API Basics - maxgrafik/violetCMS GitHub Wiki

You may use the admin backend to manage your website, but you’re not required to do so. You may also interact with violetCMS through POST and GET requests to a single endpoint at /violet/api.php. The admin backend also uses this API.

All requests MUST contain a bearer token in the Authorization header along with the X-Requested-With field set to XMLHttpRequest. To get the token you must first login:

POST /violet/api.php?q=login
Content-Type: application/json; charset=utf-8
X-Requested-With: XMLHttpRequest

{email: <email>, pass: <password>}

On successful login you receive a pair of tokens (JWT) that you use on subsequent requests. The access token is valid for 10 minutes. After that you may refresh the access token by sending a refresh request providing the refresh token.

To get data you send a GET request and specify the component in the q parameter along with optional other parameters. For example, to get the contents of the page at route /welcome you'll send:

GET /violet/api.php?q=page&url=/welcome
Authorization: Bearer <JWT>
X-Requested-With: XMLHttpRequest

To set data you send a POST request with the corresponding data in the body. For example, to set the site configuration:

POST /violet/api.php?q=config
Authorization: Bearer <JWT>
Content-Type: application/json; charset=utf-8
X-Requested-With: XMLHttpRequest

<JSON>