API Changelog
Support for Multi-Tax in Clio Manage
Release Date: 2026-04-08
Note: This change applies to any account that has the Multi-Tax feature enabled, regardless of API version.
Summary Of Changes
We have rolled out support for Multi-Tax in Clio Manage. Users can now store up to 15 individual tax rate configurations and apply any combination of them (up to 2) across Expense-type Activities, Line Items, and Expense Categories.
Expense-type Activities
Expense-type Activities continue to support the legacy tax_setting parameter, which accepts the values no_tax, tax_1_only, tax_2_only, and tax_1_and_tax_2. Existing integrations using tax_setting will continue to work unchanged — when this parameter is provided, the applicable tax rate configurations are derived from the value of tax_setting and the account's billing settings taxable defaults.
In addition, expense-type Activities now accept a new tax_settings parameter, which allows passing up to 2 tax rate configurations to apply directly to the expense activity. This gives integrations explicit control over which tax rate configurations are applied, rather than relying on the account's billing settings defaults.
See the API Reference for Activity create and Activity update for more information about this parameter.
Expense Categories
Expense Categories can now be created and updated through the API with up to 2 tax rate configurations by passing the new tax_settings parameter. The provided tax rate configurations will be applied as the default tax settings for expenses created under the category.
See the API Reference for Expense Category create and Expense Category update for more information about this parameter.
Line Items
We have deprecated the ability to set legacy taxable flags directly on update requests for line items that have line item tax records (i.e., line items created or updated after Multi Tax was enabled). These changes are necessary to support the Multi-Tax feature and enforce proper tax handling rules.
To apply or update taxes on these line items, the tax_settings array must be used, with each entry specifying tax_rate_configuration_id, order, and rule.
Requests attempting to update taxable or secondary_taxable directly on a multi-tax line item via PATCH /api/v4/line_items/{id} will return a 422 error: "Cannot update taxable or secondary taxable flags directly for line items with multiple tax rates. Use tax settings instead." Legacy line items (those without line_item_tax records) will continue to accept the old taxable / secondary_taxable flags.
On create, line items can still be created with the legacy taxable and secondary_taxable flags, which will be translated into the appropriate tax rate configurations based on the bill's taxable defaults.
See the API Reference for Line Item update for more information about the tax_settings parameter.
Tax Rate Configurations
A new TaxRateConfiguration resource has been introduced to represent an individual tax rate setting on the account, available via the following endpoint:
| Endpoint | HTTP Methods |
|---|---|
| api/v4/tax_rate_configurations | GET |
See the API Reference for Tax Rate Configuration index and Tax Rate Configuration show for more information.
Each tax rate configuration is serialized with the following fields:
| Field | Type | Description |
|---|---|---|
id | long | Unique identifier of the tax rate configuration. |
etag | string | ETag for the record, used for cache validation. |
name | string | Display name of the tax rate configuration. For system tax rate configurations, this returns the localized translation. |
rate | decimal | The tax rate as a decimal value. |
rate_as_percentage | decimal | The tax rate expressed as a percentage. |
formatted_rate_as_percentage | string | The tax rate formatted as a localized percentage string. |
country | string | Country associated with the tax rate configuration. |
region | string | Region associated with the tax rate configuration. |
is_system | boolean | Whether this is a system-managed tax rate configuration (e.g., the zero-rate "Do not apply tax" / "Tax exempt" entries). |
active | boolean | Whether the tax rate configuration is currently active. |
created_at | datetime | Timestamp when the record was created. |
updated_at | datetime | Timestamp when the record was last updated. |
tax_settings shape
Each entry in the tax_settings array is an object with the following properties:
| Field | Type | Description |
|---|---|---|
tax_rate_configuration_id | long | The ID of the tax rate configuration to apply. Must reference an active tax rate configuration on the account. |
order | integer | The position of the tax rate configuration (1 for primary, 2 for secondary). Must be unique within the array. |
rule | string | How the tax is applied. One of Pre (apply to pre-tax amount) or Post (apply to post-tax amount). Defaults to Pre. |
tax_settings validation
Tax rate configurations supplied via tax_settings (on Expense-type Activities, Expense Categories, and Line Items) must pass the following validation rules:
- Non-blank configuration IDs: Every entry in
tax_settingsmust include atax_rate_configuration_id. Entries with a blanktax_rate_configuration_idwill be rejected. - Maximum order: No more than the maximum of 2 tax rate configurations per entity may be provided in the
tax_settingsarray. - Unique orders: The
ordervalue of each entry must be unique within thetax_settingsarray. Duplicateordervalues will be rejected. - Valid tax rate configurations: Every
tax_rate_configuration_idmust reference a tax rate configuration that belongs to the account and is active. Inactive or unknown IDs will be rejected.
Requests that fail any of these validations will return a 422 error indicating which validation rule was violated.
4.0.13
Release Date: 2025-10-06 Promotion to default version: 2026-01-06
As this change is to improve API performance and stability, it will be backfilled to previous API versions on January 6, 2026.
Summary Of Changes
Contact associations limit
We have introduced a limit to the number of associated email addresses, phone numbers, and physical addresses on Contact records.
As of version 4.0.13, a Contact can only store 20 email addresses, 20 phone numbers, and 20 physical addresses. The API will respond with a 422 error if you attempt to add an additional association past the maximum limit for each type. Existing contacts with more than the maximum associations will have their data moved to a contact note so no data is lost.
This change improves API performance and stability when retrieving contacts with a large number of associations.
Retrieval of email, phone, and address associations will continue to work as before.
4.0.12
Release Date: 2025-06-24
Promotion To Default Version: 2025-09-24
Note: This change has been released to all API versions to ensure data consistency.
Summary Of Changes
To support correct privacy permissions for private calendar events, several fields in the CalendarEntry endpoint have been updated to return null if the user doesn't have sufficient permissions to view the CalendarEntry record being requested. A “redacted: true” field will also be added to the object in cases where the user doesn't have sufficient permissions. The comprehensive list of fields is listed below. We recommend updating your integration to verify the presence of these fields in API responses.
Fields that will be affected by this change
- attendees
- calendars
- matter_docket
- parent_calendar_entry
- parent_calendar_entry_id
- recurrence_rule
- reminders
- time_entries
- time_entries_count
Deprecation of currency editing in Bills and Bank Accounts endpoints
Summary Of Changes
Release Date: 2025-06-30
Note: This change has been released to all API versions to ensure data consistency.
We have deprecated two actions in the API, detailed below. These changes are necessary to support the optional multi-currency billing feature in Clio Manage, which enforces proper currency handling rules.
- The currency of a bill cannot be edited.
- The currency of a bank account cannot be edited once transactions are recorded on the bank account.
Requests attempting to edit the currency of either a bill or a bank account with existing transactions will return a 422 error. This change applies to all versions of the API to ensure data consistency with the Clio Manage UI.
4.0.11
Release Date: 2025-03-31
Summary Of Changes
New endpoints for retrieving all phone numbers and email addresses associated with Contacts
Two new endpoints are now available in the API: Email Addresses and Phone Numbers. These endpoints allow retrieving all email addresses or phone numbers associated with a Contact.
Phone numbers and email addresses can still be retrieved on the Contacts endpoint directly using the phone_numbers and email_addresses fields, but the API will now only return a maximum of 200 associated phone numbers and email addresses on a Contact object. If a contact has more than 200 associated phone numbers or email addresses, the new endpoints should be used to retrieve those records.
Rich Text Editor For Notes and Tasks Endpoints
Release Date: 2025-03-14
Summary of Changes
Notes and Tasks now support rich text formatting
The Clio API now supports a rich text editor for the notes detail field, the tasks description field, and the task templates description field. This allows users to format their notes, tasks and task templates with various styles, including bold, italics, lists, and more.
This feature enhances the user experience by providing a more flexible and visually appealing way to manage notes and tasks. This is supported on GET, POST and PATCH requests for the notes, tasks, and task_templates endpoints.
To use the rich text editor, users need to include the detail_text_type or description_text_type field in their requests. The value of these fields should be set to rich_text to enable the rich text editor. By default, the value is set to plain_text, which means that the text will be treated as plain text without any formatting.
The rich text editor is available for the following endpoints and fields:
| Endpoint | Fields | Field Flag |
|---|---|---|
| notes | detail | detail_text_type |
| tasks | description | description_text_type |
| task templates | description | description_text_type |
The rich text editor supports the following tags and attributes:
- Tags:
<a>,<b>,<br>,<div>,<em>,<i><li>,<ol>,<p>,<s>,<strong>,<u>and<ul> - Attributes:
href,rel,type, andtarget.
This is also noted in the API Reference page for notes, tasks and task templates.
4.0.10
Release Date: 2024-07-26
Summary Of Changes
Fixed validation of type query parameter on Notes endpoint
The Notes endpoint has a required type parameter to specify if the query should retrieve Matter Notes or Contact Notes. However, a validation error within the API mistakenly allowed an array of values to be passed into the parameter. As of v4.0.10, if the parameter value isn't matter or contact, a 422 error will be returned.
Clio Payments API Endpoints
Release Date: 2024-05-16
Summary of Changes
New Clio Payments Endpoints for third-party integrations released
These endpoints will allow users to create payment links and use them to collect payments from clients.
The endpoints require access permissions to "Clio Payments" and "Accounting" to be able to fully utilize the new endpoints.
For full descriptions of each endpoint, see the API Reference page. We also provide a development guide on how to get started with the Clio Payments endpoints.
| Endpoint | HTTP Methods |
|---|---|
| clio_payments/links | GET/POST |
| clio_payments/payments | GET |
Personal Injury API Endpoints
Release Date: 2024-01-30
Summary of Changes
New Personal Injury Endpoints for third-party integrations released
These endpoints will allow users to interact and create entities for the Personal Injury add-on.
The endpoints require access permissions to "Personal Injury", and access permissions to "Matters", "Documents", and "Contacts" to be able to fully utilize the new endpoints.
For full descriptions of each endpoint, see the API Reference page. We also provide a development guide on how to get started with the Personal Injury endpoints.
| Endpoint | HTTP Methods |
|---|---|
| medical_records_details | GET/POST/GET/PATCH/DELETE |
| medical_records | PATCH/DELETE |
| medical_bills | PATCH/DELETE |
| damages | GET/POST/GET/PATCH/DELETE |
4.0.9
Release Date: 2022-11-21
Promotion to default version: 2023-02-21
Because this change involves firm security settings, it will be backfilled to previous API versions on February 21, 2023.
Summary of Changes
Users may only see a subset of the contacts depending on the new “Contacts visibility” setting
A new permission, Contacts Visibility, can be set by a firm administrator in Clio Manage to limit a user’s visibility into contacts. Previously, any user could view all the contacts within the firm. If the permission is set to “Restricted”, the user can only see the contacts that are created by the user or belong to the user’s matters. This includes:
- Client of the matters that the user can see
- Related contacts to the matters that the user can see
- Custom fields of type contact that belong to the matters that the user can see
- Co-counsel contacts of the matter that the user can see
This change impacts all the endpoints that return Contact records, either directly or as a nested record. If the user requests a contact that they don’t have visibility into, they may receive a redacted version of the contact. Note that if Contacts Visibility is set to “all”, the behavior of the following endpoints will stay unchanged.
| Endpoint | HTTP Method | Object | Fields | Description |
|---|---|---|---|---|
| contacts | GET | contact | all | User will receive a list of contacts that they are allowed to see |
| activities | GET | vendor (nested property) | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with asterisks. A “redacted: true” field will be added to the object. |
| activities/{activity_id} | POST/PATCH | vendor (nested property) | id | Adding a restricted contact to an activity via the vendor field will return a 422 if the contact is not visible for the user. |
| allocations | GET | contact | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
| bank_transactions | GET | client | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
| bank_transfers | GET | client | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
| bills | GET | client | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
| billable_matters | GET | client | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
| calendar_entries | GET | attendees | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
| calendar_entries | POST/PATCH | attendees | id | Adding a restricted contact to a calendar entry via the attendees field will return a 422 if the contact is not visible for the user. |
| communications | GET | senders, receivers | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
| communications | POST/PATCH | senders, receivers | id | Will return 404 error if any senders or receivers are not visible |
| contacts/{contact_id} | GET | company, related_contacts, custom_field_values {contact} | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
| conversations | GET | memberships{member} | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
| conversation_messages | GET | sender, receivers | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
| conversation_messages | POST | sender, receivers | all | Adding a restricted contact to a conversation message via the sender or receivers field will return a 422 if the contact is not visible for the user. |
| credit_memos | GET | contact | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
| documents | GET | contact, access_grants | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
| folders | GET | contact, access_grants | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
| matters | GET | client, custom_field_values {contact} | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
| matters/{matter_id}/client | GET | client, company | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
| matters/{matter_id}/contacts | GET | contact | all | User will receive a list of contacts that they are allowed to see |
| notes | GET | contact | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
| outstanding_client_balances | GET | contact | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
| relationships | GET | contact | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
| tasks | GET | assignee | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
| tasks | POST/PATCH | assignee | id | Adding a restricted contact to a task via the assignee field will return a 422 if the contact is not visible for the user. |
| trust_line_items | GET | client | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
| users | GET | contact | all | Response for the object will be a “redacted” contact containing only [id, name, type]. Name will be redacted with an asterisk. A “redacted: true” field will be added to the object. |
4.0.8
Release Date: 2022-03-11
Promotion to default version: 2022-08-12
Because this change involved firm security settings, it was backfilled to previous API versions on August 12, 2022.
Summary of Changes
Activity hours may be redacted based on new “Activity Hours Visibility” setting
A new permission, Activity Hour Visibility, can be set by a firm administrator in Clio Manage to limit a user’s visibility into other users’ time entry hours. If the permission is set to “Own and when acting as a matter’s Responsible Attorney”, the user may receive redacted values for time-related fields or be unable to update those fields.
This change impacts all endpoints that return Activity records of type TimeEntry, either directly (the activities endpoint) or as a nested object. The specific endpoints and fields affected are listed in the table below, along with a description of what the behaviour will be if the new permission is enabled for the requesting user.
| Endpoint | HTTP Method | Object | Fields | Description |
|---|---|---|---|---|
| activities | GET | activity (type: TimeEntry) |
| The listed fields will be null and a quantity_redacted: true field will be added to the response body. |
| activities | PATCH | activity (type: TimeEntry) |
| If a user attempts to update any of the listed fields on an activity that has a quantity field redacted for them, they will receive a 403 error in response. |
| calendar_entries | GET | time_entries (nested property) | same as activities GET requests above | same as activities GET requests above |
| communications | GET | time_entries (nested property) | same as activities GET requests above | same as activities GET behavior above |
| notes | GET | time_entries (nested property) | same as activities GET requests above | same as activities GET behavior above |
| tasks | GET | time_entries (nested property) | same as activities GET requests above | same as activities GET behavior above |
Applications should ensure that use of these fields can handle potential null values as well as numbers. To test the redacted API field behavior, you must enable the Activity Hour Visibility setting for a firm user. This can be done in the user management settings when signed in as a firm administrator.
4.0.7
Release Date: 2021-07-06
Promotion to default version: 2021-07-14
Summary of Changes
- Change secure link format
4.0.6
Release Date: 2021-01-27
Promotion to default version: n/a
Note: This change was backfilled to previous API versions on 2021-03-03
Summary of Changes
- Introduce new DocumentVersions endpoint to retrieve all versions of a Document.
- Change
document_versionsfield on Documents to only return latest version of a document.
4.0.5
Release Date: 2017-09-07
Promotion to default version: 2017-09-07
Summary of Changes
- Removed:
matter_balancesfield from Bills - Standardize enum values for
statusandstatefields across all endpoints - Added:
documentnested resource on DocumentAutomation records - Redact
priceandtotalfields of Activity records based on a user's Billing Rate Visibility setting
4.0.4
Release Date: 2017-08-04
Promotion to default version: 2017-08-04
Summary of Changes
- Update
quantityfield on Activity records to return values in seconds rather than hours.