Flexie CRM API is a REST API that uses HTTP defined methodologies and you can send and receive data by making HTTP requests. Methods we use are GET, PUT, POST and DELETE and responses are resources or status codes depending on the client’s request made to the Flexie CRM API.
As a first step, to be able to use Flexie CRM API, you need to authenticate first in order to open the door to the system and access your CRM data. Flexie CRM supports authentication with OAuth 2.0 or with an API Key.
You get those credentials that you have setup in Flexie CRM and then use them to integrate other applications.
The way to go is by including those credentials when making requests to the API. You can include the credentials in the URL query strings or in the request headers.
How to connect applications using OAuth 2.0
To use OAuth 2.0 you first need to allow the third-party application to access our API. To allow access you have to add your application you go to Settings / API Credentials and click New.
In the Name section give a name for the application you are giving access and in Redirect URI you enter the location where the user will be redirected.
When you click Apply a Client ID and a Client Secret will be automatically generated for your application. To get access to Flexie CRM API you have to enter Client ID and Client Secret in your third party application.
To authenticate with OAuth 2.0 you have to use the following information:
- Flexie CRM API authorization URL to: https://{{your subdomain}}.flexie.io/oauth2/authorize
- Flexie CRM API access token URL to: https://{{your subdomain}}.flexie.io/oauth2/token
- Get the Client ID (OAuth Key for Flexie CRM API) and client secret (OAuth Secret for Flexie CRM API) from Settings / API Credentials.
- After successful login will give you back an Access Token with an Expire time and a Refresh Token.
Suppose your Access Token is equal to “my-access-token“;
Depending on the application, Access Token will be used to access your Flexie CRM. Normally you will only be required to insert Client ID, Client Secret in some settings of the third-party application. After that you will have to enter your Flexie login credentials (username and password) and if correct the OAuth will take care of the rest.
That is all you need to connect a third-party application with Flexie CRM API.
How the flow continues after being granted access
You know now what is already needed to connect third-party applications with Flexie CRM API, however to understand how OAuth works show a simple flow example.
OAuth 2.0 is an authorization framework that enables a third-party application to obtain a access to a resource for a limited time. As we said above after successful login you sill get your Access Token, Expire in time and a Refresh Token.
Suppose we want to get all Lead Fields. For that the request can be made in two ways:
URL to request to: https://{{your subdomain}}.flexie.io/api/leads/list/fields
Header Keys used:
Authorization : Bearer my-access-token;
Content-type: application/json;
Or
URL to request to: https://{{your subdomain}}.flexie.io/api/leads/list/fields?access_token=my-access-token
Header Keys used:
Content-type: application/json;
The Content-type: application/json designates the content to be in JSON format.
After the access token expires, if you would manually use it to make a request to the Flexie CRM API it will result in an “Invalid Token Error”. To request a new Access Token the Refresh Token to request a fresh Access Token from Flexie CRM API.
How to connect applications using API Key
OAuth protocol provides a specific authorization flows that is more suitable for advanced users that know how it really works. On the other side Using API Key to connect other applications with Flexie CRM is a lot more easier than using OAuth protocol. The only thing you need is the API Key and you can get it under your Account / API Settings.
Suppose your Access Token is equal to “Your secret API Key“;
When making a request in Flexie CRM API you can add the API Key in the request header or in the URL.
Example using API Key URL :
URL: https://{{your subdomain}}.flexie.io/api/leads/list/fields?apikey=Your secret API Key
Header Keys used:
Content-Type : application/json
Example using API Key in request headers:
URL: https://{{your subdomain}}.flexie.io/api/leads/list/fields
Header Keys used:
apikey: Your secret API Key
Content-Type : application/json
Keep in mind that this is very serious, so we advise you to be careful when you expose your credentials like API Key elsewhere. However, to avoid any leak, you can reset your API Key anytime inside your Flexie CRM under your Account by clicking Generate New Key.
Revoke access to third-party application
You can check any application you have given access under Account / Authorized Applications and you can also revoke access if you no longer want to allow third-party application to access your Flexie CRM data.
A simple way to connect to 1000+ apps is using our Zapier application and you are always synced to all the tools you may use. We integrated Zapier to only request your sub-domain and the API Key to keep it as simple as possible.
Raw usage of the API however, is more advanced and gives you full control to achieve whatever you need. We can practically perform CRUD operations on all Standard Entities and in all Custom Entities that you create. You can explore our API to discover what you can do API Reference
To stay updated with the latest features, news and how-to articles and videos, please join our group on Facebook, Flexie CRM Academy.