I'm trying to use the QBO v3 API object update function described here. The API explorer shows a different uri.
I'm trying to update an account with Id 42. Both of the following URIs get me a 401:
As the documentation would suggest:
https://quickbooks.api.intuit.com/v3/company/0123456789/account?requestid=42
(the above at least gives me a json blob with the 401)
As the api explorer would suggest:
https://qb.sbfinance.intuit.com/v3/company/0123456789/account?operation=update
(here I don't even get the json, just a plain 401)
My request body is successful when I use the api explorer, so I don't believe that's the problem. I also don't believe authentication is the problem, because I can successfully create objects and also make queries with the same headers.
What might I be missing?
Don't put the Account object's ID into the URL. The [?requestid=] from the documentation you mentioned apparently refers to an id related to the request (not the object in question). The API Explorer's URI appears to simply mislead (although I could certainly be missing something here).
In your example, just use this:
https://quickbooks.api.intuit.com/v3/company/0123456789/account
Let the headers and request body do the rest.
Correct BASE URI: https://quickbooks.api.intuit.com/v3/company/
you can refer example request/response section of any entity doc.
Ref -https://developer.intuit.com/docs/0025_quickbooksapi/0050_data_services/030_entity_services_reference/bill
To debug(401 authentication issue), you can use any standard RestClient.
In the following thread, I've explained how to use RestClinet plugin of Mozilla to test any QBO V3 endpoint.
InvalidTokenException: Unauthorized-401
You can download IPP's devkit and using that devkit you can call any endpoints easily.
https://developer.intuit.com/docs/0025_quickbooksapi/0055_devkits
Hope it will be useful.
Thanks
Related
I have attempted to use the provided test data from the Cybersource documentation to create a token for a test PAN. However, when attempting to do so (assuming it was a REST Api) it results in a "403 - Forbidden" error. The documentation is limited, as it doesn't give much information on the API other than the following:
(Test) Endpoint: https://testsecureacceptance.cybersource.com/silent/token/create
Request to create a standalone payment token:
reference_number=123456789
transaction_type=create_payment_token
currency=usd
amount=100.00
locale=en
access_key=e2b0c0d0e0f0g0h0i0j0k0l0m0n0o0p3
profile_id=0FFEAFFB-8171-4F34-A22D-1CD38A28A384
transaction_uuid=02815b4f08e56882751a043839b7b481
signed_date_time=2013-07-11T15:16:54Z
signed_field_names=comma separated list of signed fields
unsigned_field_names=comma separated list of unsigned fields
signature=WrXOhTzhBjYMZROwiCug2My3jiZHOqATimcz5EBA07M=
payment_method=card
card_type=001
card_number=4111111111111111
card_expiry_date=12-2022
card_cvn=005
bill_to_forename=Joe
bill_to_surname=Smith
bill_to_email=joesmith#example.com
bill_to_address_line1=1 My Apartment
bill_to_address_city=Mountain View
bill_to_address_postal_code=94043
bill_to_address_state=CA
bill_to_address_country=US
Is this a REST or SOAP API? How can this be tested in Postman? I tested to check if either works, and was unsuccessful. There is no information on what to include in the header either, so this is a bit puzzling.
Example POST test I am attempting:
POST https://testsecureacceptance.cybersource.com/silent/token/create
Content-Type:application/json
Accept:application/json
{
reference_number:123456789
transaction_type:create_payment_token
currency:usd
amount:100.00
locale:en
access_key:e2b0c0d0e0f0g0h0i0j0k0l0m0n0o0p3
profile_id:0FFEAFFB-8171-4F34-A22D-1CD38A28A384
transaction_uuid:02815b4f08e56882751a043839b7b481
signed_date_time:2019-03-07T06:16:54Z
signed_field_names:profile_id,access_key,transaction_uuid,signed_field_names,unsigned_field_names,signed_date_time,locale,transaction_type,reference_number,auth_trans_ref_no,amount,currency,card_type,card_number,card_expiry_date,card_cvn,payment_method,bill_to_forename,bill_to_surname,bill_to_email,bill_to_address_line1,bill_to_address_city,bill_to_address_postal_code,bill_to_address_state,bill_to_address_country
unsigned_field_names:
signature:WrXOhTzhBjYMZROwiCug2My3jiZHOqATimcz5EBA07M=
payment_method:card
card_type:001
card_number:4111111111111111
card_expiry_date:12-2022
card_cvn:005
bill_to_forename:Joe
bill_to_surname:Smith
bill_to_email:joesmith#example.com
bill_to_address_line1:1 My Apartment
bill_to_address_city:Mountain View
bill_to_address_postal_code:94043
bill_to_address_state:CA
bill_to_address_country:US
}
"Is this a REST or SOAP API?"
The URL, https://testsecureacceptance.cybersource.com/silent/token/create, is used for Secure Acceptance Checkout API. Secure Acceptance Checkout API is neither a SOAP API or a REST API. It is designed to be used as an HTML form POST from a customers browser.
If your goal is to use a REST API from the browser then you will want to use Secure Acceptance Flexible Token documented here.
If your goal is to use Secure Acceptance Checkout API the full documentation for that is here.
"How can this be tested in Postman?"
Since this is not meant to be a REST API call but an HTML form POST and HTML response you may have limited success with Postman. For example even if you get the request to work successfully the response will be an HTML document not JSON.
One problem I see is that you are using the example signature, and that will not work for you. Ensure that you follow the documentation on how to create your signature as well as set the signed and unsigned fields.
#J.J. - the error you encountered -- "This field is invalid or missing.Please contact Customer Support.: ots_profileid' ". Is telling you that you are missing (or have an invalid) profileID in your request payload. The system doesn't know what profile to use when processing this request.
Right now I have a REST service which creates a report via a POST:
POST http://myhost/reports
The report however is not persisted, and cannot later on be retrieved via a GET:
GET http://myhost/reports/{id}
Instead I return the report immediately in the response to the POST. Am I violating any REST principle here, e.g. anything a POST creates should always be accessible via a GET, or is this setup OK?
The POST method isn't a synonym to the create in CRUD. The POST method is used for any operation that isn't standardized, so as long as you document what it does, you're not violating REST, no matter what you do.
There's no such REST principle saying "anything a POST creates should always be accessible via a GET". This is a common misunderstanding due to conflating REST with CRUD. Read this answer for some clarification on that.
In informal language, what a POST says to the server is "take this data and apply it to the resource identified by the given URI, following the rules you documented for the resource media type."
No, you are not violating REST. As long as your interface is uniform it is up to you to determine what actions the urls of your API perform.
As part of your documentation you simply need to state which methods are valid for certain resources and which aren't. I really like to use the Twitter API as a good example of "What to do"
Example: Twitter REST API
POST statuses/update
does not create an object available for access at
GET statuses/update/3
The action performed by the POST method might not result in a resource
that can be identified by a URI. In this case, either 200 (OK) or 204
(No Content) is the appropriate response status, depending on whether
or not the response includes an entity that describes the result.
So according to the HTTP standard this is okay.
I am using wso2 API manager 1.6.0 and would like to create an API which accepts any POST
on /users resource followed by any query parameter such as "clientid" (as described below)
restserver.com:8280/context/1/users?clientid=333
I have created an API in API publisher as follow :
URL Prefix URL Pattern HTTP Verb
/context/1 /users/* POST
Any POST on /users is accepted but as sson as I add a query paramter /users?clientid=333 , the request is rejected by the API Manager gateway with 403 error.
Could someone advice me on this and what should be the correct url-mapping format ?
The resulting url-mapping in synapse config file is as follow : (synapse-configs/default/api/)
Thanks a lot.
JS
For this you need to define uri-template instead of uri-mapping. This blog post explains more about this.
For your case I got it working as following.
Open your API configuration source which can be found at AM_HOME\repository\deployment\server\synapse-configs\default\api folder.
In the resource tag change url-mapping="/users/*" attribute to uri-template="/users/*"
But you will have to invoke the API as follows with additional context because when you say /users/* it means anything can come after users/. So you need to have a / after users context.
restserver.com:8280/context/1/users/usr?clientid=333
I am having problems accessing objects that use slashes through the api. For example I have objects with the names "folder1/folder2/name". When I use this with the api I get a 400 bad request. Is this not supported yet by the Api? or is a special character needed? This also fails for me on the API explorer.
This is a URL encoding issue. The object name is a single URL path part, and thus all slashes in the name need to be %-encoded. (i.e., folder1%2ffolder2%2fname)
API explorer, unfortunately, has a known issue (reported internally) with storage.objects.get. The method returns actual file data, and the API explorer is expecting JSON metadata and things go poorly from there.
Was after some help on getting started with calling the Rally REST webservice from a .NET MVC webclient.
I've been given the web service info here:
https://rally1.rallydev.com/slm/doc/webservice/
So I can see that I can use a URL to access information from Rally - Similar to:
https://rally1.rallydev.com/slm/webservice/1.39/task?query=((Owner.Name
= owner#blah.com.au) and (State != Completed))&order=Rank&fetch=true&stylesheet=/slm/doc/webservice/browser.xsl
However what I'm not clear on is how to authenticate before making my request?
I'm new to REST web services (have done the SOAP/WSDL awhile back) - so it doesn't seem like with REST you're supposed to add a reference to something to get client classes created? Is this correct? That you just create a HTTPRequest using a URI - and make the call, getting back a HTTPResponse (which I can hopefully do something with).
A lot of examples seem to have specific service/api classes that they're calling methods on or accessing properties - so I'm not sure if that's because they're using SOAP rather than REST - or that they created them themselves.
Maybe I'm looking at the wrong documentation as it seems assumed you know how to be authenticated. Or I'm missing a reference?
I know the question is old, but this might help someone else. You need to pass a Basic Authentication header with your base64-encoded username and password as part of your get() request. I found this information on an Atlassian documentation page and successfully applied it with Rally API 3.0 (should also work with 2.0). So in your get() request, include a header similar to the following:
auth_header = 'Authorization : Basic ' + base64_encode('username:password')