REST API: Difference between revisions
From LimeSurvey Manual
No edit summary |
|||
| Line 30: | Line 30: | ||
The available API endpoints are documented using swagger [https://api.limesurvey.org/swagger https://api.limesurvey.org/swagger]. | The available API endpoints are documented using swagger [https://api.limesurvey.org/swagger https://api.limesurvey.org/swagger]. | ||
== | ==Authorisation== | ||
Currently the REST API supports server side session authorisation. You use your standard admin username and password to gain API authorisation. | |||
===Login=== | |||
To login to the REST API, perform a POST request to ''/rest/v1/session'' with 'username' and 'password' post data. The API will returns a 200 response with a session id string body. | |||
===Bearer Authentication=== | |||
The session id string returned by ''/rest/v1/session'' can be used as authorisation in requests to other endpoints using bearer authentication (also called token authentication). | |||
Set HTTP header 'Authorization' with the value 'Bearer my-session-id-string-returned-from-server'. | |||
===Logout=== | |||
To logout of the REST API perform an authorised DELETE request to the ''/rest/v1/session''. | |||
==Endpoints== | ==Endpoints== | ||
Revision as of 13:43, 18 October 2022
TODO
Under development
Available from version x (LS 5.5.0?)
Available API endpoints
Technical specification. UML.
Introduction
LimeSurvey REST API v1 is available in LS 5.5.0 or more recent which offers various API endpoints.
Setup
Configure
In order to use REST API you must first enable the service, and then adjust the settings to suit your needs. To enable login to the LimeSurvey administration, go to Global settings, choose the tab 'Interfaces' and select 'Publish API on /rest'.
Security
The REST API uses the same security measures as the normal administration login. That means that the permission set of the used username and password is the same as if you would login in the administration with that user/password. Also the REST API is protected against brute-force password cracking - like the normal administration login.
Usage
API Location
The REST API URL is http://www.yourdomain.com/rest/v1 .
The available API endpoints are documented using swagger https://api.limesurvey.org/swagger.
Authorisation
Currently the REST API supports server side session authorisation. You use your standard admin username and password to gain API authorisation.
Login
To login to the REST API, perform a POST request to /rest/v1/session with 'username' and 'password' post data. The API will returns a 200 response with a session id string body.
Bearer Authentication
The session id string returned by /rest/v1/session can be used as authorisation in requests to other endpoints using bearer authentication (also called token authentication).
Set HTTP header 'Authorization' with the value 'Bearer my-session-id-string-returned-from-server'.
Logout
To logout of the REST API perform an authorised DELETE request to the /rest/v1/session.
Endpoints
See the Swagger Documentation for full details.
- /rest/v1/
- session
- session
- siteSettings
- siteSettings/<setting-name>
- survey
- survey/<id>
- questionGroup/<surveyId>
- questionGroup
- questionGroup/<groupId>
- questionGroupProperties/<groupId>
- questioGroupProperties/<groupId>