Supergood | Laserfiche API

Programmatically access repositories, folders, documents, metadata, workflows, and records management in Laserfiche with a stable REST API. Supergood builds and operates production-grade, unofficial Laserfiche integrations so your team can automate content, records, and compliance workflows without heavy custom engineering.

Plain English: Laserfiche is document and records management software that law firms use to organize matter files, control access, automate approvals and forms, and enforce retention and legal holds for compliance. Think of it as a centralized content system where final work product, email records, and signed agreements live with metadata, audit trails, and policy-driven lifecycle controls.

For a tech company integrating with Laserfiche—especially if your customer already operates in iManage—you can pull folder structures, documents, versions, and metadata templates; sync users and permissions; track audit and records status; and push new documents, metadata updates, and workflow triggers. This enables features like automated matter-folder provisioning from iManage workspaces, dual-write of finalized documents into Laserfiche for records retention, conflict-check packet assembly, legal hold orchestration, client intake forms, and cross-DMS search dashboards.

What is Laserfiche?

Laserfiche (https://www.laserfiche.com) is a content services and enterprise content management (ECM) platform. It provides document management, process automation, and records governance for regulated teams in legal, financial services, government, higher education, and more.

Core product areas include:

• Document & Records Management (repositories, folders, metadata templates, versioning, legal holds, retention schedules)
• Process Automation (Laserfiche Forms and Workflow/Process Automation for approvals, routing, and tasking)
• Capture & OCR (scanning, email capture, classification, text extraction)
• Search & Discovery (full-text, metadata search, saved searches, shortcuts)
• Security & Governance (RBAC, permissions/ACLs, auditing, immutability controls)
• Reporting & Analytics (usage, process SLAs, records compliance, exports)

Common data entities:

• Repositories (content stores scoped by business unit or region)
• Entries (folders, documents, and shortcuts with unique entry IDs and paths)
• Templates & Fields (metadata schemas bound to entries, with validation and required fields)
• Users, Groups & Roles (access control, assignments)
• Permissions & ACLs (entry-level rights and inheritance)
• Workflows/Processes (definitions) and Process Instances (running cases)
• Tasks (human approvals, service tasks, due dates)
• Forms & Submissions (data collection with attachments)
• Records & Retention (record declarations, cutoff events, schedules)
• Legal Holds (preservation orders that suspend disposition)
• Versions & Annotations (check-in/out, version notes, redactions, comments)
• Audit Events (who did what, when, with before/after values)

The Laserfiche Integration Challenge

Law firms depend on Laserfiche for governance, yet turning portal-centric actions into automated, API-driven flows—especially alongside iManage—has hurdles:

• Multi-repository security: Fine-grained ACLs and inheritance require respectful, least-privilege automation
• Metadata templates: Required fields, picklists, and per-folder defaults demand consistent mapping and validation
• File operations: Large PDFs, check-in/out semantics, OCR queues, and renditions need careful handling
• Long-running processes: Approvals, records declarations, and forms-based workflows can span minutes to days
• Hybrid deployments: On-prem and cloud variants with SSO/MFA and network constraints complicate headless access
• Records rigor: Declaring records, applying holds, and executing retention events must be auditable and idempotent
• Coexistence with iManage: Dual-write patterns, canonical matter identifiers, and de-duplication across systems

How Supergood Creates Laserfiche APIs

Supergood reverse-engineers authenticated browser flows and repository interactions to deliver a resilient API endpoint layer for your Laserfiche environment.

• Handles username/password, SSO/OAuth, and MFA (SMS, email, TOTP) securely
• Maintains session continuity with automated refresh and change detection
• Normalizes entries, metadata templates, processes, and records objects so you can integrate once with consistent schemas
• Honors repository ACLs, folder inheritance, and role-based entitlements for compliant access
• Supports high-volume operations (bulk uploads, OCR queues, workflow kicks) with polling or webhooks for long-running jobs

Use Cases

Matter Intake & Folder Provisioning

• Create standardized matter folder trees with required metadata on open
• Sync client/matter attributes from iManage or your PMS/CRM
• Stamp permissions by client team and practice group with inheritance

Records Declaration & Legal Holds

• Declare records on final documents at matter close
• Apply legal holds by matter or client and track preservation status
• Attach disposition notes, cutoff events, and retention schedules

Document Sync & Versioning with iManage

• Push signed or court-filed versions from iManage into Laserfiche for governance
• Maintain version notes, authorship, and audit trails
• Prevent duplicates via checksums and canonical matter keys

Workflow Automation for Legal Ops

• Trigger approval flows for engagement letters, settlements, and SOWs
• Orchestrate client intake and conflict-check packets with forms and tasks
• Notify downstream systems via webhooks when tasks complete or records are declared

Available Endpoints

Authentication

POST /sessions: Establish a session using credentials. Supergood manages MFA (SMS, email, TOTP) and SSO/OAuth when enabled. Returns a short-lived auth token maintained by the platform.

curl --request POST \
  --url https://api.supergood.ai/integrations/<integration_id>/sessions \
  --header 'Authorization: Basic <Base64 encoded token>' \
  --header 'Content-Type: application/json' \
  --data '{
    "username": "[email protected]",
    "password": "<password>",
    "repository": "repo_east_01",
    "mfa": { "type": "totp", "code": "123456" }
  }'

Example response

{
  "authToken": "eyJhbGciOi...",
  "expiresIn": 3600,
  "user": {
    "id": "u_lf_015",
    "name": "Records Manager",
    "repositories": ["repo_east_01", "repo_west_01"],
    "entitlements": ["entries", "metadata", "processes", "records"]
  }
}

POST /sessions/refresh: Refresh an existing token to keep sessions uninterrupted.

Matters

POST /matters: Create a standardized matter folder structure with metadata and optional linkage to an existing iManage workspace.

curl --request POST \
  --url https://api.supergood.ai/integrations/<integration_id>/matters \
  --header 'Authorization: Bearer <authToken>' \
  --header 'Content-Type: application/json' \
  --data '{
    "matterNumber": "M-2026-00421",
    "clientName": "Acme Holdings LLC",
    "title": "Acme v. Riverton - Litigation",
    "repositoryId": "repo_east_01",
    "parentFolderId": 1342,
    "folderTemplate": {
      "structure": [
        {"name": "01 - Pleadings"},
        {"name": "02 - Discovery"},
        {"name": "03 - Correspondence"},
        {"name": "04 - Research"}
      ]
    },
    "metadata": {
      "template": "Matter",
      "fields": {
        "ClientNumber": "C-8831",
        "MatterNumber": "M-2026-00421",
        "PracticeGroup": "Litigation",
        "OpenDate": "2026-02-18"
      }
    },
    "externalRefs": {
      "iManage": {"workspaceId": "WM-123456", "db": "PROD"}
    }
  }'

Example response

{
  "matterId": "mat_4cfb19",
  "rootFolderId": 98234,
  "folderIds": {
    "01 - Pleadings": 98235,
    "02 - Discovery": 98236,
    "03 - Correspondence": 98237,
    "04 - Research": 98238
  },
  "links": {"path": "\\Client Files\\Acme Holdings LLC\\M-2026-00421"},
  "createdAt": "2026-02-20T10:03:11Z"
}

Documents

POST /documents: Upload a document into a folder with metadata, permissions, and version note. Supergood supports large files via signed upload tokens and manages check-in/out.

curl --request POST \
  --url https://api.supergood.ai/integrations/<integration_id>/documents \
  --header 'Authorization: Bearer <authToken>' \
  --header 'Content-Type: application/json' \
  --data '{
    "repositoryId": "repo_east_01",
    "folderId": 98235,
    "fileName": "Summons.pdf",
    "contentType": "application/pdf",
    "uploadToken": "upl_7fa223",
    "versionNote": "Initial filing",
    "metadata": {
      "template": "Matter Document",
      "fields": {
        "DocumentType": "Pleading",
        "Author": "J. Rivera",
        "MatterNumber": "M-2026-00421"
      }
    },
    "permissions": [
      {"principalId": "grp_lit_team", "rights": ["read", "modify"]},
      {"principalId": "grp_records", "rights": ["read"]}
    ]
  }'

Example response

{
  "entryId": 198776,
  "repositoryId": "repo_east_01",
  "version": 1,
  "pages": 5,
  "ocrStatus": "queued",
  "createdAt": "2026-02-20T11:20:44Z",
  "webUrl": "https://<tenant>.laserfiche.cloud/browse/entry/198776"
}

Processes & Records

POST /processes: Start a Laserfiche process/workflow instance (e.g., records declaration, legal hold application) with variables and callback configuration.

curl --request POST \
  --url https://api.supergood.ai/integrations/<integration_id>/processes \
  --header 'Authorization: Bearer <authToken>' \
  --header 'Content-Type: application/json' \
  --data '{
    "processKey": "records_declaration",
    "repositoryId": "repo_east_01",
    "context": {
      "matterNumber": "M-2026-00421",
      "entries": [198776, 198790],
      "initiator": {"userId": "u_lf_015"}
    },
    "variables": {
      "RetentionScheduleId": "ret_legal_7yr",
      "CutoffEvent": {"type": "matter_closed", "date": "2026-02-28"},
      "ApplyLegalHold": true,
      "HoldName": "Riverton Litigation Hold"
    },
    "webhook": {
      "callbackUrl": "https://yourapp.example.com/webhooks/laserfiche",
      "eventTypes": ["task.completed", "process.completed"]
    }
  }'

Example response

{
  "processInstanceId": "proc_7c1a9e",
  "status": "running",
  "startedAt": "2026-02-20T11:22:03Z",
  "nextTasks": [
    {"taskId": "tsk_01f3", "name": "Records Approval", "assignee": "Records Manager", "dueAt": "2026-02-21T17:00:00Z"}
  ]
}

Get full API Specs →

Technical Specifications

• Authentication: Username/password with MFA (SMS, email, TOTP) and SSO/OAuth where enabled; supports service accounts or customer-managed credentials
• Response format: JSON with consistent resource schemas and pagination across modules
• Rate limits: Tuned for enterprise throughput while honoring repository and licensing constraints
• Session management: Automatic reauth and cookie/session rotation with health checks
• Data freshness: Near real-time retrieval of entries, metadata, processes, and records status
• Security: Encrypted transport, scoped tokens, and audit logging; respects Laserfiche role-based permissions and ACL inheritance
• Webhooks: Optional asynchronous delivery for long-running workflows (e.g., OCR completion, process/task updates)

Performance Characteristics

• Latency: Sub-second responses for list/detail queries under normal load; process step times reflect underlying platform behavior
• Throughput: Designed for high-volume uploads, metadata updates, and workflow kicks during matter open/close cycles
• Reliability: Retry logic, backoff, and idempotency keys minimize duplicates and support at-least-once processing
• Adaptation: Continuous monitoring for UI/API changes with rapid adapter updates

Getting Started

1. Schedule Integration Assessment

Book a 30-minute session to confirm your repositories, licensing, and authentication model.

2. Supergood Builds and Validates Your API

We deliver a hardened Laserfiche adapter tailored to your folder templates, metadata, and records policies.

3. Deploy with Monitoring

Go live with continuous monitoring and automatic adjustments as Laserfiche evolves.

Schedule Integration Call →

Frequently Asked Questions

Q: Which Laserfiche modules can this integration cover?

Supergood supports workflows commonly used by legal teams, including Repository & Entries (folders, documents, versions), Process Automation (forms, workflows), and Records Management (declaration, retention, holds), subject to your licensing and entitlements. We scope coverage during integration assessment.

Q: How are MFA and SSO handled for automation?

We support username/password + MFA (SMS, email, TOTP) and can operate behind SSO/OAuth when enabled. Sessions are refreshed automatically with secure challenge handling and monitoring for session expiry.

Q: Do you support on-prem and cloud Laserfiche deployments?

Yes. We operate adapters for Laserfiche Cloud and self-hosted environments, aligning with your network, SSO, and security controls.

Q: Can you help us coexist with iManage?

Absolutely. We map canonical client/matter identifiers, sync folder structures, and implement dual-write rules so finalized or signed artifacts land in Laserfiche for governance while day-to-day work continues in iManage.

Q: How do you standardize metadata across templates?

We normalize templates and fields into a consistent schema, validate required fields and picklists, and preserve raw template/field names for audit while exposing friendly keys for your apps.

Q: What about large files, OCR, and check-in/out?

We support chunked uploads via signed tokens, manage check-in/out semantics, and surface OCR/rendition status with polling or webhooks so you can proceed when text extraction completes.

Related Integrations

Intralinks API - Programmatically access the Intralinks VDR with Supergood

Ready to automate your Laserfiche workflows?

Supergood can have your Laserfiche integration live in days with no ongoing engineering maintenance.

Get Started →