Skip to main content
Planview Customer Success Center



Our RESTful API allows you to programmatically leverage the power of LeanKit. All APIs use https and are based at https://<yourhostname> Our APIs use standard http authentication, response codes, and verbs. Data is sent and received as JSON unless specified otherwise.

APIs and Versioning

New endpoints that may have a higher chance of change should be labeled with a 'preview' flag. Our legacy API has been marked for deprecation. We do not suggest using the legacy endpoints unless you need functionality that does not exist in the current version.

Reporting data is available using our reporting API endpoints. Please be aware that data retrieved through these APIs is not real-time and may be 24 hours out of date.

Our user provisioning API implements SCIM 1.1.


Two forms of authentication are supported: basic and bearer.


The username and password are base64-encoded and appended to the header of each HTTP request with basic authentication.

curl -H 'Authorization: Basic base64encodedcredentialshere'

Bearer Token

Basic authentication can be used to make a POST request to retrieve a token. That token is used for authentication in subsequent requests.

Create and manage your tokens by choosing the "My API Tokens" tab in your LeanKit User Profile.

Tokens can also be created using API calls. Example token request:

curl -X POST \ \
  -H 'Authorization: Basic base64encodedcredentialshere' \
  -H 'Content-Type: application/json' \
  -d '{ "description": "description for your app" }'

Example response body:

    "id": "12345678",
    "token": "longstringwiththetokenhere",
    "description": "description for your app",
    "createdOn": "2019-12-24T22:42:40.755Z"

Subsequent requests would include an Authorization header with the token:

curl -H 'Authorization: Bearer yourtokenhere'

Additional information can be found in the token management operations documentation.

Note: Tokens do not have an expiration date. Regularly revoke tokens that you are not actively using.

Parameters and Headers

For POST, PATCH, PUT, and DELETE requests, parameters not included in the URL should be encoded as JSON with a Content-Type: application/json.

Accept: application/json header should be sent unless specified otherwise.

Date Format

Dates in the API use UTC and are strings in the ISO 8601 format: 2019-12-24T13:29:31Z

Common Responses and Errors

Http response codes represent success or error. Codes in the 2xx range indicate success. Codes in the 4xx range indicate that some information provided was incorrect. An example would be a 422 response code if you failed to specify a list of card ids when they are required. 5xx level errors indicate a problem on the LeanKit server side.


Many of our list endpoints support paging. The limit parameter controls the number of records returned. The offset parameter controls the number of records to skip before returning results. The response also includes page metadata to indicate how many records there are in total.

    "pageMeta": {
        "totalRecords": 372,
        "offset": 0,
        "limit": 25,
        "startRow": 1,
        "endRow": 25

Rate Limiting

We want you to use the LeanKit APIs to build awesome things but we require that you do so in a way that is kind to our APIs. Please consider the number and frequency of requests when designing integrations against the platform. Overuse that causes impact for other customers can result in an a temporary ban.

Updated 2020-04-15 @ 14:04 PM