 60 * 1000)
);
console.log(`Rotations in last 24h: ${recentRotations.length}/3`);
Get status of all credentials (API key, webhook secret, client secret)
Returns health information including age, last rotation, and recommended actions
ProtectedgetMake a GET request that returns the full AxiosResponse, including
headers and raw data.
Use this for endpoints that return binary content (e.g. file downloads)
where the caller needs access to response headers such as
Content-Disposition or Content-Type.
Request path relative to the client's base URL
Optionalparams: objectOptional query parameters
Optionaloptions: RequestOptionsOptional per-request options (e.g. timezone override)
Axios response type (default: 'arraybuffer')
The full axios response
Get a specific template by ID.
The unique template ID
The template with full details
Get next steps associated with a template.
The unique template ID
Optionalparams: TemplateNextStepListParamsOptional pagination parameters
Paginated list of template next steps
Get a paginated list of templates.
Optionalparams: TemplateListParamsOptional pagination parameters
Paginated list of templates
Get a specific toolkit by ID.
The unique toolkit ID
The toolkit with full details including manifest
List all installations of a toolkit across connected workspaces.
Returns installation status per workspace along with aggregate counts.
The unique toolkit ID
Optionalparams: ToolkitListParamsOptional pagination parameters
Paginated list of installations with summary counts
Get a paginated list of toolkits.
Optionalparams: ToolkitListParamsOptional pagination parameters
Paginated list of toolkits
Get a specific toolkit version by ID.
The unique toolkit ID
The unique version ID
The toolkit version with full details
Get a specific user connection.
The unique connection ID
The user connection with full details
Get a paginated list of user connections.
User connections represent users who have authorized your partner app.
Optionalparams: UserConnectionListParamsOptional filter and pagination parameters
Optionallimit?: numberOptionaloffset?: numberOptionalstatus?: "active" | "revoked" | "expired"Optionaluser_id?: stringPaginated list of user connections
Get a paginated list of webhook deliveries.
Use this to monitor webhook delivery status and troubleshoot failures.
Optionalparams: WebhookDeliveryListParamsOptional filter and pagination parameters
Optionalevent_type?: stringFilter by event type (e.g., meeting.created, automation.assignment.created)
Optionallimit?: numberOptionaloffset?: numberOptionalstatus?: stringFilter by delivery status (pending, delivered, failed, abandoned)
Paginated list of webhook deliveries
Get a specific webhook delivery.
Returns full details including request/response payloads for debugging.
The unique delivery ID
The webhook delivery with full details
List all workspaces connected to the partner.
Optionalparams: ToolkitListParamsOptional pagination parameters
Paginated list of connected workspaces
List all versions for a toolkit.
The unique toolkit ID
Array of all versions ordered by version number
ProtectedpatchMake a PATCH request
Optionaldata: unknownOptionaloptions: RequestOptionsProtectedpostMake a POST request
Optionaldata: unknownOptionaloptions: RequestOptionsProtectedpostMake a POST request with multipart/form-data.
Overrides the default application/json content type so that axios
sets the correct multipart/form-data boundary automatically.
Request path relative to the client's base URL
A FormData instance containing the fields and files to upload
Optionaloptions: RequestOptionsOptional per-request options (e.g. timezone override)
Parsed response body
Publish a draft toolkit version.
Transitions the version from DRAFT to PUBLISHED. Any previously published version is automatically deprecated. Optionally propagate to connected workspaces.
The unique toolkit ID
The unique version ID (must be in DRAFT status)
Optionaldata: PublishToolkitVersionRequestOptional propagation settings
ProtectedputMake a PUT request
Optionaldata: unknownOptionaloptions: RequestOptionsRemove the webhook event filter for your partner app.
After removing the filter, all supported webhook events will be eligible for delivery again.
The updated partner app configuration
Republish a deprecated toolkit version.
Transitions the version from DEPRECATED back to PUBLISHED. Any currently published version is automatically deprecated.
The unique toolkit ID
The unique version ID (must be in DEPRECATED status)
Retry a failed webhook delivery.
Schedules an immediate retry of a failed webhook delivery.
The unique delivery ID to retry
Confirmation that retry was scheduled
Rollback a credential rotation (emergency use only)
Reverts a credential rotation using the rollback token. Rollback tokens are valid for 1 hour and are single-use only.
NOTE: Webhook secrets do not support rollback. Only API keys and client secrets can be rolled back.
Type of credential to rollback ('api-key' or 'client-secret')
Rollback request with the rollback token
Rotate the API key with a grace period
During the grace period, both old and new API keys are valid. After the grace period expires, only the new key works.
Rotation request with confirmation token and optional grace period
Response containing the new API key and rollback token
const result = await admin.rotateAPIKey({
confirmation_token: 'confirm_rotation_12345',
reason: 'Monthly security rotation',
grace_period_hours: 48
});
// IMPORTANT: Save these values securely!
console.log('New API key:', result.new_credential);
console.log('Rollback token:', result.rollback_token);
console.log('Grace period ends:', result.grace_period_ends_at);
// Update your configuration with the new API key
// Both old and new keys work until grace_period_ends_at
Rotate the OAuth client secret with a grace period
During the grace period, both old and new client secrets work for token exchange. After the grace period expires, only the new secret works.
Rotation request with confirmation token and optional grace period
Response containing the new client secret and rollback token
const result = await admin.rotateClientSecret({
confirmation_token: 'confirm_rotation_12345',
reason: 'Annual security rotation',
grace_period_hours: 168 // 7 days
});
// IMPORTANT: Save these values securely!
console.log('New client secret:', result.new_credential);
console.log('Rollback token:', result.rollback_token);
console.log('Grace period ends:', result.grace_period_ends_at);
// Update your OAuth configuration with the new client secret
// Both old and new secrets work until grace_period_ends_at
Rotate the webhook secret (immediate rotation, no grace period)
IMPORTANT: Webhook secrets do not support grace periods because Contio signs outgoing webhooks with the current secret immediately after rotation.
Best practices:
Rotation request with confirmation token
Response containing the new webhook secret (no rollback token or grace period)
const result = await admin.rotateWebhookSecret({
confirmation_token: 'confirm_rotation_12345',
reason: 'Quarterly security rotation'
});
// IMPORTANT: Save the new secret securely and update your webhook verification immediately!
console.log('New webhook secret:', result.new_credential);
// Implement dual-secret verification during rotation:
// Try verifying with new secret first, then fall back to old secret
Configure event filtering for webhook delivery.
Use include filters to allow only specific events, or exclude filters to suppress selected events from being delivered.
Webhook filter configuration
The updated partner app configuration
Update partner app details.
Fields to update (name, description, webhook URL, etc.)
The updated partner app
Update partner app status.
Use this to enable/disable your partner app or change its visibility.
Status update data
The updated partner app
Update a automation.
The unique automation ID to update
Fields to update
The updated automation
Update the IdP configuration.
Fields to update
The updated IdP configuration
Update a template.
The unique template ID to update
Fields to update
The updated template
Update a template next step association.
The unique template ID
The unique next step ID
Fields to update (autopilot setting)
The updated template next step association
Update a toolkit.
The unique toolkit ID to update
Fields to update (name, description, version, is_active, manifest)
The updated toolkit
Update a draft toolkit version.
Only DRAFT versions can be updated. Use this to revise the manifest, label, or changelog before publishing.
The unique toolkit ID
The unique version ID (must be in DRAFT status)
Fields to update (all optional)
The updated draft version
Enable or disable webhook delivery for your partner app.
Use this to temporarily pause webhook delivery or re-enable delivery after resolving endpoint issues.
Webhook status update data
Optionalpending_disposition?: "abandon" | "deliver"The updated partner app configuration
Partner Admin API client for API key-authenticated admin endpoints.
Provides access to partner app configuration, automations, webhook deliveries, user connections, credential management, and IdP configuration. Requires an API key for authentication.
Example