APIs and protocols supported by Koha
From Koha Wiki
RESTful web service calls
This is a relatively new API in Koha. It is being actively developed and expanded.
Koha /svc/ HTTP API
This is an older API. It is maintained, but does not get expanded. Eventually it will probably get deprecated.
Reports web service
Any report can be set to internal or public to be available in JSON format with and without authentication.
A public report is accessible via a URL that looks like this:
An internal report requires authentication and is available from the intranet base URL.
Patrons, circulation, payment etc
Bug 11622 made it possible to add PayPal as a payment option in the OPAC.
Bug 19173 makes OPAC online payments pluggable for easier integration with other and local payment methods.
Support for Z39.50 is provided by Zebra for installations using it. For Elasticsearch and other advanced usage there is a standalone Z39.50/SRU Responder (starting with Koha 19.11). See the page Setting up the Z39.50 and SRU Server for more information.
Koha can act as a Z39.50 server.
Koha can also be used as a client to retrieve both bibliographic and authority records from other Z39.50 servers. This is often referred to as copy cataloguing.
Koha can act as a SRU server via Zebra for installations using it. For Elasticsearch and other advanced usage there is a standalone Z39.50/SRU Responder (starting with Koha 19.11). See the page Setting up the Z39.50 and SRU Server for more information.
Koha can also be used as a client to retrieve bibliographic records from other SRU servers.
Koha can be set up as a Data Provider (server) by enabling the OAI-PMH system preference.
Koha can currently not act as a Service Provider (client), but Bug 10662 - Build OAI-PMH Harvesting Client aims to change this, in order to make it possible to have Koha ingest/update records via OAI-PMH.
Koha can output search results in OpenSearch format, but not consume and display OpenSearch data from other sources.
RSS feeds are provided with different information:
- Search results
- News items
- See the perldoc for C4::Auth_with_ldap
- See Bug 8446 for current progress
- Removed from Koha. See bug 17486. Mozilla stops developing its persona sign-in system due to low adoption (sad).
SSL Client Certificate
The OAuth2 protocol is used to integrate Koha with other systems in different ways.
External identity providers
Koha provides configuration options to use Google's OpenID-connect implementation in order to grant access to patrons (cookie based).
Koha as an identity provider
An internal OAuth2 server is implemented. It currently implements the following grant flows:
- Client credentials
Client credentials grant
The client credentials grant is implemented.
This basic flow is intended to be used with confidential clients (i.e. external systems we trust) and always under secure connections (HTTPS). In order to use it, you need to explicitly enable it using the RESTOAuth2ClientCredentials system preference. Once it is enabled you will be able to manage API keys (client_id and client_secret pairs) on a per-patron basis using the staff interface. The implementation from bug 20612 doesn't provide a way to limit the scope of this tokens (i.e. specify the permissions the API key grants the consumer).
- Olly olly oxen free: integrators with Koha, stand up and be counted
- koha-restful in BibLibre's Git repository. This is currently a separate project, developed to support the Drupal OPAC project.
- Coding Guidelines - API