Skip to main content

June 9, 2026

  • New Endpoint: POST /api/tasks/search — Query tasks for your company with optional filters (assignee, completion/pinned state, priority, board/card, stream/channel, and dueAt/checkedAt/updatedAt date ranges). Returns the matching tasks, or a count when useCount is set.
  • New Endpoint: POST /api/tasks — Create a task. When aptletInstanceId is provided, the task is also mirrored as a checklist entry on that card.
  • New Endpoint: GET /api/tasks/{taskId} — Fetch a single task with related card/board context and resolved attachments; pass includeMetadata=true for display labels and the resolved assignee.
  • New Endpoint: PUT /api/tasks/{taskId} — Update a task and keep its card-checklist mirror entry in sync. All task endpoints accept an API key (x-token) or a delegate token with the tasks:* scope.

June 3, 2026

  • New: Embedded iframe apps can now trigger Aptly UI interactions via a postMessage action system or the Aptly SDK. Nine actions are available: open a card pane, open a card in fullscreen, start the dialer, open the email/SMS composer, create a calendar event, create a card, create a task, create a contact, and navigate to a contact. Actions must be explicitly enabled per embed by an admin. See Embed App Actions.
  • New SDK methods: aptly.openCardPane(), aptly.openCardView(), aptly.startDialer(), aptly.openEmailComposer(), aptly.createEvent(), aptly.createCard(), aptly.createTask(), aptly.createContact(), aptly.navigateToContact(), and aptly.action() — each returns Promise<{ success, error? }> and times out after 3 seconds.
  • New SDK property: aptly.actions — array of action IDs the current embed has been granted, for runtime capability checks.
  • Enhancement: POST /api/email/create-draft and POST /api/email/send now accept an optional aptletInstanceId in the request body. When set, the outbound is linked to that card — the email is logged as an activity on the card and the discussion is tagged with it. Works whether the draft is pre-created or created on-the-fly.

May 26, 2026

  • New Endpoint: GET /api/app/me — Returns identity information for the credential used in the request. Delegate tokens return user identity (and embedded-app context when an appClientId is present); API keys return company identity; partner tokens return their permission list.
  • New Endpoint: GET /api/board/{boardId}/configuration — Returns all board configuration sections in one call: fields, automations, options, tabViews, workflows, groups, shares, theme, and filters. Accepts an API key or a partner token with board-admin permission (delegate tokens are not supported for board configuration endpoints).
  • New Endpoint: GET /api/board/{boardId}/configuration/automations — List the automations configured on a board.
  • New Endpoint: GET /api/board/{boardId}/configuration/options — Get the current board-level option flags.
  • New Endpoint: GET /api/board/{boardId}/configuration/fields — List all fields defined on a board, including archived ones.
  • New Endpoint: GET /api/board/{boardId}/configuration/workflows — List the workflows (sequences) configured on a board.
  • New Endpoint: GET /api/board/{boardId}/configuration/groups — List the field groups (sections) configured on a board.
  • New Endpoint: GET /api/board/{boardId}/configuration/shares — Get a board’s access type (public/private) and its ACL entries.
  • New Endpoint: GET /api/board/{boardId}/configuration/theme — Get a board’s display name, card name, color, icon, description, and short code.
  • New Endpoint: GET /api/board/{boardId}/configuration/filters — List saved filters for a board. Company-scoped filters are always included; private (user-scoped) filters are included when authenticating with a delegate token that carries a userId.
  • New Endpoint: GET /api/templates — List communication templates for your company, with optional filters for templateType, aptletUuid, and archived. Accepts an API key, a delegate token with templates scope, or a partner token with templates permission (pass companyId as a query param with partner auth).
  • New Endpoint: GET /api/templates/{id} — Get a single communication template by ID.
  • Enhancement: POST /api/board/{boardId}/tabView is now also available at POST /api/board/{boardId}/configuration/tabViews. The original path remains active as a legacy alias.
  • Enhancement: GET /api/boards now accepts delegate tokens with boards read scope in addition to API keys. The endpoints array in each board entry now includes all board configuration endpoints.

May 25, 2026

  • New Endpoint: GET /api/inboxes/{channelId}/drafts — List the unsent drafts on a given email inbox. Each item is the raw draft entry with the parent streamId attached; drafts currently being sent are excluded. Accepts the same dual-auth as the rest of the email endpoints (API key, delegate token with email:* read scope, or partner bearer token with inboxes/internal-admin).

May 21, 2026

  • New Endpoint: POST /api/email/create-draft — Create a new outbound email draft discussion from recipient and content fields (to, cc, bcc, subject, body, channelId). Returns streamId and draftUuid for use with POST /api/email/send.
  • New Endpoint: POST /api/email/send — Send an outbound email, either from an existing draft (discussionId + uuid) or on-the-fly from bare email fields. Auto-assignment is always applied when the draft is finalized.
  • New Endpoint: GET /api/users/{userId}/inboxes — List the email inboxes (Hermes/Nylas channels) accessible to a user, including both personal channels and team-shared channels. Each inbox is tagged kind: "personal" or kind: "shared".
  • Enhancement: Delegate tokens now support an email:* scope. When granted (read or write), the token can call POST /api/email/create-draft, POST /api/email/send, and GET /api/users/{userId}/inboxes on behalf of the user.

May 4, 2026

  • Fix: Card objects in board responses now consistently include both _id and cardId fields.

April 24, 2026 — Delegate Token Authentication

  • New Endpoint: POST /api/app/verify — Verify a short-lived delegate token and retrieve user identity without an API key. For use by embedded apps and plugins that receive a token from the Aptly platform.
  • New Endpoint: POST /api/board/verify-user — Verify a delegate token scoped to board access and retrieve the associated user context.
  • New Endpoint: GET /api/board/{boardId}/{cardId}/comments — List all comments on a card in chronological order.
  • New Endpoint: GET /api/board/{boardId}/{cardId}/contacts — List person contacts linked to a card via its person fields.
  • New Endpoint: POST /api/board/{boardId}/{cardId}/comment — Add or update a comment on a card.
  • New Endpoint: POST /api/board/{boardId}/{cardId}/file — Upload a file attachment to a card (multipart/form-data, max 50 MB).
  • New Endpoint: POST /api/board/{boardId}/tabView — Embed a tab view on a board.
  • Enhancement: Board, Contacts, and Knowledge endpoints now accept delegate token authentication (Authorization: DelegateToken <token>) in addition to API keys. Tokens carry explicit read and write scopes per resource.
  • Enhancement: GET /api/board/{boardId} now supports an assignee query parameter to filter cards by assigned user.
  • Enhancement: Cards created or updated via a delegate token now record the authenticated user as createdBy / updatedBy rather than attributing changes to “aptly”.

April 20, 2026

  • New Endpoint: GET /api/company/info — Retrieve your company’s profile including name, address, contact details, and logo URL.

April 16, 2026

  • New Endpoint: GET /api/users — List all non-archived users in your company.

April 14, 2026

  • New Endpoint: GET /api/boards — Discover all API-enabled boards for your account, including their UUIDs and ready-to-use endpoint URLs for card operations.

April 7, 2026

  • Enhancement: GET /api/contacts now supports updated_after and updated_before query parameters to filter contacts by last-updated timestamp.