I have create one EntryPoint and now I have to call API from my EntryPoint page.
I have call API without user authentication.
How its possible please suggest.
I have create one EntryPoint and now I have to call API from my EntryPoint page.
I have call API without user authentication.
How its possible please suggest.
if your are using entryPoint then why its require API call ??
you can use any Sugar Functionality in Entry Point ...
Here's what you want:
Incidentally, if you use the same username/password as your current user, then you might logout your current user. So to avoid that, you can get the access token clientside using:
localStorage.getItem('prod:SugarCRM:AuthAccessToken');
You can then pass that back to the server in your entrypoint, instead of logging in the traditional way.
You shouldn't keep/store this value anywhere except your browser storage. So, for your security you shouldn't store the token in the field or expose it elsewhere.
Let me know if this makes sense.
Incidentally, if you use the same username/password as your current user, then you might logout your current user. So to avoid that, you can get the access token clientside using:
I have same logout issue. so please explain detail how to use
localStorage.getItem('prod:SugarCRM:AuthAccessToken'); You'll need some way of passing the javascript back to php. I haven't tried this, although this in theory should work:
<?php
if (!defined('sugarEntry') || !sugarEntry)
die('Not A Valid Entry Point');
if (!isset($_POST['AuthAccessToken'])) {
?>
<html>
<head>redirecting<head>
<body>
Redirecting...
<form role="form" action="index.php?entryPoint=<entryPoint>" method="post" id="formid">
<input type="hidden" id="AuthAccessToken" name="AuthAccessToken" value="">
</form>
<script type="text/javascript">
document.getElementById('AuthAccessToken').value = localStorage.getItem('prod:SugarCRM:AuthAccessToken');
document.getElementById("formid").submit();
</script>
</body>
<?php
} else {
$authAccessToken = $_POST['AuthAccessToken'];
unset($_POST['AuthAccessToken']);
// you can start to use $authAccessToken here
}
So if the AuthAccessToken isn't set, it'll request it, and then set it as a php variable. Incidentally, you'll need to replace action="index.php?entryPoint=<entryPoint> with whatever the URL of your entrypoint is.
Let me know if this helps.
I have only one sugar user admin in CRM. I am login with admin user with CRM and same user using for API calling
Other user I can not use. When I call API then logout from Sugar.
I have only one sugar user admin in CRM. I am login with admin user with CRM and same user using for API calling
Other user I can not use. When I call API then logout from Sugar.
The reason you're being logged out is because you're authenticating twice. If use the method I detailed above, you don't need to authenticate a second time, so for example, in the example of manipulating a file attachment:
<?php
if (!defined('sugarEntry') || !sugarEntry)
die('Not A Valid Entry Point');
if (!isset($_POST['AuthAccessToken'])) {
?>
<html>
<head>redirecting<head>
<body>
Redirecting...
<form role="form" action="index.php?entryPoint=<entryPoint>" method="post" id="formid">
<input type="hidden" id="AuthAccessToken" name="AuthAccessToken" value="">
</form>
<script type="text/javascript">
document.getElementById('AuthAccessToken').value = localStorage.getItem('prod:SugarCRM:AuthAccessToken');
document.getElementById("formid").submit();
</script>
</body>
<?php
} else {
$oauth_token = $_POST['AuthAccessToken'];
unset($_POST['AuthAccessToken']);
// you can start to use $authAccessToken here
//Create Note - POST /
$url = $instance_url . "/Notes";
//Set up the Record details
$record = array(
'name' => 'Test Note'
);
$curl_request = curl_init($url);
curl_setopt($curl_request, CURLOPT_POST, 1);
curl_setopt($curl_request, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
curl_setopt($curl_request, CURLOPT_HEADER, false);
curl_setopt($curl_request, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($curl_request, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl_request, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($curl_request, CURLOPT_HTTPHEADER, array(
"Content-Type: application/json",
"oauth-token: {$oauth_token}"
));
//convert arguments to json
$json_arguments = json_encode($record);
curl_setopt($curl_request, CURLOPT_POSTFIELDS, $json_arguments);
//execute request
$curl_response = curl_exec($curl_request);
//decode json
$noteRecord = json_decode($curl_response);
//display the created record
echo "Created Record: ". $noteRecord->id;
curl_close($curl_request);
//Add An Attachment to the Note
$url = $instance_url . "/Notes/{$noteRecord->id}/file/filename";
$file_arguments = array(
"format" => "sugar-html-json",
"delete_if_fails" => true,
"oauth_token" => $oauth_token,
'filename' => '@/path/to/file/upload.txt;filename=upload.txt'
);
$curl_request = curl_init($url);
curl_setopt($curl_request, CURLOPT_POST, 1);
curl_setopt($curl_request, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
curl_setopt($curl_request, CURLOPT_HEADER, false);
curl_setopt($curl_request, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($curl_request, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl_request, CURLOPT_FOLLOWLOCATION, 0);
//Do NOT set Content Type Header to JSON
curl_setopt($curl_request, CURLOPT_HTTPHEADER, array(
"oauth-token: {$oauth_token}"
));
curl_setopt($curl_request, CURLOPT_POSTFIELDS, $file_arguments);
//execute request
$curl_response = curl_exec($curl_request);
//decode json
$noteRecord = json_decode($curl_response);
//print Note with attachment details
print_r($noteRecord);
curl_close($curl_request);
}
To put it another way, this document - http://support.sugarcrm.com/Documentation/Sugar_Developer/Sugar_Developer_Guide_7.7/Integration/Web_Services/v10/Example… - has two sections:
1. Authenticating - this requests a new $oauth_token
2. Submitting a File Attachment
If you authenticate in step 1, that logs you out, because Sugar sees it as you logging in from another machine. So you have to skip Step 1 somehow. That's the point of getting localStorage.getItem('prod:SugarCRM:AuthAccessToken') - so you can use the same oauth_token without logging out.
If you take this approach, you'll also have to have Administration -> System Settings 'Validate User IP Address' set to false.
Also, read this about being logged out:
In addition to Alan's link here a more recent one about the platform parameter:
https://developer.sugarcrm.com/2016/05/09/platform-parameter-in-sugar-v10-rest-api/
Thanks Dennis Wangerin, good catch.
Offshore Evolution did this answer your question?
Yes
How platform parameter works in #Sugar v10 REST API
How to avoid logging out a user when using their credentials via the new REST API
https://developer.sugarcrm.com/2016/05/09/platform-parameter-in-sugar-v10-rest-api/