REST API - jean/wekan GitHub Wiki
REST API is not complete yet, please add missing functionality with pull requests to devel branch.
If you are in a hurry, you can use these to have more functionality:
For workflows see If-this-then-that issue than mentions Huginn, Flogo etc.
Wekan REST API
The REST API allows you to control and extend Wekan with ease.
If you are an end-user and not a dev or a tester, create an issue to request new APIs.
All API calls in the documentation are made using
curl. However, you are free to use Java / Python / PHP / Golang / Ruby / Swift / Objective-C / Rust / Scala / C# or any other programming languages.
Production Security Concerns
When calling a production Wekan server, ensure it is running via HTTPS and has a valid SSL Certificate. The login method requires you to post your username and password in plaintext, which is why we highly suggest only calling the REST login api over HTTPS. Also, few things to note:
- Only call via HTTPS
- Implement a timed authorization token expiration strategy
- Ensure the calling user only has permissions for what they are calling and no more
Summary
Authentication
| HTTP Method | Url | Short Description |
|---|---|---|
POST |
/users/login |
Authenticate with the REST API. |
Users
| HTTP Method | Url | Short Description |
|---|---|---|
POST |
/users/register |
Register a new user. |
POST |
/api/users |
Create a new user. |
PUT |
/api/users/:id |
Disable an existing user. |
PUT |
/api/users/:id |
Enable an existing user. |
PUT |
/api/users/:id |
Admin takes the ownership. |
DELETE |
/api/users/:id |
Delete an existing user. (Warning) |
GET |
/api/users/:id |
Gets a user's information. |
GET |
/api/users |
All of the users. |
GET |
/api/user |
Gets a logged-in user. |
Cards
| HTTP Method | Url | Short Description |
|---|---|---|
POST |
/api/boards/:boardId/lists/:listId/cards |
Add a card to a list, board, and swimlane. |
PUT |
/api/boards/:boardId/lists/:fromListId/cards/:cardId |
Update a card. |
DELETE |
/api/boards/:boardId/lists/:listId/cards/:cardId |
Delete a card. |
Login
| URL | Requires Auth | HTTP Method |
|---|---|---|
/users/login |
no |
POST |
Payload
Authentication with username
| Argument | Example | Required | Description |
|---|---|---|---|
username |
myusername |
Required | Your username |
password |
my$up3erP@ssw0rd |
Required | Your password |
Authentication with email
| Argument | Example | Required | Description |
|---|---|---|---|
email |
[email protected] |
Required | Your email |
password |
my$up3erP@ssw0rd |
Required | Your password |
- Notes:
- You will need to provide the
tokenfor any of the authenticated methods.
Example Call - As Form Data
curl http://localhost:3000/users/login \
-d "username=myusername&password=mypassword"
curl http://localhost:3000/users/login \
-d "[email protected]&password=mypassword"
Example Call - As JSON
curl -H "Content-type:application/json" \
http://localhost:3000/users/login \
-d '{ "username": "myusername", "password": "mypassword" }'
curl -H "Content-type:application/json" \
http://localhost:3000/users/login \
-d '{ "email": "[email protected]", "password": "mypassword" }'
Result
{
"id": "user id",
"token": "string",
"tokenExpires": "ISO encoded date string"
}
Result example
{
"id": "XQMZgynx9M79qTtQc",
"token": "ExMp2s9ML1JNp_l11sIfINPT3wykZ1SsVwg-cnxKdc8",
"tokenExpires": "2017-12-15T00:47:26.303Z"
}