Dailys
Docs

Application Flow

This section outlines how to use the developer functions of dailys within your own intergrations, including how to manage and configure clients.

The two sections for interacting with the dailys API include the Developer and the Webhooks interfaces.

Authentication

To get started using / testing the API, navigate to the developer section of the dailys application.

Developer Dropdown

From the developer section, you have two options:

Within the developer section, you can see all of the applications you have authorised to use your dailys credentials, and you can revoke access from these application from this interface.

Developer Section

OAuth Client

To create a new OAuth Client, click on the "Create New Client" button un ther The OAuth Clients section. From here, provide a name for the client and a callback URL for the OAuth redirect.

OAuth Create Client

Now you an use the Client ID and the Client Secret to allow your user's to log in using OAuth. From your consuming application a redirect request should be made to Dailys' https://api.dailys.nz/oauth/authorize endpoint, like so:

Route::get('/redirect', function () {
    $query = http_build_query([
        'client_id' => 'CLIENT_ID',
        'redirect_uri' => 'https://myapp.example.com/callback',
        'response_type' => 'code',
        'scope' => '',
    ]);

    return redirect('https://api.dailys.nz/oauth/authorize?'.$query);
});

Once your user has approved their Dailys credentials to authorise your application, you will need to configure your callback route in the consuming application, like so:

Route::get('/callback', function (Request $request) {
    $http = new GuzzleHttp\Client;

    $response = $http->post('https://api.dailys.nz/oauth/token', [
        'form_params' => [
            'grant_type' => 'authorization_code',
            'client_id' => 'CLIENT_ID',
            'client_secret' => 'CLIENT_SECRET',
            'redirect_uri' => 'https://myapp.example.com/callback',
            'code' => $request->code,
        ],
    ]);

    return json_decode((string) $response->getBody(), true);
});

Personal Access Tokens

To create a new Personal Access Token, click on the "Create New Token" button under the Personal Access Tokens section. From here, provide a name for the token - a sensible name for the token might be a description for what you intend to use it for.

Personal Access Token Create

Once you have saved this token, you will see the a new panel within this section (shown in grey) which is the Access Token for the Personal Access Token. This token has a longer TTL than all of your other Access Tokens. Copy this token and use it with the Authorization header on your requests. Be aware that this Access Token will only display once, so you need to ensure that it is kept safe.

Access Token

If you no longer require your personal access token you can revoke your token by clicking the "trash-can" icon next to the name of the token.

Revoke Token

Webhooks

Webhooks alow your applications to perform actions based on events that take place within your organisastion. Dailys has a number of events that your consuming application can response to. Webhooks will carry a payload of the resource that the event centers around. A verification mechanism exists for determining that the webhook did originate from the dailys servers.

To create a new webhook, navigation to the "Webhook" interface from your user's dropdown menu.

Create Webhooks

The request will be send as a JSON POST request to the endpoint specified. Ensure that URL that you are listening for the webhook on has disabled any CSRF protection. An example of a webhook sent after creating a new category is given below:

{
    "event": 1,
    "timestamp": 9466848000,
    "type": "categories.created",
    "payload": {
        "name": "New Category",
        "updated_at": "2000-01-01 00:00:00",
        "created_at": "2000-01-01 00:00:00",
        "id": 1,
        "deleted": false,
        "organisation": {
            ...
        }
    }
}

To verify that the event was sent by the dailys server, you can make a request to the events enpoint and verify the event is the same as the event ID that was given in the webhook request body. The endpoint is given below:

GET https://api.dailys.nz/api/v1/events/{EVENT_ID}

For more information on using the events resource, refer to the events documentation.