API access control: Explaining events and how to react
Each of the following events may trigger a connection blockage to prevent misuse of the Public API feature.
Please note: Connections with clientId = test.client are not included in this validation.
Event | Action |
The Organisation is deleted | In response to all called API requests, the Public API returns errors. |
The
Organisation is disconnected from GL | GET
methods are allowed to be used. POST/PUT/DELETE methods result in errors from the backend (no restrictions on
the Public API side). After reconnecting, the restrictions are disabled. |
The
Organisation is retired | GET
methods are allowed to be used. POST/PUT/DELETE methods result in errors from the backend (no restrictions on
the Public API side). After reconnecting, the restrictions are disabled. |
The Organisation(s) is transferred (due to account transfer/Organisation transfer) | In response to all called API requests, the Public API returns errors. |
The
Subscription is downgraded | In
response to all called API requests, the Public API returns errors. After
a subscription upgrade, the restrictions
are disabled. |
The Subscription is expired | GET methods are allowed to be used. POST/PUT/DELETE methods result in errors from the backend (no restrictions on the Public API side).
After reconnecting, the restrictions are disabled. |
The user who was added to a token is offboarded from the
Organisation added to a token | In
response to all called API requests, the Public API returns errors. After
onboarding a user, the restrictions are disabled. |
The user's role (who was added to a token) is changed | In
response to all called API requests, the Public API returns errors. After onboarding a user, the restrictions are disabled. |
Related Articles
Who needs to have access to Xero?
The person who connects ApprovalMax to Xero needs full access to the Xero file. Approvers who approve Bills, Purchase Orders, and other documents don't need access to Xero in order to approve documents in ApprovalMax — this is one of the core ...
Who needs access to Cin7 Core?
The person who will connect ApprovalMax to Cin7 Core needs full access to Cin7 Core. Requesters* who create Purchase Orders in Cin7 Core need access to Cin7 Core. * Unfortunately, ApprovalMax is not aware of who creates particular Purchase Orders in ...
Do Approvers need access to Cin7 Core to do approvals?
No, Approvers who authorise Purchase Orders don't need access to Cin7 Core in order to approve them in ApprovalMax — this is one of the core benefits of ApprovalMax. Please also see who needs to have access to Cin7 Core.
Do Approvers need access to Xero to do approvals?
No, Approvers who authorise Bills, Purchase Orders and other documents don't need access to Xero in order to approve them in ApprovalMax — this is one of the core benefits of ApprovalMax.Please also see who needs to have access to Xero.
What does the ApprovalMax Public API do?
The ApprovalMax API enables other systems to retrieve data from ApprovalMax and display it in their own systems without any manual action by a person. This seamless integration facilitates the automation of data transfers by pulling the relevant ...