Pavel Kabir Posted March 2 Share Posted March 2 (edited) Velixo is a reporting add-in, which means that most of the time, the user can log in to the company level (without specifying an entity) – they'll still be able to retrieve all data they have access to through the API. Therefore, in our connection set-up window, for simplicity, we don't even expose an "entity" field. The only exception when we're being "smart" is the push-back scenarios when we update records in Sage Intacct: whenever one of the dimensions used is entity-scoped, we: Temporarily change the user's session to an entity-scoped session. We can do that because we have the session ID / user credentials. Write back the record Change session back to the company level I spoke to both @Louis Sterio2 and Karsten about this but obtained mixed understanding whether a trick like this is possible with the REST API with an Intacct OAuth flow (very important, not username/password). So my question is this: is it possible, with the REST API, to seamlessly exchange company-scoped bearer token to an entity-scoped bearer token, and vice versa? If not, I guess it's not a question but a feature request, because the absence of such functionality will break our flow once we upgrade to the REST API... Edited March 2 by Pavel Kabir Link to comment Share on other sites More sharing options...
Members Sterio, Louis Posted March 5 Members Share Posted March 5 I met with the engineering team, and they've confirmed a solution exists. I'll share the specifics once I have them. Additionally, this can be accomplished through the XML API. I'll provide the details shortly, and we'll ensure they are properly documented. Link to comment Share on other sites More sharing options...
Members Sterio, Louis Posted March 6 Members Share Posted March 6 Here is information on how you can exchange a refresh token for an entity level token Create Access Token - Refresh Token Grant Type Endpoint: https://<apiurll>/api/v1-beta2/oauth2/token HTTP Method: POST Parameters: grant_type: refresh_token refresh_token: client_id: client_secret: location_id: the access token will be created for this location optional for multi-entity companies Obtain a top-level access token in the absence of a location_id Sample Request and Response: curl --location --request POST 'https://<apiurll>/api/v1-beta2/oauth2/token/api/v1-beta2/oauth2/token' \ --header 'Content-Type: application/json' \ --data-raw '{ "grant_type": "refresh_token", "refresh_token": "********", "client_id": "******", "client_secret": "*******", "location_id": "Central Region" }' { "token_type": "Bearer", "access_token": "******", "expires_in": 21600 } Link to comment Share on other sites More sharing options...
Pavel Kabir Posted March 6 Author Share Posted March 6 Thanks so much Louis! We will verify this on our side and provide feedback. Link to comment Share on other sites More sharing options...
Pavel Kabir Posted March 12 Author Share Posted March 12 We have verified that this works correctly. Thank you! 1 Link to comment Share on other sites More sharing options...
Recommended Posts