REST + webhooks
Resource-oriented REST API for synchronous operations. Webhooks for change events. Cursor-based pagination, idempotency keys, and rate-limit headers throughout.
Developers
Build against a platform that takes its API seriously.
Every customer-facing capability in the product is reachable from the API. We treat the public surface as a contract: versioned, documented, audit-logged, and stable across at least one major release. Engineers integrating CEX Solutions should not have to reverse-engineer a UI to ship.
Full API reference is shared with customers and qualified partners under NDA. Sandbox access is available during evaluation.
API surface
What the platform exposes to your code.
OAuth 2.0 + service accounts
OAuth 2.0 (authorisation code + PKCE) for user-context calls. Service-account credentials for backend integrations. Tokens are short-lived and rotatable.
Bulk import / export
For high-volume jobs (territory loads, payout exports), use the bulk API or the S3-staged transfer pattern. Supports millions of rows per job.
Typed schemas
OpenAPI 3 reference for every endpoint. Generated TypeScript and Python clients available for partners under NDA.
Audit & traceability
Every API call is logged with caller identity, scope, payload digest, and outcome. Customer admins can replay and inspect via the audit log.
CLI for ops
A first-party CLI wraps the API for one-off integration tasks: seed environments, validate mappings, replay webhooks, and inspect rate-limit budgets.
Quickstart
A request looks like this.
Authenticate with a service-account credential, scope to your tenant, and call the resource you need. Every endpoint follows the same shape — list, get, create, update, archive — with explicit pagination and idempotency.
The full reference covers every resource. Customer admins can generate sandbox tokens directly from their workspace.
See common integration patterns →curl https://api.cex-solutions.com/v1/territories \
-H "Authorization: Bearer $CEX_TOKEN" \
-H "X-Tenant: acme-pharma-eu" \
-H "Idempotency-Key: 9b2..." \
-G --data-urlencode "cycle=2026-Q2" \
--data-urlencode "limit=100"
# 200 OK
{
"data": [
{
"id": "trr_01HX...",
"name": "Iberia North",
"rep_id": "rep_01HX...",
"cycle": "2026-Q2",
"updated_at": "2026-04-12T08:14:22Z"
}
],
"next_cursor": "eyJpZCI6Im..."
}Stability
Versioned by URL.
Every breaking change ships under a new major version. Deprecated versions are supported for at least 12 months with active migration guidance.
Reliability
Status & SLA.
Uptime, latency, and incident history are reported to customers continuously. Contractual SLA targets are tied to deployment region.
Support
Direct line.
Integration partners get a named engineering contact. Production incidents follow the platform's 24/7 on-call.
Engineered in Europe. AWS-deployed where your business runs.
Live across Europe and MENA under a GDPR-native baseline. Deployable on AWS in the Americas, Asia-Pacific, Oceania, and Africa — fully managed by us, or on your own AWS account run as your internal cloud. Your data stays in your jurisdiction.