FreshBooks
Call Toll Free 1-866-303-6061 Login | Pricing & Signup

Search


API Calls

Resources

API Updates: Project Staff, Custom Emails and payment.delete

by Paul in API Additions, Development on October 23, 2009

On Wednesday we released some pretty exciting updates to our API and wanted to make sure you were aware of them.

Project Results

If you are an administrator or a staff member who is assigned as a project manager to a project, project.get and project.list methods now return the ids of users who are assigned to that project. Up until now it was impossible to determine if a user was assigned to a project when listing them. Because of this, our OS X time tracker for instance would list all projects that a user could see, not just the ones that they were assigned to. If the user clicked on "Submit" after selecting a project that they weren't assigned to, they would get an error because you can't track time to a project you aren't assigned to. What a headache! See the updated documentation for details.

Custom Emails

You can now send custom email messages with invoice.sendByEmail and estimate.sendByEmail. Just include both a subject and a message element in your request. You can use any of the variables that are available when customizing messages within FreshBooks (i.e. ::invoice link::, ::payment amount::, ::estimate link::). See examples on the invoice and estimate documentation pages.

Delete Payments

We've added a payment.delete method. This will allow you to permanently delete payments. If the payment being deleted was made against an invoice, the status of the invoice will be updated. Check out the documentation.

So there you go, three great new features!

0 comments

Staff API Access: No More Restrictions!

by Paul in API Additions, Integrations, Development on September 30, 2009

As of today, the FreshBooks API is fully functional for Staff members, not just Administrators. Ever since its debut, the API has used a more restrictive set of permissions than the application. This made things a little simpler for us, but it didn't help our users or third-party add-on developers. It meant that certain third-party applications simply weren't as useful for customers who had multiple staff members sharing a single FreshBooks account. We've received many requests from developers to open up permissions in the API so that they more closely follow the permission settings in the application. You have been heard!

Staff now have access to all of the API methods as long as they are given the appropriate permissions from the application settings. This means that if the invoices tab is enabled for staff in the application, they can view and edit invoices from the API for clients who they are assigned to. Likewise, if the estimates tab is enabled, they will have API access to estimates for clients who they are assigned to. Ditto for Recurring Profiles, Payments and Items.

We hope that this change will make existing applications more useful and encourage new kinds of third-party add-ons that were simply not possible before. Having the API be more consistent with the application should help make FreshBooks more useful for everybody.

1 comments

We’re Disabling Weak SSL on January 4, 2010

by rich in on September 29, 2009

On January 4, 2010, the first Monday of the new year, we will be disabling weak SSL protocols. This change affects both API and browser users.

The protocols we are disabling are:

  • SSLv2
  • Ciphers with keylengths less than 128 bits in SSLv3 or TLSv1

We are disabling these protocols to enhance the security of our users' financial data as it is passed over the Internet. SSLv2 has several published vulnerabilities and should not be considered secure, and keys shorter than 128 bits are no longer considered sufficiently resistant to compromise. The Wikipedia article on TLS and SSL contains some background information on the vulnerablities in these protocols.

Analyzing the last month's worth of traffic suggests that this will affect a very small number of users. We have contacted all affected integrations with whom we have existing relationships. We will continue to monitor our logs to look for any other SSLv2 or short keylength users whom we have missed.

Modern browsers (Firefox 2+; IE 7+; Safari) disable these weak protocols by default.

If you have any questions or comments on our plan to disable these weak SSL protocols, please let us know at .(JavaScript must be enabled to view this email address).

0 comments

« Older Posts  
Last four posts in our forums
  • October 23, 2009 API Updates: Project Staff, Custom Emails and payment.delete

    On Wednesday we released some pretty exciting updates to our API and wanted to make sure you were aware of them.

  • September 30, 2009 Staff API Access: No More Restrictions!

    Ever since its debut, the API has used a more restrictive set of permissions than the application. This made things a little simpler for us, but it didn't help our users or third-party add-on developers. It meant that certain third-party applications simply weren't as useful for customers who had multiple staff members sharing a single FreshBooks account. We've received many requests from developers to open up permissions in the API so that they more closely follow the permission settings in the application. You have been heard!

  • September 29, 2009 We’re Disabling Weak SSL on January 4, 2010

    On January 4, 2010, we will be disabling SSLv2 and ciphers with keys smaller than 128 bits.

  • September 10, 2009 FreshBooks now supports OAuth

    FreshBooks now supports OAuth for secure API authorization.

Need additional help?

Call Us

North America
United Kingdom
Ireland
International

1-866-303-6061
0808-101-3408
1-800-949-046
+1 416-481-6946

Email Us

We love to help our customers! Send us an email through our online support request form any time you need help!

About FreshBooks

FreshBooks is an online invoicing and timetracking application. Find out more on our website.

Copyright 2009 FreshBooks. All Rights Reserved. Developer Blog RSS Feed