This page is about an old version of Active Collab that's not developed anymore.
Click here to open the documentation for the latest version.

User Authentication

To use the activeCollab API, authenticate yourself to the system by using your API key. The key is available on the API Subscriptions page of your activeCollab user profile:

When creating such request, the API key must be passed as a auth_api_token GET variable. This is how a request URL may look like:

1
http://site.com/activecollab/api.php?path_info=info&auth_api_token=1-spUJiaAK5kQqU87OnB4nHZUuYWRlzjDP4cY5CxXN

Obtain the API Key Programmatically #

The activeCollab API does not require users to copy and paste their API keys to get authenticated. Instead, they can provide their user credentials and have the application using the API retrieve the key in the background. The API key will also be stored, so that the users do not have to input their credentials again.

To subscribe, the application needs to send a POST request to activeCollab's api.php file with the following variables:

  1. api_subscription[email] - The email address of the authenticated user.
  2. api_subscription[password] - The user's password.
  3. api_subscription[client_name] - The name of the application which is requesting the subscription.
  4. api_subscription[client_vendor] - The name of the organization which developed the application which is requesting the subscription.

When successfully subscribed, the system will return the API key in plain text. For example:

1
curl --data "api_subscription[email]=user@company.com&api_subscription[password]=**********&api_subscription[client_name]=SubscriptionTest&api_subscription[client_vendor]=A51" http://site.com/activecollab/api.php

The above request would return the API key as:

1
API key: 1-rtYM2JqeuZHkAuHcN4MXyiqyd1PW3kJjEwVu7azp

If not, the following error codes could appear:

  • HTTP error 500 - Operation Failed. Multiple reasons are possible, and they are explained later on.
  • HTTP error 403 - Forbidden. This response is thrown when user is successfully authenticated, but does not have permissions to use API (Administrator has disabled it in their System Role setup).
  • HTTP error 400 - Bad Request. Unknown error.

The system also returns the following error codes in the response:

  • 0 - Unknown error
  • 1 - Client details not set
  • 2 - Unknown user
  • 3 - Invalid Password
  • 4 - Not allowed for given User and their System Role

Here is a sample response, with the error code:

1
Error Code: 3