We are very happy to announce a path forward for e-conomic administrator agreements to use REST and token authentication.
For all users administering Startup, Small Business and Professional agreements we now support accessing these via token authentication.
This opens the door to taking advantage of REST and the ease of implementation related to this API, along with the ability for administrators to tap into the full range of solutions available from our Partners.
Administrator agreements aka the administrator module is a separate e-conomic login that gives access to a list of e-conomic agreements where you have been assigned as an administrator. These are used by accounting offices, accountants, bookkeepers or companies whose main focus is an accounting.
Switching from stored credentials to tokens
To facilitate a faster switch to token authentication for existing solutions we will be providing a dedicated SOAP method: Application_CreateAdministratorAgreementGrantToken, which will be available from March 6th 2018.
To use this method you must be authenticated using either ConnectAsAdministrator or ConnectAsAdministratorWithCustomerNumber.
The Application_CreateAdministratorAgreementGrantToken method takes your AppSecretToken as a parameter and will return an AgreementGrantToken for the accounting agreement you authenticated as.
Tokens need only be generated once and are without a TTL. Tokens may be revoked inside e-conomic by the user by going to All Settings -> Extensions -> Apps.
Onboarding new agreements to your app
In this first release of tokens for admins, it is required that the admin first establishes the administration context before following the RequestURL.
What this means is:
- Login to your administrator module.
- Switch to administering the agreement you want to add the app to.
- Follow the RequestURL in the same browser.
- Add app.
We would love to know more about your admin workflow and how you’d like to see the app flow for administrators improved so please don’t hesitate to get in touch with us on firstname.lastname@example.org.
Token authentication is initially available for administrators on agreement licenses that contain users. In common terms, these are Startup, Small Business and Professional.
Also known as “External license”. Customers on an internal license, are planned to be supported at a later date. ETA is currently before the end of Q1 2018.
Edit: All license types are now supported by the admin-token-flow.