Supergood | iManage API

Programmatically access matter workspaces, documents and versions, email filing, search, and security policies from iManage Work with a stable REST API. Supergood builds and operates production-grade, unofficial iManage integrations so your team can automate legal workflows without heavy custom engineering.

Plain English: iManage is document and email management software used by large law firms to organize work by matter, keep documents and emails in one place, manage versions and check-in/check-out, search across the firm's knowledge, and enforce strict security and governance. It sits at the center of a lawyer’s daily workflow in Outlook, Word, and the browser, ensuring every artifact is properly profiled to the right client/matter with the right permissions.

For a tech company integrating with iManage, this means you can pull lists of clients and matters, workspace structures, documents and their metadata, versions, and security settings—and push new workspaces from your intake system, upload generated documents and filed emails, update profiles, manage access, and apply retention or legal hold. You can build features like automated matter provisioning tied to CRM, document assembly pipelines that file outputs directly to the right folders, AI-powered knowledge search in your platform, client portals with read-only access, and unified analytics on document usage across practice groups.

What is iManage?

iManage (https://www.imanage.com) is a knowledge work platform for legal and professional services. Its core product, iManage Work, provides cloud-based document and email management with deep integrations into Microsoft 365 and Outlook. Additional modules cover search and AI (RAVN/iManage AI), security policy management, and records/retention governance.

Core product areas include:

• Document & Email Management (iManage Work: profiling, filing, versions, check-in/check-out)
• Workspaces & Matter Management (client/matter structures, folder templates, libraries)
• Search & AI (concept search, classification, suggestions powered by RAVN/iManage AI)
• Security & Governance (Security Policy Manager, ethical walls, access controls)
• Records & Retention (records manager, legal holds, disposition workflows)
• Collaboration & Sync (iManage Share, iManage Drive, Office/Outlook integrations)
• Cloud Platform & Admin (tenant, libraries, users/groups, audit)

Common data entities:

• Workspaces (matter-centric containers: client, matter, practice group, owner, template)
• Folders (structured by template: Correspondence, Pleadings, Research, etc.)
• Documents & Versions (title, number, version, class/subclass, file metadata)
• Emails (message-ID, subject, sender/recipients, filed to workspace/folder)
• Profiles/Metadata (client ID, matter ID, author, keywords, custom fields)
• Users & Groups (roles, permissions, ethical walls)
• Security Policies/ACLs (default workspace security, explicit grants/denies)
• Templates (folder trees, default metadata, security inheritance)
• Records & Retention (schedules, legal hold, disposition status)
• Audit Events (who did what, when, with profiles and before/after values)

The iManage Integration Challenge

Legal teams rely on iManage daily, but turning portal-centric document work into API-driven automation introduces complexity:

• Profile fidelity: Client/matter, class/subclass, and custom fields must match firm taxonomies and templates or uploads will be misfiled
• Versioning & locks: Check-in/check-out semantics, conflicts, and offline edits require safe coordination and idempotency
• Email filing: Outlook-based workflows and message-ID deduplication complicate headless ingestion and threading
• Search indexing: Newly uploaded content may take time to index; applications need asynchronous handling and backoff
• Authentication & SSO: Firm SSO/MFA and session lifecycles make unattended automation non-trivial
• Entitlements & ethical walls: Role-based access and policy constraints must be respected to avoid data leakage
• Governance & retention: Legal hold and disposition actions need audit-grade traceability

How Supergood Creates iManage APIs

Supergood reverse-engineers authenticated browser flows and network interactions to deliver a resilient API endpoint layer for your iManage tenant.

• Handles username/password, SSO/OAuth, and MFA (SMS, email, TOTP) securely
• Maintains session continuity with automated refresh and change detection
• Normalizes workspace, document, email, and security objects so you can integrate once with consistent schemas
• Aligns with customer entitlements, ethical walls, and role-based permissions to ensure compliant access
• Supports high-volume operations (bulk uploads, workspace provisioning) with polling or webhooks for long-running jobs and indexing
• Provides signed upload flows with content hashing and server-side virus scanning where required

Use Cases

Matter Intake & Workspace Provisioning

• Push new clients/matters from your CRM or intake tool
• Create workspaces with the right folder template and default security
• Sync workspace IDs and profile metadata back to your system for future filing

Document Assembly, E-Sign, and Filing

• Generate engagement letters or pleadings and file them to the correct workspace and folder
• Manage check-in/check-out and create explicit versions on updates
• Integrate e-sign outputs and store executed documents with immutable audit

Knowledge Search & Insights

• Query iManage for relevant precedents and forms directly in your product
• Build practice group dashboards on document usage and contribution
• Enrich content with AI classification and keyword tagging

Governance, Security & Retention

• Apply or update workspace ACLs and ethical wall constraints programmatically
• Place legal holds and track disposition events
• Export audit logs for compliance reporting

Available Endpoints

Authentication

POST /sessions: Establish a session using credentials. Supergood manages MFA (SMS, email, TOTP) and SSO/OAuth when enabled. Returns a short-lived auth token maintained by the platform.

curl --request POST \
  --url https://api.supergood.ai/integrations/<integration_id>/sessions \
  --header 'Authorization: Basic <Base64 encoded token>' \
  --header 'Content-Type: application/json' \
  --data '{
    "username": "[email protected]",
    "password": "<password>",
    "mfa": { "type": "totp", "code": "123456" }
  }'

Example response

{
  "authToken": "eyJhbGciOi...",
  "expiresIn": 3600,
  "user": {
    "id": "u_img_8f21c9",
    "name": "Associate",
    "entitlements": ["workspaces", "documents", "search", "security"]
  }
}

POST /sessions/refresh: Refresh an existing token to keep sessions uninterrupted.

Workspaces

GET /workspaces: List matter workspaces with filters for client/matter, owner, status, and update windows.

Query parameters

• clientId: string
• matterId: string
• ownerUserId: string
• status: active | closed
• nameContains: string
• practiceGroup: string
• updatedFrom, updatedTo: ISO 8601 timestamps
• page, pageSize: integers for pagination

Example response

{
  "items": [
    {
      "workspaceId": "wsp_9a7c2d",
      "name": "Acme Corp v. Smith",
      "client": {"id": "CL-10231", "name": "Acme Corp"},
      "matter": {"id": "MAT-88412", "name": "Contract Dispute"},
      "library": "DOCS",
      "owner": {"userId": "u_img_8f21c9", "name": "Associate"},
      "templateId": "tmpl_law_matter_v1",
      "status": "active",
      "defaultSecurity": {"visibility": "private", "inheritFolders": true},
      "createdAt": "2026-01-21T10:03:11Z",
      "updatedAt": "2026-02-01T16:45:02Z"
    }
  ],
  "page": 1,
  "pageSize": 50,
  "total": 1
}

POST /workspaces: Create a new workspace with client/matter metadata, a folder template, and default security.

curl --request POST \
  --url https://api.supergood.ai/integrations/<integration_id>/workspaces \
  --header 'Authorization: Bearer <authToken>' \
  --header 'Content-Type: application/json' \
  --data '{
    "externalId": "crm_matter_4819",
    "name": "Acme Corp v. Smith",
    "client": {"id": "CL-10231", "name": "Acme Corp"},
    "matter": {"id": "MAT-88412", "name": "Contract Dispute"},
    "library": "DOCS",
    "templateId": "tmpl_law_matter_v1",
    "defaultSecurity": {"visibility": "private", "allowedGroups": ["Litigation-Editors"]},
    "tags": ["intake", "litigation"]
  }'

Example response

{
  "workspaceId": "wsp_9a7c2d",
  "createdAt": "2026-01-21T10:03:11Z",
  "defaultSecurity": {"visibility": "private"}
}

Documents

GET /documents: Search or list documents with filters for workspace, folder, metadata, and dates.

Query parameters

• q: free-text query string
• workspaceId: string
• folderPath: string (e.g., "Correspondence/")
• class: string (e.g., "Correspondence", "Pleading")
• subclass: string
• authorUserId: string
• checkedOut: true | false
• updatedFrom, updatedTo: ISO 8601 timestamps
• page, pageSize: integers for pagination

Example response

{
  "items": [
    {
      "documentId": "doc_41a8f1",
      "number": 102938,
      "version": 4,
      "title": "Draft Settlement Proposal",
      "fileName": "settlement_proposal_v4.docx",
      "extension": "docx",
      "size": 284123,
      "class": "Correspondence",
      "subclass": "Settlement",
      "workspaceId": "wsp_9a7c2d",
      "folderPath": "Correspondence/",
      "checkedOut": false,
      "author": {"userId": "u_img_8f21c9", "name": "Associate"},
      "security": {"inherited": true, "explicit": []},
      "createdAt": "2026-01-21T11:20:44Z",
      "updatedAt": "2026-01-31T09:02:17Z"
    }
  ],
  "page": 1,
  "pageSize": 50,
  "total": 1
}

POST /documents: Upload a document to a workspace and folder with proper profiling and create an initial version.

curl --request POST \
  --url https://api.supergood.ai/integrations/<integration_id>/documents \
  --header 'Authorization: Bearer <authToken>' \
  --header 'Content-Type: application/json' \
  --data '{
    "workspaceId": "wsp_9a7c2d",
    "folderPath": "Pleadings/",
    "profile": {
      "class": "Pleading",
      "subclass": "Motion",
      "clientId": "CL-10231",
      "matterId": "MAT-88412",
      "keywords": ["hearing", "motion to dismiss"]
    },
    "file": {
      "fileName": "motion_to_dismiss_v1.docx",
      "contentType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "uploadToken": "upl_7fa223",
      "sha256": "2bb80d537b1da3e38bd30361aa855686bde0..."
    },
    "checkedOut": false,
    "tags": ["draft"]
  }'

Example response

{
  "documentId": "doc_c0b551",
  "number": 104512,
  "version": 1,
  "workspaceId": "wsp_9a7c2d",
  "folderPath": "Pleadings/",
  "title": "Motion To Dismiss",
  "createdAt": "2026-01-21T11:20:44Z"
}

Security & Access

PATCH /workspaces/{workspaceId}/security: Update workspace ACLs—add or remove users/groups and set roles.

curl --request PATCH \
  --url https://api.supergood.ai/integrations/<integration_id>/workspaces/wsp_9a7c2d/security \
  --header 'Authorization: Bearer <authToken>' \
  --header 'Content-Type: application/json' \
  --data '{
    "changes": [
      {"action": "add", "principalType": "group", "principalId": "Litigation-Editors", "role": "editor"},
      {"action": "add", "principalType": "user", "principalId": "u_par_19b76a", "role": "viewer"},
      {"action": "remove", "principalType": "group", "principalId": "Guest-Viewers"}
    ],
    "referenceId": "intake-4819"
  }'

Example response

{
  "workspaceId": "wsp_9a7c2d",
  "defaultSecurity": {"visibility": "private"},
  "acl": [
    {"principalType": "group", "principalId": "Litigation-Editors", "role": "editor"},
    {"principalType": "user", "principalId": "u_par_19b76a", "role": "viewer"}
  ],
  "updatedAt": "2026-01-22T08:15:12Z",
  "updatedBy": {"userId": "u_img_8f21c9", "name": "Associate"}
}

Get full API Specs →

Technical Specifications

• Authentication: Username/password with MFA (SMS, email, TOTP) and SSO/OAuth where enabled; supports service accounts or customer-managed credentials
• Response format: JSON with consistent resource schemas and pagination across modules
• Rate limits: Tuned for enterprise throughput while honoring customer entitlements and usage controls
• Session management: Automatic reauth and cookie/session rotation with health checks
• Data freshness: Near real-time retrieval of workspaces, documents, emails, security changes, and audit events; indexing-aware backoff for search
• Security: Encrypted transport, scoped tokens, and audit logging; respects iManage role-based permissions and ethical walls
• Webhooks: Optional asynchronous delivery for long-running workflows (e.g., bulk uploads, reindex completion, retention actions)

Performance Characteristics

• Latency: Sub-second responses for list/detail queries under normal load; upload and indexing times reflect underlying platform behavior
• Throughput: Designed for high-volume document ingest and workspace synchronization
• Reliability: Retry logic, backoff, and idempotency keys minimize duplicates and support at-least-once processing
• Adaptation: Continuous monitoring for UI/API changes with rapid adapter updates

Getting Started

1. Schedule Integration Assessment

Book a 30-minute session to confirm your modules, licensing, and authentication model.

2. Supergood Builds and Validates Your API

We deliver a hardened iManage adapter tailored to your workflows and entitlements.

3. Deploy with Monitoring

Go live with continuous monitoring and automatic adjustments as iManage evolves.

Schedule Integration Call →

Frequently Asked Questions

Q: Which iManage modules can this integration cover?

Supergood supports workflows commonly used for legal document management, including Workspaces & Matter Management (folders, templates, metadata), Documents & Versions (upload, check-in/check-out), Email Filing, Search, Security & Governance (ACLs, ethical walls), and Records/Retention (holds, disposition), subject to your licensing and entitlements. We scope coverage during integration assessment.

Q: How are MFA and SSO handled for automation?

We support username/password + MFA (SMS, email, TOTP) and can operate behind SSO/OAuth when enabled. Sessions are refreshed automatically with secure challenge handling and monitoring for session expiry.

Q: Do you support Outlook email filing?

Yes. We can accept raw EML/MSG inputs or normalized payloads, deduplicate based on message-ID, profile to the correct workspace/folder, and preserve threading metadata. Attachments can be stored as separate documents when needed.

Q: Do you support check-in/check-out and versioning?

Yes. We model locks and explicit versions with idempotent operations to avoid conflicts. You can create versions, update profiles, and safely reconcile offline edits.

Q: How do you standardize security and ethical walls?

We normalize ACL roles (viewer, editor, manager), group/user principals, and inheritance flags into a consistent schema while preserving raw policy data. All actions respect iManage policy constraints and audit requirements.

Related Integrations

Intralinks API - Programmatically access the Intralinks VDR with Supergood

Ready to automate your iManage workflows?

Supergood can have your iManage integration live in days with no ongoing engineering maintenance.

Get Started →