API access control: Explaining events and how to react
Each of the following events may trigger a connection blockage to prevent misuse of the Public API feature.
Please note: Connections with clientId = test.client are not included in this validation.| Event | Action |
The Organisation is deleted | In response to all called API requests, the Public API returns errors. |
| The Organisation is disconnected from GL | GET
methods are allowed to be used. POST/PUT/DELETE methods result in errors from the backend (no restrictions on the Public API side). After reconnecting, the restrictions are disabled. |
| The Organisation is retired | GET
methods are allowed to be used. POST/PUT/DELETE methods result in errors from the backend (no restrictions on the Public API side). After reconnecting, the restrictions are disabled. |
The Organisation(s) is transferred (due to account transfer/Organisation transfer) | In response to all called API requests, the Public API returns errors. |
| The Subscription is downgraded | In response to all called API requests, the Public API returns errors. After a subscription upgrade, the restrictions are disabled. |
| The Subscription is expired | GET methods are allowed to be used. POST/PUT/DELETE methods result in errors from the backend (no restrictions on the Public API side). After reconnecting, the restrictions are disabled. |
| The user who was added to a token is offboarded from the Organisation added to a token | In response to all called API requests, the Public API returns errors. After onboarding a user, the restrictions are disabled. |
| The user's role (who was added to a token) is changed | In response to all called API requests, the Public API returns errors. After onboarding a user, the restrictions are disabled. |
Related Articles
Who needs to have access to Xero?
The person who connects ApprovalMax to Xero, usually the Account Owner, must have full access to a Xero account. Most other users don't need direct access to Xero to work with ApprovalMax: Approvers can review and approve Bills, Purchase Orders, and ...Send ApprovalMax events to Xero
This setting is relevant for Xero Purchase Order, Bill, AP/AR Credit Note, Sales Invoice and Quote workflows. When events occur in ApprovalMax – including approvals, rejections and comments – they are automatically pushed to Xero and recorded in the ...What does the ApprovalMax Public API do?
The ApprovalMax API enables other systems to retrieve data from ApprovalMax and display it in their own systems without any manual action by a person. This seamless integration facilitates the automation of data transfers by pulling the relevant ...Do NetSuite Bill Payment Requesters access the Bill workflow?
You don't necessarily need to add the Requesters of NetSuite Bill Payments to the Bill workflow. However, they will have access to all Approved Bills according to the settings in the Requester matrix for the NetSuite Bill Payment workflow.Do Requesters of Xero Batch Payments need access to the Bill workflow?
No, the Requesters of Xero Batch Payments do not necessarily need to be added to a Bill workflow. However, they will have access to all Approved and Awaiting Payment Bills according to the settings in the Requester matrix for the Xero Batch Payment ...