by Paul Osman in API Additions, Integrations, Development on September 30, 2009
As of today, the FreshBooks API is fully functional for Staff members, not just Administrators. Ever since its debut, the API has used a more restrictive set of permissions than the application. This made things a little simpler for us, but it didn't help our users or third-party add-on developers. It meant that certain third-party applications simply weren't as useful for customers who had multiple staff members sharing a single FreshBooks account. We've received many requests from developers to open up permissions in the API so that they more closely follow the permission settings in the application. You have been heard!
Staff now have access to all of the API methods as long as they are given the appropriate permissions from the application settings. This means that if the invoices tab is enabled for staff in the application, they can view and edit invoices from the API for clients who they are assigned to. Likewise, if the estimates tab is enabled, they will have API access to estimates for clients who they are assigned to. Ditto for Recurring Profiles, Payments and Items.
We hope that this change will make existing applications more useful and encourage new kinds of third-party add-ons that were simply not possible before. Having the API be more consistent with the application should help make FreshBooks more useful for everybody.
by rich in on September 29, 2009
On January 4th 11th, 2010, the first second Monday of the new year, we will be disabling weak SSL protocols. This change affects both API and browser users.
The protocols we are disabling are:
We are disabling these protocols to enhance the security of our users' financial data as it is passed over the Internet. SSLv2 has several published vulnerabilities and should not be considered secure, and keys shorter than 128 bits are no longer considered sufficiently resistant to compromise. The Wikipedia article on TLS and SSL contains some background information on the vulnerablities in these protocols.
Analyzing the last month's worth of traffic suggests that this will affect a very small number of users. We have contacted all affected integrations with whom we have existing relationships. We will continue to monitor our logs to look for any other SSLv2 or short keylength users whom we have missed.
Modern browsers (Firefox 2+; IE 7+; Safari) disable these weak protocols by default.
If you have any questions or comments on our plan to disable these weak SSL protocols, please let us know at .(JavaScript must be enabled to view this email address).
by Sunir in Integrations, Development on September 10, 2009
FreshBooks now supports OAuth to make it easier to build and manage its third-party addons.
Today, we're proud to announce that we now support OAuth, an increasingly popular open protocol for secure API authorization. OAuth is used by many cool services such as Google Docs, Netflix, and Twitter, and we're glad to join the club!
Over the past year, FreshBooks has grown a large collection of third-party add-ons. Supporting OAuth will make it easier for customers to manage third party add-ons' access to their FreshBooks data. Add-ons that support OAuth will no longer require customers to search for and then copy and paste their FreshBooks authentication token, which will be a huge relief to customers and third party integrations alike.
More importantly, instead of sharing one authentication token with all third-party add-ons, OAuth creates a separate relationship for each add-on uniquely, all behind the scenes. That means customers will be able to turn on and off access to each separate add-on without affecting any others. This gives customers important control over who has access to their data, and when.
We strongly recommend all third-party add-ons use OAuth for secure authorization since we may eventually require it for all future add-ons.
For more information about OAuth you can read the official OAuth documentation available at the OAuth.net site as well as the FreshBooks OAuth documentation. Also, stay tuned to the Developer Blog for all future updates about OAuth and the FreshBooks API.
It's now possible to run your web application or subscription service billing on FreshBooks through our API!
You can now capture credit cards from inside your own application and send them to FreshBooks over the recurring profiles API.
FreshBooks now supports Webhooks for real-time event notifications.
Yesterday we were thrilled to announce that multi-currency support has been added to FreshBooks! Today, we're equally happy to announce that you can take advantage of these new features using the API. You can now create invoices, recurring profiles, estimates, payments and apply client credit in multiple currencies
North America
United Kingdom
Ireland
International
1-866-303-6061
0808-101-3408
1-800-949-046
+1 416-481-6946
We love to help our customers! Send us an email through our online support request form any time you need help!
FreshBooks is an online invoicing and timetracking application. Find out more on our website.
