Table of Contents
-
Introduction
-
What is the Dolibarr REST API?
-
Why Integrate Dolibarr with Other Applications?
-
Pre-requisites for Using the API
-
Enabling the REST API Module
-
Understanding API Authentication in Dolibarr
-
Generating and Managing API Tokens
-
Exploring Dolibarr API Endpoints
-
Making Your First API Request
-
CRUD Operations with the REST API
-
Handling Pagination, Filters, and Sorting
-
API Responses and Error Handling
-
Use Cases: Common Integrations
-
Connecting to External CRMs or ERPs
-
Syncing Products, Orders, and Invoices
-
Connecting to E-commerce Platforms (Shopify, Prestashop)
-
Integrating with Custom Frontends or Mobile Apps
-
API Security Best Practices
-
Monitoring and Logging API Activity
-
Conclusion
1. Introduction
Dolibarr ERP/CRM is powerful on its own, but it becomes even more impactful when integrated into a wider ecosystem of tools. Whether it's syncing with an e-commerce store, sharing data with an accounting tool, or powering a custom mobile app, Dolibarr’s REST API opens the door to rich, secure, real-time integrations.
2. What is the Dolibarr REST API?
The REST API allows external applications to interact with Dolibarr through HTTP requests. It supports standard operations like:
-
GET (read data)
-
POST (create data)
-
PUT (update data)
-
DELETE (remove data)
It communicates over JSON, making it easy to use with virtually any programming language.
3. Why Integrate Dolibarr with Other Applications?
Benefits include:
-
Real-time data sharing
-
Avoiding double entry
-
Automating business workflows
-
Creating seamless user experiences
Examples:
-
Sending Dolibarr invoices to external CRMs
-
Updating inventory from a warehouse system
-
Importing orders from online shops
4. Pre-requisites for Using the API
Before you begin:
-
Ensure Dolibarr is installed and running
-
You have admin access to configure modules
-
You have a valid domain or IP to access the server
-
Dolibarr version is 7.0+ (REST API is core since this version)
5. Enabling the REST API Module
To enable:
-
Go to Home > Setup > Modules/Applications
-
Activate Web services REST API
-
Confirm that
/api/index.php
is reachable on your server
You may need to configure .htaccess
or Nginx rules to allow API access.
6. Understanding API Authentication in Dolibarr
The REST API uses token-based authentication:
-
Each user can generate one or more API keys
-
Tokens must be passed in the
DOLAPIKEY
header
Authentication is tied to user permissions, so use dedicated API users with minimal rights.
7. Generating and Managing API Tokens
Steps:
-
Log in as the user who will access the API
-
Go to User > API Key tab
-
Generate or regenerate the key
-
Store the key securely
Use one token per application to maintain isolation.
8. Exploring Dolibarr API Endpoints
Typical endpoints include:
-
/api/index.php/thirdparties
-
/api/index.php/products
-
/api/index.php/orders
-
/api/index.php/invoices
-
/api/index.php/users
You can access the full list in htdocs/api/
or by using tools like Postman.
9. Making Your First API Request
Example with curl:
curl -X GET \
https://yourdomain.com/api/index.php/thirdparties \
-H 'DOLAPIKEY: your_token_here'
A successful call returns JSON:
[
{
"id": 1,
"name": "MyCompany",
"email": "info@mycompany.com"
},
...
]
10. CRUD Operations with the REST API
Create (POST):
curl -X POST https://yourdomain.com/api/index.php/products \
-H 'DOLAPIKEY: your_token_here' \
-H 'Content-Type: application/json' \
-d '{"label":"New product", "price":100}'
Read (GET): Fetch by ID
GET /api/index.php/products/1
Update (PUT):
PUT /api/index.php/products/1
Delete (DELETE):
DELETE /api/index.php/products/1
11. Handling Pagination, Filters, and Sorting
Many endpoints support these query parameters:
-
limit=20
-
sortfield=name
-
sortorder=ASC
-
sqlfilters=(name:like:'Client%')
Example:
GET /api/index.php/thirdparties?limit=10&sortfield=name&sqlfilters=(status:=:1)
12. API Responses and Error Handling
Successful responses:
-
200 OK (GET, PUT)
-
201 Created (POST)
-
204 No Content (DELETE)
Errors:
-
400 Bad Request
-
401 Unauthorized
-
403 Forbidden
-
404 Not Found
-
500 Internal Server Error
Each response includes a message
field with context.
13. Use Cases: Common Integrations
-
CRM: Sync customers and sales history
-
Accounting: Send invoice data to accounting tools
-
E-commerce: Real-time order sync with Dolibarr
-
Mobile apps: Provide dashboards or field tools for sales teams
14. Connecting to External CRMs or ERPs
Use cases:
-
Fetch customer data
-
Send invoices
-
Sync product catalogs
Use middleware or integration platforms (e.g., Zapier, Make.com, custom Node.js or Python scripts).
15. Syncing Products, Orders, and Invoices
Design data mapping logic:
-
Products: match SKUs, barcodes
-
Orders: verify customer exists
-
Invoices: maintain unique references
Ensure both systems support webhooks or polling.
16. Connecting to E-commerce Platforms (Shopify, Prestashop)
Approaches:
-
Use existing Dolibarr modules (e.g., Prestashop connector)
-
Write custom bridge apps that pull orders via e-commerce APIs and push to Dolibarr
Schedule syncs every few minutes or trigger via webhook.
17. Integrating with Custom Frontends or Mobile Apps
Use Dolibarr as the backend:
-
Authenticate via stored token
-
Fetch data for dashboards
-
Push updates from mobile sales apps
React Native, Flutter, or Angular can all work with Dolibarr’s API.
18. API Security Best Practices
-
Use HTTPS only
-
Limit API token scope and expiration
-
Rotate tokens regularly
-
Monitor request logs for abuse
-
Rate-limit API requests
Never expose API keys in client-side code.
19. Monitoring and Logging API Activity
-
Enable Dolibarr logs:
/documents/admin/
or database logs -
Use reverse proxies (e.g., Nginx) to log API traffic
-
Alert on unauthorized attempts or large volumes
-
Build dashboards to track API usage metrics
20. Conclusion
The Dolibarr REST API is a powerful gateway to extend your ERP system far beyond its user interface. Whether you're connecting with cloud platforms, mobile apps, or internal tools, understanding how to use and secure the API gives you complete control over your data workflows and automation.