Generate a token for the Profit Rest Services
With an app connector, authentication is handled based on tokens, not user names and passwords. A token is a key that is valid for a combination of environment/app connector/user/device.
If a user starts using an external app, he first requests a token via the external app. You must set up an automated process for this yourself. However, you can manually add tokens to an app connector on an ad hoc basis. If it is no longer allowed to use a certain token, you delete it.
Note:
The remainder of this description deals with requesting a token using an automated process.
A user requests a token using an external application. This application calls the Profit REST Services. If the request was successful, the user gets an email with an activation code. By applying the activation code, the user gets a token. From that moment on, the token must be included in every call.
- A valid e-mail address should have been entered for the user in General / Management / Authorisation tool. The user must be a member of the user group that is linked to the app connector.
To view the endpoints, see Endpoints for Profit Connectors (SOAP/XML and REST/JSON).
To retrieve keys in Profit:
- Go to: General / Management / App connector.
- Open the properties of the app connector.
- You need the values for the API key and Environment key fields.
To automatically request and register a token in Profit:
- Call the Profit REST Service using the following URL.
<server>/profitrestservices/otprequest
The below image was created based on the Test Tool.
- In case of a successful call, the response contains a one-time password (OTP).
- Call the Profit REST Service using the following URL. Use the one-time password in the call.
<server>/profitrestservices/otpvalidation
In case of a successful call, the response contains a token.
Example code for optrequest:
var otprequest = {
apiKey: ‘AF2F…’,
userid: ‘DavidB’,
apiToken: ‘820DBB..’
};
$http.post("https://<server>/profitrestservices/otprequest", otprequest).then(function () {
alert("Check your e-mail for OTP pasword");
});
Directly to
|