# Authentication

FluentCRM uses WordPress REST API authentication. You'll need to create application credentials to access the API securely.

# Creating API Credentials

# Step 1: Create a Manager Account

First, create a dedicated user account for API access:

Navigate to FluentCRM → Settings → Managers
Click "Add New Manager"
Select the specific FluentCRM permissions you want to grant
Save the manager account

Important

Do NOT use an Administrator user role for API access. Create a dedicated manager account with only the necessary FluentCRM permissions for better security.

Create Manager

# Step 2: Generate API Credentials

Go to FluentCRM → Settings → Rest API
Click "Create New API Key"
Select the manager account you created in Step 1
Click "Generate Key"

REST API Screen

# Step 3: Save Your Credentials

After generating the key, you'll receive:

Username: Your API username
Application Password: Your API password

API Success

Important

Save these credentials immediately! The application password cannot be retrieved later.

# Authentication Methods

# Basic Authentication (Recommended)

Use HTTP Basic Authentication with your API credentials:

curl "https://yourdomain.com/wp-json/fluent-crm/v2/subscribers" \
  -H "Authorization: Basic $(echo -n 'API_USERNAME:API_PASSWORD' | base64)"

1
2

# URL Parameters (Not Recommended)

For testing only, you can pass credentials as URL parameters:

curl "https://yourdomain.com/wp-json/fluent-crm/v2/subscribers?_wp_http_referer=API_USERNAME:API_PASSWORD"

Security Notice

Never use URL parameter authentication in production. Always use proper Authorization headers.

# Example API Call

Here's a complete example of making an authenticated API request:

curl "https://yourdomain.com/wp-json/fluent-crm/v2/subscribers" \
  -H "Authorization: Basic API_USERNAME:API_PASSWORD" \
  -H "Content-Type: application/json"

1
2
3

# Response

{
  "current_page": 1,
  "per_page": 10,
  "total": 150,
  "data": [
    {
      "id": "1",
      "first_name": "John",
      "last_name": "Doe", 
      "email": "[email protected]",
      "status": "subscribed"
    }
  ]
}

1
2
3
4
5
6
7
8
9
10
11
12
13
14

# Programming Language Examples

# PHP

<?php
$username = 'your_api_username';
$password = 'your_api_password';
$url = 'https://yourdomain.com/wp-json/fluent-crm/v2/subscribers';

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    'Content-Type: application/json'
]);

$response = curl_exec($ch);
curl_close($ch);

$data = json_decode($response, true);
?>

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

# JavaScript (Node.js)

const axios = require('axios');

const apiCredentials = Buffer.from('API_USERNAME:API_PASSWORD').toString('base64');

const config = {
  headers: {
    'Authorization': `Basic ${apiCredentials}`,
    'Content-Type': 'application/json'
  }
};

axios.get('https://yourdomain.com/wp-json/fluent-crm/v2/subscribers', config)
  .then(response => {
    console.log(response.data);
  })
  .catch(error => {
    console.error('Error:', error.response.data);
  });

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

# Python

import requests
from requests.auth import HTTPBasicAuth

username = 'your_api_username'
password = 'your_api_password'
url = 'https://yourdomain.com/wp-json/fluent-crm/v2/subscribers'

response = requests.get(
    url,
    auth=HTTPBasicAuth(username, password),
    headers={'Content-Type': 'application/json'}
)

if response.status_code == 200:
    data = response.json()
    print(data)
else:
    print(f"Error: {response.status_code}")
    print(response.text)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

# Testing Your Authentication

To verify your credentials are working, make a simple API call:

curl "https://yourdomain.com/wp-json/fluent-crm/v2/reports/options" \
  -H "Authorization: Basic API_USERNAME:API_PASSWORD"

1
2

If successful, you'll receive a JSON response with FluentCRM options data.

# Troubleshooting

# Common Issues

401 Unauthorized Error

Verify your username and password are correct
Ensure the manager account has proper FluentCRM permissions
Check that FluentCRM is properly installed and activated

403 Forbidden Error

The manager account may lack necessary permissions
Verify the account is not an Administrator role
Check FluentCRM permission settings for the manager

404 Not Found Error

Verify the API endpoint URL is correct
Ensure FluentCRM is installed and the REST API is enabled
Check your WordPress permalink structure

# Permission Requirements

Your API manager account needs these minimum permissions:

View Contacts: Required for GET requests
Manage Contacts: Required for POST/PUT/DELETE requests
View Reports: Required for analytics endpoints
Manage Campaigns: Required for campaign operations

# Security Best Practices

Use HTTPS: Always make API calls over secure connections
Rotate Credentials: Regularly update your API credentials
Limit Permissions: Grant only the minimum required permissions
Monitor Usage: Track API usage for unusual activity
Secure Storage: Never commit credentials to version control

# Next Steps

Now that you have authentication set up, you can:

← FluentCRM REST API Contacts →