myWebLog API v4
General
Endpoint: https://api.myweblog.se/main/v4/{request}/
All inputs and filters, except headers as defined below, shall be submitted as follows:
- GET: Filtering, sorting, and pagination via URI query parameters
- POST/PUT/PATCH: Data submitted via JSON request body
- DELETE: Target resource identification via URI path
All filters are optional. Wildcards * and _ may be used in string filters.
Request Headers
| Header |
Data |
Mandatory |
Description |
| Authorization |
Bearer [your token] |
Yes |
Required for authorization |
| Request-Id |
[your key] |
No |
A key submitted here will be returned in all replies as a header. Use this to verify that a reply originates from your request. |
user_defined_key |
[your key] |
No |
Deprecated. Use Request-Id. |
Global Filters
| Filter |
Description |
| limit (int) |
Will limit the number of returned items. Valid range 1-500. Default 500. |
| offset (int) |
Will offset the returned items. Default 0. |
Endpoints
Click on each endpoint method to expand.
bookings
GET |
/bookings/?{filter1}&{filter2}... |
Retrieves object bookings. |
| Information |
Additional filters |
Response |
|
This request requires read access in the "Bookings" module.
|
id (int)
date_from (string, ISO8601)
date_to (string, ISO8601)
registration (string)
object_id (int)
object_organization_id (int)
object_category_id (int)
user_id (int)
user_name (string)
student_id (int)
student_name (string)
is_primary (bool)
|
200 OK |
GET |
/bookings/instructors/ |
To be implemented |
GET |
/bookings/students/ |
To be implemented |
POST |
/bookings/ |
To be implemented |
PATCH |
/bookings/ |
To be implemented |
DELETE |
/bookings/ |
To be implemented |
flightlogs
GET |
/flightlogs/?{filter1}&{filter2}... |
Retrieves the object logbook entries. |
| Information |
Additional Filters |
Response |
|
id (int)
date_from (string, ISO8601)
date_to (string, ISO8601)
object_id (int)
object_registration (string)
object_organization_id (int)
object_organization_name (string)
departure_icao (string)
arrival_icao (string)
pilot_id (int)
pilot_name (string)
pilot_member_number (string)
instructor_id (int)
instructor_name (string)
instructor_member_number (string)
has_instructor (enum)
scout_id (int)
scout_name (string)
scout_member_number (string)
has_remark (bool)
remark_id (int)
|
200 OK |
POST |
/flightlogs/ |
To be implemented |
GET |
/flightlogs/flighttypes/ |
Retrieves the organization's flight types. |
| Information |
Additional Filters |
Response |
| Retrieves all of the organization's flight types. |
|
200 OK |
GET |
/flightlogs/flighttypes/approved/?{filter} |
Retrieves the approved flight types for a specific user. |
| Information |
Additional Filters |
Response |
| Retrieves the approved flight types, categorized per object, for a specific user. |
user_id (int)* |
200 OK |
logincheck
POST |
/logincheck/ |
Validates user credentials. |
| Information |
Input |
Response |
|
A simplified login checker for external use (organization websites etc.). Returns abbreviated user data on success.
|
username (string)*
password (sting)* |
200 OK |
objects
GET |
/objects/?{filter1}&{filter2}... |
Retrieves a list of objects. |
| Information |
Input |
Response |
|
Category id: 0=Aircraft, 1=Equipment, 2=Premises
|
id (int)
registration (string)
category_id (int)
type_designator (string)
organization_id (int)
organization_name (string)
active (enum)
verbose (bool)
|
200 OK |
GET |
/objects/status/ |
Retrieves a list of the objects' technical status. |
| Information |
Input |
Response |
|
Category id: 0=Aircraft, 1=Equipment, 2=Premises
status_id: 0=OK, 1=Yellow, 2=Red
|
|
200 OK |
organizations
GET |
/organizations/location/ |
Retrieves basic location data for the organization. |
| Information |
Input |
Response |
|
Retrieves basic location data for the organization, including reference coordinates and time zone.
|
|
200 OK |
remarks
GET |
/remarks/ |
To be implemented |
POST |
/remarks/ |
To be implemented |
test
GET |
/test/ |
Returns a simulated erroneous request with two errors. |
| Information |
Additional filters |
Response |
|
|
400 Bad Request |
POST |
/test/ |
Returns a simulated succesful request. |
| Information |
Input |
Response |
|
This test requires write access in the "Users" module.
|
my_test_input |
201 Created |
token
GET |
/token/rights/ |
Retrieves auth token read/write rights. |
| Information |
Input |
Response |
|
Retrieves a list of auth token module read/write rights.
|
|
200 OK |
transactions
GET |
/transactions/?{filter1}&{filter2}... |
Retrieves transactions. |
| Information |
Additional Filters |
Response |
|
This request requires read access in the "Economy" module.
The "user_name" filter relates to the user's full name.
The "include_account_xxxx=true" filters will retrieve detailed accounting information.
|
id (int)
user_id (int)
user_name (int)
date (string, ISO8601)
date_from (string, ISO8601)
date_to (string, ISO8601)
amount (decimal)
comment (string)
external_customer_number (string)
include_account_rows (bool)
include_account_summary (bool)
|
200 OK |
GET |
/transactions/swish/ |
To be implemented |
POST |
/transactions/ |
Creates a transaction |
| Information |
Input |
Response |
|
This request requires write access in the "Economy" module.
Currently, this request is limited to a simple transaction structure with only one accounting row (optional).
The "amount" value shall be set to indicate the change of the member's account.
If the accounting option is used, the accounting>amount value must be set to the absolute (i.e. no minus) value of the transaction amount.
|
{
"user_id": (int)*,
"date": (string,ISO8601)*,
"amount": (int)*,
"comment": (string)*,
"accounting": {
"amount": (int),
"debit": (int),
"credit": (int),
"cost_center": (string),
"project": (string)
}
}
|
201 Created |
PATCH |
/transactions/ |
To be implemented |
| Information |
Input |
Response |
|
This request requires write access in the "Economy" module.
Only the account information can be updated.
|
id (int)*
acct_debit (int)
acct_credit (int)
acct_cctr (string)
acct_proj (string)
|
200 OK |
users
GET |
/users/?{filter1}&{filter2}... |
Retireves user information |
| Information |
Additional filters |
Response |
|
This request requires read access in the "Users" module.
Use the "verbose" filter to retieve additional user information.
|
id (int)
name (string)
username (string)
member_number
membership_id (int)
membership_name (string)
invalid_email (bool)
locked (bool)
locked_login (bool)
active (enum)
verbose (bool)
|
200 OK |
POST |
/users/ |
Creates a user |
| Information |
Input |
Response |
|
This request requires write access in the "Users" module.
The user's password can not be set here. Each user needs to set their own password via the "Reset my password" function on the login screen.
More insert options can be requested via support@myweblog.se
|
{
"username": string*,
"member_number": string,
"external_customer_number": string,
"ksak_member_number": int,
"first_name": string*,
"last_name_particle": string,
"last_name": string*,
"personal_identification_number": string,
"membership_id": int*,
"user_groups": [
int,
int,
...
],
"email": [
string,
string
],
"address": {
"street_address": [
string,
string
],
"postal_code": string,
"city": string,
"country": string
},
"phone": {
"home": string,
"work": string,
"mobile": {
"country_code": int,
"initial_number": int,
"number": int
}
},
"emergency_contact": {
"name": string,
"phone": string,
"relation": string
}
}
|
201 Created |
PATCH |
/users/ |
Updates a user |
| Information |
Input |
Response |
|
This request requires write access in the "Users" module.
It is not necessary to include all the inputs as specified here, except {id}. As an example, to only update the access card number, just submit {"id":12345,"access_card":{"number":"987654321"}}.
This function is limited. More options can be requested via support@myweblog.se
|
{
"id": (int)*
"access_card": {
"number": (string)
"code": (string)
"expiry_date": (string,ISO8601)
},
"misc_info": string,
"internal_notes": string,
"status": {
"active": (bool)
}
}
|
200 OK |
DELETE |
/users/ |
Deletes a user |
| Information |
Input |
Response |
|
This request requires write access in the "Users" module.
Administrators or users with a remaining balance can not be deleted.
WARNING: A deleted user can not be restored. Consider setting active=0 via the PATCH method instead.
|
id (int)*
|
204 No Content |
GET |
/users/memberships/?{filter1}&{filter2}... |
Retrieves a list of membership types |
| Information |
Additional Filters |
Response |
|
This request requires read access in the "Users" module.
|
id (int)
name (string)
verbose (bool)
|
200 OK |
GET |
/users/groups/?{filter1}&{filter2}... |
Retrieves a list of user groups |
| Information |
Additional Filters |
Response |
|
This request requires read access in the "Users" module.
|
id (int)
name (string)
verbose (bool)
|
200 OK |
Examples
These examples are abbreviated and will not include the header(s).
GET objects request
https://api.myweblog.se/main/v4/objects/?registration=SE-ABC
GET objects reply
{
"auth_token": {
"description": "Postman",
"owner": "Magnus Winsth, Svanshalls FK"
},
"meta_information": {
"objects": 1
},
"objects": [
{
"id": 24,
"registration": "SE-ABC",
"category": {
"id": 0,
"name": "Aircraft"
},
"type_designator": "C172",
"type_name": "CESSNA 172",
"comment": "Ã…rsmodell 2002",
"organization_id": 3,
"organization_name": "Svanshalls FK",
"active": 1
}
]
}
POST transactions request body
{
"user_id": 987654321
"date": "2026-01-27"
"amount": -123
"comment": "Test transaction"
"accounting": {
"amount": 123,
"debit": 1940,
"credit": 1510,
"cost_center": "CCTR1",
"project": "PRJ1",
}
}
Reply with error
{
"auth_token": {
"description": "Postman",
"owner": "Magnus Winsth, Svanshalls FK"
},
"errors": [
{
"id": 10130
"message": "Duplicate transaction detected"
}
]
}
PHP cURL POST Request
$endpoint = 'https://api.myweblog.se/main/v4/test/';
$headers = [
'Content-Type: application/json',
'Authorization: Bearer {my_auth_token}',
'Request-Id: {my_request_id}'
];
$post = json_encode([
'my_test_input' => 'My input data'
]);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $endpoint);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
curl_setopt($curl, CURLOPT_POSTFIELDS, $post);
$response = curl_exec($curl);
$response_code = curl_getinfo($curl, CURLINFO_HTTP_CODE);
var_dump($response_code);
var_dump($response);
Linux/Mac cURL Requests
curl -X GET "https://api.myweblog.se/main/v4/users/?active=2&verbose=true" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer {my_auth_token}" \
-H "Request-Id: {my_request_id}"
curl -X GET "https://api.myweblog.se/main/v4/transactions/?include_account_rows=true&date_from=2026-01-01&date_to=2026-01-31" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer {my_auth_token}" \
-H "Request-Id: {my_request_id}"
curl -X POST "https://api.myweblog.se/main/v4/transactions/" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer {my_auth_token}" \
-H "Request-Id: {my_request_id}" \
-d '{
"user_id": 987654321,
"amount": -500.00,
"comment": "Test Transaction via CURL",
"date": "2026-01-29",
"accounting": {
"amount": 500.00,
"debit": 3011,
"credit": 1910
}
}'
Error Codes
| Code |
Name |
Comment |
Response |
| 10000 |
SSL Connection Required |
Self explanatory |
406 Not Acceptable |
| 10001 |
Unauthorized |
Check your token to be correct and valid. |
401 Unauthorized |
| 10002 |
Unauthorized Module Access |
Check the module access settings for the auth token. |
403 Forbidden |
| 10003 |
Invalid parameter data |
Check that your parameters are UTF-8 and, if GET parameters, do not include any %. |
400 Bad Request |
| 10005 |
Invalid parameter format |
Check the format of the indicated parameter. |
400 Bad Request |
| 10006 |
Invalid input format |
Check the format of the input parameters or json body, including required parameters. |
400 Bad Request |
| 10010 |
Internal SQL Error |
An internal SQL error has occurred and has been logged. |
500 Internal Server Error |
| 10020 |
Unknown exception on row {row} |
An internal error has occurred. Contact support if it persists. |
500 Internal Server Error |
| 10030 |
Duplicate detected |
Your request to insert or modify an item has detected a duplicate. |
500 Internal Server Error |
| 10050 |
Method Not Allowed |
Check correct usage of GET/POST/PATCH/PUT/DELETE. |
405 Method Not Allowed |
| 10100 |
Not found |
The requested resource id could not be found. |
400 Bad Request |
| 10105 |
Not modified ({reason}) |
The requested action could not be taken. |
400 Bad Request |
| 10110 |
Invalid Date Format |
Date must be submitted in ISO8601 format (yyyy-mm-dd or yyyymmdd). |
400 Bad Request |
| 10120 |
Invalid Amount Format |
Amount must be (int) or (decimal). |
400 Bad Request |
| 10121 |
Invalid Amount |
Amount must be between -100000 and 100000, and can not be 0. |
400 Bad Request |
| 10130 |
Duplicate transaction detected |
Self explanatory |
400 Bad Request |
| 10140 |
Comment can not be empty. |
Self explanatory |
400 Bad Request |
| 10150 |
Organization transaction lockdate violation. |
A transaction can not be created prior to the set transaction lockdate. |
400 Bad Request |
| 10151 |
Future transaction date is not permitted |
Self explanatory |
400 Bad Request |
| 10160 |
Invalid acct_debit format |
Ensure that the account is submitted as (int). |
400 Bad Request |
| 10161 |
Invalid acct_credit format |
Ensure that the account is submitted as (int). |
400 Bad Request |
| 10162 |
Debit account not found |
The submitted value could not be found in the organisation's settings. |
400 Bad Request |
| 10163 |
Credit account not found |
The submitted value could not be found in the organisation's settings. |
400 Bad Request |
| 10164 |
Cost centre not found |
The submitted value could not be found in the organisation's settings. |
400 Bad Request |
| 10165 |
Project not found |
The submitted value could not be found in the organisation's settings. |
400 Bad Request |
| 10190 |
Unable to save transaction |
Contact support. |
500 Internal Server Error |