Staff API Access: No More Restrictions!

by Paul Osman in API Additions, Integrations, Development on September 30, 2009

As of today, the FreshBooks API is fully functional for Staff members, not just Administrators. Ever since its debut, the API has used a more restrictive set of permissions than the application. This made things a little simpler for us, but it didn't help our users or third-party add-on developers. It meant that certain third-party applications simply weren't as useful for customers who had multiple staff members sharing a single FreshBooks account. We've received many requests from developers to open up permissions in the API so that they more closely follow the permission settings in the application. You have been heard!

Staff now have access to all of the API methods as long as they are given the appropriate permissions from the application settings. This means that if the invoices tab is enabled for staff in the application, they can view and edit invoices from the API for clients who they are assigned to. Likewise, if the estimates tab is enabled, they will have API access to estimates for clients who they are assigned to. Ditto for Recurring Profiles, Payments and Items.

We hope that this change will make existing applications more useful and encourage new kinds of third-party add-ons that were simply not possible before. Having the API be more consistent with the application should help make FreshBooks more useful for everybody.

4 comments

FreshBooks now supports OAuth

by Sunir in Integrations, Development on September 10, 2009

FreshBooks now supports OAuth to make it easier to build and manage its third-party addons.

Today, we're proud to announce that we now support OAuth, an increasingly popular open protocol for secure API authorization. OAuth is used by many cool services such as Google Docs, Netflix, and Twitter, and we're glad to join the club!

Over the past year, FreshBooks has grown a large collection of third-party add-ons. Supporting OAuth will make it easier for customers to manage third party add-ons' access to their FreshBooks data. Add-ons that support OAuth will no longer require customers to search for and then copy and paste their FreshBooks authentication token, which will be a huge relief to customers and third party integrations alike.

More importantly, instead of sharing one authentication token with all third-party add-ons, OAuth creates a separate relationship for each add-on uniquely, all behind the scenes. That means customers will be able to turn on and off access to each separate add-on without affecting any others. This gives customers important control over who has access to their data, and when.

We strongly recommend all third-party add-ons use OAuth for secure authorization since we may eventually require it for all future add-ons.

For more information about OAuth you can read the official OAuth documentation available at the OAuth.net site as well as the FreshBooks OAuth documentation. Also, stay tuned to the Developer Blog for all future updates about OAuth and the FreshBooks API.

2 comments

Where’s my API key?

by Daniel in Integrations on March 25, 2009

With our recent redesign of the system settings and preferences pages, we’ve made it one step easier for you to access your API key.  Here are the steps on how to locate your API key under the new redesign:

1. Click on your white “My Account” link on the top right corner.

2. Click on your “FreshBooks API” sub-tab on the top right.

3. Click on your checkbox next to “Yes, I agree to the API terms of service”.

4. Your “API URL” and “Authentication Token” will become visible on your screen.

We hope you have enjoyed this update.

4 comments