Using Dolibarr's REST API to Connect a Mobile Application: A Complete Guide for Developers and SMEs
   05/15/2025 00:00:00     Dolibarr , Wiki Dolibarr    0 Comments
Using Dolibarr's REST API to Connect a Mobile Application: A Complete Guide for Developers and SMEs

In the era of mobile-first digital transformation, integrating enterprise applications with mobile platforms is more than a trend—it's a strategic necessity. Dolibarr ERP & CRM, known for its modular open-source architecture, provides a robust REST API that allows developers to connect external applications, including mobile apps, directly to the core system. This flexibility opens the door to streamlined workflows, real-time data synchronization, and enhanced user experiences.

Whether you're a small business looking to extend your internal tools, a software company building a mobile client for Dolibarr, or an IT consultant planning a hybrid solution, this article is your comprehensive guide. We’ll cover everything from API fundamentals to authentication, endpoints, use cases, error handling, and best practices for deploying a secure and scalable mobile integration.

Understanding the Dolibarr REST API

The REST API in Dolibarr exposes a wide range of endpoints that correspond to the system’s core modules—such as invoices, customers, products, orders, and projects. Based on standard HTTP methods (GET, POST, PUT, DELETE), the API follows RESTful principles, making it easy to interact with from any language or platform that supports HTTP.

Introduced in version 5.0 and significantly improved in versions 10 to 16, the REST API has matured into a reliable integration point. In 2025, it is compatible with Dolibarr versions 14 and above, with the latest security improvements and data structuring enhancements.

Why Use the REST API for a Mobile App?

Integrating a mobile app with Dolibarr’s REST API offers numerous benefits:

  • Real-time synchronization of data (products, stock, invoices)

  • User-specific access to CRM, accounting, or HR modules

  • Mobile field access for sales reps, delivery personnel, or remote workers

  • Push notifications for updates like new leads or late payments

  • Offline functionality with background syncing

Pre-Requisites and Environment Setup

To get started, you’ll need:

  • A working installation of Dolibarr (v14 or higher recommended)

  • Access to the Dolibarr administrator account

  • API enabled in the Dolibarr configuration

  • An API key or OAuth token

  • A mobile app or development framework (Flutter, React Native, Android Studio, etc.)

Enable API Module in Dolibarr:

  1. Go to Setup > Modules/Applications

  2. Activate the API REST module

  3. Go to Users > User List > Edit

  4. Generate and copy the API key for the user

Optional: Install the APIGateway plugin or configure CORS rules if your mobile app is web-based.

Authentication: API Key vs OAuth2

Dolibarr supports two main authentication methods:

API Key (Token-based Authentication)

  • Simpler to implement

  • Ideal for internal or single-user apps

  • Sent as a header: DOLAPIKEY: your_api_key

OAuth2

  • More secure and scalable

  • Recommended for public apps with multiple users

  • Requires setting up a client ID, secret, and redirect URIs

Use OAuth2 if you're planning to publish your mobile app for external clients or in app stores.

REST API Structure and Available Endpoints

The Dolibarr API is organized under base endpoints like:

https://yourdomain.com/api/index.php

Each resource (e.g., thirdparties, products, invoices) is accessed via a corresponding route:

Examples:

  • GET /thirdparties – List all customers or suppliers

  • POST /thirdparties – Create a new client

  • GET /products – Fetch product list

  • POST /invoices – Create a new invoice

  • GET /users/me – Get current user details

API calls must be authenticated and typically return JSON responses.

Sample Use Cases for Mobile Apps

1. Mobile CRM Application

  • Display client lists and contact info

  • Add or edit leads on the go

  • View activity history

  • Schedule tasks and follow-ups

2. Sales/Order Entry App

  • Browse products with images and prices

  • Create orders or quotations

  • Validate availability in real-time

  • Convert quotes into invoices

3. Field Technician App

  • View assigned projects or work orders

  • Update project status

  • Log time entries

  • Attach photos or documents to tasks

4. Inventory Scanning App

  • Search and scan product barcodes

  • Adjust stock levels

  • Receive goods and generate warehouse movements

Handling Responses and Errors

All API responses follow HTTP status conventions:

  • 200 OK – Successful read

  • 201 Created – Successful creation

  • 400 Bad Request – Invalid input

  • 401 Unauthorized – Bad credentials

  • 403 Forbidden – No permissions

  • 500 Internal Server Error – API error

JSON response structure typically includes:

{
  "success": true,
  "error": null,
  "data": {...}
}

Check each response for success, and build proper error messages into your mobile UI.

Pagination and Filtering

When retrieving lists (e.g., products or clients), the API supports pagination and filtering via URL parameters:

  • limit=25&sortfield=lastname&sortorder=asc

  • sqlfilters=(status:in:(1,2))

This helps reduce load time and bandwidth for mobile apps.

Uploading Files and Attachments

Dolibarr's REST API supports file uploads for documents like contracts, images, or PDFs.

Example:

POST /documents/upload
Headers:
  DOLAPIKEY: your_api_key
Body (multipart/form-data):
  refid, ref, modulepart, file

Use this for invoice attachments, profile photos, or signed work reports.

Security Considerations

  • Always use HTTPS to encrypt data

  • Restrict IPs for API access when possible

  • Use OAuth2 for public-facing apps

  • Implement rate limiting in your mobile app

  • Never hard-code credentials in the app binary

Building a Mobile App: Frameworks and Techniques

Some recommended stacks include:

  • Flutter: Cross-platform and efficient for UI-heavy apps

  • React Native: Strong ecosystem and JavaScript support

  • Native Android/iOS: Full control, better for performance-critical tasks

Use libraries like axios (JS), http (Dart), or Retrofit (Java) to manage API calls.

Best Practices for Deployment

  • Maintain version control for your API layer

  • Cache static data (product list) locally to reduce API load

  • Log API errors and monitor usage via analytics

  • Offer background sync to improve UX

  • Test extensively with various screen sizes and offline conditions

Troubleshooting Common Issues

Problem: API returns 401 Unauthorized

  • Ensure the API key is valid and included in headers

Problem: Mobile app can't access API due to CORS

  • Configure headers in Apache/Nginx or use proxying

Problem: API returns HTML instead of JSON

  • Check that you are using the correct endpoint and headers (Accept: application/json)

Real-World Example: Flutter App to Track Clients

A lightweight Flutter app could:

  • Authenticate via API key

  • Fetch list of clients via GET /thirdparties

  • Display contact data in list format

  • Allow tapping on a contact to view orders via GET /orders?fk_soc=ID

  • Send updates using PUT /thirdparties/ID

Conclusion

Connecting a mobile app to Dolibarr using the REST API unlocks powerful business capabilities—from field service tracking to real-time CRM and inventory control. The flexibility of Dolibarr’s API, combined with modern mobile frameworks, enables SMEs and developers to create seamless cross-platform experiences tailored to their operational needs.

By following best practices in security, data handling, and API design, you can ensure that your mobile integration is not only functional but also reliable and scalable. Whether you're building an internal productivity tool or a commercial app for Dolibarr users, the REST API is your gateway to agility in a mobile-first world.

Comments

Log in or register to post comments