v1.1 — Live · updated 25 May 2026

DraftRight API

AI-powered legal document generation, audio transcription, file conversion, contract analysis, and agreement building. One API key, one integration.

📄
14+ Templates
Self-learning library
🎙
1GB Audio
Smart-split transcription
Agreement Builder
Transcripts to contracts
🔍
Company Search
UK Companies House

Base URL: https://draftright.co.uk/api

Authentication

API Key (Business)

Include your key in the x-api-key header.

curl -H "x-api-key: dr_your_api_key_here" \
  https://draftright.co.uk/api/invoice/scan \
  -F "file=@invoice.pdf"

Bearer Token (Consumer)

From /api/auth/login.

curl -H "Authorization: Bearer eyJhbG..." \
  https://draftright.co.uk/api/documents/generate \
  -d '{"templateId":"nda","answers":{...}}'
Get an API key: Sign up at draftright.co.uk → Business Dashboard → Get API Key. Keys are prefixed with dr_.

Plans & Pricing

Consumer

Free

£0/mo
  • 1 document/mo (watermarked)
  • 3 transcriptions/day (10min)
  • File conversion (100MB)
  • Agreement preview only
  • No diarise/summarise

Pro

£19.99/mo
  • Unlimited documents
  • 120 AI credits/month
  • 20 transcriptions/day (60min)
  • 500MB uploads
  • Diarise, summarise, translate
  • PDF & DOCX downloads

Elite

£39.99/mo
  • Everything in Pro
  • 300 AI credits/month
  • 50 transcriptions/day (2hr)
  • 1GB uploads
  • Priority AI models

Business API

Request access: Business API tiers are onboarded individually. Email draftrightofficial@gmail.com with your expected monthly call volume and endpoints needed — we provision a Stripe billing link and API key within one working day.

Starter

£149/mo
  • 200 calls/month
  • Invoice scanning
  • Bulk conversion
  • No contract analysis
  • No agreements

Growth

£499/mo
  • 1,000 calls/month
  • 10 agreements/month
  • Contract analysis
  • Transcription API
  • Company search

Scale

£1,499/mo
  • 5,000 calls/month
  • 50 agreements/month
  • Expense scanning
  • Company monitoring
  • HR packs

Enterprise

£3,999/mo
  • 15,000 calls/month
  • 200 agreements/month
  • Custom integrations
  • Dedicated support
  • Custom SLA on request

Enterprise+

Custom contact sales
  • Above 15,000 API calls/month
  • White-label / on-prem deployment
  • Dedicated account manager & engineer
  • Custom SLA & uptime guarantees
  • Bespoke integrations / custom endpoints

Enterprise Premium — Compliance Signals

Compliance Signals

£5,000/mo
  • Continuous UK regulatory monitoring (gov.uk, HMRC, ICO, HSE, ACAS, Parliament, Companies House)
  • AI-matched to your SIC codes, sectors, jurisdiction & data posture
  • Director personal-liability radar
  • AI intelligence reports with actionable task lists
  • Pre-drafted compliance documents & email alerts
  • Quarterly board pack PDF generation
  • Slack webhook integration
Separate product at draftright.co.uk/compliance.html. Contact sales for trial.

Quick Start

1. Get your API key

POST /api/business/onboard
Authorization: Bearer YOUR_TOKEN
Content-Type: application/json

{ "companyName": "Acme Ltd", "email": "dev@acme.com" }

2. Scan an invoice

curl -X POST https://draftright.co.uk/api/invoice/scan \
  -H "x-api-key: dr_your_key" \
  -F "file=@invoice.pdf"

3. Check usage

curl https://draftright.co.uk/api/biz-dashboard \
  -H "Authorization: Bearer YOUR_TOKEN"

Errors

All errors return JSON with an error field.

{ "error": "Monthly API limit reached", "used": 200, "limit": 200, "upgrade": true }
CodeMeaningAction
400Bad requestCheck required params
401Invalid authCheck API key or token
402Payment requiredFeature gated to a paid tier. Response includes upgradeRequired:true. Used by Case Chat (Pro+) and similar gated features.
403Feature not on planUpgrade
410GoneEndpoint or template withdrawn. tenancy/section21 on Free tier (RRA 2025 transition); loan_agreement/nda/employment_contract/parking_appeal all tiers (legal audit gate). Response: {gated:true, upgradeRequired:true}.
429Rate limit hitWait or upgrade
500Server errorRetry or contact support

Refresh Tokens & 2FA

Access tokens expire after 15 minutes. Use the refresh token (rotated on every refresh, family-tracked for theft detection) to mint a new access token without re-prompting the user.

POST/api/auth/refreshRotate refresh + issue new access token

Accepts the refresh token from either the dr_refresh httpOnly cookie (SameSite=Strict, path=/api/auth) or the JSON body. Returns a new access + refresh token pair; the old refresh token is invalidated.

curl -X POST https://draftright.co.uk/api/auth/refresh \
  -H "Content-Type: application/json" \
  --cookie "dr_refresh=YOUR_REFRESH_TOKEN" \
  --cookie-jar cookies.txt
{
  "token": "eyJhbG...",
  "refreshToken": "eyJrZWY..."
}
Token theft detection: Refresh tokens are family-tracked. If an old refresh token is reused (suggesting an attacker has a stolen copy), the entire family is revoked and the user must sign in again. This is automatic.

Two-factor authentication (TOTP)

POST/api/auth/2fa/setupBegin TOTP enrolment

Returns a base32 secret + an otpauth:// URL for QR code rendering. Bearer auth required.

curl -X POST https://draftright.co.uk/api/auth/2fa/setup \
  -H "Authorization: Bearer TOKEN"
{
  "secret": "JBSWY3DPEHPK3PXP",
  "qrUrl": "otpauth://totp/DraftRight:user@x?secret=...&issuer=DraftRight",
  "backupCodes": ["...","...","..."]
}
POST/api/auth/2fa/verify-setupActivate 2FA

Confirms enrolment by verifying a TOTP code. Once verified, 2FA is required on all subsequent logins.

curl -X POST https://draftright.co.uk/api/auth/2fa/verify-setup \
  -H "Authorization: Bearer TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"code":"123456"}'
POST/api/auth/2fa/loginSubmit 2FA code after primary login

When /api/auth/login returns {requires2FA: true, tempToken: "..."}, post the TOTP (or backup) code with the temp token to complete sign-in.

curl -X POST https://draftright.co.uk/api/auth/2fa/login \
  -H "Content-Type: application/json" \
  -d '{"tempToken":"...","code":"123456"}'
POST/api/auth/2fa/disableDisable 2FA (Bearer auth)

Requires the current password + a valid TOTP code or backup code to disable.

Document Generator

Generate UK legal documents from 14+ templates (and growing). AI-powered with legislation references. The template library expands automatically as users interact with the platform.

Free: 1/mo Pro: Unlimited Elite: Unlimited
POST/api/documents/generateGenerate document
templateIdstringrequiredTemplate ID (see list)
answersobjectrequiredKey-value pairs for template questions
aiContextstringoptionalExtra instructions (e.g. "make formal")
curl -X POST https://draftright.co.uk/api/documents/generate \
  -H "Authorization: Bearer TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "templateId": "nda",
    "answers": {
      "party1_name": "Acme Ltd",
      "party2_name": "Jane Smith",
      "purpose": "Partnership discussion",
      "duration": "2 years"
    }
  }'

Response:

{
  "content": "NON-DISCLOSURE AGREEMENT\n\nDate: 13 March 2026...",
  "templateId": "nda",
  "wordCount": 1247
}

Transcriber

Transcribe audio/video up to 1GB. Smart-splits long recordings at silence breaks, processes chunks with context continuity.

Free: 3/day 10min Pro: 20/day 60min Elite: 50/day 2hr
POST/api/transcribeTranscribe audio/video
filefilerequiredMP3, MP4, WAV, M4A, WEBM, OGG, FLAC, MOV, AVI, MKV
languagestringoptionalISO 639-1 (e.g. "en"). Auto-detected if omitted.
timestampsbooloptionalInclude SRT timestamps
diarisebooloptionalSpeaker labels (Pro+)
summarisebooloptionalAI summary (Pro+)
curl -X POST https://draftright.co.uk/api/transcribe \
  -H "Authorization: Bearer TOKEN" \
  -F "file=@meeting.mp3" \
  -F "timestamps=true" \
  -F "diarise=true" \
  -F "summarise=true"

Response:

{
  "text": "Welcome to the masterclass...",
  "duration": 5586,
  "srt": "1\n00:00:00,000 --> 00:00:13,640\nWelcome...",
  "summary": "A 90-minute NLP masterclass covering...",
  "diarised_text": "[Speaker 1] Welcome..."
}

File Converter

Convert between 15+ formats. Documents, images, audio, video.

POST/api/converter/:typeConvert file
typepathrequiredConversion ID (see formats)
filesfilerequiredFile to convert
curl -X POST https://draftright.co.uk/api/converter/pdf_to_word \
  -H "Authorization: Bearer TOKEN" \
  -F "files=@document.pdf" --output converted.docx

Returns binary file download.

Smart Doc Reader

Upload any document and chat with it. AI extracts data, answers questions, provides summaries.

Pro+
POST/api/smart-doc/uploadUpload for analysis
filefilerequiredPDF, DOCX, or TXT

After upload, use /api/smart-doc/chat to ask questions about the document.

Agreement Builder

Upload meeting recordings or transcripts. AI extracts parties, terms, obligations, deadlines, financial terms — then generates a professional legal agreement.

Free: Preview Pro: 5/mo Elite: Unlimited
3-pass AI pipeline: Extract parties → Analyse terms & obligations → Generate legal agreement with UK legislation references.
POST/api/agreement/createBuild from transcripts
filesfile[]requiredUp to 5 files (audio, video, PDF, DOCX, TXT)
titlestringoptionalAgreement title
templateTypestringoptionalnda, freelance_contract, service_agreement, coaching_agreement, employment_contract, tenancy, loan_agreement, partnership_agreement, consulting_agreement, general
providerstringoptionalopenai (default), anthropic, groq
curl -X POST https://draftright.co.uk/api/agreement/create \
  -H "Authorization: Bearer TOKEN" \
  -F "files=@meeting.mp3" \
  -F "title=Service Agreement" \
  -F "templateType=service_agreement"

Response:

{
  "draftId": 42,
  "status": "processing",
  "message": "Analysing transcripts..."
}

Poll GET /api/agreement/:id for status. When ready, the full agreement is in generated_content.

GET/api/agreement/:idGet draft
curl https://draftright.co.uk/api/agreement/42 \
  -H "Authorization: Bearer TOKEN"

Returns parties, agreed terms, obligations, deadlines, financial terms, and generated content.

GET/api/agreement/:id/download?format=pdf|docx|txtDownload
curl https://draftright.co.uk/api/agreement/42/download?format=pdf \
  -H "Authorization: Bearer TOKEN" --output agreement.pdf

Cases (Matter Container)

A case is a matter-level container that ties transcripts, documents, analyses, agreements, and chat history together as a single unit. The case digest is an LLM-summarised view of everything attached; the chat lets you ask cited questions across the whole case.

Free: List + create Pro: Full + chat Elite: Full
v1.1 lifecycle: attach content → digest auto-recomputes via Bull queue (1.5s debounce) → chat over the whole case with citations like [transcripts:N] back to source items.
POST/api/casesCreate case
titlestringrequiredMatter title
caseTypestringoptionalTenancy, employment, commercial, etc.
visibilityenumoptionalprivate (default), business (visible to your business team), shared
descriptionstringoptionalFree-form matter notes
GET/api/casesList cases

Returns all cases the user owns or collaborates on.

GET/api/cases/:idCase detail
PATCH/api/cases/:idUpdate title / visibility / description
DELETE/api/cases/:idSoft-delete

Content attachment

POST/api/cases/:id/attachAttach existing artifact
kindenumrequiredjob (transcribe), document, legal_analysis, agreement
assetIdintrequiredID of the artifact to attach

Triggers a digest recompute (Bull queue, ~1.5s debounce).

POST/api/cases/:id/detachRemove an attached artifact
GET/api/cases/:id/feedActivity timeline

Chronological list of all attachments + corrections + chat messages on the case.

Case digest (the AI summary)

GET/api/cases/:id/digestCached digest

Returns the LLM-summarised digest: summary, key_facts[], legal_framing, risks[] (severity-rated), decisions[], open_gaps[], next_actions[]. Includes has_corrections flag.

POST/api/cases/:id/digest/recomputeForce re-compute (sync)

Re-runs the digest LLM pipeline immediately. Skips the Bull queue. Useful right after attaching multiple items.

Case chat (Pro+, returns 402 below)

POST/api/cases/:id/chatAsk the case AI
messagestringrequiredUser question

The assistant has context from: digest + all transcripts + documents + analyses + corrections + last 10 chat messages. Reply may include inline citations like [transcripts:42] or [documents:11] linking back to attached artifacts.

curl -X POST https://draftright.co.uk/api/cases/3/chat \
  -H "Authorization: Bearer TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"message":"Was anything said that constitutes harassment?"}'
{
  "role": "assistant",
  "content": "Based on the call transcript [transcripts:42] at 14:32...",
  "citations": [{"kind":"transcripts","id":42}],
  "model": "llama-3.1-70b-versatile",
  "provider": "groq"
}

402 response (free/single tier): {error:"Case chat requires Pro or above", upgradeRequired:true}

GET/api/cases/:id/chat/historyChat history

Corrections (ground-truth overrides)

PATCH/api/cases/:id/correctionsSet user-verified facts

Merges into cases.corrections jsonb. The digest LLM treats this block as authoritative ground truth on next regenerate. Also surfaces in chat context.

{
  "key_facts": {
    "tenant_name": "Mike Bestart",
    "property_address": "14 Marlowe Road"
  },
  "notes": "Tenant agreed verbally to vacate by month-end."
}
GET/api/cases/:id/correctionsRead corrections

Document generation from case

POST/api/cases/:id/draft-docGenerate a doc from case context
modeenumrequiredaction (draft from a specific next_action) or combined (combined remedy from all actions)
actionTextstringconditionalRequired when mode=action

The LLM proposes a document type name (looked up against the self-learning library for dedup) and writes the body. New types auto-create as community templates at draft confidence — the library grows from every case-driven draft.

Collaborators & sharing

GET/api/cases/:id/collaboratorsList collaborators
POST/api/cases/:id/shareInvite by email
emailstringrequiredInvitee email
roleenumoptionalviewer, editor

Generates a tokenised invite. Recipient hits /?caseInvite=TOKEN to accept.

DELETE/api/cases/:id/share/:collabIdRemove collaborator
GET/api/cases/invites/:tokenPreview invite (public)

No auth required — returns case title + inviter for the accept page.

POST/api/cases/invites/:token/acceptAccept invite (Bearer auth)

Event Stream (SSE)

Server-Sent Events channel for push-based job state updates. Eliminates the ~15s polling lag from the heartbeat fallback — events arrive in ~50ms.

Use this when: you need real-time state updates for transcribe/legal-analyse/agreement jobs. Falls back to GET /api/jobs polling if the stream drops.
GET/api/events/streamOpen SSE channel (cookie auth)

Auth via the dr_session cookie. Browser-side use the EventSource API with withCredentials:true. The server keeps the connection alive with a 25s heartbeat ping; clients should reconnect with exponential backoff on close.

Event types:

  • hello — sent on connect; reset client reconnect backoff
  • job.update — fired on any job state change. Payload: {jobId, type, status}. Refetch the authoritative job record after receiving.
  • ping — 25s keep-alive
const es = new EventSource('https://draftright.co.uk/api/events/stream', {withCredentials:true});
es.addEventListener('hello', () => console.log('connected'));
es.addEventListener('job.update', (e) => {
  const {jobId} = JSON.parse(e.data);
  refetchJob(jobId);
});
Nginx note: The server-side nginx config disables buffering on /api/events/ (proxy_buffering off; proxy_cache off; proxy_read_timeout 86400s;). Without this, events sit in nginx’s proxy buffer.
GET/api/events/statsConnection diagnostics

Returns {users:N, connections:N}. Useful for ops/debugging.

Invoice Scanner

Extract structured data from PDF/image invoices using OCR + AI.

Starter+
POST/api/invoice/scanx-api-key auth
filefilerequiredPDF, JPG, or PNG (max 25MB)
curl -X POST https://draftright.co.uk/api/invoice/scan \
  -H "x-api-key: dr_your_key" \
  -F "file=@invoice.pdf"
{
  "vendor": "Acme Supplies Ltd",
  "invoiceNumber": "INV-2026-0142",
  "date": "2026-03-01",
  "dueDate": "2026-03-31",
  "total": 1250.00,
  "tax": 250.00,
  "currency": "GBP",
  "lineItems": [
    { "description": "Web Development", "qty": 1, "unitPrice": 1000, "total": 1000 }
  ]
}

Contract Analysis

AI analysis of contracts: clause breakdown, red flags, compliance score, key dates.

Growth+
POST/api/contract/analyzex-api-key auth
filefilerequiredPDF, DOCX, or TXT (max 25MB)
curl -X POST https://draftright.co.uk/api/contract/analyze \
  -H "x-api-key: dr_your_key" \
  -F "file=@contract.pdf"
{
  "summary": "12-month service agreement...",
  "complianceScore": 78,
  "clauses": [...],
  "redFlags": [
    { "clause": "4.2", "risk": "Unlimited liability", "severity": "high" }
  ],
  "keyDates": [
    { "date": "2026-04-01", "event": "Start date" }
  ]
}

Bulk Document Generation (API)

Generate up to 500 documents in a single call from a CSV upload or a JSON records array — one document per row, each formatted with UK legislation references.

Growth+
POST/api/bulk-docs/api/generatex-api-key auth
templateIdstringrequirede.g. tenancy, nda, employment_contract
filefileoptionalCSV with a header row (one document per data row)
recordsjsonoptionalArray of objects instead of a CSV (1–500 records)
curl -X POST https://draftright.co.uk/api/bulk-docs/api/generate \
  -H "x-api-key: dr_your_key" \
  -F "templateId=tenancy" \
  -F "file=@tenants.csv"
{
  "total": 42,
  "success": 42,
  "failed": 0,
  "results": [
    { "index": 0, "content": "TENANCY AGREEMENT..." }
  ]
}

File Conversion (API)

Convert files via API key.

Starter+
POST/api/converter/:typex-api-key auth
curl -X POST https://draftright.co.uk/api/converter/pdf_to_word \
  -H "x-api-key: dr_your_key" \
  -F "files=@document.pdf" --output converted.docx

Transcription (API)

Full transcription via API key. Same capabilities as consumer.

Growth+
POST/api/transcribex-api-key auth
curl -X POST https://draftright.co.uk/api/transcribe \
  -H "x-api-key: dr_your_key" \
  -F "file=@recording.mp3" \
  -F "timestamps=true" \
  -F "summarise=true"

Agreement Builder (API)

Programmatically generate legal agreements from transcripts via API.

Growth: 10/mo Scale: 50/mo Enterprise: 200/mo
POST/api/agreement/api/createx-api-key auth
filesfile[]requiredUp to 5 files
titlestringoptionalAgreement title
templateTypestringoptionalAuto-detected if omitted
providerstringoptionalopenai, anthropic, groq
curl -X POST https://draftright.co.uk/api/agreement/api/create \
  -H "x-api-key: dr_your_key" \
  -F "files=@meeting.mp3" \
  -F "title=Service Agreement" \
  -F "templateType=service_agreement"
{
  "draftId": 42,
  "status": "ready",
  "parties": [
    { "name": "Sarah", "role": "provider", "organisation": "The Coaching Corner" }
  ],
  "agreedTerms": [
    { "term": "500/month coaching", "confidence": "high", "category": "payment" }
  ],
  "generatedContent": "SERVICE AGREEMENT\n\nDate: 13 March 2026...",
  "usage": { "used": 3, "limit": 10 }
}

Company Search

Search UK Companies House.

Growth+
GET/api/company/search?q=:querySearch companies
curl "https://draftright.co.uk/api/company/search?q=Tesco" \
  -H "x-api-key: dr_your_key"
GET/api/company/profile/:numberFull profile
curl "https://draftright.co.uk/api/company/profile/00445790" \
  -H "x-api-key: dr_your_key"

Usage Stats

Real-time usage by endpoint, daily breakdown, recent activity.

GET/api/biz-dashboardBearer auth
curl https://draftright.co.uk/api/biz-dashboard \
  -H "Authorization: Bearer TOKEN"

Compliance Signals

Enterprise Premium product. Continuous UK regulatory monitoring across seven live sources (gov.uk policy/HMRC/HSE/ICO/ACAS/Companies House/Parliament bills), AI-matched to your SIC codes, sectors and data posture. Signals carry severity, applicable actions, and pre-drafted compliance documents.

Enterprise Premium · £5,000/mo
All endpoints require: Bearer token + active business profile + Enterprise Premium tier. Separate portal at draftright.co.uk/compliance.html.

Business profile

GET/api/compliance-signals/profileGet compliance profile

Returns SIC codes, sectors, jurisdiction, data posture flags, monitored sources.

POST/api/compliance-signals/profileUpdate profile
sicCodesstring[]optionalCompanies House SIC codes
sectorsstring[]optionalFree-text sector tags
jurisdictionstringoptionalDefault UK; UK-ENG, UK-SCT for narrower matching
dataPostureobjectoptionale.g. {processesPersonalData:true, employees:>50}

Signal feed

GET/api/compliance-signals/signalsMatched signals feed

Returns AI-matched signals ranked by severity and recency. Includes summary, source citation, applicable acts, suggested action items.

curl https://draftright.co.uk/api/compliance-signals/signals?severity=high \
  -H "Authorization: Bearer TOKEN"
GET/api/compliance-signals/signals/:idSingle signal detail
POST/api/compliance-signals/signals/:id/actionLog an action taken
POST/api/compliance-signals/signals/:id/dismissDismiss as not applicable
POST/api/compliance-signals/signals/:id/assignAssign to a team member
POST/api/compliance-signals/signals/:id/draftGenerate pre-drafted compliance doc

AI drafts a compliance response document tailored to your business profile and the signal context.

Director Radar & Timeline

Personal-liability radar for company directors. Tracks regulatory exposure timelines, signal frequency by area, board-level risk surface.

Enterprise Premium
GET/api/compliance-signals/healthCompliance health score

Returns 0–100 score, breakdown by domain (employment / data / health-safety / commercial / tax), trend, top open risks.

GET/api/compliance-signals/director-radarPersonal liability radar

Director-scope exposure analysis: HSE breaches, Companies House filing risk, ICO data risks, employment tribunal exposure.

GET/api/compliance-signals/timelineSignal timeline

Chronological view of all matched signals + actions taken + drafts generated. Useful for ESG reporting.

Board Pack Generation

Quarterly board pack PDF synthesising signals + actions + health into a director-ready compliance brief.

Enterprise Premium
POST/api/compliance-signals/board-pack/generateGenerate new board pack
quarterstringoptionale.g. 2026-Q2 (defaults to current)
includeDirectorRadarbooloptionalDefault true

Async generation. Returns {jobId}; poll the SSE stream for completion.

GET/api/compliance-signals/board-pack/historyList historical packs
GET/api/compliance-signals/board-pack/:id/downloadDownload PDF

Reviewer Onboarding & Identity

The Reviewer Portal lets UK-qualified solicitors review AI-drafted templates and earn royalties on every sale of templates they’ve approved. Onboarding requires SRA number, PII attestation, practising certificate attestation, and Stripe Identity verification.

Portal UI at draftright.co.uk/reviewer.html. All routes mounted at /api/reviews.
POST/api/reviews/reviewer/onboardBegin reviewer enrolment
sraNumberstringrequired5–7 digit SRA number (client + server validated)
specialismsstring[]requiredProperty, employment, commercial, family, etc.
piiAttestedboolrequiredMust be true
practisingCertAttestedboolrequiredMust be true
GET/api/reviews/reviewer/meMy reviewer record
PATCH/api/reviews/reviewer/meUpdate reviewer profile
POST/api/reviews/reviewer/verify-identityStart Stripe Identity session

Creates a Stripe Identity verification session. Reuses non-terminal sessions to avoid duplicate Stripe charges. Returns {sessionId, clientSecret, status}.

If Stripe Identity isn’t enabled on the account yet, response is {status:"unavailable"} and admin can still approve manually.

GET/api/reviews/reviewer/identity-statusPoll verification status

Review Queue

Active reviewers see the AI-drafted templates needing review. Each round is a single template revision; reviewers can claim, then submit accept/reject/edit decisions.

GET/api/reviews/queueOpen review rounds

Returns unclaimed rounds matching the reviewer’s specialisms.

GET/api/reviews/rounds/:idRound detail
POST/api/reviews/rounds/:id/claimClaim the round

Locks the round to this reviewer for 24h. Re-claim or release via DELETE.

DELETE/api/reviews/rounds/:id/claimRelease claim
POST/api/reviews/rounds/:id/submitSubmit decision
decisionenumrequiredapprove, reject, edit
editedContentstringconditionalRequired when decision=edit
notesstringoptionalReviewer notes for the AI / next round

Earnings, Stats & Stripe Connect

Reviewers earn royalty on every sale of a template they’ve approved. Earnings paid out via Stripe Connect.

GET/api/reviews/my-submissionsMy submitted rounds
GET/api/reviews/statsSubmission stats

Count of approvals/rejections/edits, approval rate, avg time-to-decision.

GET/api/reviews/earningsRoyalty ledger

Returns lifetime + month-to-date royalty earnings, by template, with sale references.

POST/api/reviews/stripe/connectBegin Stripe Connect onboarding

Returns the Stripe Connect onboarding URL to redirect the reviewer to.

GET/api/reviews/stripe/statusConnect status

Stripe Payments Webhook

Inbound webhook receiving Stripe events for subscription lifecycle, one-off purchases, and refunds. Signature-verified with idempotent handling.

This is a Stripe-to-DraftRight endpoint, not a customer-facing API. Documented for integration partners building admin dashboards or compliance reporting on top of DraftRight billing data.
POST/api/payments/webhookStripe signature header required

Handled events:

  • checkout.session.completed — provisions plan, sends welcome email
  • customer.subscription.created/updated/deleted — plan changes, cancellation grace periods
  • invoice.payment_failed — triggers retry email + lifecycle drip
  • charge.refunded — royalty rollback for reviewer payouts

Webhook secret env var: STRIPE_WEBHOOK_SECRET (production) or STRIPE_WEBHOOK_SECRET_TEST (test). All events recorded in the subscription_events + payments tables for idempotency.

Identity Verification Webhook

Same /api/payments/webhook endpoint also dispatches Stripe Identity events to the reviewer verification flow.

POST/api/payments/webhookIdentity events

Handled events:

  • identity.verification_session.verified — updates reviewer to stripe_identity_status=verified
  • identity.verification_session.requires_input — reviewer needs to retry
  • identity.verification_session.canceled — admin manual review

Note: identity-verified is a signal, not a final gate. Admin must still flip reviewer.status=active after the signal stack passes review.

Document Templates

Self-learning library. The template list below is the bootstrap set. Every case-driven document drafted via /api/cases/:id/draft-doc or /api/legal-analyse auto-creates a new community template at draft confidence. Reviewers (via the Reviewer Portal) promote drafts to verified. GET /api/documents/templates returns the live list.
IDNameCategoryFlags
tenancyTenancy Agreement (AST)PropertyRRA-gated (Free)
section21Section 21 ResponsePropertyRRA-gated (Free)
noise_complaintNoise Complaint LetterProperty
deposit_disputeDeposit Dispute LetterProperty
employment_contractEmployment ContractEmploymentAudit-gated
resignationResignation LetterEmployment
grievanceGrievance LetterEmployment
ndaNon-Disclosure AgreementBusinessAudit-gated
freelance_contractFreelance ContractBusiness
loan_agreementLoan AgreementBusinessAudit-gated
refund_requestRefund Request LetterPersonal
council_tax_appealCouncil Tax AppealPersonal
flight_delayFlight Delay ClaimPersonal
parking_appealParking Fine AppealPersonalAudit-gated

Gating semantics: Audit-gated templates return 410 Gone on all tiers (free + AI). RRA-gated returns 410 on Free tier only; AI-tier path generates with RRA-2025-aware prompts. Audit findings at AUDIT-2026-04-11.md; solicitor sign-off required before un-gating.

Public Config

Unauthenticated endpoint exposing client-side build flags — e.g. Sentry DSN if frontend telemetry is enabled.

GET/api/public/configNo auth
curl https://draftright.co.uk/api/public/config
{
  "sentryDsn": "https://...@sentry.io/...",
  "version": "v1.1",
  "env": "production"
}

Returns only public, non-secret config. Server enforces a deny-list to prevent accidental leakage.

Conversion Formats

Type IDFromTo
pdf_to_wordPDFDOCX
word_to_pdfDOCXPDF
excel_to_pdfXLSXPDF
csv_to_excelCSVXLSX
jpg_to_pdfJPGPDF
png_to_pdfPNGPDF
mp4_to_mp3MP4MP3
mov_to_mp4MOVMP4
avi_to_mp4AVIMP4
mkv_to_mp4MKVMP4
mp3_to_wavMP3WAV
wav_to_mp3WAVMP3
m4a_to_mp3M4AMP3
png_to_jpgPNGJPG
jpg_to_pngJPGPNG

Rate Limits

Monthly. Resets on the 1st.

PlanAPI CallsAgreementsMax File
Starter200/mo25MB
Growth1,000/mo10/mo500MB
Scale5,000/mo50/mo500MB
Enterprise15,000/mo200/mo1GB

Need help?

draftrightofficial@gmail.com

Go to DraftRight →
Docs v1.1 · updated 25 May 2026 · © IBI Technologies Ltd
Privacy Terms Contact draftright.co.uk →