First Steps

Get started using the LogMeIn Central API.

The Public API is a HTTP REST service. The API can be accessed with any program that can make HTTP requests. For exploring and testing we recommend cURL or the Postman Chrome add-on. The address of an API action stands from the API-root part and the action specific part. The API-root contains the server address and the path where an API service is found.


  • A LogMeIn Central subscription (paid or trial)
  • You must authenticate each action you call with your CompanyID + PSK pair.
  • Tip: A LogMeIn Central Account holder must obtain their PSK and CompanyID from the Configuration > API tab.


First use the GET call to check if your credentials are valid. You must use your own Company ID and PSK.

Tip: A LogMeIn Central Account holder must obtain their PSK and CompanyID from the Configuration > API tab.

Basic Authorization Example

Using basic authorization, the header must contain the following format:

 Authorization: Basic base64(companyId + ":" + PSK)


For a table of results, see Results.

JSON Authorization Header Example

If your CompanyID is 1234567890 and your PSK is abcde12345ABCDE12345 (normally an actual PSK would be 128 characters long), the action can be called as:

$ curl -i -H
"Accept: application/JSON; charset=utf-8" -H "Authorization: {\"companyId\": 1234567890, \"psk\": \"abcde12345ABCDE12345\"}"

Where the -H argument sends a HTTP header and the -i argument shows the header of the response.


HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 16
Content-Type: application/JSON; charset=utf-8
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Mon, 11 Nov 2013 15:12:57 GMT


In every action the response body is in JSON.
The credentials in the API header must be used in the Authorization header for any action.


For every action, the following HTTP headers must be included in the request:

Header Possible Value User in Notes
  • application/JSON
  • application/JSON; charset=utf-8
Mandatory (except for GET) Content-type is always application/JSON in every request.
  • application/JSON
  • application/JSON; charset=utf-8
Mandatory Every response is JSON. Content negotiation is not supported.
Authorization Basic Authentication Header Mandatory Either a valid CompanyId + Psk or LoginSessionId + ProfileId pair is necessary for authentication.


Actions can return with the following HTTP status codes

Status Code Meaning Specific to Action
200 The action was successful, and the request data is in the response body. all actions (except actions containing POST)
201 Inventory report successfully created for querying data.
  • POST/inventory/hardware/reports
  • POST/inventory/system/reports
400 Required parameter is missing or invalid. all actions
401 User credentials not present or invalid. all actions
404 Requested Object not found.
  • non-existing actions
  • GET /inventory/hardware/reports/
  • POST /hosts//connections
405 Method not allowed
  • POST /hosts//connections
409 Conflict, another connection session is already in progress.
  • POST /hosts//connections
415 Unsupported Media Type, if the request wasn't in JSON format. all actions
429 Request denied due to rate-limiting.
  • GET /hosts
  • GET /inventory/hardware/reports
  • POST /inventory/system/reports