Creating custom Endpoints Suitecrm Rest API v8

💬 General Discussion
21

Nope, still nothing…

Screenshot 2022-10-15 at 11.39.33
Screenshot 2022-10-15 at 11.39.331714×864 98.7 KB

But I am going to add log in the ‘GeneratePassword.php’ and check where it fails. I will let you know! :slight_smile:

22

I found the issue. In the ‘GeneratePassword.php’ there is a check:

if ($usr->portal_only || $usr->is_group) {
      echo $mod_strings['LBL_PROVIDE_USERNAME_AND_EMAIL'];
      return;
}

But my user is a portal API user, so the value ‘portal_only’ is true. There is a difference with the API users (customers) and the SuiteCRM users (employees). The customers just log in with their ‘username’ and ‘password’, but the employees log in with SAML SSO. So customers will never be able to authenticatie in SuiteCRM.

Unfortunately this solution won’t work. So I have to write my own EntryPoint as well…

23

Hello, were you able to create a custom api? were did you place the controller files? Did you put it also at custom folder?

24

Yes, it’s very easy to create a custom API endpoint. But unfortunately I only created a basic “hello world” endpoint.

For me the API endpoint was not relevant anymore because you need to have a “access_token” to make the call. But it had to be a public POST (reset password functionality) so I created a custom EntryPoint. It’s working great!

If you have questions about the API endpoint I can tell you that the basic endpoint is working with this url: Creating custom Endpoints Suitecrm Rest API v8 - #7 by abuzarfaris.

25

@Hup , we were able to create custom API. As of now only POST and still working with GET and UPDATE.

Here`s our process. If you followed the documentation then that is good.

1st. Create your custom controller at custom/application/Ext/Api/V8/Controller/CustomController.php
image

2nd. Then modify your CustomController.php

<?php
namespace Api\V8\Controller;

use Slim\Http\Response;
use Slim\Http\Request;

class CustomersController extends BaseController
{
    public function saveCustomersData(Request $request, Response $response, array $args)
    {
        try {
            $jsonResponse = $request->getParams();

         
            $sql = "SELECT * FROM accounts WHERE deleted = 0 AND first_name = '".$jsonResponse['first_name']."' AND last_name = '".$jsonResponse['last_name']."' AND mobile_number = '".$jsonResponse['mobile_number']."'";
            $res = $db->query($sql);
            if ($db->getRowCount($res) <= 0) {
                $accountBean = \BeanFactory::newBean('Accounts');
                $accountBean->consent_timestamp = $jsonResponse['consent_timestamp'];
                $accountBean->first_name = $jsonResponse['first_name'];
                $accountBean->last_name = $jsonResponse['last_name'];
                $accountBean->gender = $jsonResponse['gender'];
                $accountBean->birthday = $jsonResponse['birthday'];
                $accountBean->street_name = $jsonResponse['street_name'];
                $accountBean->landmarks = $jsonResponse['landmarks'];
                $accountBean->mobile_number = $jsonResponse['mobile_number'];
                $accountBean->save();


                $resultMessage['resultype'] = 'success_save';
                $resultMessage['resulmsg']  = 'Successfully added new Customers';

            }else{
                $resultMessage['resultype'] = 'error_save';
                $resultMessage['resulmsg']  = 'Ops! You cannot save two customer information';
            }
            return $this->generateResponse($response, $resultMessage, 200);
        } catch (\Exception $exception) {
            return $this->generateErrorResponse($response, $exception, 400);
        }
    }



}

3nd. Modify your controller.php at custom/application/Ext/Api/V8
image

<?php
require 'custom/application/Ext/Api/V8/Controller/CustomersController.php';

use Api\V8\Controller;
use Slim\Container;

return [Controller\CustomersController::class => function(Container $container) {
    return new Controller\CustomersController();
}];

3rd. Modify your routes.php at custom/application/Ext/Api/V8/Config/routes.php
image

<?php
$app->post('/saveCustomersData', 'Api\V8\Controller\CustomersController:saveCustomersData');

Note:
CustomersController is your class
saveCustomersData is your function

2 Likes
26

@waraikobuot are you asking me a question, or are you just telling me how a custom API endpoint works?

Because I know hot it works. Your code looks nice, but it’s not possible to create an API endpoint without using authorization. If you create your example and you do a POST request (with for example ‘Postman’), you need to add the ‘access_token’, else you will het the ‘access_denied’ error:

{
    "error": "access_denied",
    "message": "The resource owner or authorization server denied the request.",
    "hint": "The JWT string must have two dots"
}

For me the API endpoint is not the solution to my case. I have an external JavaScript front-end (Vue.js) where a customer can register to see his projects. I am using SuiteCRM as a backend tool where only employees can log in, and a front-end tool for customers. So the customer has to create his account while he has no ‘access_token’ yet. It’s not possible to get an ‘access_token’ because there are only 2 options:

  • Password Grant → but then you need to be logged in first, because you need to have a username and password.
  • Client Credentials Grant → this is not save, because you have to set the “key” and “client_secret” in the JavaScript application. And the problem with JavaScript is that everyone can see your keys. So never put keys in JavaScript applications!

My workaround is a custom EntryPoint where a user can POST data without any authorization. The logic for security issues will be server-sided and not client-sided.

If you want more information, I can show you. But I don’t know if you want to ask me something, or just want to teach me something? :slight_smile:

27

Can you show me? Because I am just a beginner on this SuiteCRM. You can do validation also on the entry point were the user cannot input duplicate data and the criteria will be the First Name, Last Name and Mobile Number.

28

@Hup btw bro, how I can get the value ID in my routes into my controller?

image
image827×105 5.7 KB

image
image752×153 12.9 KB

29

You get it in the CustomersController.php

The below code will return your parms in the response. Use Postman to see the returned results.

Screenshot 2023-09-05 103545
Screenshot 2023-09-05 103545770×482 20 KB

Screenshot 2023-09-05 103658
Screenshot 2023-09-05 103658406×524 19.8 KB

30

@johnwreford Hi, I copied all ur example code for testing, but I have an exception on post

Slim Application Error
The application could not run because of the following error:

Details
Type: RuntimeException
Message: Callable Api\V8\Controller\CustomController does not exist
File: /var/www/localhost/htdocs/vendor/slim/slim/Slim/CallableResolver.php
Line: 99
31

Hello, i am working on custom api and encountering same error
The same api working fine on linux, macos
But on windows i tried on 2 systems but getting same errors
If you found the solution please share

32

Hey @Hup , did you able to create a custom API endpoint without using Authentication (access_token) and without creating custom entrypoint.
if yes then please share it how you have created custom endpoint.
Or is there anyone else who have succesfully created custom public Api endpoint.