request to api return 404 error

Hi, I’m a new user of SuiteCRM, and spent a few hours yesterday with exactly the same problem. I’m using 7.11.0, but assume it’s the same set up as 7.10.11 for the API.

I tracked my issue down, and it was due to Rewriting being turned off (as expected), however not because mod_rewrite was disabled but because the image I’m using (a docker image from bitnami) disables rewriting by default in the apache config files.

“AllowOverride None” needs to be “AllowOverride All” for the .htacess file to function.

The documentation on which URLs are the correct ones for the V8 API isn’t great. The latest docs look to be here: https://deploy-preview-90–suitedocs.netlify.com/developer/api/version-8/json-api-new/ but aren’t quite correct as they omit the use of “/Api/” in the path I.E. it’s “/Api/V8/module” not just “/V8/module”.

I found the access_token URL is: http://mysite/Api/access_token
then if you actually want to do anything once you have the access token you have to parse the token into the header request of the module you’d like to call, with a base url of: http://mysite/Api/V8/module/

Here’s an example in PHP that I’ve been playing with that pulls a list of all accounts:

$token_url = 'http://mysite/Api/access_token';
$module_url = 'http://mysite/Api/V8/module/';
$client_id = '12345678-1234-1234-1234-1234512345';
$client_secret = 'its a secret';
$ch = curl_init();
$header = array(
    'Content-type: application/vnd.api+json',
    'Accept: application/vnd.api+json'
 );
$postStr = json_encode(array(
    'grant_type' => 'client_credentials',
    'client_id' => $client_id,
    'client_secret' => $client_secret
));
curl_setopt($ch, CURLOPT_URL, $token_url);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'POST');
curl_setopt($ch, CURLOPT_POSTFIELDS, $postStr);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
$output = curl_exec($ch);
$out = json_decode($output,true);

$ch = curl_init();
$header = array(
    'Content-type: application/vnd.api+json',
    'Accept: application/vnd.api+json',
    'authorization: Bearer '.$out["access_token"]
 );
$item = 'Accounts?sort=-name';
curl_setopt($ch, CURLOPT_URL, $module_url . $item);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
$output = curl_exec($ch);
echo $output;

I now have another issue to do with permissions, but I’ll make it a new post.

Thank you all. alanm you were spot on.

I am using a generic Ubuntu 18.04LTS install on VirtualBox and it was not enabled. I did finally manage to get a response but there was a little more to it so I will add a few things that I had to do for those experiencing the same thing or those new to ssl as I am.

sudo a2enmod rewrite sudo systemctl restart apache2 to enable mod_rewrite

edit /etc/apache2/apache2.conf and add:
<Directory /var/www/html/SuiteCRM>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted

I also created a SuiteCRM.conf file but I don’t think I actually had to do that.

Thanks again.everyone. I too haven’t gone past the authentication yet but that has been stumping me for a while now so I really appreciate the help.

Actually, it’s still not quite working for me. I did get past the 404 error and return a cookie but now that I am looking closer at it what it returned it was a 500 internal server error with no content but there was a cookie with elements:
Name:sugar_user_theme, Value:SuiteP
Name:PHPSESSID, Value:o2rgt0f21plndns6heijsm6d8c

I get the same result using curl or postman

Different question but thought it made sense to follow up here.

Much appreciated if anyone else has run into this.

Thanks!

This is a PHP error. PHP Fatal error: Uncaught LogicException: Key path “file:///var/www/html/Su/SuiteCRM/Api/V8/OAuth2/private.key” does not exist or is not readable in /var/www/html/SuiteCRM/vendor/league/oauth2-server/src/CryptKey.php

There is no private.key file. I thought maybe I had to create one through the UI but when I go to List Oauth2 Tokens then Create I get this error:
Error: File [modules/OAuth2Tokens/metadata/editviewdefs.php] is missing. Unable to create because no corresponding HTML file was found.

You have to generate a public.key and private.key file and place them in the /Api/V8/OAuth2 folder. This is described here:

https://docs.suitecrm.com/developer/api/version-8/json-api/#_generate_private_and_public_key_for_oauth2

That did it. I have successfully generated an access token. Now I will try using the V8 API.

Thanks again!

One more question. Can anybody post a working url for a generic V8 query?

for example to list all modules the documentation says “https://path-to-instance/api/v8/modules/meta/list”

but I keep getting a 404 error (I get the same with /Accounts and everything else I try)

every post in this forum has a variation of the URL (Api vs api, V8 vs v8, etc) - I think I have tried them all but it would be nice to know for sure if I even have the right url so I can begin to narrow down the problem.

Thanks again.

The meta/list endpoint is the “deprecated” JSON v8 API: https://docs.suitecrm.com/developer/api/version-8/json-api-dep/#_list_available_modules

The endpoints that work (for me) are listed in the non-deprecated v8 API: https://docs.suitecrm.com/developer/api/version-8/json-api/

Here is a query for retrieving all accounts with the latest v8 API that works for me:

curl -X GET http://127.0.0.1/suitecrm/Api/V8/module/Accounts -H 'Authorization: Bearer your-oauth2-token' -H 'Content-Type: application/json'

We were running into this issue as well. There seems to be a crucial piece of information missing from the documentation. You need to check your instance install and make sure the .htaccess file exists in the root directory. If it does not you need to generate it by going to your admin panel under repairs and tell it to fix the missing .htaccess file.

In addition for the .htaccess file to function properly you need to have the “AllowOverride all” directive in your configuration file for your virtual host.

Once we did that and followed the requirements documentation the API call worked.

Maybe the maintainers of the Developer documentation could add that step to the requirements as it seems it is not optional to have a .htaccess file if you want to access the API.

Rich

Hi @alanm. I am also using API v8. SuiteCRM version 7.11.12.
I am serving my filess via nginx and FPM. I don’t need to use .htaccess file as it has been used by apache web server. Do you know why I am getting these result.
I am calling the same endpoint {{suitecrm.url}}/Api/access_token and getting a JSON response which is
{
“message”: “Not found”
}.
If I am trying anything other I am getting lets say {{suitecrm.url}}/API/access_token (THE API is capital )I will get the text File not found. Would you please recommend something as I am dying to get the right answer,

Few things @ksaubhri;
Welcome to the community! for a start,

1. Not sure how compatible SuiteCRM is with nginx so let us know how it goes.

2. Why would you not need a .htaccess file or nginx equivalent, as well as providing security they allow for the complex redirects the API requires to function?

3. Your first URL looked more correct as you should be using /Api/V8/access_token

Let us know if you have any luck!

Hi Team, thanx for the Welcome. One thing I would like to know that I have setup the suiteCRM on my local ubuntu laptop and calling the API via HTTP protocol only. Is it okay? Also In reply to using /Api/V8/access_token endpoint. I recieve File not Found as text message . I am attaching the postman screenshot of both the cases.

Try using the authorisation tab to create the access token, using this method you can store the token for use.

Have a look here for a good way of setting up postman

I solved my problem. There are only two things which I did.

1. Change the version of suite CRM from 7.11.12 to 7.10.24.
2. Earlier I was using Nginx as webserver. I switched to apache and connect apache with php7.1-fpm socket.
   Everything comes into place with the same API path given in the documentation

I believe that a number of these problems relating to 404 errors and being unable to find the V8 REST API are due to an error in the installer. The .htacess file that the installer provides as at 7.10.27 if you deny write capability to the drive is NOT the same as what the installer will write if you do grant access. Therefore, I have provided a patch:

to correct this issue. After applying the the patch the installer presents the correct code for the .htaccess file and API endpoints appear as expected.
Alternatively, you can give your web server access to write what it likes to the drive, but I baulk at that concept! (Perhaps for a test system disconnected from the outside world?)

I guess that I ought to put the direct URLs here as well for the latest 7.10.x and 7.11.x versions of the software. The .htaccess file relies on mod_rewrite (in apache) to carry out the following URL changes:

RewriteRule ^Api/(.*)$ - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteRule ^Api/access_token$ Api/index.php/access_token [L]
RewriteRule ^Api/V8/(.*?)$ Api/index.php/V8/$1 [L]

This means that you can avoid the shortened https://mysite.com/Api/access_token and instead use the full path https://mysite.com/Api/index.php/access_token

Similarly for using the V8 Api, replace https://mysite.com/Api/V8/module and instead use the full path https://mysite.com/Api/index.php/V8/module

This way, you should still get the desired REST connection, even if the rewrite rules/.htaccess etc is messed up in some way.

That was my issue as well Thanks!

thank you so much for your contribution… i was trying to figure out how to pass bearer tokens and run extra commands and this helps alot.

I had to change
RewriteBase /suitecrm
to
RewriteBase /

and

RewriteRule ^Api/access_token$ Api/index.php [L]
to
RewriteRule ^Api/access_token$ Api/index.php/access_token [L]

Seems to work now with Nextcloud integration.

I am incredibly jealous. I run my life off of my nextcloud dashboard, its got reminders for taks, projects, meetings, emails, everything! Only thing missing is crm.

Could you please post more details? I have modified the httaccess file and event the bloody regular config and neither are working. I have tried a bunch of other dumb hacky ways of trying to get

localip/suitecrm/Api/access_token

to redirect toi

localip/suitecrm/Api/index.php/access_token

but nothing has worked. I have uninstalled and reinstalled multiple times on two different computers running php v8 and phpv7.3, all sorts of different configurations, and nothing seems to be working

The biggest problem is that there are a bunch of conflicting guides online because the official documention does not explain how to configure apache. I need a good working config file I can copy paste.

I have followed this tutorial step by step: https://nxnjz.net/2019/09/how-to-install-suitecrm-on-debian-10-buster on two different computers

I have followed this tutorial step by step on two different computers (modified to work with deb 10) Install SuiteCRM (Customer Relationship Management) in Linux

gah

And even if this stupid 404 error is fixed, when I run:

curl --request POST   --url https://localip/suitecrm/Api//access_token   --header 'Content-Type: application/x-www-form-urlencoded'   --data 'grant_type=client_credentials&client_id=blerp&client_secret=derp'

I get:

{“error”:“unknown_error”,“message”:“No user found”}

So to recap, on my actual server where I want it to licve I see crazy giberish on the hopescreen, so I tried other computer, at least I can make key, neat. but I cant actually connect to the end points. I keep getting a 404 error. great.

and even when thats fixed, I will still have to deal with more bugs. wreohirgewbbrhfsh

i’m sorry I’ve just been working off and on for the last month trying to get this working. and I finially decided to dexdicate a full, uninterupted weekend to it. and now its monday night. three full days of nothing but trying to get a suitecrm widget in friggen nextcloud fml