Rest API Authentication
The Groundhogg REST API may only be accessed by URL with the appropriate authentication. This authentication is accomplished by passing an API key and token in the header with the appropriate header keys.
All the keys and tokens are added inside the HTTP headers to provide more security. Each and every request to Groundhogg API must contain header fields Gh-token and Gh-public-key.
Gh-token holds a public token generated to access API and Gh-public-key is a public key generated to access API. Each user on the site has their own unique set of keys and tokens. These can be managed all in one place by Admins under Groundhogg → Settings → API.
For example, the following URL returns a list of contacts from your website. Make sure to add required headers before making this request.
Before performing any operation API key checks for the user's roles. If a user does not have the authorization to perform operations API will discard the request.
Error - 501 Method Not Implemented
Some servers and clients cannot correctly process some HTTP methods that the API makes use of. For example, all deletion requests on resources use the DELETE method, but some clients do not provide the ability to send this method.
To ensure compatibility with these servers and clients, the API supports a method override. This can be achieved by adding a
_method parameter. This will make a POST request to act like DELETE. The following URL is a POST request URL but because of method override, it will act as a DELETE request.