In order to access system data, user account authorization is required. All methods may be used only after authorization.

API-key authorization

The API-key management available in Personal > All settings > API page.

On Api page Administrator can create, delete and set permissons for API-keys, what methods and objects are available using current API-key.

Deleting the API-key permanently removes key and all permissions.

For API-key authentication required to include it in each request (POST & GET) in api_key parameter.

Login and password authorization (OAuth access token)

Flowlu limitedly supports OAuth2 by login and password (grant_type=password).

ATTENTION! The API access by OAuth2 available only for Administrators.

Getting the Access Token

Send following POST request parameters

Parameter name Description
grant_type authorization type, shall be password
username user login
password user password
client_id identifier of your application

The response contain JSON-object. If authorization was successful response will contain access_token

Example CURL
curl \
  -d "grant_type=password&"
Example PHP
$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, '');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query([
  'username'  => '',
  'password'  => 'qwerty',
  'grant_type'=> 'password',
  'client_id' => 'android_app_v1'
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

$response = curl_exec($ch);
curl_close ($ch);

print_r(json_decode($response, true));
Successful response example
  "access_token": "591ec32096b934-94823072",
  "token_type": "bearer"
Error response example
  "error": "invalid_grant",
  "error_descrption": "Неверные имя пользователя или пароль"
Errors description
invalid_grant Login or password is incorrect
invalid_request_ssl Unsafe request (SSL required)
invalid_request Request error (required parameters missing or incorrect grant_type parameter)

Access token using

Using access token all requests can be sent by HTTP Basic Auth method:

Example CURL
curl -u bearer:591d8a5e8431c1-13312602
Example PHP
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, '');
curl_setopt($ch, CURLOPT_USERPWD, 'bearer:591d8a5e8431c1-13312602');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

$response = curl_exec($ch);