Version: 0.1.6 - Beta 2
API Version: 1.0.0
Status: BETA - Production use at your own risk
This plugin is currently in Beta status. While functional, it may contain bugs or incomplete features. Contributions, bug reports, and feedback are highly welcomed!
- Rise CRM: Version 3.6 or higher
- PHP: 7.4 or higher (8.0+ recommended)
- CodeIgniter: 4.x (included with Rise CRM)
- Database: MySQL 5.7+ or MariaDB 10.2+
- SSL Certificate: Optional (required if HTTPS enforcement is enabled)
- PHP 8.0+
- MySQL 8.0+ or MariaDB 10.5+
- HTTPS enabled for production use
- Sufficient database storage for API logs
-
Copy Plugin Files
# Copy the Rest_api folder to your Rise CRM plugins directory cp -r Rest_api /path/to/rise_crm/plugins/ -
Run Database Installation
- Navigate to Settings → Plugins in your Rise CRM admin panel
- Locate "REST API" plugin
- Click "Install" button
- The installer will automatically create required database tables
-
Configure API Settings
- Go to Settings → REST API Settings
- Enable the API
- Configure default rate limits
- Set HTTPS and CORS preferences
-
Generate API Keys
- Navigate to API Keys tab
- Click "Add API Key"
- Configure key permissions and limits
- Save and securely store the generated API Key and Secret
All endpoints are prefixed with /api/v1/ and require authentication via API Key and Secret.
https://your-domain.com/api/v1/
| Resource | Endpoints | Methods | Special Actions |
|---|---|---|---|
| Users | /users, /users/{id} |
GET, POST, PUT, DELETE | - |
| Projects | /projects, /projects/{id} |
GET, POST, PUT, DELETE | - |
| Tasks | /tasks, /tasks/{id} |
GET, POST, PUT, DELETE | - |
| Clients | /clients, /clients/{id} |
GET, POST, PUT, DELETE | Convert lead: POST /clients/{id}/convert |
| Invoices | /invoices, /invoices/{id} |
GET, POST, PUT, DELETE | - |
| Estimates | /estimates, /estimates/{id} |
GET, POST, PUT, DELETE | - |
| Proposals | /proposals, /proposals/{id} |
GET, POST, PUT, DELETE | - |
| Contracts | /contracts, /contracts/{id} |
GET, POST, PUT, DELETE | - |
| Expenses | /expenses, /expenses/{id} |
GET, POST, PUT, DELETE | - |
| Tickets | /tickets, /tickets/{id} |
GET, POST, PUT, DELETE | - |
| Timesheets | /timesheets, /timesheets/{id} |
GET, POST, PUT, DELETE | - |
| Events | /events, /events/{id} |
GET, POST, PUT, DELETE | - |
| Notes | /notes, /notes/{id} |
GET, POST, PUT, DELETE | - |
| Messages | /messages, /messages/{id} |
GET, POST, DELETE | No update support |
| Notifications | /notifications, /notifications/{id} |
GET | Mark read: POST /notifications/{id}/mark_read |
| Announcements | /announcements, /announcements/{id} |
GET, POST, PUT, DELETE | - |
- Log in to Rise CRM admin panel
- Navigate to Settings → REST API Settings → API Keys
- Click "Add API Key"
- Configure the key settings:
- Name and description
- Status (active/inactive/revoked)
- Rate limits
- IP whitelist (optional)
- Expiration date (optional)
- Save and securely store the generated credentials
- API Key: Used for identification
- API Secret: Used for verification (shown only once)
Security Warning: API secrets are shown only once during creation. Store them securely!
- API Key + Secret Authentication - Dual-factor authentication for API access
- IP Whitelisting - Global and per-key IP restrictions
- HTTPS Enforcement - Optional requirement for secure connections
- Password Hashing - API secrets stored using bcrypt
- Request Validation - Input sanitization and validation
- Sensitive Data Filtering - Passwords and secrets excluded from logs
- Multi-Tier Limits - Per-minute, per-hour, and per-day limits
- Per-Key Configuration - Custom limits for each API key
- Automatic Enforcement - Requests blocked when limits exceeded
- Configurable Defaults - Global fallback limits
- Request/Response Logging - Complete audit trail of API usage
- Detailed Metrics - Response times, status codes, endpoints
- IP and User Agent Tracking - Client identification
- Automatic Log Cleanup - Configurable retention period (default: 90 days)
- Total Calls Counter - Per-key usage statistics
- Configurable Origins - Whitelist specific domains
- Wildcard Support - Allow all origins with
* - Per-Key Overrides - Custom CORS settings per API key
- Preflight Handling - Automatic OPTIONS request handling
- Per-Key Security Settings - Override global settings per API key
- Expiration Dates - Temporary API keys with auto-expiration
- Status Management - Active, Inactive, Revoked states
- Assignment Types - Internal or External API keys
Status: Not implemented (Contributions welcomed)
Contributions are welcome! This is a Beta plugin and needs community input.
-
Report Bugs
- Open an issue with detailed reproduction steps
- Include API request/response examples
- Check logs in
writable/logs/for errors
-
Feature Requests
- Suggest new endpoints or features
- Describe use cases and benefits
-
Code Contributions
- Fork the repository
- Create feature branch (
feature/your-feature-name) - Follow existing code style and structure
- Test thoroughly
- Submit pull request with clear description
-
Documentation
- Improve this README
- Add usage examples
- Translate language files
- Follow CodeIgniter 4 conventions
- Use PSR-4 namespacing
- Maintain backward compatibility
- Add comments for complex logic
- Update changelog for modifications
Issues: Report via GitHub Issues
Made with ❤️ for Rise CRM
Last Updated: 15 October 2025