Package - REST API Development Kit

General Details

Development kit that allows the easy development of efficient and secure REST APIs.

Package: REST API Development Kit (rest_api)
Author: Apex (apex)
Version: v1.0.0
License: Free
Price: $0.00 USD
Downloads: 1
Rating: N/A
Date Created: September 21, 2020 at 02:56
Last Modified: September 21, 2020 at 02:58


To install this package, within terminal change to the Apex installation directory, and type:

php apex.php install rest_api


The REST API package allows you to quickly and efficiently develop a secure and robust JSON based REST APIs for any purpose. If you do not already have the rest_api package installed, you may install it by typing the following within terminal from the Apex installation directory:

./apex install rest_api

This page will guide you through the setup process, and please see the below links for full information on how to develop out your desired API endpoints. Please note, you may view the /src/rest_api/examples directory for example code of both, how to develop API endpoints, and how to integrate with the API as a client.

  1. Authentication Schemas
    1. API Provider Keys
    2. Access / Refresh Tokens
      1. POST /core/login
      2. POST /core/refresh_token
      3. GET /core/logout
    3. Simple API / Public + Secret Keys
    4. Login Credentials
  2. API Development
    1. Routing / rest_api.php Class
      1. Default Routes
      2. $routes Property
      3. $acl Property
      1. JSON Response Object
    2. api_util Functions
      1. check_required()
      2. decrypt
      3. create_session()
      4. Exceptions
  3. RSA Encryption
    1. RSA Key-Pair
    2. GET /core/rsa_key
    3. Encryption
    4. Decryption

Getting Started

After installation of the rest_api package, visit the Settings->REST API menu of the administration panel where you will be prompted to complete setup. Most of this page should be straight forward with the given explanations except for the authentication schema. This can not be changed after setup unless you reset the system, and below explains the different authentication schemas available.

Auth Schema Description
Provider Only This option should almost never be used. Only select this option if your API is 100% public facing, and never requires an authenticated session of any kind.
Access / Refresh Tokens Should always be used for back-ends that will be used in conjunction with mobile apps. This provides the greatest level of security, as it helps prevent anyone intercepting wifi hotspot traffic from gaining unauthorized entry into the system.
Singular API Keys Each user who is allowed access to the API will be given a single API key, which they must pass with each request. This method is simple, clean, and straight forward.
Public + Secret Keys Useful for APIs that require tracking on a per-user basis, plus all require both, API endpoints that can be accessed publicly without authentication (ie. for tracking purposes), and API endpoints that can only be accessed upon successful user authentication. Each user will recieve both, a public and secret API key, where the secret key is only required for certain API endpoints/
Login Credentials Not recommended, but negates the requirement of API keys altogether. This allows the user's account username and password to be sent with each API request, and is authenticated each request.

For all other details regarind gthe REST API package, please use the above links. Alos, you may view example code of both server and client side implementation via the /src/rest_api/examples/ directory of your Apex installation.

User Comments

No comments yet.

Add Comment

You must be logged in to submit a comment.

Need a Professional?

Need development work by the creator of Apex? E-mail for a free consultation.

Recent News

Apex v1.5.4 Released!
Added .env file, Remote Access Client, finalized PostgreSQL, and more...
Apex v1.5 Released!
Auto-Install via YAML, Preloading, CRUD Scaffolding, Code ReOrganization, Import / Export between Packages, and more...
Apex v1.4.0 Released!
New Package Format, Service Providers and Adapters, New Theme Tools, and more

Mailing List

Subscribe to the low traffic mailing list to stay updated on Apex.

Admin Screenshot