If you’d like to use BioStar 2 New Local API as a RESTful API for your own customization or other purposes, you can simply reference this article. This article will cover the most basic usage of the BioStar 2 New Local API by C# console application. 


BioStar 2 New Local API’s swagger can be accessed by the URL: https://{BioStar2 IP}/swagger/index.html#/


*BioStar 2 New Local API is supported from BioStar 2.7.10 and above.


This is just a sample application made for those who might need to use the BioStar 2 New Local API. It is a Visual C# console application.



This article will cover the highlighted function below:

  1. Login
  2. Search Users
  3. Create Users
  4. Create Users with Access Group
  5. Retrieve Log Data
  6. Retrieve Log Data with order by


Through this article, you can learn how to call an API function to login to your BioStar 2 server. By inserting your BioStar 2 User ID and Password, you can easily have an authentication to use other API calls. Please, do pay attention to how to manage ‘bs-session-id’ after you make a successful login.


Make sure you take a good look at the example code of the C# program built for API calls. You can simply copy & paste the source code to use the same function in your own integration. 


You can also see how to call the API functions via Postman, which is a program used for RESTful API calls.


Part 1. API Call & Parameters 


[POST]: /login












Login ID








   * M – Mandatory, O – Optional


Part 2. Request Body & Response Model

[Example Value/Parameters Model]


  "User": {

    "login_id": "admin",

    "password": "qwer1234"




[Response Model]


User      Res____User____272{

user_id string

example: 1

desc: User ID


name    string

example: Administrator

desc: Name


gender string

example: 1

@desc: User Gender


birthday               string

example: 1977-10-08T04:00:00.00Z

@desc: User Birthday


photo_exists     boolean

example: false

desc: Check Photo


pin_exists           boolean

example: false

desc: Check PIN


login_id string

example: admin

desc: Login ID


password_exists              boolean

example: true

desc: Check Password


updated_count string

example: 0

desc: Update Count


last_modified    string

example: 0

desc: Last Modify


start_datetime string

example: 2001-01-01T00:00:00.00Z

desc: Start DateTime


expiry_datetime              string

example: 2030-12-31T23:59:00.00Z

desc: Expiry DateTime


security_level    string

example: 0

desc: Security Level




Response            Res____Response{

code      string

example: 1003

desc : Response.code reference: C:\Program Files\BioStar 2(x64)\nginx\html\resources\


link         string


desc: Link URL


message              string

example: Success

desc: Message



httpResponseStatus       Res____httpResponseStatusinteger

example: 200

desc: HTTP Status Code



[Response: Fail]


    "Response": {

        "code": "101",

        "link": "",

        "message": "Failed to login for invalid username or password"



[Response: Successful]


    "User": {

        "user_id": "1",

        "name": "Administrator",

        "gender": "0",

        "photo_exists": "false",

        "pin_exists": "false",

        "login_id": "admin",

        "password_exists": "true",

        "updated_count": "37",

        "last_modified": "63",

        "idx_last_modified": "24",

        "start_datetime": "2001-01-01T00:00:00.00Z",

        "expiry_datetime": "2030-12-31T23:59:00.00Z",

        "security_level": "0",

~    },

    "Response": {

        "code": "0",

        "link": "",

        "message": "Success"




Part 3. Console Login Example


[Login Method Source Code] 

static async void LoginTask()


            string resourceAddress = ""//Enter your BioStar 2 address & the API call you’d like to perform(login in this case)


            HttpClient httpClient = new HttpClient();


            JavaScriptSerializer serializer = new JavaScriptSerializer();


            Dictionary<stringstring> dicLoginUser = new Dictionary<stringstring>();


            dicLoginUser.Add("login_id""admin"); // Enter BioStar 2 Admin Login ID

            dicLoginUser.Add("password""adminPassword"); // Enter your password of BioStar 2 Admin

            Dictionary<stringobject> dicLogin = new Dictionary<stringobject>();

            dicLogin.Add("User", dicLoginUser);  // Save your ID and PW to a parameter named “User” and add it to dicLogin


            string jsonLoginUser = serializer.Serialize(dicLogin);


            StringContent sc = new StringContent(jsonLoginUser, Encoding.UTF8, "application/json");


            // To load HTTPS Certificate

            ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;


            //This is an example line to allow the certificate check is secure. You can have your own line for better secure of your application.

            //Please search stackoverflow for the error description - The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.

            //A common reason you may receive the error above Could not establish trust relationship for the SSL/TLS secure channel is because the SSL certificate isn't trusted. 

           //Below code ignore the untrusted cert errors. 

            System.Net.ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };

            //HttpResponseMessage httpResponse = await httpClient.PostAsync(resourceAddress, sc);

            HttpResponseMessage httpResponse = httpClient.PostAsync(resourceAddress, sc).Result;


            if (httpResponse.IsSuccessStatusCode == true)



                string httpResponseBody = await httpResponse.Content.ReadAsStringAsync();


                Console.WriteLine("Login successful...");



                MemoryStream responseMemoryStream = new MemoryStream();

                StreamWriter sw = new StreamWriter(responseMemoryStream);




                bool isSessionIDContained = httpResponse.Headers.Contains("bs-session-id");

                if (isSessionIDContained == true)


                    IEnumerable<string> sessionEnum = httpResponse.Headers.GetValues("bs-session-id");


                    foreach (string element in sessionEnum)


                        Console.WriteLine("bs-session-id: " + element);

                        sessionID = element;



                else if (isSessionIDContained != false)


                    Console.WriteLine("Session ID not found");





                Console.WriteLine("Failed to log in");






[After Logging Successfully] 

텍스트이(가) 표시된 사진

자동 생성된 설명




Part 4. Login via Postman


[Request Example] 


[Response Example: body] 

텍스트이(가) 표시된 사진

자동 생성된 설명


[Response Example: Headers] 

*You must use the ‘be-session-id’ value for other API calls by Postman.

텍스트, 스크린샷, 모니터, 텔레비전이(가) 표시된 사진

자동 생성된 설명