forked from wekan/wekan
-
Notifications
You must be signed in to change notification settings - Fork 0
REST API
soohwa edited this page Oct 14, 2017
·
25 revisions
The REST API allows you to control and extend Wekan with ease.
If you are an end-user and not a dev or a tester, create an issue to request new APIs.
All API calls in the documentation are made using
curl. However, you are free to use Java / Python / PHP / Golang / Ruby / Swift / Objective-C / Rust / Scala / C# or any other programming languages.
When calling a production Wekan server, ensure it is running via HTTPS and has a valid SSL Certificate. The login method requires you to post your username and password in plaintext, which is why we highly suggest only calling the REST login api over HTTPS. Also, few things to note:
- Only call via HTTPS
- Implement a timed authorization token expiration strategy
- Ensure the calling user only has permissions for what they are calling an no more
| Url | Short Description |
|---|---|
/users/login |
Authenticate with the REST API. |
| Url | Short Description |
|---|---|
/users/register |
Register a new user. |
/api/users |
Create a new user. |
/api/users/:id |
Deletes an existing user. |
/api/users/:id |
Gets a user's information. |
/api/users |
All of the users. |
/api/user |
Gets a loggued-in user. |
| URL | Requires Auth | HTTP Method |
|---|---|---|
/users/login |
no |
POST |
| Argument | Example | Required | Description |
|---|---|---|---|
username |
myusername |
Required | Your username |
password |
my$up3erP@ssw0rd |
Required | Your password |
| Argument | Example | Required | Description |
|---|---|---|---|
email |
[email protected] |
Required | Your email |
password |
my$up3erP@ssw0rd |
Required | Your password |
- Notes:
- You will need to provide the
tokenfor any of the authenticated methods.
curl http://localhost:3000/users/login \
-d "username=myusername&password=mypassword"curl http://localhost:3000/users/login \
-d "[email protected]&password=mypassword"curl -H "Content-type:application/json" \
http://localhost:3000/users/login \
-d '{ "username": "myusername", "password": "mypassword" }'curl -H "Content-type:application/json" \
http://localhost:3000/users/login \
-d '{ "email": "[email protected]", "password": "mypassword" }'{
"id": "user id",
"token": "string",
"tokenExpires": "ISO encoded date string"
}{
"id": "XQMZgynx9M79qTtQc",
"token": "ExMp2s9ML1JNp_l11sIfINPT3wykZ1SsVwg-cnxKdc8",
"tokenExpires": "2017-12-15T00:47:26.303Z"
}| URL | Requires Auth | HTTP Method |
|---|---|---|
/users/register |
no |
POST |
| Argument | Example | Required | Description |
|---|---|---|---|
username |
myusername |
Required | Your username |
password |
my$up3erP@ssw0rd |
Required | Your password |
email |
[email protected] |
Required | Your email |
- Notes:
- You will need to provide the
tokenfor any of the authenticated methods.
curl http://localhost:3000/users/register \
-d "username=myusername&password=mypassword&[email protected]"curl -H "Content-type:application/json" \
http://localhost:3000/users/register \
-d '{ "username": "myusername", "password": "mypassword", "email": "[email protected]" }'{
"id": "user id",
"token": "string",
"tokenExpires": "ISO encoded date string"
}{
"id": "XQMZgynx9M79qTtQc",
"token": "ExMp2s9ML1JNp_l11sIfINPT3wykZ1SsVwg-cnxKdc8",
"tokenExpires": "2017-12-15T00:47:26.303Z"
}| URL | Requires Admin Auth | HTTP Method |
|---|---|---|
/api/users |
yes |
POST |
| Argument | Example | Required | Description |
|---|---|---|---|
username |
myusername |
Required | Your username |
password |
my$up3erP@ssw0rd |
Required | Your password |
email |
[email protected] |
Required | Your email |
- Notes:
- You will need to provide the
tokenfor any of the authenticated methods.
curl -H "Authorization: Bearer a6DM_gOPRwBdynfXaGBaiiEwTiAuigR_Fj_81QmNpnf" \
-X POST \
http://localhost:3000/api/users \
-d "username=myusername&password=mypassword&[email protected]"curl -H "Authorization: Bearer a6DM_gOPRwBdynfXaGBaiiEwTiAuigR_Fj_81QmNpnf" \
-H "Content-type:application/json" \
-X POST \
http://localhost:3000/api/users \
-d '{ "username": "myusername", "password": "mypassword", "email": "[email protected]" }'- Login
curl http://example.com/users/login \
-d "username=YOUR-USERNAME-HERE&password=YOUR-PASSWORD-HERE"
As response you get your id and token:
"id":"YOUR-ID-HERE","token":"YOUR-TOKEN-HERE","tokenExpires":"2017-12-23T21:07:10.395Z"}
- Create user. Works both when serf-register enabled and disabled.
curl -H "Authorization: Bearer YOUR-TOKEN-HERE" \
-H "Content-type:application/json" \
-X POST \
http://example.com/api/users \
-d '{ "username": "tester", "password": "tester", "email": "[email protected]", "fromAdmin": "true" }'
As reply you get new user's id.
{"id":"NEW-USER-ID-HERE"}
- You can get user details with your new user's id:
curl -H "Authorization: Bearer YOUR-TOKEN-HERE" \
http://example.com/api/users/NEW-USER-ID-HERE
Returns the id of the created user.
{
"_id": "user id"
}{
"_id": "EnhMbvxh65Hr7YvtG"
}IMPORTANT : Should not be used as long as this bug exists.
| URL | Requires Admin Auth | HTTP Method |
|---|---|---|
/api/users/:id |
yes |
DELETE |
| Argument | Example | Required | Description |
|---|---|---|---|
id |
BsNr28znDkG8aeo7W |
Required | The id of the user to delete. |
curl -H "Authorization: Bearer a6DM_gOPRwBdynfXaGBaiiEwTiAuigR_Fj_81QmNpnf" \
-X DELETE \
http://localhost:3000/api/users/EnhMbvxh65Hr7YvtG Returns the id of the deleted user.
{
"_id": "EnhMbvxh65Hr7YvtG"
}Retrieves information about a user.
| URL | Requires Admin Auth | HTTP Method |
|---|---|---|
/api/users/:id |
yes |
GET |
- Notes:
- You will need to provide the
tokenfor any of the authenticated methods. - Only the admin user (the first user) can call the REST API.
curl -H "Authorization: Bearer a6DM_gOPRwBdynfXaGBaiiEwTiAuigR_Fj_81QmNpnf" \
http://localhost:3000/api/users/XQMZgynx9M79qTtQc{
"_id": "XQMZgynx9M79qTtQc",
"createdAt": "2017-09-13T06:45:53.127Z",
"services": {
"password": {
"bcrypt": "$2a$10$CRZrpT4x.VpG2FdJxR3rN.9m0NbQb0OPsSPBDAZukggxrskMtWA8."
},
"email": {
"verificationTokens": [
{
"token": "8rzwpq_So2PVYHVSfrcc5f5QZnuV2wEtu7QRQGwOJx8",
"address": "[email protected]",
"when": "2017-09-13T06:45:53.157Z"
}
]
},
"resume": {
"loginTokens": [
{
"when": "2017-09-13T06:45:53.265Z",
"hashedToken": "CY/PWeDa3fAkl+k94+GWzCtpB5nPcVxLzzzjXs4kI3A="
},
{
"when": "2017-09-16T06:06:19.741Z",
"hashedToken": "74MQNXfsgjkItx/gpgPb29Y0MSNAvBrsnSGQmr4YGvQ="
}
]
}
},
"username": "john",
"emails": [
{
"address": "[email protected]",
"verified": false
}
],
"isAdmin": true,
"profile": {}
}Retrieves the user list.
| URL | Requires Admin Auth | HTTP Method |
|---|---|---|
/api/users |
yes |
GET |
- Notes:
- You will need to provide the
tokenfor any of the authenticated methods. - Only the admin user (the first user) can call the REST API.
curl -H "Authorization: Bearer cwUZ3ZsTaE6ni2R3ppSkYd-KrDvxsLcBIkSVfOCfIkA" \
http://localhost:3000/api/users[
{
"_id": "user id",
"username": "string"
}
][
{
"_id": "XQMZgynx9M79qTtQc",
"username": "admin"
},
{
"_id": "vy4WYj7k7NBhf3AFc",
"username": "john"
}
]Retrieves information about a loggued-in user with his auth token.
| URL | Requires Auth | HTTP Method |
|---|---|---|
/api/user |
yes |
GET |
- Notes:
- You will need to provide the
tokenfor any of the authenticated methods.
curl -H "Authorization: Bearer a6DM_gOPRwBdynfXaGBaiiEwTiAuigR_Fj_81QmNpnf" \
http://localhost:3000/api/user{
"_id": "vy4WYj7k7NBhf3AFc",
"createdAt": "2017-09-16T05:51:30.339Z",
"username": "john",
"emails": [
{
"address": "[email protected]",
"verified": false
}
],
"profile": {}
}- About
- No UI major redesign
- Test Edge
- FAQ
- IRC FAQ - answers to questions asked at IRC
- Roadmap - board at Wekan demo
- Team
- Press
- Blog
- NOT related to Wekan
- Wekan vs Trello vs Restyaboard
- Features
- Custom Logo
- Gantt Chart
- Admin: Impersonate user
- Emoji etc syntax
- Numbered text syntax
- Time Tracking
- Subtasks <== Has fix
- Templates
- Archive and Delete
- Adding Users
- LDAP
- Keycloak
- Google login
- Azure
- OAuth2, Auth0, GitLab, RocketChat
- Oracle OIM on premise using OAuth2
- ADFS 4.0 using OAuth2 and OpenID
- Nextcloud
- CAS Please test
- SAML Please test
- IFTTT
- Custom Fields
- Due Date
- Forgot Password
- Requirements
- Translations
- Roadmap
- Fix Export board menu not visible on some boards
- Integrations
- RAM usage
- Demo
- Swimlane Documentation
- Wekan Markdown
- Download Wekan for various Platforms: Supported by xet7, Operating Systems, NAS, Cloud
- Example: New card with Python3 and REST API
- Python client to REST API
- Java
- Wekan Sandstorm cards to CSV using Python
- Excel and VBA
- Global Webhook
- Limiting Webhook data
- Receiving Webhooks
- Outgoing Webhook to Discord/Slack/RocketChat/Riot
- Outgoing Webhook to NodeRed
- Outgoing Webhook to PowerShell
- Security: Webhook and CA
- Outgoing Webhooks Data
- Outgoing Webhooks and Let's Encrypt
- Outgoing Webhooks Original Pull Request, multiple Webhooks, more parameters and response order