Sign in Registration


Table of contents


API provides opportunities for programmatic interaction with the system from different places, for example, from its own entities (modules, themes, etc.), as well as access from external resources. All functionality is distributed over certain sections of the system and is divided into two types of API:

  • Internal (internal) - available only inside the system, including access from custom entities (modules, themes, etc.);
  • External (external) - accessible from anywhere, including access from third-party resources.

It is recommended that all provided API methods be set explicitly, for which their description in service files is required in the form:

class Service {
// ...

public $api = [
	'get_user_id' => [
		'type' => 'internal', // external or internal if not specified - internal
		'access' => ['administrator',], // access only for the specified user roles, if not specified - access for everyone
		'format' => 'json_object', // json or json_object if not specified - data will be returned as normal
		'method' => 'get_user_id_plus', // method to override, if not specified, the original one will be called

function get_api() {
	return $this->api;

// ...

External API methods must be called at the address of the form, to which you want to send data using the POST or GET:

  • key - API key, usually 12345. The key for comparison is set in the settings (file settings.php - api_key);
  • module - called module;
  • method - the method to be called in the specified module;
  • data - other miscellaneous data (optional).

API access authorization may be needed in some scenarios - for example, if an API method has an array of roles with access. The following authorization mechanisms can be used for this (authorization data is sent along with the rest of the data using the POST or GET method):

  • an authorization token can be sent - token parameter, the system will automatically authorize the user. Such a token can be obtained during authorization using various applications or interfaces that request a username and password;
  • it is possible to restore an authorized session by sending a session identifier - the session name is set in the system settings (file settings.php - session_name), for example, EQSASH_SESSION.

Latest articles

Popular sections

Eqsash (Tools)

Android app - VK LAST USER ID, отучитель от зависимости и т.д.:
Available on Google Play

Amessage (Communication)

Login to the web version
Android app:
Available on Google Play

Share this

Subscribe to



IT notes - In simple language about the most necessary things (HTML, CSS, JavaScript, PHP, databases, Drupal, Bitrix, SEO, domains, security and more), PDF, 500 p.