summaryrefslogtreecommitdiff
path: root/doc/en_US/api-json-rpc.markdown
diff options
context:
space:
mode:
authorFrederic Guillot <fred@kanboard.net>2017-01-29 11:07:42 -0500
committerFrederic Guillot <fred@kanboard.net>2017-01-29 11:07:42 -0500
commit0371acff89b14b9bdcb03e72fd9637e26e6b517c (patch)
treef5878c9c07705379d137843cb8f92e3cdf7c20a8 /doc/en_US/api-json-rpc.markdown
parent3bf4789be255650b64f42231f41383cb13b65572 (diff)
Move English documentation to folder en_US
Diffstat (limited to 'doc/en_US/api-json-rpc.markdown')
-rw-r--r--doc/en_US/api-json-rpc.markdown73
1 files changed, 73 insertions, 0 deletions
diff --git a/doc/en_US/api-json-rpc.markdown b/doc/en_US/api-json-rpc.markdown
new file mode 100644
index 00000000..fad19466
--- /dev/null
+++ b/doc/en_US/api-json-rpc.markdown
@@ -0,0 +1,73 @@
+Json-RPC API
+============
+
+User and application API
+------------------------
+
+There are two types of API access:
+
+### Application API
+
+- Access to the API with the user "jsonrpc" and the token available on the settings page
+- Access to all procedures
+- No permission checked
+- There is no user session on the server
+- No access to procedures that starts with "My..." (example: "getMe" or "getMyProjects")
+- Example of possible clients: tools to migrate/import data, create tasks from another system, etc...
+
+### User API
+
+- Access to the API with the user credentials (username and password)
+- You can also generate a personal access token instead of your password
+- Application role and project permissions are checked for each procedure
+- A user session is created on the server
+- Example of possible clients: native mobile/desktop application, command line utility, etc...
+
+Security
+--------
+
+- Always use HTTPS with a valid certificate (avoid clear text communication)
+- If you make a mobile application, it's your responsability to store securely the user credentials on the device
+- After 3 authentication failure on the user api, the end-user have to unlock his account by using the login form
+- Two factor authentication is not yet available through the API
+
+Protocol
+--------
+
+Kanboard use the protocol Json-RPC to interact with external programs.
+
+JSON-RPC is a remote procedure call protocol encoded in JSON.
+Almost the same thing as XML-RPC but with the JSON format.
+
+We use the [version 2 of the protocol](http://www.jsonrpc.org/specification).
+You must call the API with a `POST` HTTP request.
+
+Kanboard support batch requests, so you can make multiple API calls in a single HTTP request. It's particularly useful for mobile clients with higher network latency.
+
+Usage
+-----
+
+- [Authentication](api-authentication.markdown)
+- [Examples](api-examples.markdown)
+- [Application](api-application-procedures.markdown)
+- [Projects](api-project-procedures.markdown)
+- [Project Permissions](api-project-permission-procedures.markdown)
+- [Boards](api-board-procedures.markdown)
+- [Columns](api-column-procedures.markdown)
+- [Swimlanes](api-swimlane-procedures.markdown)
+- [Categories](api-category-procedures.markdown)
+- [Automatic Actions](api-action-procedures.markdown)
+- [Tasks](api-task-procedures.markdown)
+- [Subtasks](api-subtask-procedures.markdown)
+- [Subtask Time Tracking](api-subtask-time-tracking-procedures.markdown)
+- [Task Files](api-task-file-procedures.markdown)
+- [Project Files](api-project-file-procedures.markdown)
+- [Links](api-link-procedures.markdown)
+- [Tags](api-tags-procedures.markdown)
+- [Internal Task Links](api-internal-task-link-procedures.markdown)
+- [External Task Links](api-external-task-link-procedures.markdown)
+- [Comments](api-comment-procedures.markdown)
+- [Users](api-user-procedures.markdown)
+- [Groups](api-group-procedures.markdown)
+- [Group Members](api-group-member-procedures.markdown)
+- [Me](api-me-procedures.markdown)