$selected = service('request')->getGet('group');
$group_collector = [];
$access_token = false;
$method = [];
if ($permission->groups) {
$groups = null;
$privileges = [];
foreach ($permission->groups as $key => $val)
$group_collector[] = $val->group_id;
$actions = null;
$extract_privileges = json_decode($val->group_privileges);
if (isset($extract_privileges->$active)) {
foreach ($extract_privileges->$active as $_key => $_val)
$actions .= '<a href="#--method-' . $_val . '"><span class="badge bg-success"><i class="mdi mdi-link"></i> ' . phrase($_val) . '</span></a> ';
if ($val->group_id) {
$access_token = true;
$groups .= '<option value="' . $val->group_id . '"' . ($val->group_id == $selected ? ' selected' : null) . '>' . $val->group_name . '</option>';
$privileges[$selected] = $actions;
<div class="container-fluid py-3">
<div class="row">
<div class="col-md-3">
<div class="sticky-top">
<div class="pretty-scrollbar">
<a href="<?= base_url('apis/documentation'); ?>" class="<?= (! $active ? 'text-primary fw-bold' : null); ?> --xhr">
<?= phrase('Getting Started'); ?>
<br />
if ($modules) {
foreach ($modules as $key => $val) {
echo '
<a href="' . current_page(null, ['slug' => $val, 'group' => null]) . '" class="' . ($val == $active ? ' text-primary fw-bold' : null) . ' --xhr">
' . str_replace('/', ' > ', $val) . '
<br />
<div class="col-md-9">
<div class="sticky-top">
<?php if ($active): ?>
<?php if ($permission->groups): ?>
<div class="row">
<div class="col-md-6">
<h4 class="mb-3 --title"><?= $active; ?></h4>
<div class="table-responsive">
<table class="table table-bordered table-sm">
<th><?= phrase('Group Name'); ?></th>
<th><?= phrase('Privileges'); ?></th>
<td width="250">
<form action="<?= current_page(); ?>" method="GET">
<select name="group" class="form-control form-control-sm">
<?= $groups; ?>
<td><?= (isset($privileges[$selected]) ? $privileges[$selected] : null); ?></td>
<h5 class="mt-3"><?= phrase('Request Method'); ?></h5>
<?php endif; ?>
<?php if ($permission->privileges): ?>
<?php foreach ($permission->privileges as $key => $val): ?>
<?php $method[] = $val; ?>
<div class="mb-3" id="--method-<?= $val; ?>">
<h5 class="mb-1">
<span class="badge bg-primary bg-md">
<?= (in_array($val, ['create', 'update']) ? 'POST' : (in_array($val, ['delete']) ? 'DELETE' : 'GET')); ?>
<div class="rounded pt-2 pe-3 pb-2 ps-3 bg-dark">
<code class="text-light"><?= base_url(('index' !== $val ? $active . '/' . $val : $active)); ?></code>
<h5 class="mt-3"><?= phrase('Header'); ?></h5>
<div class="table-responsive">
<table class="table table-bordered table-sm">
<th><?= phrase('Field'); ?></th>
<th><?= phrase('Type'); ?></th>
<th><?= phrase('Description'); ?></th>
<th width="100" class="text-center"><?= phrase('Required'); ?></th>
<td><?= phrase('Valid API Key added in API Service'); ?></td>
<td class="text-center">
<span class="badge bg-danger">
<?= phrase('Required'); ?>
<?php if ($access_token): ?>
<td>Filled with base64 encoded <code>username:password</code></td>
<td class="text-center">
<span class="badge bg-danger"><?= phrase('Required'); ?></span>
<?php endif; ?>
<div class="text-center --spinner">
<div class="spinner-border" role="status"></div>
<div class="--query-<?= $val; ?> d-none">
<h5 class="mt-3"><?= phrase('Query String'); ?></h5>
<div class="table-responsive">
<table class="table table-bordered table-sm">
<th><?= phrase('Field'); ?></th>
<th><?= phrase('Type'); ?></th>
<th><?= phrase('Description'); ?></th>
<th width="100" class="text-center"><?= phrase('Required'); ?></th>
<div class="--parameter-<?= $val; ?> d-none">
<h5 class="mt-3"><?= phrase('Parameter'); ?></h5>
<div class="table-responsive">
<table class="table table-bordered table-sm">
<th><?= phrase('Field'); ?></th>
<th><?= phrase('Type'); ?></th>
<th><?= phrase('Max Length'); ?></th>
<th><?= phrase('Description'); ?></th>
<th width="100" class="text-center"><?= phrase('Required'); ?></th>
<!-- Filled from XHR response -->
<div class="--response-success-<?= $val; ?> d-none">
<h5 class="mt-3"><?= phrase('Success Response'); ?></h5>
<pre class="language-javascript rounded mt-0"><code>{}</code></pre>
<div class="--response-error-<?= $val; ?> d-none">
<h5 class="mt-3"><?= phrase('Error Response'); ?></h5>
<pre class="language-javascript rounded mt-0"><code>{}</code></pre>
<br />
<br />
<?php endforeach; ?>
<?php endif; ?>
<?php else: ?>
<h4 class="mb-3">
<a href="//www.aksaracms.com" target="_blank"><b class="text-primary">Aksara</b></a> built with capability to deliver the <a href="//en.wikipedia.org/wiki/API" target="_blank"><b>API</b></a> output without building the another controller to produce the <a href="//en.wikipedia.org/wiki/API" target="_blank"><b>API</b></a> request and response. The concept and workflow of the <a href="//en.wikipedia.org/wiki/API" target="_blank"><b>API</b></a> implementation is just same as you accessing the application built with <a href="//www.aksaracms.com" target="_blank"><b class="text-primary">Aksara</b></a>, which is you are open now.
You will no longer need to think about complicated things that burden your work. All the <a href="//en.wikipedia.org/wiki/API" target="_blank"><b>API</b></a> request will be deliver through the authentication (handshake), permission checks, including the validation that you have defined for each existing or future modules.
Is it that easy? Yes, because this is <a href="//www.aksaracms.com" target="_blank"><b class="text-primary">Aksara</b></a>!
<hr />
<h4 class="mb-3">
Getting Started
To be able to use the API request feature, you need to first add an API key from the <a href="<?= go_to('../services'); ?>" class="text-primary"><b>API Services Management</b></a> menu. Specify the allowed request method, the allowed IP range and also the expiration date of the generated API key.
Use the generated API key to a specific client in the HEADER property when making a request.
<div class="table-responsive">
<table class="table table-bordered table-sm">
<th><?= phrase('Field'); ?></th>
<th><?= phrase('Type'); ?></th>
<th><?= phrase('Description'); ?></th>
<th width="100" class="text-center"><?= phrase('Required'); ?></th>
<td><?= phrase('Valid API Key added in API Service'); ?></td>
<td class="text-center">
<span class="badge bg-danger">
<?= phrase('Required'); ?>
For modules that require permission as specified for specific user groups, add the <code>Authorization</code> parameter to the client HEADER and set the value with the base64 encrypted username and password.
<div class="table-responsive">
<table class="table table-bordered table-sm">
<th><?= phrase('Field'); ?></th>
<th><?= phrase('Type'); ?></th>
<th><?= phrase('Description'); ?></th>
<th width="100" class="text-center"><?= phrase('Required'); ?></th>
<td>Filled with base64 encoded <code>username:password</code></td>
<td class="text-center">
<span class="badge bg-danger">
<?= phrase('Required'); ?>
Contoh payload:
<br />
<code>Authorization: Basic</code> <code class="text-success">YWRtaW46YWRtaW4xMjM=</code>
<code class="text-success">YWRtaW46YWRtaW4xMjM=</code> merupakan enkripsi base64 dari <code>admin:admin123</code>
<hr />
Retrieving the Query Builder
When you are requesting the data, there are query string helper (which mentioned under the "<code>query_string</code>") that will help you to retrieving the data to be matched with the query string keywords. Besides that, this also available query string helper to retrieving the specified results.
<div class="table-responsive">
<table class="table table-bordered table-sm">
<th><?= phrase('Key'); ?></th>
<th><?= phrase('Type'); ?></th>
<th><?= phrase('Description'); ?></th>
<td>Applying the result limit</td>
<td>Applying the result offset</td>
<td>Field name to be ordered</td>
<td>string <code>ASC|DESC</code></td>
<td>Sort order</td>
<td>string | number | int</td>
<td>The keyword to applying search</td>
<td>Specified field to apply the specific search</td>
<?php endif; ?>
<script type="text/javascript">
$(document).ready(function() {
url: '<?= current_page(); ?>',
context: this,
method: 'POST',
data: {
mode: 'fetch',
group: '<?= ($selected ? $selected : (isset($group_collector[0]) ? $group_collector[0] : 0)); ?>',
method: JSON.parse('<?= json_encode($method); ?>')
beforeSend: function() {
.done(function(response, status, error) {
if (response.results) {
$.each(response.results, function(key, val) {
if (typeof val.query_string !== 'undefined') {
$.each(val.query_string, function(_key, _val) {
if ($('.--query-' + key).hasClass('d-none')) {
$('.--query-' + key).removeClass('d-none')
$('<tr><td><code>' + _key + '</code></td><td>mixed</td><td>-</td><td class="text-center"><span class="badge bg-danger"><?= phrase('Required'); ?></span></td></tr>').appendTo('.--query-' + key + ' tbody')
if (typeof val.parameter !== 'undefined') {
$.each(val.parameter, function(_key, _val) {
if ($('.--parameter-' + key).hasClass('d-none')) {
$('.--parameter-' + key).removeClass('d-none')
$('<tr><td><code>' + _key + '</code></td><td>' + _val.type + '</td><td>' + _val.maxlength + '</td><td>' + _val.label + '</td><td class="text-center">' + (_val.required ? '<span class="badge bg-danger"><?= phrase('Required'); ?></span>' : '') + '</td></tr>').appendTo('.--parameter-' + key + ' tbody')
if (typeof val.response.success !== 'undefined') {
if ($('.--response-success-' + key).hasClass('d-none')) {
$('.--response-success-' + key).removeClass('d-none')
$('.--response-success-' + key + ' pre code').text(JSON.stringify(val.response.success, null, 4))
if (typeof val.response.error !== 'undefined') {
if ($('.--response-error-' + key).hasClass('d-none')) {
$('.--response-error-' + key).removeClass('d-none')
$('.--response-error-' + key + ' pre code').text(JSON.stringify(val.response.error, null, 4))