As of Easy!Appointments v1.2 a flexible REST API is integrated within the project that will make it possible to handle all the information of your installations from external clients. The API is using JSON as it's transaction format and features many great practices in order to make the resources easily consumable.
## Making Requests
The new API (v1) supports [Basic Authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) which means that you will have to send the "Authorization" header with every request you make. **Always use SSL/TLS when making requests to a production installation.** That way you can ensure that no passwords will be stolen during the requests. The API expects the username and password of an admin user.
The API follows the REST structure which means that the client can use various HTTP verbs in order to perform various operations to the resources. For example you should use a GET request for fetching resources, a POST for creating new and PUT for updating existing ones in the database. Finally a DELETE request will remove a resource from the system.
GET requests accept some parameter helpers that enable the sort, search, pagination and minification of the responses information. Take a look in the following examples:
### Search
Provide the `q` parameter to perform a search in the resource.
Most of the times the API will return the complete requested data in a JSON string but there are some cases that the responses will contain a simple message like the following:
```
{
"code": 404,
"message": "The requested record was not found!"
}
```
Such simple messages contain the HTTP code and a message stating a problem or a success to an operation.
At this point you can start experimenting with the API and your intallation. The following section of this document describes the available resources and how they can be used. Before building your API consumer you can use [cURL](https://en.wikipedia.org/wiki/CURL) or [Postman](https://chrome.google.com/webstore/detail/postman/fhbjgbiflinjbdggehcddcbncdddomop) to try out the API.
-`GET /api/v1/availabilities?providerId=:id&serviceId=:id[&date=:date]` Get the available appointment hours for a specific provider, service and date. The date must be in the following format `Y-m-d` e.g. `2016-07-19`.
-`GET /api/v1/unavailabilities[/:id]` Get all the unavailabilities or a specific one by providing the ID in the URI.
-`POST /api/v1/unavailabilities` Provide the new unavailability JSON in the request body to insert a new record.
-`PUT /api/v1/unavailabilities/:id` Provide the updated unavailability JSON in the request body to update an existing record. The ID in the URI is required.
-`DELETLE /api/v1/unavailabilities/:id` Remove an existing unavailability record.
-`GET /api/v1/secretaries[/:id]` Get all the secretaries or a specific one by providing the ID in the URI.
-`POST /api/v1/secretaries` Provide the new secretary JSON in the request body to insert a new record.
-`PUT /api/v1/secretaries/:id` Provide the updated secretary JSON in the request body to update an existing record. The ID in the URI is required.
-`DELETLE /api/v1/secretaries/:id` Remove an existing secretary record.
### Settings
**Resource JSON**
```
{
"name": "book_advance_timeout",
"value": "100"
}
```
**Requests**
-`GET /api/v1/settings[/:name]` Get all the settings or a specific one by providing the setting name in the URI.
-`PUT /api/v1/settings/:name` Insert or update a setting in the database. Provide a snake_case name in order to keep the conventions.
-`DELETE /api/v1/settings/:name` Remove a setting from the database. **Notice:** Be careful when removing settings that are required by the application because this will cause error later on.
Although the current state should be sufficient for working with the application data there are some other features of that will make the consume more flexible and powerfull. These will be added gradually with the future releases of Easy!Appointments.
If your server runs PHP through FastCGI you will the authorization will not work because the `Authorization` header is not available to the PHP scripts. You can easily fix this by applying the following adjustments depending your server sortware:
### Apache
Add the following code snippet to an `.htaccess` file in the installation root directory if you have `mod_rewrite` installed and enabled: