Ember Robb Posted May 23 Share Posted May 23 Hello, I'm new to Sage Intacct and am currently working on integrating it with my company's in-house app. I would like to use triggers or smart events to send data to an API I have built that is intended to update data in our system. My issue is that I need to be able to validate these calls that are being made from Sage Intacct and into our app. I have seen that you can send key/value pairs with these triggers/events such as the user session ID, but that does nothing to help me actually verify if that was a legitimate ID sent from Sage Intacct. Is anyone able to provide advice on the matter? I am new to API building in general, but I assume there must be a way to verify requests to an external URL through Sage Intacct. Link to comment Share on other sites More sharing options...
Preston, Charlie Posted May 24 Share Posted May 24 The best thing to do is make a call to getAPISession - but instead of supplying the username and password, supply the session id you received through the smart event/trigger. https://developer.intacct.com/api/company-console/api-sessions/#get-api-session For example: <operation> <authentication> <sessionid>iewfjpfn8ur89u8fuifwhreiouhfiouvrewoieubwhfiv</sessionid> </authentication> <content> <function controlid="abc123"> <getAPISession /> </function> </content> </operation> If the session id is invalid, then you receive an error: <error> <errorno>GW-0021</errorno> <description>Invalid session [Request ID: 888c325e8e98dd43-LHR]</description> </error> If it's valid, then you receive the session id back along with the added benefit of the URL and location (if at the top level location will be blank): <data> <api> <sessionid>iewfjpfn8ur89u8fuifwhreiouhfiouvrewoieubwhfiv</sessionid> <endpoint>https://api.intacct.com/ia/xml/xmlgw.phtml</endpoint> <locationid>500</locationid> </api> </data> 1 Link to comment Share on other sites More sharing options...
Preston, Charlie Posted May 24 Share Posted May 24 Short answer is to make a call to getAPISession and pass in the session id - if invalid it will give an error message, otherwise it will return the session id you supplied along with the location and URL. I posted more details with examples, but this is waiting to be moderated as I include a link to the help page....should turn up later 🙂 2 Link to comment Share on other sites More sharing options...
Ember Robb Posted May 24 Author Share Posted May 24 Thank you! Even without seeing the example at the moment this is exactly the information I was looking for. Much appreciated! Link to comment Share on other sites More sharing options...
Recommended Posts