webCRM REST API

To access the webCRM REST API you need a webCRM Plus or webCRM Enterprise subscription.

The API and its reference documentation are located at api.webcrm.com.

Getting Started

The webCRM REST API uses JSON Web Token (JWT) for authentication. For that reason, all calls to the API must include an authorization field with the access token in the HTTP header.

Application Tokens

The application token is a GUID that uniquely identifies your webCRM instance and a set of access rights to the different parts of webCRM. You can create multiple tokens with different access rights. This is great for creating a test token that only has read access to your data.

Create your application tokens at webcrm.com > Configuration > Integration > API > REST. (Sign in to webCRM before using the link.)

Access Tokens

Use the application token to get an access token by calling https://api.webcrm.com/Auth/ApiLogin including the application token as authCode in the HTTP header.

POST https://api.webcrm.com/Auth/ApiLogin
authCode: 12345678-90ab-cdef-1234-4567890abcdef

This returns the following JSON:

{
  "AccessToken": "67b91fd8…19c4",
  …

Access tokens are valid for an hour.

Using the Access Token

Add Authorization: Bearer 67b91fd8…19c4 to the HTTP header. Example:

GET https://api.webcrm.com/Persons?Page=1&Size=10
Authorization: Bearer 67b91fd8…19c4

This returns the list of the first ten persons registered in your webCMS system:

[
  {
    "PersonBlockMassEmail": false,
    "PersonCampaignPassword": "",
    "PersonCampaignWrongPasswordCount": 0,
    "PersonCheckMark1": false,
    …

 

Postman Collection

A Postman collection with basic scripts for accessing out API is available at www.getpostman.com/collections/fa529a0ada7a62955836.

Reference Documentation

It is possible to run the API directly on the documentation pages at api.webcrm.com/documentation by entering the access token: Click on the Authorize button in the header and enter Bearer followed by your access token as the api_key, e.g. Bearer 67b91fd8…19c4. The authorization entry will now be added to any future API call made through the documentation pages.

Also, the reference documentation provides a Swagger definition file for auto-generating API clients for most modern developer environments.