{ "info": { "name": "WapCRM License Management API", "description": "# šŸš€ WapCRM License Management API - Complete Collection\n\n## šŸ“‹ Overview\nComplete RESTful API system for automated license generation, management, and tracking. Built for WapCRM CRM extension with enterprise-level features including authentication, role-based access control, credit system integration, and comprehensive logging.\n\n**Base URL:** https://test.wapcrm.in/api/v1/\n\n---\n\n## šŸ”‘ Authentication\n**Type:** Bearer Token\n**Header:** `Authorization: Bearer YOUR_API_TOKEN`\n\n### Token Features:\n- SHA-256 encrypted storage\n- Configurable rate limiting (100-10000 req/hour)\n- Optional IP whitelisting\n- Token expiration support\n- Usage tracking & analytics\n\n---\n\n## šŸ“Š API Endpoints (7 Actions)\n\n### 1ļøāƒ£ CREATE License\n**Method:** POST\n**Endpoint:** `/license.php?action=create`\n**Purpose:** Generate new license (Free/Premium)\n\n**Required Fields:**\n- customer_name\n- email\n- password\n- whatsapp_number (with country code)\n- plan_type (Free/Premium)\n- duration (1, 3, 6, 12, 24 months)\n- timezone\n\n**Features:**\n- Auto license key generation (XXXX-XXXX-XXXX-XXXX)\n- Automatic credit deduction\n- SHA1 password hashing\n- Device limit: 1 (hardcoded)\n- Transaction logging\n\n---\n\n### 2ļøāƒ£ GET License\n**Method:** GET\n**Endpoint:** `/license.php?action=get&id={id}` or `&email={email}`\n**Purpose:** Retrieve license details\n\n**Returns:**\n- License information\n- Customer details\n- Plan type & dates\n- Status & timezone\n\n**Hidden Fields (Security):**\n- license_key (only shown on creation)\n- password & token\n- device_limit, created_by_user_id\n- deleted_key, current_active_devices\n\n---\n\n### 3ļøāƒ£ UPDATE License\n**Method:** POST/PUT\n**Endpoint:** `/license.php?action=update`\n**Purpose:** Modify license details\n\n**āœ… Updatable Fields:**\n- `customer_name` - Change customer name\n- `password` - Update password (auto SHA1 hashed)\n- `extend_months` - Extend license (1, 3, 6, 12 months)\n\n**āŒ NOT Updatable:**\n- email, whatsapp_number, timezone\n- license_key, plan_type, device_limit\n\n**Extension Options:**\n- 1 month - Short-term extension\n- 3 months - Quarterly renewal\n- 6 months - Half-yearly renewal\n- 12 months - Annual renewal\n\n---\n\n### 4ļøāƒ£ ACTIVATE License\n**Method:** POST\n**Endpoint:** `/license.php?action=activate&id={id}`\n**Purpose:** Activate license\n**Sets:** status='true', active='true'\n\n---\n\n### 5ļøāƒ£ DEACTIVATE License\n**Method:** POST\n**Endpoint:** `/license.php?action=deactivate&id={id}`\n**Purpose:** Deactivate license\n**Sets:** status='false', active='false'\n\n---\n\n### 6ļøāƒ£ DELETE License\n**Method:** POST/DELETE\n**Endpoint:** `/license.php?action=delete&id={id}`\n**Purpose:** Soft delete license (Admin only)\n**Sets:** deleted_key='yes'\n\n---\n\n### 7ļøāƒ£ LIST Licenses\n**Method:** GET\n**Endpoint:** `/license.php?action=list`\n**Purpose:** Paginated license listing with filters\n\n**Parameters:**\n- page (default: 1)\n- limit (default: 20, max: 100)\n- plan_type (Free/Premium)\n- status (active/inactive)\n\n**Returns:**\n- Array of licenses\n- Pagination metadata (total, total_pages)\n\n---\n\n## šŸ’³ Credit System\n\n**Auto Credit Deduction:**\n- Free license = 1 Free credit\n- Premium license = 1 Premium credit\n- Unlimited credits = -1 value\n\n**Validation:**\n- Checks credits before creation\n- Prevents creation if insufficient\n- Logs all transactions\n\n**Transaction Tracking:**\n- User ID, Admin ID\n- Credit type (Free/Premium)\n- Amount, balance before/after\n- Related license_id & api_token_id\n\n---\n\n## šŸ‘„ Role-Based Permissions\n\n### Admin:\nāœ… Create/update/delete ALL licenses\nāœ… View all licenses\nāœ… Set custom end dates\nāœ… Full API access\n\n### Reseller:\nāœ… Create licenses (own credits)\nāœ… Update own licenses only\nāœ… View own licenses only\nāŒ Cannot delete or set custom dates\n\n### User:\nāœ… Same as Reseller\n\n---\n\n## šŸ” Security Features\n\n### Token Security:\n- SHA-256 hash storage (never plain text)\n- Bearer authentication\n- Expiration support\n- IP whitelisting (optional)\n\n### Password Security:\n- SHA1 hashing (compatibility)\n- Never returned in responses\n- Auto-hashing on update\n\n### Data Privacy:\n- Sensitive fields hidden from API responses\n- Clean responses (no internal tracking fields)\n- SQL injection protection (prepared statements)\n\n### Rate Limiting:\n- Per-token limits (default: 1000/hour)\n- Configurable (100-10000)\n- Daily counter with auto-reset\n- 429 error when exceeded\n\n---\n\n## šŸ“Š Response Format\n\n### Success Response:\n```json\n{\n \"success\": true,\n \"code\": 201,\n \"message\": \"License created successfully\",\n \"data\": {...},\n \"timestamp\": \"2025-12-28 21:00:00\"\n}\n```\n\n### Error Response:\n```json\n{\n \"success\": false,\n \"code\": 400,\n \"message\": \"Error description\",\n \"data\": null,\n \"timestamp\": \"2025-12-28 21:00:00\"\n}\n```\n\n### HTTP Status Codes:\n- 200 OK - Success\n- 201 Created - Resource created\n- 400 Bad Request - Invalid data\n- 401 Unauthorized - Invalid token\n- 403 Forbidden - Insufficient permissions/credits\n- 404 Not Found - Resource not found\n- 429 Too Many Requests - Rate limit exceeded\n- 500 Server Error - Internal error\n\n---\n\n## šŸ“ˆ Logging & Tracking\n\n### API Request Logs:\n- Every request logged automatically\n- Tracks: endpoint, method, user, token\n- Stores: request data, response code, execution time\n- Records: IP address, user agent\n\n### Credit Transactions:\n- All credit operations logged\n- Tracks: license_id, api_token_id\n- Stores: balance before/after\n- Maintains complete audit trail\n\n### Usage Analytics:\n- Token usage count\n- Requests per day\n- Last used timestamp\n- Performance metrics (execution time)\n\n---\n\n## šŸ—„ļø Database Tables\n\n### New Tables:\n1. **api_tokens** - Authentication tokens\n2. **api_request_logs** - Request tracking\n\n### Modified Tables:\n3. **users** - Added: created_by_user_id, created_via_api\n4. **credit_transactions** - Added: related_license_id, api_token_id\n\n---\n\n## šŸŽÆ Key Features\n\nāœ… **Complete License CRUD** - Create, Read, Update, Delete\nāœ… **Role-Based Access** - Admin, Reseller, User permissions\nāœ… **Credit System Integration** - Auto deduction & tracking\nāœ… **Rate Limiting** - Configurable per token\nāœ… **IP Whitelisting** - Optional security layer\nāœ… **Comprehensive Logging** - Every request tracked\nāœ… **Password Security** - Auto SHA1 hashing\nāœ… **Token Authentication** - SHA-256 encrypted\nāœ… **Clean Responses** - No sensitive/internal fields\nāœ… **License Extension** - 1/3/6/12 month options\nāœ… **Pagination Support** - Efficient data retrieval\nāœ… **Timezone Support** - Validated PHP timezones\nāœ… **Device Management** - Fixed limit of 1 device\n\n---\n\n## šŸš¦ Before Using:\n\n1. **Set API Token**\n - Go to Collection Variables\n - Set `api_token` = YOUR_ACTUAL_TOKEN\n\n2. **Update Base URL** (if different)\n - Set `base_url` = your domain\n\n3. **Test Connection**\n - Run \"List All Licenses\" request\n - Verify 200 OK response\n\n---\n\n## šŸ“¦ Collection Contents (19 Requests)\n\n### CREATE (2):\n- Create License - Premium 12 Months\n- Create License - Free Trial\n\n### GET (2):\n- Get License by ID\n- Get License by Email\n\n### UPDATE (7):\n- Update License - Name Only\n- Update License - Change Password\n- Update License - Extend 1 Month\n- Update License - Extend 3 Months\n- Update License - Extend 6 Months\n- Update License - Extend 1 Year\n- Update License - All Fields\n\n### ACTIVATE/DEACTIVATE (2):\n- Activate License\n- Deactivate License\n\n### DELETE (1):\n- Delete License (Admin Only)\n\n### LIST (5):\n- List All Licenses\n- List Premium Licenses\n- List Active Licenses\n- List with Pagination\n- List Free Licenses\n\n---\n\n## āš ļø Important Notes\n\n### Device Limit Policy:\n- All licenses have device_limit = 1 (hardcoded)\n- Cannot be changed via API\n- Applies to both Free and Premium\n\n### Email/WhatsApp/Timezone:\n- Cannot be updated after creation\n- Set correctly during license creation\n\n### License Key:\n- Shown ONLY during creation\n- NOT visible in GET/LIST responses\n- Save it immediately when creating\n\n### Extension Calculation:\n- Extension added to current end_date\n- Example: end_date 2025-12-28 + 3 months = 2026-03-28\n\n---\n\n## šŸ’” Common Use Cases\n\n### Use Case 1: Create & Activate License\n1. Create License ā†’ Get license_id\n2. Activate License ā†’ Enable usage\n3. Get License ā†’ Verify status\n\n### Use Case 2: Renew Expired License\n1. Get License ā†’ Check current end_date\n2. Extend License ā†’ Add months\n3. Get License ā†’ Verify new end_date\n\n### Use Case 3: Password Reset\n1. Get License by Email ā†’ Find license\n2. Update Password ā†’ Set new password\n3. Confirm to customer\n\n### Use Case 4: Bulk License Management\n1. List Licenses ā†’ Get all active\n2. Filter by plan_type\n3. Extend multiple licenses\n\n---\n\n## šŸ†˜ Troubleshooting\n\n### Error 401 Unauthorized\n**Problem:** Invalid or missing token\n**Solution:** Check api_token in Variables\n\n### Error 403 Forbidden\n**Problem:** Insufficient credits or permissions\n**Solution:** Check credit balance or user role\n\n### Error 429 Rate Limited\n**Problem:** Too many requests\n**Solution:** Wait or increase rate limit\n\n### Error 400 Invalid extend_months\n**Problem:** Used invalid value\n**Solution:** Use only 1, 3, 6, or 12\n\n---\n\n## šŸ“ž Support\n- **Email:** support@wapcrm.in\n- **Website:** https://wapcrm.in\n- **Documentation:** Included in package\n\n---\n\n## šŸ“„ Version Info\n- **API Version:** 1.0.0\n- **Collection Version:** 1.0.0\n- **Last Updated:** December 2025\n- **Format:** Postman Collection v2.1.0\n\n---\n\n**Ā© 2025 Creators Choice - WapCRM**\n**Production Ready | Enterprise Features | Complete Documentation**", "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json" }, "auth": { "type": "bearer", "bearer": [ { "key": "token", "value": "{{api_token}}", "type": "string" } ] }, "variable": [ { "key": "base_url", "value": "https://test.wapcrm.in/api/v1", "type": "string" }, { "key": "api_token", "value": "YOUR_API_TOKEN_HERE", "type": "string" } ], "item": [ { "name": "License Management", "item": [ { "name": "Create License", "request": { "method": "POST", "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\n \"customer_name\": \"John Doe\",\n \"email\": \"john.doe@example.com\",\n \"password\": \"securepass123\",\n \"whatsapp_number\": \"919999999999\",\n \"plan_type\": \"Premium\",\n \"duration\": 12,\n \"timezone\": \"Asia/Kolkata\"\n}" }, "url": { "raw": "{{base_url}}/license.php?action=create", "host": ["{{base_url}}"], "path": ["license.php"], "query": [ { "key": "action", "value": "create" } ] }, "description": "Creates a new license for a customer.\n\n**Required Fields:**\n- customer_name\n- email\n- password\n- whatsapp_number (with country code)\n- plan_type (Free or Premium)\n- duration (in months: 1, 3, 6, 12, 24)\n- timezone\n\n**Optional Fields:**\n- end_date (Admin only, custom date)\n\n**Note:** device_limit is automatically set to 1 (fixed, not customizable)\n\n**Credits:**\n- Free license: 1 Free credit\n- Premium license: 1 Premium credit" }, "response": [] }, { "name": "Create Free License", "request": { "method": "POST", "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\n \"customer_name\": \"Jane Smith\",\n \"email\": \"jane.smith@example.com\",\n \"password\": \"securepass123\",\n \"whatsapp_number\": \"919888888888\",\n \"plan_type\": \"Free\",\n \"duration\": 1,\n \"timezone\": \"Asia/Kolkata\"\n}" }, "url": { "raw": "{{base_url}}/license.php?action=create", "host": ["{{base_url}}"], "path": ["license.php"], "query": [ { "key": "action", "value": "create" } ] }, "description": "Creates a Free trial license (1 day duration)" }, "response": [] }, { "name": "Create License - Duplicate Email Error", "request": { "method": "POST", "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\n \"customer_name\": \"Test User\",\n \"email\": \"john.doe@example.com\",\n \"password\": \"test123\",\n \"whatsapp_number\": \"919777777777\",\n \"plan_type\": \"Premium\",\n \"duration\": 6,\n \"timezone\": \"Asia/Kolkata\"\n}" }, "url": { "raw": "{{base_url}}/license.php?action=create", "host": ["{{base_url}}"], "path": ["license.php"], "query": [ { "key": "action", "value": "create" } ] }, "description": "Example showing duplicate email error.\n\n**This request will fail if john.doe@example.com already exists.**\n\n**Error Response (400):**\n```json\n{\n \"success\": false,\n \"code\": 400,\n \"message\": \"Email already exists. Please use a different email address.\",\n \"data\": null,\n \"timestamp\": \"2025-12-28 22:00:00\"\n}\n```\n\n**Duplicate Validation:**\n- Email uniqueness checked BEFORE credit deduction\n- Only active licenses checked (deleted_key = 'no')\n- Case-sensitive email validation\n- No credits wasted on duplicates" }, "response": [] }, { "name": "Create License - Duplicate WhatsApp Error", "request": { "method": "POST", "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\n \"customer_name\": \"Another User\",\n \"email\": \"unique.email@example.com\",\n \"password\": \"test123\",\n \"whatsapp_number\": \"919999999999\",\n \"plan_type\": \"Premium\",\n \"duration\": 3,\n \"timezone\": \"Asia/Kolkata\"\n}" }, "url": { "raw": "{{base_url}}/license.php?action=create", "host": ["{{base_url}}"], "path": ["license.php"], "query": [ { "key": "action", "value": "create" } ] }, "description": "Example showing duplicate WhatsApp number error.\n\n**This request will fail if 919999999999 already exists.**\n\n**Error Response (400):**\n```json\n{\n \"success\": false,\n \"code\": 400,\n \"message\": \"WhatsApp number already exists. Please use a different number.\",\n \"data\": null,\n \"timestamp\": \"2025-12-28 22:00:00\"\n}\n```\n\n**Duplicate Validation:**\n- WhatsApp uniqueness checked BEFORE credit deduction\n- Only active licenses checked (deleted_key = 'no')\n- Exact match including country code\n- No credits wasted on duplicates" }, "response": [] }, { "name": "Get License by ID", "request": { "method": "GET", "header": [], "url": { "raw": "{{base_url}}/license.php?action=get&id=1710", "host": ["{{base_url}}"], "path": ["license.php"], "query": [ { "key": "action", "value": "get" }, { "key": "id", "value": "1710" } ] }, "description": "Retrieves license details by license ID.\n\n**Permissions:**\n- Admin: Can view all licenses\n- Reseller/User: Can only view own licenses" }, "response": [] }, { "name": "Get License by Email", "request": { "method": "GET", "header": [], "url": { "raw": "{{base_url}}/license.php?action=get&email=john.doe@example.com", "host": ["{{base_url}}"], "path": ["license.php"], "query": [ { "key": "action", "value": "get" }, { "key": "email", "value": "john.doe@example.com" } ] }, "description": "Retrieves license details by customer email" }, "response": [] }, { "name": "Update License - Name Only", "request": { "method": "POST", "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\n \"id\": 1710,\n \"customer_name\": \"John Smith Updated\"\n}" }, "url": { "raw": "{{base_url}}/license.php?action=update", "host": ["{{base_url}}"], "path": ["license.php"], "query": [ { "key": "action", "value": "update" } ] }, "description": "Updates license customer name.\n\n**Updatable Fields:**\n- customer_name\n- password (auto SHA1 hashed)\n- extend_months (1, 3, 6, or 12)\n\n**NOT Updatable:**\n- email (cannot change)\n- whatsapp_number (cannot change)\n- timezone (cannot change)\n- device_limit (always 1)\n\n**Permissions:**\n- Admin: Can update all licenses\n- Reseller/User: Can only update own licenses" }, "response": [] }, { "name": "Update License - Change Password", "request": { "method": "POST", "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\n \"id\": 1710,\n \"password\": \"NewSecurePassword@123\"\n}" }, "url": { "raw": "{{base_url}}/license.php?action=update", "host": ["{{base_url}}"], "path": ["license.php"], "query": [ { "key": "action", "value": "update" } ] }, "description": "Updates license password. Password will be automatically hashed with SHA1 before storing.\n\n**Note:** Send plain text password, API will hash it for security." }, "response": [] }, { "name": "Update License - Extend 1 Month", "request": { "method": "POST", "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\n \"id\": 1710,\n \"extend_months\": 1\n}" }, "url": { "raw": "{{base_url}}/license.php?action=update", "host": ["{{base_url}}"], "path": ["license.php"], "query": [ { "key": "action", "value": "update" } ] }, "description": "Extends license by 1 month.\n\n**extend_months options:**\n- 1 = 1 month\n- 3 = 3 months (quarterly)\n- 6 = 6 months (half-yearly)\n- 12 = 12 months (1 year)\n\n**Note:** Extension is added to current end_date" }, "response": [] }, { "name": "Update License - Extend 3 Months", "request": { "method": "POST", "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\n \"id\": 1710,\n \"extend_months\": 3\n}" }, "url": { "raw": "{{base_url}}/license.php?action=update", "host": ["{{base_url}}"], "path": ["license.php"], "query": [ { "key": "action", "value": "update" } ] }, "description": "Extends license by 3 months (quarterly renewal)." }, "response": [] }, { "name": "Update License - Extend 6 Months", "request": { "method": "POST", "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\n \"id\": 1710,\n \"extend_months\": 6\n}" }, "url": { "raw": "{{base_url}}/license.php?action=update", "host": ["{{base_url}}"], "path": ["license.php"], "query": [ { "key": "action", "value": "update" } ] }, "description": "Extends license by 6 months (half-yearly renewal)." }, "response": [] }, { "name": "Update License - Extend 1 Year", "request": { "method": "POST", "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\n \"id\": 1710,\n \"extend_months\": 12\n}" }, "url": { "raw": "{{base_url}}/license.php?action=update", "host": ["{{base_url}}"], "path": ["license.php"], "query": [ { "key": "action", "value": "update" } ] }, "description": "Extends license by 12 months (1 year / annual renewal)." }, "response": [] }, { "name": "Update License - All Fields", "request": { "method": "POST", "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": { "mode": "raw", "raw": "{\n \"id\": 1710,\n \"customer_name\": \"John Smith Updated\",\n \"password\": \"NewPassword@2025\",\n \"extend_months\": 6\n}" }, "url": { "raw": "{{base_url}}/license.php?action=update", "host": ["{{base_url}}"], "path": ["license.php"], "query": [ { "key": "action", "value": "update" } ] }, "description": "Updates multiple fields at once:\n- Customer name\n- Password (hashed automatically)\n- Extends license by 6 months" }, "response": [] }, { "name": "Activate License", "request": { "method": "POST", "header": [], "url": { "raw": "{{base_url}}/license.php?action=activate&id=1710", "host": ["{{base_url}}"], "path": ["license.php"], "query": [ { "key": "action", "value": "activate" }, { "key": "id", "value": "1710" } ] }, "description": "Activates a license (sets status and active to true)" }, "response": [] }, { "name": "Deactivate License", "request": { "method": "POST", "header": [], "url": { "raw": "{{base_url}}/license.php?action=deactivate&id=1710", "host": ["{{base_url}}"], "path": ["license.php"], "query": [ { "key": "action", "value": "deactivate" }, { "key": "id", "value": "1710" } ] }, "description": "Deactivates a license (sets status and active to false)" }, "response": [] }, { "name": "Delete License (Admin Only)", "request": { "method": "POST", "header": [], "url": { "raw": "{{base_url}}/license.php?action=delete&id=1710", "host": ["{{base_url}}"], "path": ["license.php"], "query": [ { "key": "action", "value": "delete" }, { "key": "id", "value": "1710" } ] }, "description": "Soft deletes a license.\n\n**Note:** Admin permission required" }, "response": [] }, { "name": "List All Licenses", "request": { "method": "GET", "header": [], "url": { "raw": "{{base_url}}/license.php?action=list&page=1&limit=20", "host": ["{{base_url}}"], "path": ["license.php"], "query": [ { "key": "action", "value": "list" }, { "key": "page", "value": "1", "description": "Page number (default: 1)" }, { "key": "limit", "value": "20", "description": "Results per page (1-100, default: 20)" } ] }, "description": "Lists all licenses with pagination.\n\n**Query Parameters:**\n- page: Page number (default: 1)\n- limit: Results per page (1-100, default: 20)\n- plan_type: Filter by Free or Premium\n- status: Filter by active or inactive" }, "response": [] }, { "name": "List Premium Licenses Only", "request": { "method": "GET", "header": [], "url": { "raw": "{{base_url}}/license.php?action=list&page=1&limit=20&plan_type=Premium", "host": ["{{base_url}}"], "path": ["license.php"], "query": [ { "key": "action", "value": "list" }, { "key": "page", "value": "1" }, { "key": "limit", "value": "20" }, { "key": "plan_type", "value": "Premium" } ] }, "description": "Lists only Premium licenses" }, "response": [] }, { "name": "List Active Licenses Only", "request": { "method": "GET", "header": [], "url": { "raw": "{{base_url}}/license.php?action=list&page=1&limit=20&status=active", "host": ["{{base_url}}"], "path": ["license.php"], "query": [ { "key": "action", "value": "list" }, { "key": "page", "value": "1" }, { "key": "limit", "value": "20" }, { "key": "status", "value": "active" } ] }, "description": "Lists only active licenses" }, "response": [] } ], "description": "All license management endpoints" }, { "name": "Authentication Test", "item": [ { "name": "Test Token", "request": { "method": "GET", "header": [], "url": { "raw": "{{base_url}}/license.php?action=list&limit=1", "host": ["{{base_url}}"], "path": ["license.php"], "query": [ { "key": "action", "value": "list" }, { "key": "limit", "value": "1" } ] }, "description": "Quick test to verify your API token is working.\n\nIf successful, you should receive a 200 response with license data." }, "response": [] } ] } ] }