Overview

Here, we have some general rules and best practices for your FogBugz API Requests. All of them are important to keep in mind if you are using the API to communicate with your FogBugz data.

Information

• You can use GET or POST.  If you are submitting files, however, you must use an enctype=”multipart/form-data" POST.
• All arguments to the API are name/value pairs in the GET or POST request. e.g. a GET request:

http://www.example.com/api.asp?token=24dsg34lok43un23&cmd=new&sTitle=New%20Case&sEvent=something

• FogBugz is based exclusively in UTF-8 encoding.
• All dates should be in ISO 8601 UTC format, e.g. 2013-01-21T14:24:06Z.
• To avoid inconsistencies caused by individual user localization, we recommend using ISO for dates in search strings.
• All API requests will have a cmd argument indicating what you want to do, like cmd=logon in the logon example.
• All API requests must have a token argument indicating the logon session except cmd=logon. The token can be used indefinitely, and will only be invalidated by executing a logoff command with that token or by changing the user’s password.
• The response is a valid XML file in UTF-8 format containing an outer <response> tag at the root.
• If the first child node is <error>, something went wrong.
• If the token is not supplied, or if the token does not correspond to a logged-in user, you will get error code 3:

<response>
    <error code="3">
        Not logged on
    </error>
</response> 

• Since these requests operate against URLs, they should be URL encoded.

For more information, refer to the complete XML API documentation for FogBugz.