Best method for Basic FusionPBX API?

[AIC2000]

Hi,

Has anyone put any thought or has any knowledge (based on the source code) on how to implement a basic API for FusionPBX?

Such as, create a new extension, retreive CDR's programatically, create a new IVR via an API call?

There are a couple of API's on Github, however they are either dead, or don't have any clear use-case.

Thanks

 

[Blake Priddy]

There is already an API I believe. I may be wrong. Then again I'm API-stupid

 

[AIC2000]

Yeah I've also heard there's a commercial one too, however I'm not really willing to pay for something just in order to play with it in order to try and make the offering better for the projecct itself!

Don't really like creating and using forks either, unless there's a positive chance it would be merged, or I had enough time to move it forward as a seperate project of course.

 

[DigitalDaz]

I think we all just do our own to suit our needs, I have a customer who needed to log in/out agents of a queue. No way the guy was gonna pay the $50 a month just to do that so we wrote him something custom.

What you can do just to get it to start responding to api stuff and give you the ability to generate API keys for each user is to just put an empty file in the relevant place....

/var/www/fusionpbx/app/api/app_config.php

Now you will see a place for keys in users:

 

[AIC2000]

If they use that API key, does that instantly log them in then? And give them access to the whole system via the GUI?
Or do you think it's wiser to use that API key as a method of supplying the FusionPBX localhost server with GET / POST commands?

 

[DigitalDaz]

You want to use it with get/post, it will get whatever permissions are assigned to the user.

 

[smn]

To GET with a key I think you do something like this

https://xx.xx.xx.xx/app/extensions/extensions.php?key=YOUR_API_KEY

 

[tinhs2cop]

Hi all,
I tried but get access denied. pls advise how to fix this error. I m running fusionpbx 4.4 (screenshot as attached)
Thanks

 

[Adrian Fretwell]

I had a play with this and I can get it to work.

Add the API key to the user record as @DigitalDaz suggests above.

Then I found I had to modify /var/www/fusionpbx/resources/check_auth.php so it will allow key validation:

I changed:

if (strlen($_SESSION['username']) == 0 && isset($_REQUEST["username"]) && isset($_REQUEST["password"])) {

to:

if ((strlen($_SESSION['username']) == 0) && ((isset($_REQUEST["username"]) && isset($_REQUEST["password"])) || isset($_REQUEST["key"]))  ) {

This now tests for no session and username and password or no session and key.

https://xxxx.xxxx.uk/app/xml_cdr/xml_cdr.php?key=xxxxxxxx-xxxxxxxx-xxxx-xxxxxxxxxxxx
This will get the first page of the CDR records but creates no session so if you click "Next" you get thrown back to the login prompt.

However if you add a username a session is created and you can then continue to do whatever that user is allowed to do.
https://xxxx.xxxx.uk/app/xml_cdr/xml_cdr.php?username=201&key=xxxxxxxx-xxxxxxxx-xxxx-xxxxxxxxxxxx

There is probably a better or approved way of doing this but it works for me.

Kind regards,
Adrian.

 

[InTeleSync]

Looks like as of this response in v4.5.11 that out of the box you can generate an API key in user settings, then be able to at least GET with the key parameter. It will not create a user session.

But is there anything out there yet for RESTful calls with JSON or XML responses?

 

[DigitalDaz]

Looks like as of this response in v4.5.11 that out of the box you can generate an API key in user settings, then be able to at least GET with the key parameter. It will not create a user session.

But is there anything out there yet for RESTful calls with JSON or XML responses?

Only the commercial version and I think it went up from $50 per month to $100.

 

[Adrian Fretwell]

It will not create a user session

The last time I played with this, if you provided a username as well as the API key you would get a session.

I have since created my own API for specific purposes, it's not something that would be useful to anyone else, but the point is that it is not difficult to do for just a few simple actions, it all depends on what you want to achieve.

 

[DigitalDaz]

There was actually a bug at some point with the key auth but I think its fixed now.

 

[5280pbx]

I feel like the API was available before but now it's been removed and available only on Gold membership?

 

[markjcrane]

The REST API that I developed was never open source so it wasn't retracted as suggested. The REST API will be available to Purple members when the Application manager is finished. The money is used to help support the continued development of the project. In the future I'm hoping to get enough members supporting the project to reach an economy of scale that may help make it possible to reduce the cost further.

 

[DigitalDaz]

IF you all want it so badly but don't want to pay, and it does cost way to much for many of us. Start making pull requests. I'll create a forum for it, we need a structure: https://github.com/PBXForums/FusionPBX-API

 

[Adrian Fretwell]

@DigitalDaz I have made a start based on what I had already written for my own API needs, it may not be the right way to go with this, it's only a days hacking, but at least it puts something on the drawing board.

 

[DigitalDaz]

Thanks, I'll accept it without looking

 

[markjcrane]

Please remove my name off of all files in that repo that were not copied from the project. If they don't have any of official FusionPBX code in the file. Then do not put my name on it.

 

[Adrian Fretwell]

@markjcrane I think they ALL contain some code that you have written in the past. Maybe sometimes just a couple of lines like:

//includes
    include "root.php";
    require_once "resources/require.php";

The headings / credits were left in to show you some respect but we can remove whatever you wish.