API V2 🆕

Concept

When using the GLPI API, communication occurs in a universal language called JSON (a very simple text format to read) and relies on the standard web network (HTTP), with 4 main actions:

GET (Read): Give me the list of computers at the Lyon site.
POST (Create): Create a new ticket with the title 'Internet outage'.
PUT/PATCH (Update): Change the status of computer #45 to 'Under repair'.
DELETE (Delete): Delete ticket #1234.

Each request is sent to a specific URL, called an Endpoint (e.g., https://my-glpi.com/api.php/Ticket).

What is it for?

The API allows, among other things, to automate time-consuming tasks and simplify repetitive actions:

Supervision (Monitoring): Instead of sending a simple email, the API can automatically create a critical ticket and assign it to the network team in GLPI.
Human Resources: When the HR department adds an employee to their software, it automatically transmits the data to GLPI via the API to create a user account, generate a PC preparation ticket, and assign a software license.
External Reporting: A Python script that queries the API every evening to retrieve the number of open tickets and display it on a screen in the open-space.

Creating an Oauth Client

To use the API, GLPI requires an OAuth client to be configured. This client will generate a Client ID and a Client secret, which are essential for authorizing API usage.

From Configuration > OAuth clients, click on + Add
Enter:
- A name
- The relevant scopes: email, user, api, inventory, status, graphql
- The authorization type (grants): Password, Clients credentials, Authorization code
Save your OAuth client
Click on your OAuth client, and note the 2 values:
- Client ID
- Client secret

Method 1 - API Endpoints

The recommended method is to use the API Endpoints feature natively available in GLPI. You can find the URL at:

Configuration > General > API > API Endpoints
Or at the address https://my_instance/api.php/v2.2/doc

Connect the OAuth Client

From Configuration > General > API > API Endpoints, click on Authorize
Enter the Client ID and Client secret noted in the previous step
Select the desired scopes
Click on Authorize
Validate the consent screen

Usage

From Configuration > General > API > API Endpoints or https://my_instance/api.php/v2.2/doc, select the module you need

In our example, we will display ticket with id 60
From Administration, select GET** /Assistance/Ticket/{id}**
Click on Try it out
Enter the ticket number
Click on Execute

Response:

In this first box, you will find:
1. Curl: The request used
2. The Request URL
3. The request response: the content of our ticket
4. The header response: a list of parameters in "Key: Value" format (request weight, timestamp, formatting, etc.).
In another box, you will find the raw values of the request, i.e., the schema used.

It is also possible to view the schema and the expected value type in list mode by clicking on Schema

Method 2 - Via curl requests

Token Initialization

Enter this command in a terminal:

curl -X POST 'https://MY_INSTANCE/api.php/token'
--header 'Content-Type: application/x-www-form-urlencoded'
--data 'grant_type=password'
--data 'client_id=MY_CLIENT_ID'
--data 'client_secret=MY_CLIENT_SECRET'
--data 'username=MY_USER'
--data 'password=MY_PASSWORD'
--data 'scope=api'

A similar result will be returned:

{"token_type":"Bearer","expires_in":3600,"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiI3NDhhMjZmMDYzOTE5NWRlNmE0ZWY3OTRmMzJjZWFjYmFiYWIyOGM2MmI5NDU5YTM5NDMxOWVhNzgxZTY2ZTgyIiwianRpIjoiZmZjMDY2MmU1ZDIwYWQyMTI5NTc2NGFjNTk5NmMzOGM1YmJmYThiYzM3YTE5MTI5MGM2YWFkYzg1YWZmMmY3YTQyYmY1NWJkNzc2NDI4NjAiLCJpYXQiOjE3NzcwMjU4MzUuNDE4NzQ4LCJuYmYiOjE3NzcwMjU4MzUuNDE4NzUxLCJleHAiOjE3NzcwMjk0MzUuNDEyNTQ2LCJzdWIiOiIzMyIsInNjb3BlcyI6WyJhcGkiXX0.KGwELLimKR8Eh6WzDk0BHlQWBDLwHTh2Weg8g2um71CxdgfeRReJRH4gcCqlDmdACZmf6ENoOwAarjZItlBaR7FECgllCDW1w792VvD6SbK8CKD316k2To3mp7bVh9qdPO28IL5W0fdnReEeA7JHyZfQyjxmOqVeejXf5YPOXuDcHmYbbR3bITQT8FlQCJEvYRctAgM59XLocTCySelaO-D_YXOYG0zGi5svb3X-bZjOdsiRnp3L3lqbB-DIhCSknLo63on7HK8Y2HGcCdU5HJbp4BOEiYj9YaBrFUzyetgAYPuuca4ZHsnjsJOAJOu0-iieIQq_iDAx1zSvgBGPng","refresh_token":"def50200449acd66b193093a5a9f8f392366ef97624b4760f5601ea177c202dcaa984b3415c5e6c7f79ec84d8ba5ce27b96880bd2c1eb1db2cb34776473b2ef54e5040b9f7e64d601f8f5f5f628c4b39e63354b07568fa9337cb915cc41b98b02277ea1f9915b7326a44449b46adc8970206dcda7ab2058bc81584884d777ec7f7c5071f1b41f8d003854ca128f38c9546a9c61d8a151bf7b36b4217010afc70cb24147c0c3a508d3f7df598d04b1e1d6a97aa8ce01874122f83befaa28d0816910ae610e448d111abe94f7ea42c31cabd5b3c6d9c9b2125e81b0c8c556172fb25511c97db66d16f0244614e99a4a934f1cdd695e6a48b5f0de396a70189ff79b7d3f9d3e52694c343f1de04238b5b77616e3e786c52b1cc38ba928a37f9e21baafde64088111d02990876b927cdf93976774164a94a2e3b8e706bdae64df4795727204035548cf79b5aac54ebbd497e762cfe7b47bbc4aa6c65f66379d52f6bd3ef33b35b8af3d2789141fa9a58cb767aab31197219a676b6522d1ca1dbd081a84fef91788572118cdd4df7f0e8180720ddcebd8c23857581f33677630523fe94412e841d57d2a8"}

The access token is the important information that will be requested for each command you type.

Example Commands

If you do not wish to fill in certain fields in your requests, you can either indicate the value "null" (e.g., "sla_ttr": null) or remove them from your request. The essential thing is that your json is correctly structured. All values containing an "id": 0 must also be replaced by the value null

Tickets

Create a ticket:

Limitation:

The expected format for dates is "YYYY-MM-DD HH:MM:SS". The variable $date-time is not applicable at this time (currently being corrected by the technical teams).

curl -X 'POST' \
'https://MY_INSTANCE/api.php/Assistance/Ticket' \
-H 'accept: application/json' \
-H 'Accept-Language: en_GB' \
-H 'Authorization: Bearer MY_TOKEN' \
-H 'Content-Type: application/json' \
-d '{
  "name": "string",
  "content": "string",
  "user_recipient": {
    "id": 0
  },
  "user_editor": {
    "id": 0
  },
  "is_deleted": false,
  "category": {
    "id": 0
  },
  "location": {
    "id": 0
  },
  "urgency": 1,
  "impact": 1,
  "priority": 1,
  "date_creation": "YYYY-MM-DD HH:MM:SS",
  "date_mod": "YYYY-MM-DD HH:MM:SS",
  "date": "YYYY-MM-DD HH:MM:SS",
  "date_solve": "YYYY-MM-DD HH:MM:SS",
  "date_close": "YYYY-MM-DD HH:MM:SS",
  "type": 1,
  "external_id": "string",
  "request_type": {
    "id": 0
  },
  "sla_ttr": {
    "id": 0
  },
  "sla_tto": {
    "id": 0
  },
  "ola_ttr": {
    "id": 0
  },
  "ola_tto": {
    "id": 0
  },
  "sla_level_ttr": {
    "id": 0
  },
  "ola_level_ttr": {
    "id": 0
  },
  "global_validation": 1,
  "status": {},
  "entity": {
    "completename": "string"
  },
  "team": [
    {
      "name": "string",
      "type": "string",
      "role": "string"
    }
  ]
}'

Retrieve the content of a ticket:

curl -X 'GET' \
'http://MY_INSTANCE/api.php/Assistance/Ticket/ID' \
-H 'accept: application/json' \
-H 'Accept-Language: en_GB' \
-H 'Authorization: Bearer MY_TOKEN'

Retrieve the solution of a ticket:

curl -X 'GET' \
'http://MY_INSTANCE/api.php/Assistance/Ticket/ID/Timeline/Solution' \
-H 'accept: application/json' \
-H 'Accept-Language: en_GB' \
-H 'Authorization: Bearer MY_TOKEN'

Retrieve the documents of a ticket:

curl -X 'GET' \
'http://MY_INSTANCE/api.php/Assistance/Ticket/ID/Timeline/Document' \
-H 'accept: application/json' \
-H 'Accept-Language: en_GB' \
-H 'Authorization: Bearer MY_TOKEN'

User

Create a user:

curl -X 'POST' \'https://MY_INSTANCE/api.php/Administration/User' \
-H 'accept: application/json' \
-H 'Accept-Language: en_GB' \
-H 'Authorization: Bearer MY_TOKEN' \
-H 'Content-Type: application/json' \
-d '{
"username": "string",
"realname": "string",
"firstname": "string",
"phone": "string",
"phone2": "string",
"mobile": "string",
"emails": [
{
  "id": 0,
  "email": "string",
  "is_default": true,
  "is_dynamic": true
  }
],
"comment": "string",
"is_active": true,
"is_deleted": false,
"password": "string",
"password2": "string",
"location": {"id": 0},
"authtype": 1,
"last_login": "YYYY-MM-DD HH:MM:SS",
"default_profile": {"id": 0},
"default_entity": {},
"date_creation": "YYYY-MM-DD HH:MM:SS",
"date_mod": "YYYY-MM-DD HH:MM:SS",
"title": {"id": 0},
"category": {"id": 0},
"registration_number": "string",
"begin_date": "YYYY-MM-DD HH:MM:SS",
"end_date": "YYYY-MM-DD HH:MM:SS",
"nickname": "string",
"substitution_start_date": "YYYY-MM-DD HH:MM:SS",
"substitution_end_date": "YYYY-MM-DD HH:MM:SS" }'

Delete a user

curl -X 'DELETE' \
'https://MY_INSTANCE/api.php/Administration/User/ID?force=true' \
-H 'accept: */*' \
-H 'Accept-Language:  en_GB' \
-H 'Authorization: Bearer MY_TOKEN'

Profile

List profiles

curl -X 'GET' \
'https://MY_INSTANCE/api.php/Administration/Profile' \
-H 'accept: application/json' \
-H 'Accept-Language: en_GB' \
-H 'Authorization: Bearer MY_TOKEN'

Entity

List entities

curl -X 'GET' \
'https://MY_INSTANCE/api.php/Administration/Entity' \
-H 'accept: application/json' \
-H 'Accept-Language: en_GB' \
-H 'Authorization: Bearer MY_TOKEN'

View entity details

curl -X 'GET' \
https://MY_INSTANCE/api.php/Administration/Entity/ID' \
-H 'accept: application/json' \
-H 'Accept-Language: en_GB' \
-H 'Authorization: Bearer MY_TOKEN'

Status

View GLPI service status

curl -X 'GET' \
'https://MY_INSTANCE/api.php/status' \
-H 'accept: */*' \
-H 'Accept-Language: en_GB' \
-H 'Authorization: Bearer MY_TOKEN'

PreviousGeneral NextFields unicity

Last updated 15 days ago