App connector
The app connector is an application that runs a set of GetConnectors and UpdateConnectors. This uses user authentication based on tokens.
Description
An app connector is a bundle of GetConnectors, UpdateConnectors and special connectors. If an application has access to an app connector, it also has access to the linked GetConnectors, UpdateConnectors and special connectors. This application does not have access to other connectors.
Use a separate app connector for every external application. You configure the app connector yourself and determine to which Profit Connectors it has access. In addition, you link a user group to the app connector: only users that are members of the user group can use the app connector. The configuration of user groups and users depends on the application type:
- For a link to an external system, one system user may be sufficient. Specify a token for the system user and pass it on to the partner building the link for you.
- If you create a link for an app with which your employees are going to register hours, you need a token for each employee. Your partner must provide an automated solution that distributes and, if necessary, withdraws tokens via Profit.
Every user or system user who is going to use an app connector, gets a token. A token is a key that applies to a combination of environment/app connector/user/link. If an external application calls a connector, this is done based on the token of the user, not the user name and password. It is easy to revoke a token if access to the app connector is no longer allowed.
Advantages of app connectors
- An app connector provides access to the correct Profit connectors, not to other connectors.
- An app connector is linked to a user group. Only users that are a member of the user group can use the app connector.
- Communication between an external application and Profit takes place based on tokens. The external application does not have to save the user name and password of the user. A potential hacker cannot use a token to get access to Profit.
- If the password of a user changes, the link between the external application and Profit will continue to work because the token remains the same. If a token ends up in the wrong hands, you can delete it from Profit. The user can request a new token using an automated process and immediately start using it.
Example:
You have developed an app that allows employees of the Sales department to directly place a sales order using a smartphone.
If an employee uses the app, it connects to Profit based on the token of the user. The app then uses a GetConnector to determine whether the article the employee wants to include in a sales order exists in Profit. These actions can only be performed if the user has a valid token and if the GetConnector is linked to the app connector.
The app places the sales order using the 'FbSales' UpdateConnector (sales orders). This action can only be performed if the UpdateConnector is linked to the app connector.
Procedure
- All URLs of the Profit Web services
- Authorise the app connector
- Add a user group
- Add an app connector
- Manage user tokens
- Call an app connector
- Manage an app connector