Miguel Vargas Posted September 15, 2022 Posted September 15, 2022 Hello! Is it possible to make requests to the API from Python? I have not been able to get the authorization code from Python. I would really appreciate any help you can give me. Thanks.
Steel, Mark Posted September 16, 2022 Posted September 16, 2022 Hi Miguel, If you're referring to the Sage Business Cloud Accounting API's documented here, the answer is yes, it is possible to integrate with Python. We're hoping to add some example applications written in Python and nodejs in the coming weeks. To obtain the authorization_code you will require an SBCA business, app registration client_id and client_secret and a registered callback url. You'll then need to pass the values as params to the auth server in a GET request. The URL will look like this and contain the values specific to you application. “https://www.sageone.com/oauth2/auth/central?filter=apiv3.1&&response_type=code&client_id=YourClientId&redirect_uri=YourRegisteredCallbackUrl&scope=full_access&state=AABBCCDD” If the params are recognised the auth server will direct you to select the country of the business you're going to authorise access for. Once the country is selected you'll then be asked to authorise using the email address and password of the business and allow access to the requesting application. Once access is granted, the server then sends back the code to your registered callback url you would then exchange the code in a POST request to the token API for access_token and refresh_token. The full document relating to authorisation can be found here. If you need to create a trial business for development and testing you can do so here. The python request to exchange the code would be similar to the below: #Authorization code passed into the function, POST request made to obtain the token credentials, #which are set as session variables. def exchange_code(code: str): headers = { "Content-Type": "application/x-www-form-urlencoded", "Accept": "application/json", } data = { "client_id": config.client_id, "client_secret": config.client_secret, "code": code, "grant_type": "authorization_code", "redirect_uri": config.redirect_uri, } response = requests.post(config.token_url, headers=headers, data=data) credentials = response.json() #Initialise all session variables and expiry times for the tokens. session["access_token"] = credentials["access_token"] session["refresh_token"] = credentials["refresh_token"] session["access_token_expires_in"] = credentials["expires_in"] session["refresh_token_expires_in"] = credentials["refresh_token_expires_in"] session["token_expiry_time"] = str((datetime.now()) + timedelta(seconds=session["access_token_expires_in"])) session["refresh_token_expiry_time"] = str(datetime.now() + timedelta(seconds=credentials["refresh_token_expires_in"])) Thanks Mark
Miguel Vargas Posted September 17, 2022 Author Posted September 17, 2022 Hi Mark. Thanks for your answer. My problem lies in obtaining the authentication code. I have problems performing Authentication with OAuth 2.0 (pure Python), because verification requires login, but with code I can't send my credentials. My code: Quote import requests data = {'client_id':'my_client_id', 'response_type':'code', 'redirect_uri':'https://localhost:8123/auth/callback', 'scopes':'full_access', 'country': 'us', 'locale':'es-US' } headers={ 'Upgrade-Insecure-Requests': '1', 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Postman/9.31.0 Chrome/94.0.4606.81 Electron/15.5.7 Safari/537.36', 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9', 'Sec-Fetch-Site': 'none', 'Sec-Fetch-Mode': 'navigate', 'Sec-Fetch-User': '?1', 'Sec-Fetch-Dest': 'document', 'Accept-Encoding': 'gzip, deflate, br', 'Accept-Language': 'es' } s = requests.Session() auth_url='https://www.sageone.com/oauth2/auth/central?filter=apiv3.1' r = s.get(auth_url, data=data, headers = headers) r.text Regards, Miguel.
Steel, Mark Posted September 20, 2022 Posted September 20, 2022 Hi Miguel, The restriction of not being able to pass the business credentials is not one of Python but one of the Sage Business Cloud Accounting oAuth implementation. You can not complete the auth flow without the manual intervention of the user entering their Sage business credentials to authorise. Thanks Mark 1
Aaron Trevena Posted February 10, 2023 Posted February 10, 2023 On 9/20/2022 at 11:21 AM, Steel, Mark said: > The restriction of not being able to pass the business credentials is not one of Python but one of the Sage Business Cloud Accounting oAuth implementation. >You can not complete the auth flow without the manual intervention of the user entering their Sage business credentials to authorise. This would appear to rule out using the Sage 200 API for any e-commerce integration which would need to be fully automated and unattended - what API is provided for that - and does Sage provide a confidential client OAUTH authentication option as per the RFC? Thanks, Aaron
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now