Getting Started

Worksection API introduction

API is an appli­ca­tion pro­gram inter­face for inte­grat­ing one soft­ware with anoth­er.Work­sec­tion API allows you to access our ser­vice and request/​send data for simul­ta­ne­ous inter­ac­tion of the ser­vice with oth­er pro­grams.

Use­ful materials:

  1. SDK library to sim­pli­fy the work with our API.

  2. OAuth 2.0 library for easy work with the Work­sec­tion OAuth 2.0.

  3. Method col­lec­tions in Post­man.

Worksection API features

All the main fea­tures and func­tions, pre­sent­ed in the sys­tem itself, are avail­able through our API, namely:

For par­tic­i­pants and con­tacts:

  • cre­ate teams for mem­bers and fold­ers for contacts

  • cre­ate contacts

  • invite new account members

  • get a list of teams, mem­bers and contacts

  • add and exclude project members

  • sub­scribe and unsub­scribe task members

For tasks and com­ments:

  • cre­ate, edit, close and reopen tasks

  • get task data

  • get a list of:

  • all tasks

  • tasks of a spe­cif­ic project

  • tasks accord­ing to search parameters

  • post and get task comments

  • cre­ate, set and remove task statuses/​labels

For projects:

  • cre­ate, edit, archive and acti­vate projects

  • cre­ate folders

  • get project data

  • get a list of projects and folders

  • cre­ate, set and remove project statuses/​tags

For entered costs and enabled timers:

  • cre­ate, update and delete time and finan­cial costs

  • get par­tic­u­lar cost rows and total costs for projects and indi­vid­ual tasks

  • get a list of enabled mem­ber timers

  • stop enabled mem­ber timers

For files:

  • the abil­i­ty to attach files to com­ments and project/​task descrip­tions dur­ing cre­ation as well as to get uploaded and attached files

Note! To pre­vent the loss, acci­den­tal dele­tion or inten­tion­al destruc­tion of cru­cial data, the abil­i­ty to delete most of the data was exclud­ed, namely:

  • projects/​tasks/​comments

  • account members/​contacts

  • project/​task statuses/​labels

  • uploaded and attached files

Worksection API authorization

To get access to Worksection API you can use:

  • admin token *grants highest rights

  • user token (oauth2 access token) *grants limited rights (according to user role and app permissions)

Admin token​

Use next basic URL:

https://youraccount.worksection.com/api/admin/v2/

Admin token is generated in MD5 format from all request parameters and account administrative API key (example below).

?action=get_tasks&id_project=26

Getting token (on PHP)

$query_params = 'action=get_tasks&id_project=26';
$api_key = '7776461cd931e7b1c8e9632ff8e979ce';

$hash = md5($query_params.$apikey);

Final request

https://youraccount.worksection.com/api/admin/v2/?action=get_tasks&id_project=26&
hash=ec3ab2c28f21b4a07424f8ed688d6644

User token

*oauth2 access token

​​

​Use next basic URL:

https://youraccount.worksection.com/api/oauth2

Access token can be obtained by a special request (see details). It's valid for 24 hours. Then you need to refresh it with refresh_token or get a new one. 

?action=get_tasks&id_project=26​

Final request *with authorization header

curl -X GET -H "Authorization: Bearer <token_value>"
https://youraccount.worksection.com/api/oauth2?action=get_tasks&id_project=26

*with access_token parameter

https://youraccount.worksection.com/api/oauth2?action=get_tasks&id_project=26&
access_token=<token_value>

Worksection administrative API key

Admin­is­tra­tive API key is used for access to Work­sec­tion API through the admin token.

Account → API → Show API key

Note! Only the account own­er has access to the admin­is­tra­tive API key!

Worksection OAuth 2.0 access token

Access data can be obtained by making a POST request to the URL of the token with the authorization code:

https://worksection.com/oauth2/token

The POST request must contain the required parameters:

PARAMETER
DESCRIPTION

client_id

client_id, received when creating the application.

client_secret

client_secret, received when creating the application.

grant_type

Always specify the authorization_code.

code

The authorization code (see details).

redirect_uri

URI where the response will be redirected. The URI must meet the requirements of the OAuth2 standard and use the HTTPS protocol.

CURL example: 

curl -X POST -d "client_id=<client_id>&client_secret=<client_secret>&
grant_type=authorization_code&code=<authorization_code>&redirect_uri=<redirect_uri>"
https://worksection.com/oauth2/token 

Example response:

{
    "token_type": "bearer",
    "expires_in": 86400,
    "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJh...",
    "refresh_token": "def502005534a202e9e8effa05cdbad564015604f34...",
    "account_url": "https://authorizeduseraccount.worksection.com"
}

The received access_token and refresh_token will be used in subsequent requests to access the API and update the access_token. The access_token is valid for 24 hours, the refresh_token is valid for 1 month.

PreviousРусификация ZabbixNextMembers

Last updated

Was this helpful?