Insparisk API Documentation

Version: 1.0
Updated: February 2026

Documentation

Dashboard Applications Member Management Compliance
Opportunities Sources & Config Partners
Public Endpoints Admin Endpoints

Getting Started with Insparisk APIs

Insparisk provides three main APIs for managing the network, pipeline, and compliance intelligence. All APIs use Netlify Functions and require authentication via JWT (Google SSO) or API key.

Authentication Headers

JWT (Google SSO)
Authorization: Bearer {token}
API Key Fallback
x-admin-key: {NETWORK_ADMIN_KEY}

Base URLs

API Base URL Purpose
Network Admin /.netlify/functions/network-admin Member applications, status updates, compliance management
Pipeline /.netlify/functions/pipeline-api Opportunities, sources, partners, analytics
Propply AI /.netlify/functions/api-propply Compliance requirements, location services, voting

Example: Get Network Stats

curl 
curl -X GET "https://yourdomain.netlify.app/.netlify/functions/network-admin?action=stats" \
  -H "Authorization: Bearer eyJhbGc..." \
  -H "Content-Type: application/json"

Example: Create Pipeline Opportunity

bash 
curl -X POST "https://yourdomain.netlify.app/.netlify/functions/pipeline-api?action=opportunities" \
  -H "Authorization: Bearer eyJhbGc..." \
  -H "Content-Type: application/json" \
  -d '{
    "title": "NYC Boiler Compliance Filing",
    "services": ["boiler"],
    "state": "NY",
    "deadline": "2026-03-15"
  }'

HTTP Status Codes

Code Meaning
200 Success
400 Bad Request (invalid parameters)
401 Unauthorized (missing or invalid auth)
403 Forbidden (insufficient permissions)
404 Not Found (resource does not exist)
500 Server Error

Authentication

All Insparisk APIs use OAuth 2.0 with Google SSO via Supabase, plus a fallback API key mechanism for automation and legacy access.

JWT (Google SSO) — Recommended

OAuth access tokens obtained through Google authentication are verified against Supabase and checked against the admin_users whitelist.

Whitelist Required: Your Google Workspace email must be added to the admin_users table in Supabase with active=true.

Flow:

  1. User logs in via "Sign in with Google" in the IO dashboard
  2. Supabase Auth handles OAuth redirect and returns session JWT
  3. Frontend stores JWT in localStorage
  4. All API calls include: Authorization: Bearer {access_token}
  5. Backend verifies token via supabase.auth.getUser(token) and checks admin whitelist
  6. If valid, last_login timestamp is updated (fire-and-forget)

API Key (Fallback)

For automation, scheduled tasks, and legacy integrations, use the x-admin-key header with the NETWORK_ADMIN_KEY environment variable.

bash 
curl -X GET "https://yourdomain.netlify.app/.netlify/functions/network-admin?action=stats" \
  -H "x-admin-key: your-secret-key-here" \
  -H "Content-Type: application/json"
Security: The NETWORK_ADMIN_KEY is stored in Netlify environment variables. Never commit to version control. Rotate periodically in Netlify dashboard.

Determining Auth Method

Use Case Method Header
Admin dashboard (user clicks button) JWT (Google SSO) Authorization: Bearer ...
Scheduled function (e.g., daily digest) API Key x-admin-key: ...
Third-party integration API Key x-admin-key: ...
Public endpoints (e.g., form submission) None

Response on Auth Failure

json 
{
  "success": false,
  "error": "Unauthorized",
  "message": "Email not in admin whitelist",
  "statusCode": 401
}

Network Admin API

Manage network member applications, status updates, compliance requirements, documents, and credentials. Serves the Insparisk IO dashboard and admin backend automation.

Base URL: /.netlify/functions/network-admin?action={action}
Auth Required: Yes (JWT or x-admin-key)

Dashboard Endpoints

GET Admin
?action=pulse

Pulse Overview — Cross-system stats for IO dashboard home (network, compliance, pipeline).

Response

json
{
  "success": true,
  "pulse": {
    "network": {
      "total_applications": 127,
      "active_members": 84,
      "pending": 12,
      "reviewing": 8,
      "verified": 35,
      "certified": 22,
      "elite": 7,
      "states_covered": 18
    },
    "compliance": {
      "total_requirements": 312,
      "states_covered": 24,
      "categories": {
        "energy": 45,
        "elevator": 38,
        "boiler": 51,
        "facade": 28,
        "gas": 22,
        "water": 15,
        "fire": 67,
        "structural": 46
      }
    },
    "pipeline": {
      "active_relevant": 156,
      "total_opportunities": 2341,
      "states_covered": 28,
      "last_ingest": "2026-02-13T21:30:00Z"
    }
  }
}
GET Admin
?action=stats

Network Statistics — Aggregated member counts by status tier.

Parameters

Name Type Required Description
None

Response

json
{
  "success": true,
  "stats": {
    "total_applications": 127,
    "pending_applications": 12,
    "under_review": 8,
    "verified_members": 35,
    "certified_members": 22,
    "elite_members": 7,
    "rejected_applications": 43,
    "active_members": 84,
    "coverage_states": 18
  }
}

Applications Endpoints

GET Admin
?action=list

List Applications — Paginated list with filtering and search.

Parameters

Name Type Default Description
status string all Filter: applied|reviewing|verified|certified|elite|rejected
search string Search by name or email
limit integer 20 Results per page (max 100)
offset integer 0 Pagination offset

Response

json
{
  "success": true,
  "data": [
    {
      "id": "mem_123abc",
      "first_name": "John",
      "last_name": "Smith",
      "email": "john@example.com",
      "phone": "555-123-4567",
      "company_name": "Smith HVAC Services",
      "status": "verified",
      "tier": "verified",
      "primary_state": "NY",
      "primary_zip": "10001",
      "coverage_states": ["NY", "NJ", "CT"],
      "service_count": 5,
      "created_at": "2025-12-15T10:30:00Z",
      "verified_at": "2026-01-22T14:15:00Z"
    }
  ],
  "total": 127,
  "limit": 20,
  "offset": 0
}
GET Admin
?action=detail&id={member_id}

Get Member Detail — Full member profile with all application data.

Parameters

Name Type Required Description
id * string Yes Member ID (e.g., mem_123abc)

Response

json
{
  "success": true,
  "member": {
    "id": "mem_123abc",
    "first_name": "John",
    "last_name": "Smith",
    "email": "john@example.com",
    "phone": "555-123-4567",
    "company_name": "Smith HVAC Services",
    "company_type": "S-Corp",
    "years_in_business": 15,
    "website": "https://smithhvac.com",
    "linkedin": "linkedin.com/in/johnsmith",
    "status": "verified",
    "tier": "verified",
    "primary_zip": "10001",
    "primary_lat": 40.7128,
    "primary_lng": -74.0060,
    "primary_radius": 25,
    "coverage_states": ["NY", "NJ", "CT"],
    "services": ["boiler", "elevator", "fire_safety"],
    "credentials": [
      {
        "credential_type": "License",
        "name": "NY Boiler Inspector",
        "credential_code": "NYB-001",
        "issue_date": "2020-06-15",
        "expiry_date": "2026-06-15",
        "issuing_body": "New York State DOL",
        "is_current": true
      }
    ],
    "insurance": {
      "type": "General Liability",
      "provider": "SafeGuard Insurance",
      "policy_number": "POL-123456",
      "coverage_amount": "$1,000,000",
      "expiry_date": "2026-12-31"
    },
    "references": [
      {
        "name": "Jane Doe",
        "title": "Building Manager",
        "email": "jane@building.com",
        "phone": "555-987-6543"
      }
    ],
    "created_at": "2025-12-15T10:30:00Z",
    "verified_at": "2026-01-22T14:15:00Z",
    "notes": [
      {
        "note": "[BACKGROUND CHECK] Pending results from Checkr",
        "added_by": "admin@insparisk.com",
        "added_at": "2026-02-10T09:00:00Z"
      }
    ],
    "status_history": [
      {
        "from_status": "reviewing",
        "to_status": "verified",
        "changed_by": "admin@insparisk.com",
        "changed_at": "2026-01-22T14:15:00Z",
        "reason": "All documentation verified"
      }
    ]
  }
}

Member Management Endpoints

PATCH Admin
?action=update_status

Update Member Status — Change application status and create audit trail.

Body Parameters

Name Type Required Description
id * string Yes Member ID
status * string Yes reviewing|verified|certified|elite|rejected|inactive
reason string Recommended Reason for status change (required for rejection)

Request

json
{
  "id": "mem_123abc",
  "status": "certified",
  "reason": "All documentation verified and background check cleared"
}

Response

json
{
  "success": true,
  "message": "Status updated to certified",
  "member_id": "mem_123abc",
  "new_status": "certified"
}
POST Admin
?action=add_note

Add Admin Note — Append timestamped notes to member record for audit trail.

Body Parameters

Name Type Required Description
id * string Yes Member ID
note * string Yes Note text (supports tags like [BACKGROUND CHECK])

Request

json
{
  "id": "mem_123abc",
  "note": "[BACKGROUND CHECK] Results received. Approved."
}
PATCH Admin
?action=update_services

Update Member Services — Modify the services a member is certified to provide.

Body Parameters

Name Type Required Description
id * string Yes Member ID
services * array Yes Array of service codes (e.g., ["boiler", "elevator"])

Compliance Endpoints

GET Admin
?action=compliance_suggestions

List Compliance Suggestions — User/AI-submitted compliance requirements pending admin review.

Parameters

Name Type Default Description
status string pending pending|approved|rejected|merged
state string Filter by state code (e.g., NY)
limit integer 20 Results per page

Response

json
{
  "success": true,
  "suggestions": [
    {
      "id": "sug_abc123",
      "state_code": "NY",
      "requirement_name": "Facade Critical Examination",
      "description": "5-year building facade inspection mandate",
      "category": "facade",
      "source": "ai_auto",
      "status": "pending",
      "ai_confidence": 92,
      "ai_validation_notes": "High confidence match to NYC LL11 requirement",
      "times_suggested": 3,
      "upvotes": 5,
      "downvotes": 1,
      "created_at": "2026-02-10T08:30:00Z"
    }
  ],
  "total": 24
}
PATCH Admin
?action=update_suggestion

Update Compliance Suggestion — Approve, reject, or merge a suggestion.

Body Parameters

Name Type Required Description
id * string Yes Suggestion ID
status * string Yes approved|rejected|merged
reason string Admin reason for action
POST Admin
?action=merge_suggestion

Merge Suggestion into Service Map — Create or map a compliance requirement to a service type.

Body Parameters

Name Type Required Description
suggestion_id * string Yes Suggestion ID
service_type_id string Conditional Existing service type (if mapping to existing)
new_service_name string Conditional New service type name (if creating new)

Pipeline API

Manage compliance opportunities aggregated from government (SAM.gov, Grants.gov, Socrata) and private market (quotes, inspections, partner API). Includes analytics, source configuration, and partner management.

Base URL: /.netlify/functions/pipeline-api?action={action}
Auth Required: Yes (JWT or x-admin-key)

Opportunities Endpoints

GET Admin
?action=opportunities

Query Pipeline Opportunities — Filtered, paginated list with service/state/deadline/confidence filtering.

Parameters

Name Type Default Description
service string all Service code (boiler, elevator, fire_safety, etc.)
state string Comma-separated state codes (NY,NJ,CT)
deadline_after string ISO date filter (e.g., 2026-03-01)
deadline_before string ISO date filter
min_confidence integer 60 Minimum confidence score (0-100)
source string Data source (sam_gov, grants_gov, nyc_violations, etc.)
is_private boolean Filter private market (true) or government (false)
intake_channel string quote_form, schedule_inspection, partner_api, manual_entry
search string Full-text search on title/description
limit integer 50 Max 200
offset integer 0 Pagination offset
sort string newest deadline_asc, relevance_desc, newest, value_desc

Response

json
{
  "success": true,
  "opportunities": [
    {
      "id": "opp_xyz789",
      "title": "NYC Boiler Inspection & Compliance Filing",
      "description": "Annual boiler inspection filing for building DOB #123456",
      "agency": "NYC Department of Buildings",
      "state_code": "NY",
      "city": "New York",
      "zip_code": "10001",
      "source_name": "nyc_boiler_violations",
      "source_id": "dob_12345",
      "is_trades_relevant": true,
      "trades_relevance_confidence": 94,
      "matched_service_codes": ["boiler"],
      "service_confidence_scores": { "boiler": 94 },
      "classification_notes": "High-confidence boiler compliance filing",
      "posted_date": "2026-02-10T00:00:00Z",
      "response_deadline": "2026-03-15T00:00:00Z",
      "estimated_value_cents": 250000,
      "is_private_market": false,
      "created_at": "2026-02-10T08:00:00Z"
    }
  ],
  "total": 156,
  "limit": 50,
  "offset": 0
}
GET Admin
?action=stats

Pipeline Statistics — Aggregated metrics by service, state, source, and confidence.

Response

json
{
  "success": true,
  "stats": {
    "total_opportunities": 2341,
    "active_relevant": 156,
    "average_confidence": 78.5,
    "states_covered": 28,
    "by_service": {
      "boiler": 312,
      "elevator": 287,
      "fire_safety": 245,
      "energy_audit": 198,
      "structural": 156,
      "facade": 143
    },
    "by_state": {
      "NY": 456,
      "CA": 312,
      "TX": 298,
      "IL": 187,
      "PA": 145
    },
    "by_source": {
      "sam_gov": 1200,
      "grants_gov": 450,
      "nyc_violations": 234,
      "chicago_violations": 189,
      "sf_violations": 145
    },
    "private_market_count": 67,
    "average_days_to_deadline": 45,
    "recently_expired_count": 12
  }
}
POST Admin
?action=vote

Vote on Opportunity — Thumbs up/down to train AI classification model.

Body Parameters

Name Type Required Description
opportunity_id * string Yes Opportunity ID
vote * string Yes up or down
reason string Reason for downvote (e.g., "Not trades-relevant")

Request

json
{
  "opportunity_id": "opp_xyz789",
  "vote": "up"
}

Sources & Configuration

GET Admin
?action=sources

List Data Sources — Configuration for SAM.gov, Grants.gov, Socrata, and local datasets.

Response

json
{
  "success": true,
  "sources": [
    {
      "id": "src_sam_gov",
      "name": "SAM.gov",
      "type": "federal",
      "active": true,
      "last_ingestion": "2026-02-13T21:30:00Z",
      "fetched_count": 4521,
      "relevant_count": 342,
      "keywords": ["boiler", "elevator", "fire safety"],
      "naics_codes": ["238220", "238290"]
    },
    {
      "id": "src_nyc_violations",
      "name": "NYC Violations",
      "type": "local_socrata",
      "active": true,
      "city": "New York",
      "datasets": ["elevator_violations", "boiler_compliance"],
      "last_ingestion": "2026-02-13T21:00:00Z",
      "fetched_count": 234,
      "relevant_count": 198
    }
  ]
}
GET Admin
?action=settings

Get Pipeline Settings — Scheduled ingestion/digest times, digest recipients.

Response

json
{
  "success": true,
  "settings": {
    "digest_enabled": true,
    "digest_recipients": "admin@insparisk.com, manager@insparisk.com",
    "digest_time": "07:00",
    "digest_timezone": "America/New_York",
    "ingest_time": "21:00",
    "ingest_timezone": "America/New_York"
  }
}
PATCH Admin
?action=update_settings

Update Pipeline Settings — Modify ingestion schedule and digest configuration.

Body Parameters

Name Type Description
digest_enabled boolean Enable/disable daily digest emails
digest_recipients string Comma-separated email addresses
digest_time string 24-hour time (e.g., "07:00")
ingest_time string 24-hour time for data ingestion
GET Admin
?action=logs

Ingestion Logs — Audit trail of data ingestion runs, errors, and performance.

Parameters

Name Type Default Description
limit integer 50 Number of logs to return
source_id string Filter by source

Partner Management

GET Admin
?action=partners

List B2B Partners — All registered API partners with quota and usage stats.

Response

json
{
  "success": true,
  "partners": [
    {
      "id": "ptr_acme123",
      "company_name": "Acme Facilities Management",
      "contact_email": "api@acmefm.com",
      "status": "active",
      "monthly_quota": 500,
      "requests_this_month": 342,
      "quota_reset_day": 1,
      "api_key_prefix": "pk_live_A2k9...",
      "created_at": "2025-11-15T10:30:00Z",
      "last_request": "2026-02-13T14:22:00Z"
    }
  ],
  "total": 8
}
POST Admin
?action=create_partner

Register New Partner — Create B2B partner account and generate API key (shown once).

Body Parameters

Name Type Required Description
company_name * string Yes Partner company name
email * string Yes Partner contact email
monthly_quota * integer Yes API requests per month

Request

json
{
  "company_name": "Acme Facilities Management",
  "email": "api@acmefm.com",
  "monthly_quota": 500
}

Response

json
{
  "success": true,
  "partner_id": "ptr_acme123",
  "api_key": "pk_live_A2k9XyZ1b2c3D4e5F6g7h8i9j0k",
  "message": "API key shown only once. Save it securely."
}
Important: The API key is returned once. Store it securely. If lost, you must rotate the key to generate a new one.
POST Admin
?action=rotate_key

Rotate Partner API Key — Generate new key, invalidate old one.

Body Parameters

Name Type Required Description
partner_id * string Yes Partner ID

Propply AI API

Compliance intelligence research engine. Queries what compliance services are legally required in each location, powers the network application form (Step 4), compliance calculator, and learning system.

Base URL: /.netlify/functions/api-propply?action={action}
Auth: Mixed (public and admin endpoints)

Public Endpoints

GET Public
?action=location_services

Location Services — What compliance services are required in given location. Powers network application Step 4 and compliance calculator.

Parameters

Name Type Required Description
states * string Yes Comma-separated state codes (NY,NJ,CT)
metros string Comma-separated metro names (optional refinement)

Response

json
{
  "success": true,
  "services": [
    {
      "service_code": "boiler",
      "service_name": "Boiler Inspection & Compliance",
      "category": "inspections",
      "states": ["NY", "NJ"],
      "required_in_states": ["NY", "NJ"],
      "confidence": 95,
      "source_type": "verified",
      "compliance_deadlines": {
        "NY": "Annual",
        "NJ": "Biennial"
      }
    },
    {
      "service_code": "elevator",
      "service_name": "Elevator Safety & Inspection",
      "category": "inspections",
      "states": ["NY"],
      "required_in_states": ["NY"],
      "confidence": 98,
      "source_type": "verified",
      "compliance_deadlines": {
        "NY": "Annual (CAT1) / 5-Year (CAT5)"
      }
    }
  ],
  "total_services": 12
}
GET Public
?action=requirements

Compliance Requirements — Full list of mapped requirements for a state, filterable by category.

Parameters

Name Type Required Description
state * string Yes State code (NY, CA, TX)
category string energy, elevator, boiler, facade, gas, water, fire, structural

Response

json
{
  "success": true,
  "state": "NY",
  "requirements": [
    {
      "id": "req_ny_001",
      "name": "Energy Audit (LL87)",
      "category": "energy",
      "description": "Annual energy audit for buildings over 25,000 sq ft",
      "frequency": "Annual",
      "penalty": "$201 per day non-compliance",
      "source_type": "verified",
      "source_reference": "NYC Local Law 87"
    },
    {
      "id": "req_ny_002",
      "name": "Elevator Inspection (CAT1)",
      "category": "elevator",
      "description": "Annual safety inspection certification",
      "frequency": "Annual",
      "penalty": "DOL violation, building closure risk",
      "source_type": "verified",
      "source_reference": "NY State DOL Title 14-C"
    }
  ]
}
POST Public
?action=vote_requirement

Vote on Requirement — Upvote/downvote compliance requirements to improve AI accuracy.

Body Parameters

Name Type Required Description
requirement_id * string Yes Requirement ID from compliance_service_map
vote * string Yes up or down

Request

json
{
  "requirement_id": "req_ny_001",
  "vote": "up"
}

Admin Endpoints

GET Admin
?action=suggestions

List Compliance Suggestions — New requirements submitted by users or AI, pending validation.

Parameters

Name Type Default Description
state string Filter by state code
source string ai_auto, user_network, user_public, admin
limit integer 20 Results per page

Response

json
{
  "success": true,
  "suggestions": [
    {
      "id": "sug_abc123",
      "state_code": "CA",
      "requirement_name": "Soft-Story Retrofit",
      "description": "Seismic retrofit for pre-1978 wood frame buildings",
      "category": "structural",
      "source": "ai_auto",
      "status": "pending",
      "ai_confidence": 88,
      "ai_validation_notes": "High-confidence match to CA seismic requirements",
      "times_suggested": 2,
      "upvotes": 3,
      "downvotes": 0,
      "submitted_by": "ai@propply",
      "submitted_at": "2026-02-12T15:30:00Z"
    }
  ],
  "total": 45
}
PATCH Admin
?action=update_suggestion

Update Suggestion Status — Approve, reject, or merge compliance suggestion.

Body Parameters

Name Type Required Description
suggestion_id * string Yes Suggestion ID
status * string Yes approved, rejected, merged
reason string Admin notes
GET Admin
?action=stats

Propply AI Statistics — Coverage metrics, suggestion volume, confidence scores.

Response

json
{
  "success": true,
  "stats": {
    "total_requirements_mapped": 312,
    "states_covered": 24,
    "metro_areas": 12,
    "avg_confidence": 85.3,
    "pending_suggestions": 18,
    "recently_merged": 5,
    "total_votes_collected": 342,
    "approval_rate": 0.94,
    "top_categories": {
      "boiler": 51,
      "fire": 48,
      "energy": 45,
      "elevator": 38
    }
  }
}

Support & Reference

Error Handling

All APIs return consistent error responses with HTTP status codes and descriptive messages.

json
{
  "success": false,
  "error": "ValidationError",
  "message": "Missing required parameter: state",
  "statusCode": 400,
  "details": {
    "parameter": "state",
    "reason": "Required for location-based queries"
  }
}

Rate Limiting

Pipeline Partner API: Monthly quota per partner, reset on quota_reset_day. Returns 429 Too Many Requests when exceeded.

Socrata API: 1,000 requests/hour with SOCRATA_APP_TOKEN.

Service Codes (21 Total)

Category Service Code Display Name
Inspections boiler Boiler Inspection & Compliance
elevator Elevator Safety & Inspection
fire_safety Fire Safety Systems
facade Facade / FISP Inspection
sprinkler Sprinkler Systems
gas_piping Gas Piping (LL152)
backflow Backflow Prevention
electrical Electrical Inspection
energy_audit Energy Audit (LL87)
structural Structural Assessment
Certifications certificate_occupancy Certificate of Occupancy
dob_filings DOB Filings & Permits
permit_expediting Permit Expediting
violations_dismissal Violations Dismissal
landmark_filings Landmark Filings
Consulting compliance_audits Compliance Audits
violation_remediation Violation Remediation
local_law_compliance Local Law Compliance
safety_plans Safety Plans & Documentation
due_diligence Due Diligence Review

State Codes

Use standard US state abbreviations (NY, CA, TX, FL, PA, OH, IL, MI, NJ, VA, NC, SC, GA, AZ, CO, UT, OR, WA, DC, PR, etc.)

Data Sources Referenced

Source Type Coverage
SAM.gov Federal Contracts USA
Grants.gov Federal Grants USA
NYC Open Data (Socrata) Violations, Filings New York City
Chicago Open Data (Socrata) Violations, Permits Chicago, IL
SF DataSF (Socrata) Violations, Permits San Francisco, CA
LA Open Data (Socrata) Enforcement, Permits Los Angeles, CA
Austin Open Data (Socrata) Code Complaints, Permits Austin, TX
Seattle Open Data (Socrata) Violations, Trade Permits Seattle, WA
DC Open Data (Socrata) Permits, Housing Code Washington, DC
Philadelphia (CARTO) Code Violations, Permits Philadelphia, PA
Texas TDLR (Socrata) Licensed Professionals Texas
NY State DOL (Socrata) Elevator Licenses New York State

Contact & Support

For questions about the Insparisk APIs:

  • Email: support@insparisk.com
  • GitHub: Repository documentation and issue tracking
  • Internal: Insparisk team Slack #api-support

Changelog

Date Change
2026-02-13 v1.0 release — all three APIs documented. Pipeline Partner API added.
2026-01-15 Propply AI endpoints stabilized. Compliance learning system v1.
2025-12-01 Network Admin API finalized. Admin SSO via Google Workspace.
Documentation Source Files:
netlify/functions/network-admin.js (Network Admin API)
netlify/functions/pipeline-api.js (Pipeline API)
netlify/functions/api-propply.js (Propply AI API)
For implementation details, see function source code in Insparisk GitHub repository.
Insparisk API Documentation v1.0 | Last updated: February 13, 2026
Built for the Insparisk Network, Pipeline, and Propply AI systems
© 2026 Insparisk. All rights reserved.