@murray_greig what is your Github user name? Iām guessing you made the change and Github created the commit in your forked repo, instead of on the main one. So you would still need to create a PR. I can help you but if you tell me where I can go looking for it, that would be helpful. Thanks.
If SCRM installed in root (/) just remove subdir and use root path in the configs above.
There are also considerations to be mention regarding Apache web-server. SCRMās docs donāt mention requirements to check whether āmod_rewriteā module is installed and activated. So one should check it and enable if needed.
Also, AllowOverride directive in Directory directive for the crmās path should changed from None to All.
This path is incorrect since PHP scripts do not set up router to handle this path. See comment on Github. The correct path is Api/docs/swagger/swagger.json.
Can I ask you to please update our API Documentation? Everybody complains that it is inaccurate or incomplete (it is), but then when they solve their problems they donāt update itā¦ itās a wiki. And we are a Community maintained product
I am new to suiteCRM here. I am trying to get access to API V8 using postman where I can disable ssl.
Now I can use my localhost url http://localhost/newCRM in the curl url.
Rest everything same. But still I am unable to generate the tokenā¦Here is my code
I had this working last December and finally got some free time to come back to developing API integration with one of our Drupal based sites. Iām able to pull an access token but the reply is longer than I recall and the token does not seem to be recognized by the server in subsequent requests (mainly trying the refresh call first before diving into CRUD operations).
This is reply Iām getting to pulling a new token:
A little more progress if I base64_decode that response I get another json object with a token that i can see in the database ā but there appears to be extra garbage at the end:
NOTE: still unable to decrypt refresh token ā not sure what I should be passing in ā tried both the base64 version and the jti
Thoughts?
-dvd
PS: found this site that can decode the entire response https://jwt.io/ and it verifies the signature using the public key so i know the server is sending a valid token
If you want to refresh token you get, than you should use grant_type password.
When getting the token with grant_type client_credentials, you get only API token, without refresh token.
I am using this code in Codeigniter library to get refreshable token:
Thanks for the hint! I donāt really understand why username/password is required in the first place ā literally every other API I use can work with simple API key + secret.
I personally like this approach, because it allows people to use third party apps (mobile applications/browser extensions and such) without having specific/new passwords.
What are you getting as a response?
Did you tried to set up a local domain and using this domain in url of your request instead of ālocalhost/newCRMā?
Did you set up a domain in your suitecrm while installation?
Iām getting both keys with the username/password pull and then can use refresh on itās own after that with just the client_id version so itās all good.
(I just cloned the virtual machine of our production instance and spun up a new VM to test against)
I like the approach of giving tools only api keys without having first class user account access to my systems. Like I said, this is probably the first API Iāve encountered that required getting a refreshable key from a set of user credentials versus just being able to use an api-key/secret to manage the access.
In a perfect world your api-keys might have āread-onlyā access for some cases where you donāt want to allow writes to happenā¦
Just thinking outloud really ā appreciate you guys jumping in!
Why the API configuration is so much difficult for SuiteCRM? I worked with so many APIs, but this looks like not an easy task.
Is anyone having step-by-step configuration with screenshots on Linux Environment? I want to use Postman to get the APIs information.
In the documentation youāll find a link to a Postman configuration file. It has everything you need and works right out of the box after you import it into Postman. V8 API was like the first API I ever did and it was pretty straight forward with the config file already done.