On this page
SiteGUI is a hybrid platform. This means that while you have a full-featured GUI front-end for ease of use, you can also leverage the easy-to-use API layer for seamless integration with any front-end framework in headless mode. Any web accessible URL on the SiteGUI platform can be turned into an API endpoint just by adding .json to the URL. The API endpoint accepts the same input parameters as the webpage and returns JSON data.
While accessing public sites does not require authentication, it is required to authenticate when accessing protected resources such as the SiteGUI Admin interface (https://sitegui.app/siteadmin) or your customer portal (https://my.domain.zzz/account). SiteGUI platform uses Bearer token authentication requiring the client to include an access token in the "Authorization" header using the "Bearer" scheme for every request to the protected resources. Here is a sample request with the authentication header
curl -H "Authorization: Bearer sdfio13d_access_709d9c29e5290032c18ed3b70" \
https://sitegui.app/siteadmin.json
App can send user's username and password to the login API endpoint (https://sitegui.app/siteadmin.json for SiteGUI admin interface or https://my.{{domain.zzz}}/account.json for your customer portal - please replace domain.zzz with your own domain) to exchange for an access_token which can be used for subsequent requests. A refresh_token will also be included to help apps renew the access_token after it expires (normally after 30 days). Your app should store both the access_token and the refresh_token in a secure place for the future requests to the API endpoints.
Getting an access_token using username and password.
curl -d "user_login=1&[email protected]&password=a_secret_password&grant_type=password&client_id=unique_device_id" \
https://sitegui.app/siteadmin.json
Parameters
Response
Upon successful authentication, the API server will return the status code 200 and the following data
{
"status": {
"result": "success"
},
"access_token": "sdfio13d_access_d53153ecd7d8fe4f3d0",
"refresh_token": "sdfio13d_refresh_72a825a35aa636fe9b",
"expires": 1734603147
}
If the authentication is not successful, the server will return the status code 401 and the following data
{
"status": {
"result": "error",
"message": [
"Incorrect Password",
"Login required"
]
}
}
An access_token is valid for 30 days. The API server will return the status code 401 and deny access to the protected resource when it detects an expired access_token being used. In this case, your app should use the refresh_token provided with the access_token to get a new access_token. The endpoint is still the login endpoint (https://sitegui.app/siteadmin.json for SiteGUI admin interface or https://my.{{domain.zzz}}/account.json for your customer portal - please replace domain.zzz with your own domain)
curl -H "Authorization: Bearer sdfio13d_refresh_72a825a35aa636fe9b" \
https://sitegui.app/siteadmin.json
If the refresh_token is valid and hasn't expired (last for 90 days), a new pair of access_token and refresh_token will be returned along with the status code 200, your app should store both of them for future usage.
You may generate an API token through the SiteGUI admin interface to use for automating tasks via API by creating a dedicated staff user just for API access. Staff (with API access permission) can also generate their own API token if needed.
Any web accessible URL on the SiteGUI platform can be turned into an API endpoint just by adding .json to the URL. The API endpoint accepts the same input parameters as the webpage and returns JSON data. The request should include an access token in the "Authorization" header using the "Bearer" scheme
curl -H "Authorization: Bearer sdfio13d_access_709d9c29e5290032c18ed3b70" \
'https://sitegui.app/siteadmin/{{site_id}}/page.json?html=1'
The SiteGUI platform accepts GET (retrieving data) and POST (making changes), PUT/PATCH are not included because those actions are already supported by POST. Please note that the parameter csrf_token is not required when POSTing via API unless a cookie header is present in the API request.
The API server may return extra information (links, html helper values and user data) if the parameter html=1 is included in the request to the server. Here is a sample response
{
"status": {
"result": "success"
},
"links": {
"datatable": {
"creator": "/siteadmin/1/staff/edit"
},
"api": "/siteadmin/1/page",
"edit": "/siteadmin/1/page/edit",
"copy": "/siteadmin/1/page/copy",
"delete": "/siteadmin/1/page/delete",
"notifier": "/siteadmin/1/notification",
"configure": "/siteadmin/1/appstore/configure?sgframe=1&name=Core/Page"
},
"html": {
"title": "Manage Pages",
"rgb": "0,120,105",
"table_header": {
"id": "ID",
"name": "Name",
"slug": "Slug",
"published": "Published",
"action": "Action"
},
"column_type": {
"published": "date"
},
"file_manager": "/siteadmin/1/file",
"app_label": "Page",
"app_label_plural": "Pages",
"current_app": "Page"
},
"user": {
"id": 1111,
"name": "NAMEDIA Inc",
"image": "https://cdn.pageee.com/public/uploads/site/1/clients/24Q2/24Q2661282.jpeg",
"language": "",
"timezone": "EST",
"expiry": "1734495308",
"type": "API",
"staff": true,
"roles": {
"1": "Site Manager"
}
},
"total": 19,
"current": 1,
"rowCount": 12,
"rows": []
}
SiteGUI uses pagination when returning a list of records. Use rowCount to specify the number of records to retrieve and current to specify the pagination number. The response should include a total number of records, the current pagination, the rowCount number and a list of records in rows.