I am Trying Flarum API call!

Dragondz · 2025-04-08T10:35:04+00:00

Hi everyone and hello,

I am new to this forum and i try to integrate authentification process with textpattern CMS, i know php and work regularly with Textpattern CMS, but i am strugling with Flarum API right now and need some help if possible.

I installed Flarum on a subdirectory and tryed to make a call using php curl but i got this response

string(56) "{"errors":[{"status":"401","code":"not_authenticated"}]}"

I created a Token on the api_keys table and below is the code i tryed:

<?php
	$url = "https://myurl/flarum/api/token";

	$headr1 = array();
	$headr1[] = 'Content-length: 0';
	$headr1[] = 'Content-type: application/json';
	$headr1[] = 'Authorization: Token mytokenxxxxxx; userId=1';

	$curl = curl_init();
	curl_setopt($crl, CURLOPT_HTTPHEADER, $headr1);
	curl_setopt($curl, CURLOPT_POST, true);

	// Optional Authentication:
	curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
	curl_setopt($curl, CURLOPT_USERPWD, "someusernam:hispwd");

	curl_setopt($curl, CURLOPT_URL, $url);
	curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);

	$result = curl_exec($curl);

	if ($rest === false)
	{
			print_r('Curl error: ' . curl_error($crl));
	}

	curl_close($curl);

	var_dump($result);

?>

Is my code wrong ?

Thanks in advance,

clarkwinkelmann · 2025-04-08T11:39:35+00:00

Dragondz I don't have an example ready, but looking at your code it seems like you are trying to send the user credentials as HTTP basic authentication, rather than the expected JSON payload.

Dragondz · 2025-04-08T13:28:08+00:00

Hi Thanks for your time,

Below the new code :

<?php
	$url = "https://mywebsite/flarum/api/token";

	$headr1 = array();
	$headr1[] = 'Content-length: 0';
	$headr1[] = 'Content-type: application/json';
	$headr1[] = 'Authorization: Token xxxxxxxx; userId=1';

	$data = array(
		"identification" => "theuser",
		"password" => "thepwd"
	);

	$curl = curl_init();
	curl_setopt($crl, CURLOPT_HTTPHEADER, $headr1);
	curl_setopt($curl, CURLOPT_POST, true);

	if ($data){
		curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($data));
	}

	curl_setopt($curl, CURLOPT_URL, $url);
	curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);

	$result = curl_exec($curl);

	if ($rest === false)
	{
			print_r('Curl error: '.curl_error($crl));
	}

	curl_close($curl);

	var_dump($result);

?>

But no luck same error!

Dragondz · 2025-04-09T09:24:40+00:00

Hi finally got a response after multiple attempts :

Below the code

<?php
	$url = "https://mywebsite.tld/flarum/api/token";

	$headr1 = array();
	$headr1[] = 'Content-Type: application/json';
	$headr1[] = 'Authorization: Token mytokenxxxxxxxxxxxxxxxxxxxx; userId=1';

	$data = array(
		"identification" => "myusere",
		"password" => "mypwd"
	);

	$curl = curl_init();
	curl_setopt($curl, CURLOPT_HTTPHEADER, $headr1);
	curl_setopt($curl, CURLOPT_POST, 1);
	curl_setopt($curl, CURLOPT_ENCODING, "");

	if ($data){
		curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($data));
	}

	curl_setopt($curl, CURLOPT_URL, $url);
	curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);

	$result = curl_exec($curl);

	if ($result === false)
	{
			print_r('Curl error: '.curl_error($curl));
	}

	curl_close($curl);

	var_dump($result);

?>

When you ask for a non existant user you got an error 401, if you try a real user you got a token as a response.

Thanks for clarkwinkelmann for answering my forst message.

Even when searching the web there is too few exemple about flarum api rest.

I will continue my work because the real thing is to create user that not exist in flarum by api and connect them automatically.

Cheers.

clarkwinkelmann · 2025-04-09T12:23:38+00:00

All official examples are here https://docs.flarum.org/rest-api that's not a lot, but should be enough to get started. Apart from the login/token endpoints which are custom, everything else follows the JSON:API spec, so it's just a matter of knowing the resource names, attributes and relations you want to interact with.

Does your framework not offer an HTTP wrapper? Using cURL commands directly is quite complicated. If you have Guzzle for example you can simply pass all data through a json request parameter. I wouldn't even know how to write the cURL code without googling everything.

luceos · 2025-04-09T12:29:01+00:00

Have you seen the php client?

maicol07/flarum-api-client

Dragondz · 2025-04-09T13:31:15+00:00

clarkwinkelmann Hi

Thanks i red the doc and some points was not enough clear, for my framework i am using plain php because i work with CMS Textpattern wich is still an old school CMS but i quite like it.

Working with curl dont bother me, i only need some guidence on how to achieve some point because i dont know Laravel and Flarum.

luceos "
Thanks i didnt found it during my search.

Right now i try to figure out how the login mechanism work using the api, when looking other example it seems you only need to create a cookie with the token to make it connected, but with my test i havent succeded yet

$res1['token'];

	$arr_cookie_options = array (
		'expires' => time() + 60*60*24*30, 
		'path' => '/flarum', 
		'domain' => 'devw.bni-solutions.com',
		'secure' => true,
		'httponly' => true,
		'samesite' => 'Lax'
		);

	setcookie('flarum_session', $res1['token'], $arr_cookie_options);

~~The cookie is created but Is there something else to do to make the user connected when visiting the flarum url ?~~

Aah ok it s the SSO plugin that make it login!!!

Cool a step in the right direction, I need to code the creation of user and see how to handle the login/logout and it will good.

Thanks for your help.