Ironclad website screenshot

Ironclad

Ironclad is the enterprise contract lifecycle management (CLM) platform used by legal, sales, procurement, and finance teams to draft, negotiate, approve, sign, store, and analyze contracts at scale. The platform combines a no-code Workflow Designer, AI-powered Jurist agentic assistant (contract review, redlining, drafting, repository search), a Records repository with smart import and metadata extraction, Clickwrap for online acceptance, and deep integrations with Salesforce, Microsoft 365, Slack, Workday, ServiceNow, Jira, HubSpot, NetSuite, Dynamics 365, and Power Automate. Ironclad publishes three first-party OpenAPI 3.1 specifications (Public API, OAuth 2.0, SCIM 2.0) plus the Clickwrap REST/JS surface, supports regional NA1/EU1 hosting, OAuth 2.0 with scoped tokens, SCIM-based provisioning, and event-driven webhooks. Ironclad reported surpassing $200M in ARR in February 2026.

4 APIs 12 Features
Contract Lifecycle ManagementCLMContractsLegal TechLegalOpsEnterpriseWorkflowseSignatureClickwrapAIOAuthSCIMWebhooks

APIs

Ironclad Public API

The Ironclad Public API exposes contract lifecycle management primitives — Workflows (contract authoring, approvals, signature packets, comments, signers), Records (the executed...

Ironclad OAuth 2.0 API

OAuth 2.0 endpoints for delegated and machine-to-machine access to the Ironclad Public API. Supports the Authorization Code grant (with PKCE for public clients) and the Client C...

Ironclad SCIM 2.0 API

SCIM 2.0 endpoints for Just-in-Time and bulk provisioning of Ironclad users and groups from an upstream identity provider (Okta, Azure AD, OneLogin, etc.). Implements /Users, /G...

Ironclad Clickwrap API

The Ironclad Clickwrap (formerly PactSafe) API delivers programmatic clickwrap and browsewrap acceptance tracking for online agreements — terms of service, privacy policies, EUL...

Collections

Arazzo Workflows

Ironclad Audit a Workflow's Activity

Retrieve a workflow, then pull its turn history and comment thread for audit.

ARAZZO

Ironclad Cancel a Workflow with an Audit Comment

Retrieve a workflow, add an explanatory comment, then cancel the workflow.

ARAZZO

Ironclad Create and Retrieve a Contract Record

Resolve the records schema, create a contract record, then read it back.

ARAZZO

Ironclad Curate a Signature Packet

List workflow documents, reorder the signature packet, then re-check sign status.

ARAZZO

Ironclad Discover a Template and Launch a Workflow

List workflow launch schemas, then launch a workflow against a chosen template.

ARAZZO

Ironclad Launch and Track a Workflow

Launch a contract workflow synchronously, then read back its data and documents.

ARAZZO

Ironclad Launch a Workflow Asynchronously and Poll

Launch a workflow async, poll the create job to completion, then retrieve the workflow.

ARAZZO

Ironclad Pause and Resume a Workflow

Retrieve a workflow, pause it with a comment, then resume it with a comment.

ARAZZO

Ironclad Register and Verify a Webhook

Create a webhook, retrieve it to confirm, then list all webhooks.

ARAZZO

Ironclad Review and Approve a Workflow

Inspect a workflow's approvals and approval requests, then approve the active role.

ARAZZO

Ironclad Schedule a Signature Send

Read sign status, schedule the signature request for a future time, then re-read the workflow.

ARAZZO

Ironclad Send a Workflow for Signature

Read sign-step status, send the signature request, then confirm the packet documents.

ARAZZO

Ironclad Update a Webhook Subscription

Find an existing webhook by target URL, retrieve it, then update its events.

ARAZZO

Ironclad Upsert a Contract Record

Find a contract record by a filter and update it if found, otherwise create it.

ARAZZO

GraphQL

Ironclad GraphQL Schema

This conceptual GraphQL schema represents the Ironclad digital contracting platform API surface. Ironclad's public REST API (base URL: `https://na1.ironcladapp.com/public/api/v1...

GRAPHQL

Pricing Plans

Ironclad Plans Pricing

5 plans

PLANS

Rate Limits

Ironclad Rate Limits

5 limits

RATE LIMITS

FinOps

Features

AI-Powered Contract Review

Jurist agentic AI assistant reviews redlines, drafts clauses, summarizes contracts, and answers natural-language questions across the executed-contract repository.

No-Code Workflow Designer

Business users design contract workflows — conditional approvals, signature packets, counterparty negotiation, and CRM/ERP fanout — without engineering.

Smart Import

ML-driven metadata extraction that ingests legacy contract PDFs and predicts record metadata (counterparty, effective date, term length, renewal, obligations).

Repository and Records

Centralized contract repository with versioned attachments, structured metadata, configurable schemas, and full-text + conversational search.

Webhooks

Subscribe to workflow, record, and entity events for event-driven integration with downstream systems (CRM, ERP, ITSM, data warehouse).

Data Exports

Asynchronous bulk-export jobs deliver contract metadata and content to a data lake or warehouse — Snowflake, BigQuery, Databricks, Redshift.

Clickwrap and Browsewrap

Embed enforceable online acceptance flows (terms, EULAs, policies) into web, mobile, and checkout experiences with court-ready acceptance records.

Entity Management

First-class counterparty and entity records linked to workflows, records, and obligations, with reference-type modeling.

Obligation Tracking

Extract and track post-signature commitments — renewal dates, SLAs, payment terms, regulatory deadlines.

OAuth 2.0 and SCIM 2.0

Standards-based authentication (Authorization Code + Client Credentials) and provisioning from any SCIM-compliant identity provider.

Regional Hosting

North America (na1) and EU (eu1) hosting for data-residency compliance, plus a demo region for testing.

Per-Tenant Encryption

Optional Hold-Your-Own-Key (HYOK) encryption via Antimatter and GCP for the Security & Data Pro add-on.

Use Cases

Sales Contract Automation

Salesforce-triggered NDA, MSA, and order-form workflows that fan out for legal approval, counterparty signature, and CRM record update.

Procurement Lifecycle

Sync vendor onboarding, intake forms, and approval gating with procurement systems (Workday, NetSuite, Coupa, ServiceNow).

Legal Operations

Centralize matter-management, contract review queues, and clause libraries; offload first-pass review to Jurist AI.

HR and Employment Agreements

Offer letters, NDAs, separation agreements, and contractor agreements with conditional-routing approvals and esignature.

Repository Migration

Smart-import legacy PDF contracts into the structured Records repository with ML-extracted metadata.

Online Agreement Acceptance

Embed clickwrap acceptance into SaaS sign-up, checkout, and policy-acknowledgement flows with court-ready evidence.

Compliance and Obligation Management

Surface renewal dates, payment milestones, SLAs, and regulatory commitments from executed contracts.

AI-Augmented Repository Search

Run conversational queries ("show every MSA expiring in Q3 with auto-renew") across the contract repository using Jurist.

Integrations

Salesforce

Bi-directional CRM integration — launch workflows from opportunities, sync record fields, update opportunity stage on contract execution.

Microsoft Word

Native Word add-in for in-editor AI drafting, redlining, and clause comparison powered by Jurist.

Microsoft 365 / Power Automate

Power Automate connector for low-code Microsoft 365 workflow orchestration.

Microsoft Dynamics 365

Bi-directional contract status and document sync with Dynamics 365.

ServiceNow

Procurement-process integration — request intake, approval routing, and contract record back-fill.

Slack

Approval notifications, signature reminders, and contract-status messages in Slack.

HubSpot

Launch contract workflows from HubSpot deals via Tray.io connector.

Jira

Launch Ironclad workflows from Jira tickets and update Jira on contract progression (Zapier + Jira Automation patterns).

NetSuite

Sync vendor contracts and obligations with NetSuite via Tray.io.

Zapier

5,000+ app connector library via Zapier for low-code automation.

MuleSoft

Anypoint-Exchange connector for enterprise iPaaS integration.

Box

Smart-import contracts from Box folders into the Ironclad Records repository.

Snowflake / BigQuery / Databricks / Redshift

Event-driven and bulk data-warehouse loads via the Data Exports surface.

Solutions

Ironclad CLM Platform

Core contract lifecycle management — workflows, records, repository, AI assistant.

Jurist AI Assistant

Agentic AI for contract review, redlining, drafting, summarization, and conversational repository search.

Ironclad Clickwrap

Online-agreement acceptance and acceptance-record management for terms, EULAs, and checkout flows.

Security & Data Pro

Per-tenant encryption (HYOK via Antimatter or GCP) and elevated data-protection controls for regulated industries.

Ironclad Insights

Reporting, dashboards, and BI over contract metadata.

Semantic Vocabularies

Ironclad Context

0 classes · 6 properties

JSON-LD

API Governance Rules

Ironclad API Rules

8 rules · 1 errors 6 warnings 1 info

SPECTRAL

Example Payloads

Resources

🔗
PostmanWorkspace
PostmanWorkspace
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🌐
Portal
Portal
🔗
Documentation
Documentation
🔗
Documentation
Documentation
🔗
APIReference
APIReference
🔑
Authentication
Authentication
🔗
RateLimits
RateLimits
📄
ChangeLog
ChangeLog
🟢
StatusPage
StatusPage
👥
GitHubOrganization
GitHubOrganization
📦
SDKs
SDKs
🔗
LinkedIn
LinkedIn
💰
Pricing
Pricing
📜
TermsOfService
TermsOfService
📜
PrivacyPolicy
PrivacyPolicy
💬
Support
Support
📰
Blog
Blog
🔗
Plans
Plans
🔗
RateLimits
RateLimits
🔗
FinOps
FinOps
🔗
SpectralRules
SpectralRules
🔗
Vocabulary
Vocabulary

Sources

Raw ↑
opencollection: 1.0.0
info:
  name: Ironclad SCIM API
  version: '1'
request:
  auth:
    type: apikey
    key: Authorization
    value: '{{Authorization}}'
    placement: header
items:
- info:
    name: Users
    type: folder
  items:
  - info:
      name: List all Users
      type: http
    http:
      method: GET
      url: https://na1.ironcladapp.com/scim/v2/Users
      headers:
      - name: x-as-user-email
        value: ''
      - name: x-as-user-id
        value: ''
      params:
      - name: startIndex
        value: ''
        type: query
        description: The starting index for retrieving this resource. Resources are indexed based on when they were first
          added to Ironclad.
      - name: count
        value: ''
        type: query
        description: Specifies the maximum number of resources to return in a single page of results.
      - name: filter
        value: userName eq "alex.doe@example.com"
        type: query
        description: Filters for identifying subsets of users. Filters must comply with the SCIM protocol's convention. For
          more details, see SCIM [RFC 7644 Section 3.4.2.2](https://datatracker.ietf.org/doc/html/rfc7644#section-3.4.2.2).
      - name: excludedAttributes
        value: ''
        type: query
        description: A comma-separated list of attributes to exclude from the resources in the response.
    docs: "Documentation on listing Users via SCIM. \n\n**OAuth Scope required:** `scim.users.readUsers`"
  - info:
      name: Create a User
      type: http
    http:
      method: POST
      url: https://na1.ironcladapp.com/scim/v2/Users
      headers:
      - name: x-as-user-email
        value: ''
      - name: x-as-user-id
        value: ''
      params:
      - name: excludedAttributes
        value: ''
        type: query
        description: A comma-separated list of attributes to exclude from the resources in the response.
      body:
        type: json
        data: '{}'
    docs: "Documentation on creating a User via SCIM. \n\n**OAuth Scope required:** `scim.users.createUsers`"
  - info:
      name: Retrieve a User
      type: http
    http:
      method: GET
      url: https://na1.ironcladapp.com/scim/v2/Users/:userId
      headers:
      - name: x-as-user-email
        value: ''
      - name: x-as-user-id
        value: ''
      params:
      - name: userId
        value: ''
        type: path
        description: A user's unique id can be identified using the Retrieve all Users endpoint with a filter parameter
      - name: excludedAttributes
        value: ''
        type: query
        description: A comma-separated list of attributes to exclude from the resources in the response.
    docs: "Documentation on accessing User info via SCIM. \n\n**OAuth Scope required:** `scim.users.readUsers`"
  - info:
      name: Replace a User
      type: http
    http:
      method: PUT
      url: https://na1.ironcladapp.com/scim/v2/Users/:userId
      headers:
      - name: x-as-user-email
        value: ''
      - name: x-as-user-id
        value: ''
      params:
      - name: userId
        value: ''
        type: path
        description: A user's unique id can be identified using the Retrieve all Users endpoint with a filter parameter
      - name: excludedAttributes
        value: ''
        type: query
        description: A comma-separated list of attributes to exclude from the resources in the response.
      body:
        type: json
        data: '{}'
    docs: "Documentation on replacing a User via SCIM. \n\n**OAuth Scope required:** `scim.users.updateUsers`"
  - info:
      name: Update User Data
      type: http
    http:
      method: PATCH
      url: https://na1.ironcladapp.com/scim/v2/Users/:userId
      headers:
      - name: x-as-user-email
        value: ''
      - name: x-as-user-id
        value: ''
      params:
      - name: userId
        value: ''
        type: path
        description: A user's unique id can be identified using the Retrieve all Users endpoint with a filter parameter
      - name: excludedAttributes
        value: ''
        type: query
        description: A comma-separated list of attributes to exclude from the resources in the response.
      body:
        type: json
        data: '{}'
    docs: "Documentation on updating a User via SCIM. \n\n**OAuth Scope required:** `scim.users.updateUsers`"
  - info:
      name: Delete a User
      type: http
    http:
      method: DELETE
      url: https://na1.ironcladapp.com/scim/v2/Users/:userId
      headers:
      - name: x-as-user-email
        value: ''
      - name: x-as-user-id
        value: ''
      params:
      - name: userId
        value: ''
        type: path
        description: A user's unique id can be identified using the Retrieve all Users endpoint with a filter parameter
    docs: "Delete a user on Ironclad. If the deletion is successful, all active workflows associated with the deleted user\
      \ should be automatically reassigned to the default user within the admin group. To learn how to set a default user,\
      \ see the [Manage Groups](https://support.ironcladapp.com/hc/en-us/articles/12286570480791-Manage-Groups) guide. \n\n\
      **OAuth Scope required:** `scim.users.deleteUsers`"
- info:
    name: Groups
    type: folder
  items:
  - info:
      name: List all Groups
      type: http
    http:
      method: GET
      url: https://na1.ironcladapp.com/scim/v2/Groups
      headers:
      - name: x-as-user-email
        value: ''
      - name: x-as-user-id
        value: ''
      params:
      - name: startIndex
        value: ''
        type: query
        description: The starting index for retrieving this resource. Resources are indexed based on when they were first
          added to Ironclad.
      - name: count
        value: ''
        type: query
        description: Specifies the maximum number of resources to return in a single page of results.
      - name: filter
        value: displayName eq "Legal Ops Group"
        type: query
        description: Filters for identifying subsets of groups. Filters must comply with the SCIM protocol's convention. For
          more details, see SCIM [RFC 7644 Section 3.4.2.2](https://datatracker.ietf.org/doc/html/rfc7644#section-3.4.2.2).
      - name: excludedAttributes
        value: ''
        type: query
        description: A comma-separated list of attributes to exclude from the resources in the response.
    docs: "Documentation on listing Groups via SCIM. \n\n**OAuth Scope required:** `scim.groups.readGroups`"
  - info:
      name: Create a Group
      type: http
    http:
      method: POST
      url: https://na1.ironcladapp.com/scim/v2/Groups
      headers:
      - name: x-as-user-email
        value: ''
      - name: x-as-user-id
        value: ''
      params:
      - name: excludedAttributes
        value: ''
        type: query
        description: A comma-separated list of attributes to exclude from the resources in the response.
      body:
        type: json
        data: '{}'
    docs: "Documentation on creating a Group via SCIM. \n\n**OAuth Scope required:** `scim.groups.createGroups`"
  - info:
      name: Retrieve a Group
      type: http
    http:
      method: GET
      url: https://na1.ironcladapp.com/scim/v2/Groups/:groupId
      headers:
      - name: x-as-user-email
        value: ''
      - name: x-as-user-id
        value: ''
      params:
      - name: groupId
        value: ''
        type: path
        description: A group's unique id can be identified using the Retrieve all Groups endpoint with a filter parameter
      - name: excludedAttributes
        value: ''
        type: query
        description: A comma-separated list of attributes to exclude from the resources in the response.
    docs: "Documentation on accessing a Group via SCIM. \n\n**OAuth Scope required:** `scim.groups.readGroups`"
  - info:
      name: Replace a Group
      type: http
    http:
      method: PUT
      url: https://na1.ironcladapp.com/scim/v2/Groups/:groupId
      headers:
      - name: x-as-user-email
        value: ''
      - name: x-as-user-id
        value: ''
      params:
      - name: groupId
        value: ''
        type: path
        description: A group's unique id can be identified using the Retrieve all Groups endpoint with a filter parameter
      - name: excludedAttributes
        value: ''
        type: query
        description: A comma-separated list of attributes to exclude from the resources in the response.
      body:
        type: json
        data: '{}'
    docs: "Documentation on replacing a Group via SCIM. \n\n**OAuth Scope required:** `scim.groups.updateGroups`"
  - info:
      name: Update a Group
      type: http
    http:
      method: PATCH
      url: https://na1.ironcladapp.com/scim/v2/Groups/:groupId
      headers:
      - name: x-as-user-email
        value: ''
      - name: x-as-user-id
        value: ''
      params:
      - name: groupId
        value: ''
        type: path
        description: A group's unique id can be identified using the Retrieve all Groups endpoint with a filter parameter
      - name: excludedAttributes
        value: ''
        type: query
        description: A comma-separated list of attributes to exclude from the resources in the response.
      body:
        type: json
        data: '{}'
    docs: "Documentation on updating a Group via SCIM. This includes updating group membership. \n\n**OAuth Scope required:**\
      \ `scim.groups.updateGroups`"
  - info:
      name: Delete a Group
      type: http
    http:
      method: DELETE
      url: https://na1.ironcladapp.com/scim/v2/Groups/:groupId
      headers:
      - name: x-as-user-email
        value: ''
      - name: x-as-user-id
        value: ''
      params:
      - name: groupId
        value: ''
        type: path
        description: A group's unique id can be identified using the Retrieve all Groups endpoint with a filter parameter
    docs: "Documentation on deleting a Group via SCIM. \n\n**OAuth Scope required:** `scim.groups.deleteGroups`"
- info:
    name: Schemas
    type: folder
  items:
  - info:
      name: List all Schemas
      type: http
    http:
      method: GET
      url: https://na1.ironcladapp.com/scim/v2/Schemas
      headers:
      - name: x-as-user-email
        value: ''
      - name: x-as-user-id
        value: ''
    docs: "Documentation on listing all Schemas via SCIM. \n\n**OAuth Scope required:** `scim.schemas.readSchemas`"
  - info:
      name: Retrieve a Schema
      type: http
    http:
      method: GET
      url: https://na1.ironcladapp.com/scim/v2/Schemas/:schemaId
      headers:
      - name: x-as-user-email
        value: ''
      - name: x-as-user-id
        value: ''
      params:
      - name: schemaId
        value: ''
        type: path
        description: A schema's unique id can be identified using the Retrieve all Schemas endpoint
    docs: "Documentation on retrieving a schema via SCIM. \n\n**OAuth Scope required:** `scim.schemas.readSchemas`"
bundled: true