Getting Started with the Propply AI API
Propply AI provides compliance intelligence via a single API with multiple actions. Public endpoints require no auth. Authenticated endpoints use an API key. Admin endpoints use JWT (Google SSO) or an admin key.
Authentication Headers
API Key (Developer)
x-api-key: sk_live_your_key
Admin (JWT or Key)
Authorization: Bearer {token}
Base URLs
| API | Base URL | Purpose |
|---|---|---|
| Propply AI | /.netlify/functions/api-propply |
Compliance requirements, equipment lookup, notice interpretation, voting |
| Local Intel | /.netlify/functions/compliance-local-intel |
Real-time building-level compliance data (38+ cities) |
Example: Get Compliance Requirements
curl
curl -X GET "https://insparisk.com/.netlify/functions/api-propply?action=requirements&state=NY" \ -H "x-api-key: sk_live_your_key"
Example: Equipment Lookup
curl
curl -X POST "https://insparisk.com/.netlify/functions/api-propply?action=equipment_lookup" \
-H "x-api-key: sk_live_your_key" \
-H "Content-Type: application/json" \
-d '{"locations":[{"address":"350 Fifth Avenue","city":"New York","state":"NY","zip":"10001"}]}'
HTTP Status Codes
| Code | Meaning |
|---|---|
| 200 | Success |
| 400 | Bad Request (invalid parameters) |
| 401 | Unauthorized (missing or invalid auth) |
| 403 | Forbidden (insufficient permissions) |
| 404 | Not Found (resource does not exist) |
| 500 | Server Error |
Authentication
The Propply AI API uses three authentication levels: public (no auth), API key (developer/partner), and admin (JWT or admin key).
JWT (Google SSO) — Recommended
OAuth access tokens obtained through Google authentication are verified against Supabase and checked against the admin_users whitelist.
Whitelist Required: Your Google Workspace email must be added to the
admin_users table in Supabase with active=true.
Flow:
- User logs in via "Sign in with Google" in the admin dashboard
- Supabase Auth handles OAuth redirect and returns session JWT
- Frontend stores JWT in localStorage
- All API calls include:
Authorization: Bearer {access_token} - Backend verifies token via
supabase.auth.getUser(token)and checks admin whitelist - If valid,
last_logintimestamp is updated (fire-and-forget)
API Key (Fallback)
For automation, scheduled tasks, and legacy integrations, use the x-admin-key header with the NETWORK_ADMIN_KEY environment variable.
bash
curl -X GET "https://insparisk.com/.netlify/functions/api-propply?action=stats" \ -H "x-admin-key: your-secret-key-here" \ -H "Content-Type: application/json"
Security: The
NETWORK_ADMIN_KEY is stored in Netlify environment variables. Never commit to version control. Rotate periodically in Netlify dashboard.
Determining Auth Method
| Use Case | Method | Header |
|---|---|---|
| Admin dashboard (user clicks button) | JWT (Google SSO) | Authorization: Bearer ... |
| Scheduled function (e.g., daily digest) | API Key | x-admin-key: ... |
| Third-party integration | API Key | x-admin-key: ... |
| Public endpoints (e.g., form submission) | None | — |
Response on Auth Failure
json
{
"success": false,
"error": "Unauthorized",
"message": "Email not in admin whitelist",
"statusCode": 401
}
Compliance Local Intelligence API
Real-time compliance intelligence by location. Auto-detects city and state from ZIP code. Returns area-level stats, building-level violation/inspection detail, or state licensing data. No authentication required.
Base URL:
Auth Required: No (public endpoint)
/.netlify/functions/compliance-local-intelAuth Required: No (public endpoint)
GET
Public
/.netlify/functions/compliance-local-intel?zip_code={zip}&address={address}
| Parameter | Type | Required | Description |
|---|---|---|---|
zip_code | string | Yes | 5-digit US ZIP code |
address | string | No | Street address for building-level drill-down (URL-encoded) |
Area-Level Query
When only zip_code is provided and matches a supported city. Returns summary counts, compliance cycle deadlines, and opportunity score.
GET
/.netlify/functions/compliance-local-intel?zip_code=10001
Response (NYC example)
{
"query_type": "area",
"city": "New York",
"summary": {
"total_violations": 42,
"elevators_due": 15,
"elevator_cat1_due": 8,
"elevator_cat5_due": 3,
"elevator_periodic_due": 12,
"boiler_violations": 7,
"boiler_total": 25,
"boiler_inspections_due": 10,
"ll152_properties": 450,
"ll152_due_this_cycle": 85,
"hpd_violations_open": 230,
"hpd_class_c": 45,
"service_requests_311": 67,
"dob_complaints": 34,
"oath_hearings": 56,
"oath_total_penalties": 125000,
"cats_active": 180,
"cats_expired": 25
},
"cycle_info": {
"FISP": { "cycle": "10A", "due": "2025-2027" },
"LL87": { "due_year": 2026 },
"LL152": { "subcycle": "B", "due_year": 2026 }
},
"opportunity_score": 78,
"query_time_ms": 1250
}
Building-Level Query
When address is provided alongside zip_code. Returns building-specific violations, devices, inspection status, ownership, and financial penalties.
GET
/.netlify/functions/compliance-local-intel?zip_code=10001&address=350+Fifth+Avenue
Response — NYC Building Detail (18 fields)
{
"query_type": "building",
"building_detail": {
"elevator_violations": [ ... ],
"elevator_devices": [ { "device_number": "E001", "cat1_is_due": true, "cat5_is_due": false, "periodic_is_due": true } ],
"elevator_inspection_summary": { "total_devices": 6, "cat1_due": 3, "cat5_due": 1, "periodic_due": 4, "all_current": false },
"boiler_issues": [ ... ],
"boiler_inspection_status": { "total_boilers": 2, "is_due": true, "confirmed_active": true, "equipment_source": "dob_now_api" },
"dob_now_boiler_equipment": [ { "make": "Burnham", "model": "V905A", "status": "Active" } ],
"cats_registrations": [ { "permitstatus": "Active", "expirationdate": "2027-06-15", "is_due": false } ],
"cats_registration_status": { "total": 3, "active": 2, "expired": 1, "is_due": true },
"facade_filings": [ ... ],
"fisp_cycle_status": { "is_due": true, "deadline": "2027-02-21", "current_cycle": "10A" },
"energy_audits": [ ... ],
"ll152_gas_piping": { "subcycle": "B", "is_due": true, "cycle2_deadline": "2026-12-31" },
"hpd_violations": { "count": 15, "by_class": { "A": 5, "B": 8, "C": 2 }, "class_c_count": 2 },
"service_requests_311": { "count": 8, "by_category": { "elevator": 3, "boiler": 2 } },
"dob_violations_all": {
"count": 12,
"items": [ {
"violation_type": "FTF-C5-PER",
"group": "elevator",
"source": "bis",
"penalty_applied": 5000,
"amount_balance_due": 5000,
"amount_paid": 0
} ]
},
"dob_complaints": { "count": 3, "items": [ ... ] },
"ownership": {
"owner_name": "EXAMPLE BUILDING LLC",
"hpd_registration": { "agent_name": "...", "management_company": "..." },
"building_info": { "num_floors": 102, "year_built": 1931, "zoning": "C5-3" },
"assessment": { "actual_total": 1285700000 },
"last_deed": { "doc_date": "2013-10-07", "buyer_name": "..." },
"sources": { "has_hpd": true, "has_pluto": true, "has_dof": true, "has_acris": true }
}
}
}
Key Building-Level Notes
| Feature | Description |
|---|---|
| DOB Violations | Deduplicated from BIS + NOW Safety systems. Each item includes penalty_applied, amount_balance_due, amount_paid. Grouped by: elevator, boiler, gas, facade, plumbing, electrical, construction. |
| DOB NOW Boiler | Definitive active/deactivated boiler equipment status from DOB NOW Safety portal. Empty array = confirmed deactivated. |
| CATS Registration | DEP boiler/pressure vessel 3-year renewal (Admin Code §24-109). Separate from DOB annual inspection. |
| Ownership | 4 NYC data sources joined by BBL: HPD Registration, PLUTO, DOF Assessment, ACRIS Deeds. Also available for Boston, SF, Philadelphia. |
| Equipment Categories | SF returns service_complaints_311 + equipment_violations. Philadelphia returns equipment_violations. Cincinnati returns equipment_permits. All classified by equipment type. |
| Inspection Status | Chicago, SF, LA, Seattle return inspection_status object with per-system is_due, authority, data_source fields. |
State Licensing Query
For non-city ZIP codes in supported states. Returns licensed professional counts and equipment registries.
GET
/.netlify/functions/compliance-local-intel?zip_code=78201
Response (Texas example)
{
"query_type": "state_licensing",
"state": "texas",
"licensing": {
"total_licensed_professionals": 142,
"categories": {
"elevator": { "count": 25, "types": [ ... ] },
"boiler": { "count": 18 },
"electrical": { "count": 45 },
"hvac": { "count": 54 }
},
"equipment_registry": {
"total_devices": 1200,
"due_for_inspection": 180,
"inspection_coverage_pct": 85
},
"source": "Texas TDLR"
},
"tdlr_equipment": { "total_devices": 45, "due_for_inspection": 8 },
"epa_echo": { "total_facilities": 12, "in_violation": 3, "total_penalties": 45000 }
}
Supported Coverage
Cities (38)
| Tier | Cities | API |
|---|---|---|
| Core (12) | NYC, Chicago, San Francisco, Los Angeles, Austin, Seattle, Washington DC, Fort Worth, Dallas, Boston, Houston, Philadelphia | Socrata / CARTO |
| Batch 2 (12) | Miami-Dade, Denver, Minneapolis, Nashville, San Antonio, Kansas City, Cleveland, Cincinnati, New Orleans, Orlando, Montgomery County MD, Norfolk VA | Socrata |
| Batch 3 (8) | Baltimore, Atlanta, Detroit, Columbus, Indianapolis, Raleigh, Tampa, Las Vegas/Clark County | Socrata |
| Expansion (6) | Cambridge MA, San Diego County CA, Corona CA, Mesa AZ, Marin County CA, Gainesville FL | Socrata |
State Registries (10)
| State | Source | Trades |
|---|---|---|
| Texas | TDLR | Elevator equipment, Boiler, Electrician, HVAC/R |
| New York | Dept of Labor | Elevator (individual + contractor) |
| Washington | L&I | Contractor licenses |
| Colorado | DORA | Elevator, Boiler, Electrical, Plumbing |
| New Jersey | PermitsNJ | Elevator, Fire, Electrical, Plumbing |
| Florida | DBPR + DFS/CFO | Elevator, Contractor, Fire, Boiler, H&R |
| Virginia | DPOR | Elevator Mechanic |
| Minnesota | DLI | Elevator, Boiler |
| Iowa | Socrata | Elevator permits |
| Delaware | Socrata | Boiler, Business licenses |
National Board JRS (12 states)
Equipment-level boiler & pressure vessel inventory: MD, MO, IA, NC, TN, IL, KS, DE, KY, ND, HI, WA. Building-level drill-down returns per-device inspection status with is_due/is_overdue flags.
EPA ECHO (Nationwide)
Environmental compliance data for regulated facilities (CAA, CWA, RCRA violations and penalties).
Dashboard Endpoints
GET
Admin
?action=pulse
Pulse Overview — Cross-system stats for IO dashboard home (network, compliance, pipeline).
Response
json
{
"success": true,
"pulse": {
"network": {
"total_applications": 127,
"active_members": 84,
"pending": 12,
"reviewing": 8,
"verified": 35,
"certified": 22,
"elite": 7,
"states_covered": 18
},
"compliance": {
"total_requirements": 312,
"states_covered": 24,
"categories": {
"energy": 45,
"elevator": 38,
"boiler": 51,
"facade": 28,
"gas": 22,
"water": 15,
"fire": 67,
"structural": 46
}
},
"pipeline": {
"active_relevant": 156,
"total_opportunities": 2341,
"states_covered": 28,
"last_ingest": "2026-02-13T21:30:00Z"
}
}
}
GET
Admin
?action=stats
Network Statistics — Aggregated member counts by status tier.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| None | — | — | — |
Response
json
{
"success": true,
"stats": {
"total_applications": 127,
"pending_applications": 12,
"under_review": 8,
"verified_members": 35,
"certified_members": 22,
"elite_members": 7,
"rejected_applications": 43,
"active_members": 84,
"coverage_states": 18
}
}
Applications Endpoints
GET
Admin
?action=list
List Applications — Paginated list with filtering and search.
Parameters
| Name | Type | Default | Description |
|---|---|---|---|
| status | string | all | Filter: applied|reviewing|verified|certified|elite|rejected |
| search | string | — | Search by name or email |
| limit | integer | 20 | Results per page (max 100) |
| offset | integer | 0 | Pagination offset |
Response
json
{
"success": true,
"data": [
{
"id": "mem_123abc",
"first_name": "John",
"last_name": "Smith",
"email": "john@example.com",
"phone": "555-123-4567",
"company_name": "Smith HVAC Services",
"status": "verified",
"tier": "verified",
"primary_state": "NY",
"primary_zip": "10001",
"coverage_states": ["NY", "NJ", "CT"],
"service_count": 5,
"created_at": "2025-12-15T10:30:00Z",
"verified_at": "2026-01-22T14:15:00Z"
}
],
"total": 127,
"limit": 20,
"offset": 0
}
GET
Admin
?action=detail&id={member_id}
Get Member Detail — Full member profile with all application data.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| id * | string | Yes | Member ID (e.g., mem_123abc) |
Response
json
{
"success": true,
"member": {
"id": "mem_123abc",
"first_name": "John",
"last_name": "Smith",
"email": "john@example.com",
"phone": "555-123-4567",
"company_name": "Smith HVAC Services",
"company_type": "S-Corp",
"years_in_business": 15,
"website": "https://smithhvac.com",
"linkedin": "linkedin.com/in/johnsmith",
"status": "verified",
"tier": "verified",
"primary_zip": "10001",
"primary_lat": 40.7128,
"primary_lng": -74.0060,
"primary_radius": 25,
"coverage_states": ["NY", "NJ", "CT"],
"services": ["boiler", "elevator", "fire_safety"],
"credentials": [
{
"credential_type": "License",
"name": "NY Boiler Inspector",
"credential_code": "NYB-001",
"issue_date": "2020-06-15",
"expiry_date": "2026-06-15",
"issuing_body": "New York State DOL",
"is_current": true
}
],
"insurance": {
"type": "General Liability",
"provider": "SafeGuard Insurance",
"policy_number": "POL-123456",
"coverage_amount": "$1,000,000",
"expiry_date": "2026-12-31"
},
"references": [
{
"name": "Jane Doe",
"title": "Building Manager",
"email": "jane@building.com",
"phone": "555-987-6543"
}
],
"created_at": "2025-12-15T10:30:00Z",
"verified_at": "2026-01-22T14:15:00Z",
"notes": [
{
"note": "[BACKGROUND CHECK] Pending results from Checkr",
"added_by": "admin@insparisk.com",
"added_at": "2026-02-10T09:00:00Z"
}
],
"status_history": [
{
"from_status": "reviewing",
"to_status": "verified",
"changed_by": "admin@insparisk.com",
"changed_at": "2026-01-22T14:15:00Z",
"reason": "All documentation verified"
}
]
}
}
Member Management Endpoints
PATCH
Admin
?action=update_status
Update Member Status — Change application status and create audit trail.
Body Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| id * | string | Yes | Member ID |
| status * | string | Yes | reviewing|verified|certified|elite|rejected|inactive |
| reason | string | Recommended | Reason for status change (required for rejection) |
Request
json
{
"id": "mem_123abc",
"status": "certified",
"reason": "All documentation verified and background check cleared"
}
Response
json
{
"success": true,
"message": "Status updated to certified",
"member_id": "mem_123abc",
"new_status": "certified"
}
POST
Admin
?action=add_note
Add Admin Note — Append timestamped notes to member record for audit trail.
Body Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| id * | string | Yes | Member ID |
| note * | string | Yes | Note text (supports tags like [BACKGROUND CHECK]) |
Request
json
{
"id": "mem_123abc",
"note": "[BACKGROUND CHECK] Results received. Approved."
}
PATCH
Admin
?action=update_services
Update Member Services — Modify the services a member is certified to provide.
Body Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| id * | string | Yes | Member ID |
| services * | array | Yes | Array of service codes (e.g., ["boiler", "elevator"]) |
Compliance Endpoints
GET
Admin
?action=compliance_suggestions
List Compliance Suggestions — User/AI-submitted compliance requirements pending admin review.
Parameters
| Name | Type | Default | Description |
|---|---|---|---|
| status | string | pending | pending|approved|rejected|merged |
| state | string | — | Filter by state code (e.g., NY) |
| limit | integer | 20 | Results per page |
Response
json
{
"success": true,
"suggestions": [
{
"id": "sug_abc123",
"state_code": "NY",
"requirement_name": "Facade Critical Examination",
"description": "5-year building facade inspection mandate",
"category": "facade",
"source": "ai_auto",
"status": "pending",
"ai_confidence": 92,
"ai_validation_notes": "High confidence match to NYC LL11 requirement",
"times_suggested": 3,
"upvotes": 5,
"downvotes": 1,
"created_at": "2026-02-10T08:30:00Z"
}
],
"total": 24
}
PATCH
Admin
?action=update_suggestion
Update Compliance Suggestion — Approve, reject, or merge a suggestion.
Body Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| id * | string | Yes | Suggestion ID |
| status * | string | Yes | approved|rejected|merged |
| reason | string | — | Admin reason for action |
POST
Admin
?action=merge_suggestion
Merge Suggestion into Service Map — Create or map a compliance requirement to a service type.
Body Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| suggestion_id * | string | Yes | Suggestion ID |
| service_type_id | string | Conditional | Existing service type (if mapping to existing) |
| new_service_name | string | Conditional | New service type name (if creating new) |
Pipeline API
Manage compliance opportunities aggregated from government (SAM.gov, Grants.gov, Socrata) and private market (quotes, inspections, partner API). Includes analytics, source configuration, and partner management.
Base URL:
Auth Required: Yes (JWT or x-admin-key)
/.netlify/functions/pipeline-api?action={action}Auth Required: Yes (JWT or x-admin-key)
Opportunities Endpoints
GET
Admin
?action=opportunities
Query Pipeline Opportunities — Filtered, paginated list with service/state/deadline/confidence filtering.
Parameters
| Name | Type | Default | Description |
|---|---|---|---|
| service | string | all | Service code (boiler, elevator, fire_safety, etc.) |
| state | string | — | Comma-separated state codes (NY,NJ,CT) |
| deadline_after | string | — | ISO date filter (e.g., 2026-03-01) |
| deadline_before | string | — | ISO date filter |
| min_confidence | integer | 60 | Minimum confidence score (0-100) |
| source | string | — | Data source (sam_gov, grants_gov, nyc_violations, etc.) |
| is_private | boolean | — | Filter private market (true) or government (false) |
| intake_channel | string | — | quote_form, schedule_inspection, partner_api, manual_entry |
| search | string | — | Full-text search on title/description |
| limit | integer | 50 | Max 200 |
| offset | integer | 0 | Pagination offset |
| sort | string | newest | deadline_asc, relevance_desc, newest, value_desc |
Response
json
{
"success": true,
"opportunities": [
{
"id": "opp_xyz789",
"title": "NYC Boiler Inspection & Compliance Filing",
"description": "Annual boiler inspection filing for building DOB #123456",
"agency": "NYC Department of Buildings",
"state_code": "NY",
"city": "New York",
"zip_code": "10001",
"source_name": "nyc_boiler_violations",
"source_id": "dob_12345",
"is_trades_relevant": true,
"trades_relevance_confidence": 94,
"matched_service_codes": ["boiler"],
"service_confidence_scores": { "boiler": 94 },
"classification_notes": "High-confidence boiler compliance filing",
"posted_date": "2026-02-10T00:00:00Z",
"response_deadline": "2026-03-15T00:00:00Z",
"estimated_value_cents": 250000,
"is_private_market": false,
"created_at": "2026-02-10T08:00:00Z"
}
],
"total": 156,
"limit": 50,
"offset": 0
}
GET
Admin
?action=stats
Pipeline Statistics — Aggregated metrics by service, state, source, and confidence.
Response
json
{
"success": true,
"stats": {
"total_opportunities": 2341,
"active_relevant": 156,
"average_confidence": 78.5,
"states_covered": 28,
"by_service": {
"boiler": 312,
"elevator": 287,
"fire_safety": 245,
"energy_audit": 198,
"structural": 156,
"facade": 143
},
"by_state": {
"NY": 456,
"CA": 312,
"TX": 298,
"IL": 187,
"PA": 145
},
"by_source": {
"sam_gov": 1200,
"grants_gov": 450,
"nyc_violations": 234,
"chicago_violations": 189,
"sf_violations": 145
},
"private_market_count": 67,
"average_days_to_deadline": 45,
"recently_expired_count": 12
}
}
POST
Admin
?action=vote
Vote on Opportunity — Thumbs up/down to train AI classification model.
Body Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| opportunity_id * | string | Yes | Opportunity ID |
| vote * | string | Yes | up or down |
| reason | string | — | Reason for downvote (e.g., "Not trades-relevant") |
Request
json
{
"opportunity_id": "opp_xyz789",
"vote": "up"
}
Sources & Configuration
GET
Admin
?action=sources
List Data Sources — Configuration for SAM.gov, Grants.gov, Socrata, and local datasets.
Response
json
{
"success": true,
"sources": [
{
"id": "src_sam_gov",
"name": "SAM.gov",
"type": "federal",
"active": true,
"last_ingestion": "2026-02-13T21:30:00Z",
"fetched_count": 4521,
"relevant_count": 342,
"keywords": ["boiler", "elevator", "fire safety"],
"naics_codes": ["238220", "238290"]
},
{
"id": "src_nyc_violations",
"name": "NYC Violations",
"type": "local_socrata",
"active": true,
"city": "New York",
"datasets": ["elevator_violations", "boiler_compliance"],
"last_ingestion": "2026-02-13T21:00:00Z",
"fetched_count": 234,
"relevant_count": 198
}
]
}
GET
Admin
?action=settings
Get Pipeline Settings — Scheduled ingestion/digest times, digest recipients.
Response
json
{
"success": true,
"settings": {
"digest_enabled": true,
"digest_recipients": "admin@insparisk.com, manager@insparisk.com",
"digest_time": "07:00",
"digest_timezone": "America/New_York",
"ingest_time": "21:00",
"ingest_timezone": "America/New_York"
}
}
PATCH
Admin
?action=update_settings
Update Pipeline Settings — Modify ingestion schedule and digest configuration.
Body Parameters
| Name | Type | Description |
|---|---|---|
| digest_enabled | boolean | Enable/disable daily digest emails |
| digest_recipients | string | Comma-separated email addresses |
| digest_time | string | 24-hour time (e.g., "07:00") |
| ingest_time | string | 24-hour time for data ingestion |
GET
Admin
?action=logs
Ingestion Logs — Audit trail of data ingestion runs, errors, and performance.
Parameters
| Name | Type | Default | Description |
|---|---|---|---|
| limit | integer | 50 | Number of logs to return |
| source_id | string | — | Filter by source |
Partner Management
GET
Admin
?action=partners
List B2B Partners — All registered API partners with quota and usage stats.
Response
json
{
"success": true,
"partners": [
{
"id": "ptr_acme123",
"company_name": "Acme Facilities Management",
"contact_email": "api@acmefm.com",
"status": "active",
"monthly_quota": 500,
"requests_this_month": 342,
"quota_reset_day": 1,
"api_key_prefix": "pk_live_A2k9...",
"created_at": "2025-11-15T10:30:00Z",
"last_request": "2026-02-13T14:22:00Z"
}
],
"total": 8
}
POST
Admin
?action=create_partner
Register New Partner — Create B2B partner account and generate API key (shown once).
Body Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| company_name * | string | Yes | Partner company name |
| email * | string | Yes | Partner contact email |
| monthly_quota * | integer | Yes | API requests per month |
Request
json
{
"company_name": "Acme Facilities Management",
"email": "api@acmefm.com",
"monthly_quota": 500
}
Response
json
{
"success": true,
"partner_id": "ptr_acme123",
"api_key": "pk_live_A2k9XyZ1b2c3D4e5F6g7h8i9j0k",
"message": "API key shown only once. Save it securely."
}
Important: The API key is returned once. Store it securely. If lost, you must rotate the key to generate a new one.
POST
Admin
?action=rotate_key
Rotate Partner API Key — Generate new key, invalidate old one.
Body Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| partner_id * | string | Yes | Partner ID |
Propply AI API
Compliance intelligence API. Queries what compliance services are legally required in each location, provides building-level compliance data, equipment lookup, and AI-powered notice interpretation.
Base URL:
Auth: Mixed (public and admin endpoints)
/.netlify/functions/api-propply?action={action}Auth: Mixed (public and admin endpoints)
Public Endpoints
GET
Public
?action=location_services
Location Services — What compliance services are required in a given location. Returns aggregated requirements by service code with confidence scores.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| states * | string | Yes | Comma-separated state codes (NY,NJ,CT) |
| metros | string | — | Comma-separated metro names (optional refinement) |
Response
json
{
"success": true,
"services": [
{
"service_code": "boiler",
"service_name": "Boiler Inspection & Compliance",
"category": "inspections",
"states": ["NY", "NJ"],
"required_in_states": ["NY", "NJ"],
"confidence": 95,
"source_type": "verified",
"compliance_deadlines": {
"NY": "Annual",
"NJ": "Biennial"
}
},
{
"service_code": "elevator",
"service_name": "Elevator Safety & Inspection",
"category": "inspections",
"states": ["NY"],
"required_in_states": ["NY"],
"confidence": 98,
"source_type": "verified",
"compliance_deadlines": {
"NY": "Annual (CAT1) / 5-Year (CAT5)"
}
}
],
"total_services": 12
}
GET
Public
?action=requirements
Compliance Requirements — Full list of mapped requirements for a state, filterable by category and city. When city is provided, requirements are location-filtered: city-specific entries (like "(MIAMI)" or "(CHICAGO)") only appear when they match the city, and state defaults are removed when a city-specific entry exists for the same category.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| state * | string | Yes | State code (NY, CA, TX) |
| category | string | — | energy, elevator, boiler, electrical, facade, gas, water, fire, structural |
| city | string | — | City name for location-aware filtering (e.g., "Miami", "Orlando", "Winter Garden"). Filters out city-specific entries that don't match, and deduplicates state defaults when city entries exist. Recommended for accurate results. |
| statewide_only | boolean | — | Set true to exclude all metro/city-specific entries (only statewide requirements) |
Important for CCC and API consumers: Always pass the
city parameter when querying for a specific location. Without it, you may receive duplicate or irrelevant city-specific entries. Example: ?action=requirements&state=FL&city=Winter+Garden returns 1 boiler entry (state default), while ?action=requirements&state=FL returns 3 (including Miami and Miami-Dade County entries).
Response
json
{
"success": true,
"state": "NY",
"requirements": [
{
"id": "req_ny_001",
"name": "Energy Audit (LL87)",
"category": "energy",
"description": "Annual energy audit for buildings over 25,000 sq ft",
"frequency": "Annual",
"penalty": "$201 per day non-compliance",
"source_type": "verified",
"source_reference": "NYC Local Law 87"
},
{
"id": "req_ny_002",
"name": "Elevator Inspection (CAT1)",
"category": "elevator",
"description": "Annual safety inspection certification",
"frequency": "Annual",
"penalty": "DOL violation, building closure risk",
"source_type": "verified",
"source_reference": "NY State DOL Title 14-C"
}
]
}
POST
Public
?action=vote_requirement
Vote on Requirement — Upvote/downvote compliance requirements to improve AI accuracy.
Body Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| requirement_id * | string | Yes | Requirement ID from compliance_service_map |
| vote * | string | Yes | up or down |
Request
json
{
"requirement_id": "req_ny_001",
"vote": "up"
}
Equipment Lookup (Authenticated)
POST
API Key
?action=equipment_lookup
Batch Equipment Lookup — Look up registered elevator, escalator, and boiler equipment at multiple building addresses. Powered by the Propply AI Local Intelligence engine covering 38+ cities with building-level compliance data including violations, devices, ownership, inspection status, and property classification. Returns per-device inventory with inspection status, compliance flags, and full building intelligence.
Coverage: 38+ US cities with real-time building-level compliance data (NYC, Chicago, SF, LA, Boston, Philadelphia, Seattle, DC, and 30+ more). Supplementary equipment registries: Florida (68K+ elevator/escalator devices + Citizenserve boiler scraping), Texas (73K+ TDLR devices), 12 National Board JRS states (MD, MO, IA, NC, TN, IL, KS, DE, KY, ND, HI, WA) for boilers & pressure vessels, and EPA ECHO regulated facilities (nationwide). NYC includes per-device elevator CAT1/CAT5/Periodic inspection status, DOB NOW verified boiler equipment, and DEP CATS registration. Also returns location-filtered compliance requirements and a new
building_intel field with the full local intelligence passthrough.
Request Body
{
"locations": [
{
"name": "Macy's Florida Mall",
"address": "8001 S Orange Blossom Trl",
"city": "Orlando",
"state": "FL",
"zip": "32809"
},
{
"name": "Macy's Galleria",
"address": "2314 E Sunrise Blvd",
"city": "Fort Lauderdale",
"state": "FL",
"zip": "33304"
}
]
}Parameters (per location)
| Name | Type | Required | Description |
|---|---|---|---|
| address | string | Yes | Street address of the building |
| city | string | Recommended | City name for improved matching accuracy |
| state | string | Recommended | 2-letter state code (FL, TX, etc.). Determines which equipment registries to search. |
| zip | string | Recommended | 5-digit ZIP code |
| name | string | No | Location/business name — triggers fuzzy name matching across equipment registries for multi-tenant properties (malls, plazas, office parks). Keywords are extracted by stripping generic words (Mall, Plaza, LLC, etc.). |
Response
{
"success": true,
"locations_queried": 2,
"locations_with_equipment": 2,
"total_devices": 42,
"total_overdue": 3,
"results": [
{
"location": "Macy's Florida Mall",
"address": "8001 S Orange Blossom Trl",
"city": "Orlando",
"state": "FL",
"zip": "32809",
"equipment_count": 34,
"summary": {
"elevators": 18,
"escalators": 14,
"freight": 2,
"boilers": 0,
"epa_facilities": 0,
"total": 34,
"overdue": 2,
"inspection_status": "overdue"
},
"compliance_requirements": {
"count": 3,
"categories": ["elevator", "boiler", "fire"],
"requirements": [
{
"name": "Florida Elevator Safety Inspection",
"category": "elevator",
"frequency": "Annual",
"penalty": "$500 per device per day",
"source": "curated",
"confidence": 95,
"metro": null
}
]
},
"building_intel": {
"query_type": "building",
"building_detail": {
"elevator_violations": [...],
"elevator_devices": [...],
"elevator_inspection_summary": { "cat1_due": 0, "cat5_due": 0, "periodic_due": 0 },
"boiler_inspection_status": { "is_due": false, "confirmed_active": true },
"dob_now_boiler_equipment": [...],
"hpd_violations": [...],
"dob_violations_all": [...],
"ownership": { "owner_name": "...", "bbl": "..." },
"property_classification": { "property_type": "commercial", "confidence": 95 }
}
},
"data_sources": ["Propply AI Local Intelligence", "Florida DBPR Elevator Registry"],
"equipment": [
{
"source": "fl_dbpr_elevator",
"state": "FL",
"device_type": "Hydraulic Pass",
"address": "8001 S ORANGE BLOSSOM TR",
"landings": "2",
"capacity_lbs": "3500 LBS",
"year_installed": "1985",
"last_inspection": "05/07/2024",
"days_since_inspection": 316,
"is_overdue": false,
"manufacturer": "38059",
"has_service_contract": true,
"license_number": "EL123456"
},
{
"source": "nyc_elevator",
"state": "NY",
"device_type": "Passenger Elevator",
"device_number": "E12345",
"cat1_due": true,
"cat5_due": false,
"periodic_due": true,
"last_cat1": "2024-03-15",
"last_cat5": "2023-06-10"
}
]
}
]
}Equipment Sources
| Source | Coverage | Equipment Types | Key Fields |
|---|---|---|---|
| nyc_elevator | NYC | Passenger elevators, freight elevators (per-device) | CAT1/CAT5/Periodic is_due flags, last inspection dates, device number |
| nyc_dob_now_boiler | NYC | Boilers (DOB NOW verified per-device) | Make, model, BTU, status, confirmed active/deactivated |
| nyc_cats_registration | NYC | Boilers, pressure vessels (DEP CATS 3-year renewal) | Permit number, status (Active/Expired), expiration date, fuel type |
| fl_dbpr_elevator | FL | Passenger elevators, freight elevators, escalators, dumbwaiters | Inspection date, manufacturer, capacity, landings, maintenance company, service contract status |
| fl_dfs_boiler | FL | Boilers, pressure vessels (Citizenserve scraping) | Certificate expiration, jurisdiction number, status, location name, file number |
| tx_tdlr_elevator | TX | Elevators, escalators | Inspection date, expiration date, 5-year test, floors, owner name, drive type |
| national_board_jrs | MD, MO, IA, NC, TN, IL, KS, DE, KY, ND, HI, WA | Boilers, pressure vessels | Certificate expiration, MAWP, serial number, manufacturer, owner/operator info |
| epa_echo | Nationwide | EPA-regulated facilities (CAA/CWA/RCRA) | Violation count, penalties, compliance status, last inspection |
| + local intel | 38+ cities | Violations, inspection status, ownership, property type | Full building-level compliance data via building_intel field |
Address Matching
The API uses a multi-layer matching architecture:
| Layer | Source | How It Works | Coverage |
|---|---|---|---|
| 1 | Local Intelligence | Proxies through the Propply AI Local Intelligence engine — queries Socrata APIs, DOB NOW, CATS, and city-specific datasets by ZIP + address | 38+ US cities (NYC, Chicago, SF, LA, Boston, Philly, Seattle, DC, etc.) |
| 2 | Equipment Registries | Direct Supabase queries against state equipment tables by ZIP + address matching | FL elevator (68K), TX TDLR (73K), EPA ECHO (nationwide) |
| 3 | Name-Based Fuzzy Matching | When a name is provided, keywords are extracted (stripping generic words like Mall, Plaza, LLC, Inc, Hotel) and searched via ILIKE across licensee_name, building_name, owner_name, and facility_name columns | JRS (12 states), FL elevator, TX TDLR, EPA ECHO |
All three layers run in parallel per location for maximum speed. Results are deduplicated — for example, JRS equipment found via local-intel (address match) won't be duplicated by JRS name-based matching.
Best Practices for Maximum Match Rate:
- Always provide
zipandaddress— they power the local intelligence engine - Include the location
name— it triggers fuzzy name matching for multi-tenant buildings (malls, plazas, office parks) - Provide
cityandstatefor supplementary equipment registry matching - Use the street address as registered, not a suite/unit number
Response Fields (per device)
| Field | Type | Description |
|---|---|---|
| source | string | Data source: fl_dbpr_elevator, fl_dfs_boiler, tx_tdlr_elevator, national_board_jrs, nyc_elevator, nyc_dob_now_boiler, nyc_cats_registration, epa_echo, or inspection type (e.g., elevator_inspection) |
| device_type | string | Equipment type (e.g., "Hydraulic Pass", "Escalator", "Passenger Elevator", "Boiler") |
| registered_name | string | Name the device is registered under (e.g., "#757 MACYS") |
| address | string | Street address as registered |
| last_inspection | date | Date of last passed inspection (YYYY-MM-DD or MM/DD/YYYY) |
| days_since_inspection | integer | Days since last inspection (null if never inspected) |
| is_overdue / is_due | boolean | True if inspection is overdue or due. NYC elevator uses cat1_due, cat5_due, periodic_due separately. |
| cat1_due / cat5_due / periodic_due | boolean | NYC elevator-specific: whether CAT1 annual, CAT5 5-year, or Periodic inspection is due |
| landings | integer | Number of landings/floors served |
| capacity_lbs | integer | Rated capacity in pounds |
| year_installed | integer | Year the equipment was installed |
| manufacturer | string | Manufacturer ID or name |
| has_service_contract | boolean | Whether a maintenance service contract is on file (FL only) |
| license_number | string | State registry license/registration number |
Building Intel (new field)
Each location now includes a building_intel field containing the full Local Intelligence response — the same rich data that powers the Insparisk Compliance Calculator and IO dashboard. This includes violations, elevator/boiler device details with inspection due dates, ownership data, property classification, HPD housing violations, 311 complaints, DOB violations, and more. Available for 38+ supported cities.
Note: The
building_intel field can be large (especially for NYC buildings with many violations). If you only need equipment counts, use the summary and equipment[] fields. Use building_intel when you want the full compliance picture for a building.
Limits
- Maximum 100 locations per request
- Locations processed in batches of 5 concurrently
- Rate limited by your API subscription tier
- Each location triggers parallel queries: local intel + equipment registries + name matching
cURL Examples
Single location:
curl -X POST "https://insparisk.com/.netlify/functions/api-propply?action=equipment_lookup" \
-H "x-api-key: pk_YOUR_PARTNER_KEY" \
-H "Content-Type: application/json" \
-d '{"locations":[{"name":"Macys Florida Mall","address":"8001 S Orange Blossom Trl","city":"Orlando","state":"FL","zip":"32809"}]}'Batch lookup (multiple locations):
curl -X POST "https://insparisk.com/.netlify/functions/api-propply?action=equipment_lookup" \
-H "x-api-key: pk_YOUR_PARTNER_KEY" \
-H "Content-Type: application/json" \
-d '{
"locations": [
{"name": "Macys Florida Mall", "address": "8001 S Orange Blossom Trl", "city": "Orlando", "state": "FL", "zip": "32809"},
{"name": "Macys Boca Raton", "address": "5700 Glades Rd", "city": "Boca Raton", "state": "FL", "zip": "33431"},
{"name": "Macys Naples", "address": "1800 9 St N", "city": "Naples", "state": "FL", "zip": "34102"}
]
}'Compliance Requirements (per location)
Each location in the response includes a compliance_requirements object with location-filtered requirements from the Propply AI database. The API automatically filters requirements to only show entries relevant to the specific city — for example, a Miami location only gets Miami-specific and Florida statewide entries, not Tampa-specific or Orlando-specific ones.
| Field | Type | Description |
|---|---|---|
| count | integer | Number of applicable compliance requirements |
| categories | string[] | Unique compliance categories (elevator, boiler, fire, energy, etc.) |
| requirements[].name | string | Requirement name (e.g., "Florida Elevator Safety Inspection") |
| requirements[].category | string | Compliance category |
| requirements[].frequency | string | Inspection/filing frequency (e.g., "Annual", "Biennial") |
| requirements[].penalty | string | Penalty for non-compliance |
| requirements[].source | string | Data source: curated, verified, or ai_research |
| requirements[].confidence | integer | Confidence score (0-100) |
| requirements[].metro | string|null | Metro area name if city-specific (e.g., "Miami", "Orlando"), null if statewide |
Location Filtering: Requirements with city-specific tags like "(MIAMI)" or "(CHICAGO)" are only returned when the location matches that city. When both a city-specific and statewide entry exist for the same category (e.g., "Miami-Dade BE305 Energy Benchmarking" vs "Florida Energy Code"), the city-specific entry takes priority and the state default is removed to avoid duplicates.
Notice Interpretation (Authenticated)
POST
API Key
?action=interpret_notice
Compliance Notice Interpretation — Upload a photo or scan of a compliance notice, violation letter, or inspection order. Uses Claude Vision (Sonnet) AI to extract structured data including agency, violations, deadlines, penalties, and required actions. Cross-references against 40+ known violation patterns and the Propply AI compliance database.
Supported formats: JPEG, PNG, and PDF images (base64-encoded). Max 10MB per image. The AI identifies the issuing agency, violation codes, property address, deadlines, and penalties — then maps them to specific Insparisk service codes for actionable recommendations.
Request Body
{
"image_base64": "/9j/4AAQSkZJRgABAQ...",
"file_name": "violation-notice.jpg",
"property_address": "350 Fifth Avenue, New York, NY 10001",
"contact_email": "building-manager@example.com",
"contact_name": "John Smith",
"skip_lead_capture": false,
"skip_pipeline": false
}Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| image_base64 | string | Yes* | Base64-encoded image data (JPEG, PNG, or PDF). *Either image_base64 or image_url required. |
| image_url | string | Yes* | Public URL of the notice image. *Either image_base64 or image_url required. |
| file_name | string | No | Original file name (default: "api-upload.jpg") |
| property_address | string | Recommended | Property address for cross-referencing compliance data |
| contact_email | string | No | Contact email for lead capture |
| contact_name | string | No | Contact name for lead capture |
| contact_phone | string | No | Contact phone for lead capture |
| skip_lead_capture | boolean | No | Set true to skip saving contact to CRM (default: false) |
| skip_pipeline | boolean | No | Set true to skip creating a pipeline opportunity (default: false) |
Response
{
"success": true,
"extraction": {
"document_type": "Violation Notice",
"issuing_agency": "NYC Department of Buildings",
"jurisdiction": { "state": "NY", "city": "New York" },
"property_address": "350 Fifth Avenue, New York, NY 10001",
"violation_details": {
"violation_number": "123456789",
"violation_code": "28-304.6.1",
"violation_type": "Failure to File",
"description": "Owner failed to file an annual boiler inspection report",
"category": "boiler",
"severity": "high"
},
"deadlines": {
"issue_date": "2026-02-15",
"response_deadline": "2026-03-15",
"hearing_date": "2026-04-01",
"days_remaining": 25
},
"penalties": {
"fine_amount": "$1,000",
"daily_penalty": null
},
"required_actions": [
"File annual boiler inspection report with DOB",
"Schedule boiler inspection with licensed inspector"
],
"confidence": {
"overall": 92,
"address": 95,
"violation": 90,
"deadline": 88
}
},
"specific_obligation": "NYC DOB Annual Boiler Inspection Filing",
"resolved_service_codes": ["boiler", "dob_filings"],
"confidence": { "overall": 92 },
"property_address": "350 Fifth Avenue, New York, NY 10001",
"violation_details": { ... },
"deadlines": { ... },
"penalties": { ... },
"required_actions": ["File annual boiler inspection report with DOB", "Schedule boiler inspection with licensed inspector"],
"notice_id": "uuid-of-stored-notice",
"opportunity_id": "uuid-of-pipeline-opportunity",
"processing_time_ms": 3200,
"source": "Proppy AI Notice Interpretation (Claude Vision)"
}Response Fields
| Field | Type | Description |
|---|---|---|
| extraction | object | Full structured extraction from the notice image |
| specific_obligation | string|null | Matched known compliance obligation (e.g., "NYC DEP CATS Triennial Registration Renewal"). Matched against 40+ known violation code patterns. |
| resolved_service_codes | string[] | Insparisk service codes that address this violation (e.g., ["boiler", "dob_filings"]) |
| confidence | object | AI confidence scores (overall, address, violation, deadline) from 0-100 |
| notice_id | string | UUID of the stored notice record (for future reference/re-analysis) |
| opportunity_id | string|null | UUID of the created pipeline opportunity (null if skip_pipeline=true) |
| processing_time_ms | integer | Time taken for AI interpretation in milliseconds |
Known Obligation Patterns (40+)
The API maintains a mapping of 40+ known violation code patterns to specific compliance obligations. When a notice matches a known pattern, the specific_obligation field is populated with a precise description. Examples:
| Pattern | Obligation | Category |
|---|---|---|
| NYC DEP 24-109 | NYC DEP CATS Triennial Registration Renewal | boiler |
| NYC DOB 28-303 | NYC DOB Annual Boiler Inspection Filing | boiler |
| NYC DOB 28-304 | NYC Elevator Periodic/CAT1/CAT5 Inspection | elevator |
| NYC LL152 | NYC LL152 Gas Piping Periodic Inspection | gas_piping |
| FISP / LL11 | NYC FISP Facade Inspection (LL11) | facade_fisp |
| NFPA 25 | Fire Sprinkler System Inspection | fire_safety |
Service Codes
The resolved_service_codes array maps to Insparisk's 21 service categories:
fire_safety, elevator, boiler, facade_fisp, sprinkler_systems, gas_piping, backflow_prevention, electrical, energy_audit, structural, certificate_occupancy, dob_filings, permit_expediting, violations_dismissal, landmark_filings, compliance_audits, violation_remediation, local_law_compliance, safety_plans, due_diligence
cURL Example
curl -X POST "https://insparisk.com/.netlify/functions/api-propply?action=interpret_notice" \
-H "x-api-key: pk_YOUR_PARTNER_KEY" \
-H "Content-Type: application/json" \
-d '{
"image_base64": "/9j/4AAQSkZJRg...(base64 image data)...",
"file_name": "boiler-violation.jpg",
"property_address": "350 Fifth Ave, New York, NY 10001",
"contact_email": "manager@building.com",
"skip_lead_capture": true
}'
Processing Time: Notice interpretation typically takes 2-5 seconds as it involves an AI vision model call. The API has a 25-second timeout. For batch processing of multiple notices, submit them as separate sequential requests.
Compliance Report (Authenticated)
POST
API Key
?action=compliance_report
Unified Compliance Intelligence — Single-call comprehensive compliance analysis combining rules, equipment status, violation history, and risk scoring. Returns everything needed to understand a building's compliance posture in one response.
Auth Required: API key via
x-api-key header. This is the recommended "start here" endpoint for new integrations — it combines the data from equipment_lookup, requirements, and local intelligence into one response.
Request Body
json
{
"address": "350 Fifth Avenue",
"city": "New York",
"state": "NY",
"zip": "10001",
"name": "Empire State Building",
"include_equipment": true,
"include_violations": true,
"include_rules": true
}
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| address * | string | Yes | Street address of the building |
| city | string | Recommended | City name |
| state * | string | Yes | 2-letter state code |
| zip * | string | Yes | 5-digit ZIP code |
| name | string | No | Building/location name for fuzzy matching |
| include_equipment | boolean | No | Include equipment inventory (default: true) |
| include_violations | boolean | No | Include violation history (default: true) |
| include_rules | boolean | No | Include applicable compliance rules (default: true) |
Response
json
{
"success": true,
"report": {
"property": {
"address": "350 Fifth Avenue",
"city": "New York",
"state": "NY",
"zip": "10001",
"property_type": "commercial",
"property_type_confidence": 95
},
"risk_score": 72,
"risk_level": "medium",
"compliance_rules": [ ... ],
"equipment": {
"total_devices": 73,
"overdue": 4,
"devices": [ ... ]
},
"violations": {
"total": 12,
"open": 3,
"items": [ ... ]
},
"suggested_searches": [ ... ],
"sources_checked": ["NYC DOB", "NYC FDNY", "NYC DEP", "PLUTO", "HPD"],
"data_coverage": "full",
"area_context": { ... }
},
"processing_time_ms": 2800
}
cURL Example
curl
curl -X POST "https://insparisk.com/.netlify/functions/api-propply?action=compliance_report" \
-H "x-api-key: sk_live_your_key" \
-H "Content-Type: application/json" \
-d '{"address":"350 Fifth Avenue","city":"New York","state":"NY","zip":"10001"}'
Compliance Score (Authenticated)
POST
API Key
?action=compliance_score
Building Compliance Rating — Returns a 0-100 Compliance Score with category breakdowns, risk factors, and actionable recommendations. Higher scores indicate better compliance posture.
Auth Required: API key via
x-api-key header.
Request Body
json
{
"address": "350 Fifth Avenue",
"city": "New York",
"state": "NY",
"zip": "10001"
}
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| address * | string | Yes | Street address |
| city | string | Recommended | City name |
| state * | string | Yes | 2-letter state code |
| zip * | string | Yes | 5-digit ZIP code |
Response
json
{
"success": true,
"score": {
"overall": 72,
"grade": "C",
"breakdown": {
"elevator": { "score": 65, "issues": 2, "weight": 0.25 },
"boiler": { "score": 90, "issues": 0, "weight": 0.20 },
"fire_safety": { "score": 55, "issues": 3, "weight": 0.20 },
"energy": { "score": 80, "issues": 1, "weight": 0.15 },
"facade": { "score": 70, "issues": 1, "weight": 0.10 },
"gas_piping": { "score": 85, "issues": 0, "weight": 0.10 }
},
"risk_factors": [
"3 open fire safety violations",
"Elevator CAT5 inspection overdue",
"FISP filing deadline approaching"
],
"recommendations": [
"Schedule fire safety system inspection immediately",
"File CAT5 elevator inspection report",
"Prepare FISP facade filing before deadline"
],
"trend": "declining",
"last_updated": "2026-03-22T12:00:00Z"
},
"processing_time_ms": 3100
}
Portfolio Report (Authenticated)
POST
API Key
?action=portfolio_report
Batch Compliance for Multiple Properties — Submit up to 50 properties and receive a consolidated compliance report with per-property scores, portfolio-level risk summary, and prioritized action items. Designed for property managers, REITs, and facility management companies.
Auth Required: API key via
x-api-key header. Maximum 50 properties per request.
Request Body
json
{
"properties": [
{ "address": "350 Fifth Avenue", "city": "New York", "state": "NY", "zip": "10001", "name": "Empire State Building" },
{ "address": "233 Broadway", "city": "New York", "state": "NY", "zip": "10279", "name": "Woolworth Building" },
{ "address": "8001 S Orange Blossom Trl", "city": "Orlando", "state": "FL", "zip": "32809" }
]
}
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| properties * | array | Yes | Array of property objects (max 50). Each requires address, state, zip. |
Response
json
{
"success": true,
"portfolio": {
"total_properties": 3,
"average_score": 74,
"highest_risk": "233 Broadway",
"total_open_violations": 18,
"total_overdue_inspections": 5,
"properties": [
{
"address": "350 Fifth Avenue",
"city": "New York",
"state": "NY",
"score": 72,
"grade": "C",
"open_violations": 3,
"overdue_inspections": 2,
"top_risk": "Elevator CAT5 overdue",
"equipment_count": 73
},
...
],
"priority_actions": [
{ "property": "233 Broadway", "action": "Schedule fire safety inspection", "urgency": "high" },
{ "property": "350 Fifth Avenue", "action": "File CAT5 elevator report", "urgency": "medium" }
]
},
"processing_time_ms": 8500
}
Contractor Intelligence (Authenticated)
POST
API Key
?action=contractor_intel
Licensed Professional Marketplace Intelligence — Query licensed professionals by trade category and location. Returns availability, license validation status, and alternative contractors. Powered by 900K+ licensed professional records across 15+ states.
Auth Required: API key via
x-api-key header. Data sourced from state licensing boards (CA CSLB, TX TDLR, NY DOL, FL DBPR, IL IDFPR, VA DPOR, MN DLI, CT DCP, CO DORA, and more).
Request Body
json
{
"state": "NY",
"zip": "10001",
"trade": "elevator",
"radius_miles": 25,
"limit": 20
}
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| state * | string | Yes | 2-letter state code |
| zip | string | Recommended | 5-digit ZIP for location-based results |
| trade * | string | Yes | Trade category: elevator, boiler, electrical, hvac, plumbing, fire_safety, general_contractor |
| radius_miles | integer | No | Search radius in miles (default: 25) |
| limit | integer | No | Max results (default: 20, max: 100) |
| license_number | string | No | Validate a specific license number |
Response
json
{
"success": true,
"contractors": {
"total_found": 142,
"returned": 20,
"trade": "elevator",
"state": "NY",
"results": [
{
"name": "Smith Elevator Services LLC",
"license_number": "EL-12345",
"license_type": "Elevator Contractor",
"license_status": "active",
"expiration_date": "2027-06-15",
"city": "New York",
"state": "NY",
"zip": "10001",
"source": "NY DOL"
}
]
},
"processing_time_ms": 450
}
Predictive Compliance (Authenticated)
POST
API Key
?action=predict_compliance
Deadline Forecasting & Risk Prediction — Analyzes a building's compliance data to predict upcoming deadlines, estimate risk of violations, and provide a timeline of required actions. Uses historical patterns and regulatory cycles to forecast compliance events.
Auth Required: API key via
x-api-key header.
Request Body
json
{
"address": "350 Fifth Avenue",
"city": "New York",
"state": "NY",
"zip": "10001",
"forecast_months": 12
}
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| address * | string | Yes | Street address |
| city | string | Recommended | City name |
| state * | string | Yes | 2-letter state code |
| zip * | string | Yes | 5-digit ZIP code |
| forecast_months | integer | No | Forecast horizon in months (default: 12, max: 24) |
Response
json
{
"success": true,
"predictions": {
"property": "350 Fifth Avenue, New York, NY 10001",
"forecast_months": 12,
"upcoming_deadlines": [
{
"category": "elevator",
"requirement": "CAT1 Annual Inspection",
"predicted_deadline": "2026-06-15",
"days_remaining": 85,
"urgency": "medium",
"estimated_penalty": "$1,000 per device"
},
{
"category": "facade",
"requirement": "FISP Cycle 10A Filing",
"predicted_deadline": "2027-02-21",
"days_remaining": 336,
"urgency": "low",
"estimated_penalty": "$1,000 base + $10/day"
}
],
"risk_predictions": [
{
"category": "fire_safety",
"risk_level": "high",
"probability": 0.78,
"basis": "3 open violations with escalating pattern"
}
],
"timeline": [
{ "month": "2026-04", "events": ["Boiler annual inspection due"] },
{ "month": "2026-06", "events": ["CAT1 elevator inspection deadline"] },
{ "month": "2026-09", "events": ["LL84 energy benchmarking filing"] }
]
},
"processing_time_ms": 2200
}
Document Intelligence (Authenticated)
POST
API Key
?action=process_document
Multi-Type Document Intelligence — Upload and process various compliance document types including violation notices, inspection reports, certificates, permits, and energy audits. Unlike interpret_notice (which focuses on violation notices), this endpoint handles the full range of compliance documents with type-specific extraction logic.
Auth Required: API key via
x-api-key header. Supported document types: violation_notice, inspection_report, certificate, permit, energy_audit. Uses Claude Vision AI for extraction.
Request Body
json
{
"image_base64": "/9j/4AAQSkZJRg...",
"document_type": "inspection_report",
"file_name": "elevator-inspection-2026.pdf",
"property_address": "350 Fifth Avenue, New York, NY 10001"
}
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| image_base64 * | string | Yes* | Base64-encoded document image. *Either image_base64 or image_url required. |
| image_url | string | Yes* | Public URL of the document. *Either image_base64 or image_url required. |
| document_type | string | No | violation_notice, inspection_report, certificate, permit, energy_audit. Auto-detected if omitted. |
| file_name | string | No | Original file name |
| property_address | string | Recommended | Property address for cross-referencing compliance data |
Response
json
{
"success": true,
"document": {
"type": "inspection_report",
"type_confidence": 95,
"issuing_agency": "NYC Department of Buildings",
"property_address": "350 Fifth Avenue, New York, NY 10001",
"inspection_date": "2026-03-01",
"inspector": "J. Smith, PE",
"result": "Conditional Pass",
"findings": [
{
"category": "elevator",
"finding": "Car door restrictor requires adjustment",
"severity": "minor",
"corrective_action": "Adjust restrictor per ASME A17.1",
"deadline": "2026-04-01"
}
],
"equipment_referenced": [
{ "type": "elevator", "device_id": "E12345", "status": "conditional" }
],
"compliance_status": "conditional_pass",
"next_inspection_due": "2027-03-01"
},
"resolved_service_codes": ["elevator"],
"processing_time_ms": 3500
}
Device Lookup (Authenticated)
POST
API Key
?action=device_lookup
Live Device Lookup — Look up a specific device by ID across 11 state device tables. If not found locally, attempts live queries against external portals (FL DBPR, TX TDLR, Broward County). Successful live lookups are cached to grow the database organically. Returns enriched compliance context for the device's state.
Auth Required: API key via
x-api-key header. Searches local database first (sub-second), then falls back to live portal queries for FL and TX devices.
Request Body
json
{
"device_id": "BC-12345",
"state": "FL",
"jurisdiction": "broward",
"device_type": "elevator"
}
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| device_id * | string | Yes | Device identifier (license number, asset number, state ID, etc.) |
| state * | string | Yes | 2-letter US state code (e.g. FL, TX, MN, NC) |
| jurisdiction | string | No | County or jurisdiction name (e.g. "broward"). Used for jurisdiction-specific lookups. |
| device_type | string | No | Device type: elevator, boiler, pressure_vessel, etc. Filters compliance rules. |
Response (Device Found)
json
{
"success": true,
"device": {
"device_id": "BC-12345",
"state": "FL",
"jurisdiction": "Broward County",
"device_type": "elevator",
"status": "Active",
"address": "100 E Broward Blvd",
"city": "Fort Lauderdale",
"manufacturer": "OTIS",
"capacity_lbs": "3500",
"last_inspection": "2025-08-15",
"certificate_expiration": "2026-08-15"
},
"source": "cached",
"compliance_context": {
"applicable_rules": [
{ "name": "Elevator Safety Inspection", "frequency": "Annual", "authority": "FL Bureau of Elevator Safety" }
],
"inspection_status": "current",
"days_until_due": 145
},
"processing_time_ms": 50
}
Response (Device Not Found)
json
{
"success": true,
"device": null,
"found": false,
"checked_sources": ["fl_elevator_equipment", "state_elevator_scraped"],
"live_lookup_available": false,
"suggestion": "Device not in our database. Upload an inspection report or certificate via process_document to add it automatically.",
"compliance_context": {
"applicable_rules": [
{ "name": "Elevator Safety Inspection", "frequency": "Annual", "authority": "FL Bureau of Elevator Safety" }
]
},
"processing_time_ms": 120
}
cURL Example
curl
curl -X POST "https://insparisk.com/.netlify/functions/api-propply?action=device_lookup" \
-H "x-api-key: sk_live_your_key" \
-H "Content-Type: application/json" \
-d '{"device_id":"BC-12345","state":"FL","jurisdiction":"broward","device_type":"elevator"}'
Webhook Subscriptions (Authenticated)
Create real-time monitoring subscriptions for compliance events at specific properties. Webhooks fire when violations are issued, inspections come due, deadlines approach, or compliance status changes.
POST
API Key
?action=webhook_subscribe
Create Webhook Subscription — Subscribe to compliance events for a property or portfolio. Events are delivered via HTTP POST to your callback URL.
Auth Required: API key via
x-api-key header. Available on Professional tier and above.
Request Body
json
{
"callback_url": "https://yourapp.com/webhooks/compliance",
"events": ["violation_issued", "inspection_due", "deadline_approaching", "status_change"],
"properties": [
{ "address": "350 Fifth Avenue", "state": "NY", "zip": "10001" }
],
"secret": "whsec_your_signing_secret"
}
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| callback_url * | string | Yes | HTTPS URL to receive webhook POST events |
| events * | array | Yes | Event types: violation_issued, inspection_due, deadline_approaching, status_change |
| properties | array | No | Specific properties to monitor. Omit to monitor all properties queried via API. |
| secret | string | Recommended | Signing secret for verifying webhook payloads (HMAC-SHA256) |
Response
json
{
"success": true,
"subscription": {
"id": "wh_abc123",
"callback_url": "https://yourapp.com/webhooks/compliance",
"events": ["violation_issued", "inspection_due", "deadline_approaching", "status_change"],
"properties_count": 1,
"status": "active",
"created_at": "2026-03-22T12:00:00Z"
}
}
POST
API Key
?action=webhook_list
List Webhook Subscriptions — Returns all active webhook subscriptions for your API key.
Response
json
{
"success": true,
"subscriptions": [
{
"id": "wh_abc123",
"callback_url": "https://yourapp.com/webhooks/compliance",
"events": ["violation_issued", "inspection_due"],
"properties_count": 5,
"status": "active",
"last_triggered": "2026-03-20T08:15:00Z",
"created_at": "2026-03-01T12:00:00Z"
}
],
"total": 1
}
POST
API Key
?action=webhook_delete
Delete Webhook Subscription — Remove a webhook subscription by ID.
Request Body
json
{
"subscription_id": "wh_abc123"
}
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| subscription_id * | string | Yes | Webhook subscription ID (from webhook_subscribe or webhook_list) |
Response
json
{
"success": true,
"message": "Webhook subscription wh_abc123 deleted",
"deleted_at": "2026-03-22T12:05:00Z"
}
Webhook Event Payload
When a compliance event occurs, a POST request is sent to your callback URL with the following payload:
json
{
"event": "violation_issued",
"subscription_id": "wh_abc123",
"timestamp": "2026-03-22T14:30:00Z",
"property": {
"address": "350 Fifth Avenue",
"city": "New York",
"state": "NY",
"zip": "10001"
},
"data": {
"violation_number": "VIO-2026-12345",
"category": "elevator",
"description": "Failure to file CAT1 inspection report",
"penalty": "$1,000",
"deadline": "2026-04-22"
},
"signature": "sha256=abc123..."
}
POST
Auth
?action=equipment_health_score
Equipment Health Score — Returns a 0-100 score reflecting the overall health and compliance status of equipment at a property. Includes device-level breakdown, risk factors, and maintenance recommendations.
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
| address | string | Yes | Street address |
| zip | string | Yes | 5-digit ZIP code |
| state | string | Yes | 2-letter state code |
| city | string | No | City name (improves rule matching) |
GET
Public
?action=compliance_calendar
Compliance Calendar — Returns upcoming compliance deadlines and inspection cycles for a state/city, with next-due dates calculated from frequency_months data.
Parameters
| Name | Type | Default | Description |
|---|---|---|---|
| state | string | — | State code (required) |
| city | string | — | City name for city-specific deadlines |
| category | string | — | Filter by compliance category |
GET
Public
?action=lookup_energy_benchmarking
Energy Benchmarking Lookup — Queries energy benchmarking data from 16+ city programs (NYC LL84/LL33, LA EBEWE, Boston BERDO, DC BEPS, Seattle, Chicago, Denver, Philadelphia, etc.).
Parameters
| Name | Type | Default | Description |
|---|---|---|---|
| state | string | — | State code |
| city | string | — | City name |
| zip | string | — | ZIP code |
| address | string | — | Street address for building-level data |
GET
Public
?action=dep_cats_lookup
DEP CATS Permit Lookup — Query cached NYC DEP CATS boiler/equipment registration permits. Data comes from client-side browser queries to the reCAPTCHA-protected DEP portal.
Parameters
| Name | Type | Default | Description |
|---|---|---|---|
| bin | string | — | Building Identification Number |
| bbl | string | — | Borough-Block-Lot |
| application_id | string | — | DEP application ID |
| borough | string | — | Borough name (requires house) |
| house | string | — | House number (requires borough) |
| street | string | — | Street name filter (optional with borough+house) |
POST
Auth
?action=cache_dep_cats
Cache DEP CATS Permits — Submit DEP CATS permit data from client-side browser queries for server-side caching. Requires authentication to prevent data poisoning. Max 100 permits per request.
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
| permits | array | Yes | Array of DEP CATS permit objects (max 100) |
Compliance Monitoring
Property compliance monitoring endpoints. Properties are polled by the DigitalOcean ETL worker every 6 hours, generating alerts when compliance status changes (new violations, failed inspections, expired permits).
POST
Auth
?action=monitor_property
Add Property to Monitoring — Enroll a property for continuous compliance monitoring with configurable agencies and alert destinations.
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
| address | string | * | Street address (* address or bin required) |
| bin | string | * | Building Identification Number |
| bbl | string | No | Borough-Block-Lot |
| zip | string | No | ZIP code |
| city | string | No | City (default: New York) |
| state | string | No | State code (default: NY) |
| property_name | string | No | Display name |
| agencies | array | No | Agency list (default: DOB, FDNY, HPD, ECB, DOHMH, DSNY, DOT) |
| alert_email | string | No | Email for alert notifications |
| alert_webhook_url | string | No | Webhook URL for alert notifications |
| polling_interval_hours | integer | No | Polling frequency in hours (default: 24) |
GET
Auth
?action=get_alerts
View Compliance Alerts — List alerts generated by the monitoring engine, with severity counts and filtering.
Parameters
| Name | Type | Default | Description |
|---|---|---|---|
| severity | string | — | Filter by severity (critical, urgent, warning, info) |
| status | string | — | Filter by status (new, acknowledged, resolved, dismissed) |
| agency | string | — | Filter by agency (DOB, FDNY, HPD, etc.) |
| limit | integer | 50 | Max results (max 200) |
GET
Auth
?action=monitored_properties
List Monitored Properties — Returns all active properties enrolled in compliance monitoring.
PATCH
Auth
?action=acknowledge_alert
Update Alert Status — Acknowledge, resolve, dismiss, or mark an alert as under investigation.
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
| alert_id | uuid | Yes | Alert ID to update |
| status | string | No | New status: acknowledged (default), resolved, dismissed, investigating |
Compliance Rule Data Model
Each compliance rule in compliance_service_map includes these fields, available via ?action=requirements and embedded in compliance reports:
| Field | Type | Description |
|---|---|---|
| requirement_name | string | Technical/official name of the requirement |
| civilian_name | string | Plain-English name for non-technical users (e.g. "Annual Elevator Safety Test") |
| compliance_category | string | Category: elevator, boiler, electrical, facade, fire, water, gas, energy, structural, general |
| frequency | string | Human-readable frequency text (e.g. "Annual", "Every 5 years") |
| frequency_months | integer | Cycle in months: 12=Annual, 60=Every 5 years, 3=Quarterly. Used for next-due-date calculation. |
| frequency_schedule | JSONB | Multi-inspection-type schedule for equipment with multiple test types (e.g. elevators: Cat 1 annual + Cat 5 every 5 years) |
| penalty | string | Legacy penalty text field |
| penalties | JSONB | Structured penalty data: civil_penalty, daily_penalty, criminal_penalty, authority, legal_reference, notes |
| cure_paths | JSONB | Step-by-step remediation paths: violation_type, steps (action, who, cost_estimate, timeline, where_to_pay), dismissal_path, professional_needed |
| cascading_consequences | JSONB | Downstream effects: consequence, agency, trigger, severity, legal_reference. E.g. ECB violations blocking DOB permit applications. |
| source_reference | string | Legal statute or code reference (e.g. "NYC Admin Code §28-304.6.1") |
| confidence | integer | Data confidence score 0-100 |
| source_type | string | ai_research, curated, or verified |
Admin Endpoints
GET
Admin
?action=suggestions
List Compliance Suggestions — New requirements submitted by users or AI, pending validation.
Parameters
| Name | Type | Default | Description |
|---|---|---|---|
| state | string | — | Filter by state code |
| source | string | — | ai_auto, user_network, user_public, admin |
| limit | integer | 20 | Results per page |
Response
json
{
"success": true,
"suggestions": [
{
"id": "sug_abc123",
"state_code": "CA",
"requirement_name": "Soft-Story Retrofit",
"description": "Seismic retrofit for pre-1978 wood frame buildings",
"category": "structural",
"source": "ai_auto",
"status": "pending",
"ai_confidence": 88,
"ai_validation_notes": "High-confidence match to CA seismic requirements",
"times_suggested": 2,
"upvotes": 3,
"downvotes": 0,
"submitted_by": "ai@propply",
"submitted_at": "2026-02-12T15:30:00Z"
}
],
"total": 45
}
PATCH
Admin
?action=update_suggestion
Update Suggestion Status — Approve, reject, or merge compliance suggestion.
Body Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| suggestion_id * | string | Yes | Suggestion ID |
| status * | string | Yes | approved, rejected, merged |
| reason | string | — | Admin notes |
GET
Admin
?action=stats
Propply AI Statistics — Coverage metrics, suggestion volume, confidence scores.
Response
json
{
"success": true,
"stats": {
"total_requirements_mapped": 312,
"states_covered": 24,
"metro_areas": 12,
"avg_confidence": 85.3,
"pending_suggestions": 18,
"recently_merged": 5,
"total_votes_collected": 342,
"approval_rate": 0.94,
"top_categories": {
"boiler": 51,
"fire": 48,
"energy": 45,
"elevator": 38
}
}
}
Support & Reference
Error Handling
All APIs return consistent error responses with HTTP status codes and descriptive messages.
json
{
"success": false,
"error": "ValidationError",
"message": "Missing required parameter: state",
"statusCode": 400,
"details": {
"parameter": "state",
"reason": "Required for location-based queries"
}
}
Rate Limiting
API Subscriptions: Monthly quota per tier (Free: 100, Starter: 5,000, Professional: 25,000). Returns 429 Too Many Requests when exceeded on Free tier; overage billing on paid tiers.
Socrata API (internal): 1,000 requests/hour with SOCRATA_APP_TOKEN.
Service Codes (21 Total)
| Category | Service Code | Display Name |
|---|---|---|
| Inspections | boiler |
Boiler Inspection & Compliance |
elevator |
Elevator Safety & Inspection | |
fire_safety |
Fire Safety Systems | |
facade |
Facade / FISP Inspection | |
sprinkler |
Sprinkler Systems | |
gas_piping |
Gas Piping (LL152) | |
backflow |
Backflow Prevention | |
electrical |
Electrical Inspection | |
energy_audit |
Energy Audit (LL87) | |
structural |
Structural Assessment | |
| Certifications | certificate_occupancy |
Certificate of Occupancy |
dob_filings |
DOB Filings & Permits | |
permit_expediting |
Permit Expediting | |
violations_dismissal |
Violations Dismissal | |
landmark_filings |
Landmark Filings | |
| Consulting | compliance_audits |
Compliance Audits |
violation_remediation |
Violation Remediation | |
local_law_compliance |
Local Law Compliance | |
safety_plans |
Safety Plans & Documentation | |
due_diligence |
Due Diligence Review |
State Codes
Use standard US state abbreviations (NY, CA, TX, FL, PA, OH, IL, MI, NJ, VA, NC, SC, GA, AZ, CO, UT, OR, WA, DC, PR, etc.)
Data Sources Referenced
| Source | Type | Coverage |
|---|---|---|
| NYC Open Data (Socrata) | Violations, Filings | New York City |
| Chicago Open Data (Socrata) | Violations, Permits | Chicago, IL |
| SF DataSF (Socrata) | Violations, Permits | San Francisco, CA |
| LA Open Data (Socrata) | Enforcement, Permits | Los Angeles, CA |
| Austin Open Data (Socrata) | Code Complaints, Permits | Austin, TX |
| Seattle Open Data (Socrata) | Violations, Trade Permits | Seattle, WA |
| DC Open Data (Socrata) | Permits, Housing Code | Washington, DC |
| Philadelphia (CARTO) | Code Violations, Permits | Philadelphia, PA |
| Texas TDLR (Socrata) | Licensed Professionals | Texas |
| NY State DOL (Socrata) | Elevator Licenses | New York State |
Contact & Support
For questions about the Propply AI API:
- Email: support@insparisk.com
- GitHub: Repository documentation and issue tracking
- Internal: Insparisk team Slack #api-support
Changelog
| Date | Change |
|---|---|
| 2026-03-22 | v3.1 — Added 9 new endpoints: compliance_report, compliance_score, portfolio_report, contractor_intel, predict_compliance, process_document, webhook_subscribe/list/delete. |
| 2026-03-20 | v3.0 — Scoped documentation to Propply AI API only (standalone repo). |
| 2026-02-13 | Equipment lookup building_intel field added. Notice interpretation with Claude Vision. |
| 2026-01-15 | Propply AI endpoints stabilized. Compliance learning system v1. |
Documentation Source Files:
For implementation details, see function source code in the GitHub repository.
netlify/functions/api-propply.js (Propply AI API)netlify/functions/compliance-local-intel.js (Local Intelligence Engine)For implementation details, see function source code in the GitHub repository.