Following the API docs but its not clear ...

Solved Customisation
  • I want some widget code to be able to make a topic post in certain circumstances
    I generated an API key under userID 1
    but Im unsure where to put this key, in some APIs it would go as a BearerID in the body, and sometimes it goes as a key concatenated to the endpoint…
    but its not specified in the docs exactly how to do it
    Also usually you would expect to have to supply a Method type as POST?
    The code is currently along these lines

    const bodyData={
    "cid": 1,
    "title": "Test topic",
    "content": "This is the test topic's content",
    "timestamp": 556084800000,
    "tags": [
    const key='c56.. //redcated
       `', bodyData
    .then(response => response.json())
    .then( data=> {....

    I wonder if you don’t have to supply the key if its done with an Authentication cookie, but the above code doesnt work.
    Perhaps the bodyData parameter is in wrong place?

  • @Panda Here’s how I’ve done it using basic CURL commands in PHP - you should be able to gain an understanding of structure at least.

    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, 'http://localhost:5001/api/v3/topics');
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, "title=api test post&content=the contents of the test post&cid=1&_uid=1");
    $headers = array();
    $headers[] = 'Authorization: Bearer d2b8602d-01a6-86ee-bbe4-0e016144be0c';
    $headers[] = 'Content-Type: application/x-www-form-urlencoded';
    curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
    $result = curl_exec($ch);
    if (curl_errno($ch)) {
        echo 'Error:' . curl_error($ch);
        // Item has already been processed. Continue loop until count exhausted
        else {
            echo "Checking " .
                "\nLine item already processed - \033[33m[Ignored]\n\033[0m";
  • @phenomlab
    OK. The official docs are lacking in detail (in comparison to usual API example docs)
    They omit any mention of headers and BearerID - which it seems from your example are required.
    How did you figure out that combination? Did you see more extensive documentation?

    I will try and replicate the same with a JS fetch, if not I will make a topic on NodeBB Community

  • Update, adding those fields in …

    The API code doesn’t work from a widget, but from a stand-alone hosted code it gives this error
    Error with Permissions-Policy header: Origin trial controlled feature not enabled: ‘interest-cohort’.
    Is that like a CORS issue? Is there a fix for that?

  • Update: It was a CSRF token issue.
    I hadn’t even heard of one of those 😁

  • @Panda said in Following the API docs but its not clear ...:

    How did you figure out that combination? Did you see more extensive documentation?

    There’s documentation all over the Internet in relation to curl and not really “NodeBB” specific. It’s one of the headers and required for authentication.

    A search for curl on NodeBB also shows this in detail

  • @phenomlab
    Yes just searched
    Found some curl things on a PhP related post on NodeBB now …
    I’m quite surprise anyone was using Curl and PhP with NodeBB !

  • @Panda you’d be surprised. If you consider that you’d need to use the API to be able to populate a WordPress widget for example (which in turn would of course be PHP), taking this route is still immensely popular.

  • phenomlabundefined phenomlab has marked this topic as solved on

Did this solution help you?
Did you find the suggested solution useful? Why not buy me a coffee? It's a nice gesture, and a great way to show your appreciation💗