Supergood | CaseWare IDEA API

Programmatically access CaseWare IDEA audit datasets, run audit procedures, generate samples, and retrieve exceptions with a stable REST API. Supergood builds and operates production-grade, unofficial CaseWare IDEA integrations so your team can automate audit analytics without heavy custom engineering.

Plain English: CaseWare IDEA is audit analytics software that helps auditors and finance teams import data (like general ledger, AP/AR, payroll), run tests (duplicates, gaps, Benford, joins, stratification), and produce evidence and exceptions for audits. An unofficial API lets you pull project lists and datasets, launch standardized audit procedures with parameters, get back exception results, trigger sampling (e.g., MUS, random, stratified), and push notes or statuses—all programmatically.

For a tech company integrating with CaseWare IDEA, this means you can ingest source tables and test outputs to power dashboards, feed exception queues into your review or ticketing system, sync results to GRC/workpapers, trigger sampling and track selections, and enrich findings with AI explanations. You can also map data pipelines from ERP/accounting (e.g., SAP, Oracle NetSuite, QuickBooks, Xero), orchestrate periodic runs, attach evidence, and keep stakeholders’ systems (GRC, analytics, data lake, workflow) aligned.

What is CaseWare IDEA?

CaseWare IDEA (https://www.caseware.com/us/products/idea/) is a purpose-built analytics platform for auditors and financial professionals to analyze large datasets, apply repeatable tests, and document results. Teams use IDEA to import data from accounting and operational systems, profile and clean fields, run audit procedures (duplicates, gaps, Benford, joins, summaries), perform sampling (random, stratified, monetary unit), and automate repeatable work with scripts and SmartAnalyzer apps. The outcome is a defensible, well-documented audit trail of tests, exceptions, and evidence.

Core product areas include:

• Data Acquisition & Preparation (imports, connections, schema mapping, field profiling)
• Audit Analytics (SmartAnalyzer procedures, joins, stratification, summarization, Benford, fuzzy matching)
• Sampling (Random, Stratified, Monetary Unit Sampling/MUS with confidence and precision controls)
• Automation & Scripting (IDEAScript, macros, reusable procedure templates)
• Reporting & Evidence (exception tables, notes, annotations, exports)

Common data entities:

• Engagements/Projects (client codes, fiscal year, materiality, team)
• Datasets/Tables (GL, AP invoices and payments, AR, vendors, customers, payroll, fixed assets)
• Fields & Metadata (types, masks, keys, currency, dates)
• Procedures/Tests (procedure code, parameters, runs, versions)
• Exceptions/Findings (rule, severity, score, supporting records)
• Samples (method, parameters, selected items)
• Users/Roles (analyst, reviewer, admin; permissions)
• Attachments & Evidence (exports, working files)

The CaseWare IDEA Integration Challenge

Audit teams rely on IDEA for high-assurance analytics, but turning desktop- and portal-driven workflows into headless automation is non-trivial:

• Desktop-first flows and SmartAnalyzer UX: Many capabilities are optimized for interactive execution rather than APIs
• Authentication and licensing: CaseWare Passport/SSO/MFA and entitlement-aware access complicate automation
• Large, sensitive datasets: Ingesting GL and subledger tables at scale with PII/PCI controls needs careful handling
• Deterministic, repeatable tests: Parameters, filter logic, and versioning must be reproducible across runs
• Long-running procedures: Heavy joins, fuzzy matching, and Benford tests can exceed synchronous timeouts
• Schema variability: Source systems differ (SAP, NetSuite, QuickBooks, Xero), requiring robust normalization

How Supergood Creates CaseWare IDEA APIs

Supergood reverse-engineers authenticated flows and network interactions to deliver a resilient API endpoint layer for your IDEA tenant.

• Handles username/password, SSO/OAuth, and MFA (SMS, email, TOTP) securely
• Maintains session continuity with automated refresh and change detection
• Normalizes responses across datasets and procedures to give you consistent objects
• Aligns with licensing and role-based permissions to ensure compliant access
• Supports chunked uploads, checksums, and schema mapping for large tables
• Provides webhooks for long-running procedure completion

Use Cases

GL & Subledger Data Sync

• Mirror GL, AP/AR, vendor, and payroll tables into your data warehouse
• Keep field profiles, counts, and hashes for data quality and lineage
• Normalize source-system schemas (SAP, NetSuite, QuickBooks, Xero) for cross-client analytics

Automated Audit Procedures

• Schedule and run standardized tests (duplicate payments, sequence gaps, Benford, journal entry risk scoring)
• Parameterize procedures by fiscal period, amount thresholds, entity codes, or cost centers
• Stream exceptions to review queues or case management and update statuses programmatically

Sampling & Evidence Management

• Generate MUS/random/stratified samples from high-risk populations
• Persist selections, export sample lists, and attach evaluator notes
• Push sample and exception evidence into GRC/workpapers with traceable references

AI-Assisted Exception Triage

• Enrich exceptions with AI-generated rationales and clustering to highlight patterns
• Summarize large exception sets for reviewer overviews and audit committee reporting
• Prioritize review using risk scores and historical learnings

Reporting & Stakeholder Updates

• Build real-time dashboards of test coverage, exceptions by risk, and sample progress n- Trigger notifications to engagement teams when thresholds or SLAs are breached
• Export tidy datasets for analytics notebooks and BI tools

Available Endpoints

Authentication

POST /sessions: Establish a session using credentials. Supergood manages MFA (SMS, email, TOTP) and SSO/OAuth when enabled. Returns a short-lived auth token maintained by the platform.

curl --request POST \
  --url https://api.supergood.ai/integrations/<integration_id>/sessions \
  --header 'Authorization: Basic <Base64 encoded token>' \
  --header 'Content-Type: application/json' \
  --data '{
    "username": "[email protected]",
    "password": "<password>",
    "mfa": { "type": "totp", "code": "123456" }
  }'

Example response

{
  "authToken": "eyJhbGciOi...",
  "expiresIn": 3600,
  "user": {
    "id": "u_idea_5c91e0",
    "name": "Senior Auditor",
    "entitlements": ["projects", "datasets", "procedures", "sampling", "exports"]
  }
}

Projects

GET /projects: List engagements with filters and summary details.

Query parameters

• clientCode: string
• fiscalYear: string (e.g., 2025)
• status: open | closed | archived
• updatedFrom, updatedTo: ISO 8601 timestamps
• page, pageSize: integers for pagination

Example response

{
  "items": [
    {
      "projectId": "prj_34af10",
      "name": "ACME Corp FY2025 Audit",
      "clientCode": "ACME",
      "clientName": "ACME Corporation",
      "fiscalYear": "2025",
      "industry": "Manufacturing",
      "materiality": 125000.00,
      "status": "open",
      "datasetCounts": {"tables": 8, "rows": 482193},
      "team": [
        {"userId": "u_idea_5c91e0", "role": "senior"},
        {"userId": "u_idea_88d120", "role": "manager"}
      ],
      "updatedAt": "2026-01-20T15:02:17Z"
    }
  ],
  "page": 1,
  "pageSize": 50,
  "total": 1
}

Datasets

POST /projects/{projectId}/datasets: Import a dataset (e.g., GL, AP invoices) with schema mapping and optional field masking.

curl --request POST \
  --url https://api.supergood.ai/integrations/<integration_id>/projects/prj_34af10/datasets \
  --header 'Authorization: Bearer <authToken>' \
  --header 'Content-Type: application/json' \
  --data '{
    "name": "ap_invoices_fy2025",
    "tableType": "ap_invoices",
    "sourceSystem": "sap",
    "upload": {"fileName": "ap_invoices_2025.csv", "uploadToken": "upl_08ab73", "checksum": "sha256:..."},
    "primaryKey": ["invoice_id"],
    "dateField": "invoice_date",
    "currencyField": "currency_code",
    "schema": [
      {"name": "invoice_id", "type": "string"},
      {"name": "vendor_id", "type": "string"},
      {"name": "invoice_date", "type": "date"},
      {"name": "invoice_number", "type": "string"},
      {"name": "amount", "type": "number"},
      {"name": "currency_code", "type": "string"},
      {"name": "po_number", "type": "string"}
    ],
    "maskingRules": [
      {"field": "invoice_number", "strategy": "hash"}
    ],
    "tags": ["FY2025", "AP"]
  }'

Example response

{
  "datasetId": "ds_9b20e4",
  "name": "ap_invoices_fy2025",
  "tableType": "ap_invoices",
  "rowCount": 124581,
  "fieldCount": 7,
  "profile": {
    "minDate": "2025-01-01",
    "maxDate": "2025-12-31",
    "totalAmount": 47599812.32
  },
  "createdAt": "2026-01-21T10:03:11Z"
}

Procedures

POST /projects/{projectId}/procedures/run: Execute an audit procedure (e.g., duplicate payments, Benford) with parameters. Long-running jobs can send completion webhooks.

curl --request POST \
  --url https://api.supergood.ai/integrations/<integration_id>/projects/prj_34af10/procedures/run \
  --header 'Authorization: Bearer <authToken>' \
  --header 'Content-Type: application/json' \
  --data '{
    "procedureCode": "ap_duplicate_payments",
    "datasetId": "ds_9b20e4",
    "parameters": {
      "matchKeys": ["vendor_id", "invoice_number", "amount"],
      "dateWindowDays": 30,
      "minAmount": 100.00,
      "includeCreditMemos": false
    },
    "saveAsTableName": "ap_dupe_candidates_fy2025",
    "notifyOnCompletion": true,
    "webhookUrl": "https://yourapp.example.com/webhooks/idea"
  }'

Example response

{
  "resultId": "res_51af80",
  "procedureCode": "ap_duplicate_payments",
  "status": "queued",
  "estimatedDurationSec": 120,
  "createdAt": "2026-01-21T11:20:44Z"
}

Exceptions

GET /projects/{projectId}/procedures/{resultId}/exceptions: Retrieve flagged items from a completed procedure with filters and pagination.

Query parameters

• status: open | cleared | reviewed
• severity: low | medium | high
• updatedFrom, updatedTo: ISO 8601 timestamps
• page, pageSize: integers for pagination

Example response

{
  "summary": {
    "total": 342,
    "open": 310,
    "reviewed": 20,
    "cleared": 12
  },
  "items": [
    {
      "exceptionId": "ex_7c3d21",
      "rule": "ap_duplicate_payments",
      "description": "Potential duplicate: same vendor, invoice number, and amount within 7 days",
      "datasetRowRef": {"datasetId": "ds_9b20e4", "rowId": "r_00012890"},
      "vendorId": "V001283",
      "invoiceNumber": "INV-88931",
      "amount": 1280.50,
      "invoiceDate": "2025-06-17",
      "score": 0.92,
      "severity": "high",
      "status": "open",
      "assignedTo": {"userId": "u_idea_88d120", "name": "Audit Manager"},
      "createdAt": "2026-01-21T11:24:10Z"
    }
  ],
  "page": 1,
  "pageSize": 50
}

Get full API Specs →

Technical Specifications

• Authentication: Username/password with MFA (SMS, email, TOTP) and SSO/OAuth where enabled; supports service accounts or customer-managed credentials
• Response format: JSON with consistent resource schemas and pagination across modules
• Rate limits: Tuned for enterprise throughput while honoring customer entitlements and usage controls
• Session management: Automatic reauth and cookie/session rotation with health checks
• Data freshness: Near real-time retrieval of projects, datasets, procedures, and results
• Security: Encrypted transport, scoped tokens, audit logging; supports field masking and checksums for uploaded files; respects role-based permissions
• Webhooks: Optional asynchronous delivery for long-running procedures (e.g., Benford, fuzzy matching)

Performance Characteristics

• Latency: Sub-second responses for list/detail queries under normal load
• Throughput: Designed for high-volume dataset ingestion and exception retrieval
• Reliability: Retry logic, backoff, and idempotency keys minimize duplicate actions
• Adaptation: Continuous monitoring for UI/API changes with rapid adapter updates

Getting Started

1. Schedule Integration Assessment

Book a 30-minute session to confirm your modules, licensing, and authentication model.

2. Supergood Builds and Validates Your API

We deliver a hardened CaseWare IDEA adapter tailored to your workflows and entitlements.

3. Deploy with Monitoring

Go live with continuous monitoring and automatic adjustments as IDEA evolves.

Schedule Integration Call →

Frequently Asked Questions

Q: Which CaseWare IDEA capabilities can this integration cover?

Supergood supports workflows across commonly used areas: Data Acquisition (imports, schema mapping), Audit Analytics (SmartAnalyzer-style procedures such as duplicates, gaps, Benford, joins), Sampling (random, stratified, MUS), and Evidence/Exports, subject to your licensing and entitlements. We scope coverage during integration assessment.

Q: How are MFA and SSO handled for automation?

We support username/password + MFA (SMS, email, TOTP) and can operate behind SSO/OAuth when enabled. Sessions are refreshed automatically with secure challenge handling and entitlement checks.

Q: Can you run procedures on a schedule and stream exceptions to our systems?

Yes. We can orchestrate parameterized runs, expose normalized results and exception objects, and deliver updates via webhooks or polling to your review queues, GRC, or data warehouse.

Q: How do you handle large files and sensitive data?

We support chunked uploads, checksums, and optional field masking/hashing for sensitive columns. Access is governed by role-based permissions and scoped tokens, and we align with your residency and retention policies.

Q: Do you support sampling (e.g., MUS) and documentation?

Yes. We can generate samples with method-specific parameters, return selected items, and export lists and metadata for workpapers and evidence management.

Related Integrations

Intralinks API - Programmatically access the Intralinks VDR with Supergood

Ready to automate your CaseWare IDEA workflows?

Supergood can have your CaseWare IDEA integration live in days with no ongoing engineering maintenance.

Get Started →