API Reference

The Comma Compliance API provides programmatic access to archived messages, compliance policies, and integration management. Use it to build custom workflows, export data to external systems, or integrate Comma into your existing compliance infrastructure.

Base URL

https://api.commacompliance.com/v1

Authentication

All API requests require a Bearer token in the Authorization header:

Authorization: Bearer <your-api-token>

Generate API tokens from Settings > API Keys in your Comma dashboard. Tokens inherit the permissions of the user who created them.

Rate limits

• Standard plans - 100 requests per minute
• Enterprise plans - 1,000 requests per minute

Rate limit headers are included in every response:

X-RateLimit-Limit: 100
X-RateLimit-Remaining: 97
X-RateLimit-Reset: 1714003200

Endpoints

Messages

Method	Endpoint	Description
GET	/messages	List archived messages with filtering
GET	/messages/:id	Get a specific message
GET	/messages/export	Export messages as CSV or JSON

Policies

Method	Endpoint	Description
GET	/policies	List compliance policies
POST	/policies	Create a new policy
PUT	/policies/:id	Update a policy
DELETE	/policies/:id	Delete a policy

Integrations

Method	Endpoint	Description
GET	/integrations	List connected integrations
GET	/integrations/:id/status	Check integration health

Users

Method	Endpoint	Description
GET	/users	List organization users
GET	/users/:id/integrations	List a user’s personal integrations

Response format

All responses return JSON with a consistent envelope:

{
  "data": { },
  "meta": {
    "page": 1,
    "per_page": 50,
    "total": 234
  }
}

Error responses include a machine-readable code and human-readable message:

{
  "error": {
    "code": "rate_limit_exceeded",
    "message": "Rate limit exceeded. Try again in 60 seconds."
  }
}

SDKs and libraries

Official SDKs are coming soon. In the meantime, the REST API works with any HTTP client.

Need help?

Contact support@commacompliance.com for API access questions or to request higher rate limits.