Importing data into Quickbooks Online with their API - api-design

I am looking to build an app for QB. I have a small accounting service which I would like the transactions and invoices to be imported into quickbooks. It looks like I could create customers, payments, and invoices as they are entered into my service, but I am wondering if there's an option to have this information passed to quickbooks via a webhook. Similar to how their bank import pulls in data when you hit refresh, is there a way we can hook in similar apps?

No, QuickBooks does not support what you're looking for (the ability to have QuickBooks poll a URL for new data).
Intuit's developer site is at the link below. You should review their documentation below:
https://developer.intuit.com/

We have fully integrated the QBO API into our systems and we're able to synchronize transactions, invoices and customers without a problem. It's hard to discern from your question exactly what direction the information would be flowing.
Through the API you can create, read, update, delete and query Invoices, Payments and much more. You are right that you can create customers, payments and invoices when they're created in your system but you're wondering if there is an option to have this passed "passed to quickbooks via webhook."
QuickBooks Online does not have any inbound webhooks, but if information is going in to QuickBooks, those functions aren't passed into QuickBooks via a webhook but they are passed in through API calls.
If you are seeking to have QuickBooks Online call your service via an outbound webhook when something is updated, this is now possible. See this blog post for more details on Webhooks for QBO API.
Before they rolled out outbound webhooks, we had built a cron job service to poll QuickBooks for any changes but now we utilize the webhooks to trigger instant updates to our system without having to poll QuickBooks.

Related

Any woocommerce REST API for guest account?

Woocommerce provides an API here which in order to use it, you have to provide a consumer key and consumer secret with a relevant authorization schema. What I fail to grasp is that, shouldn't be there an API for unauthorized / guest users ? I mean, I just want to create a display page (frontend) of available products, but without the need of generating CK/CS. Also looking in a similar question here
it seems that you cannot avoid using the keys. But a second question comes up. The frontend is not supposed to use the keys, because then the e-shop becomes exposed to the client. So, even by generating these keys in order to access woocommerce api, how am I supposed to correctly use them ? Please help me understand the flow.
TLDR;
Do NOT use CK/CS in front end. It's only for use in a secure backend. The keys can be used to read/write anything from products to, orders to all customer related information.
Based on you questions, I suspect APIs might not be the best way to do what you're intending to do. If you do need APIs, chances are, you have two backend servers communicating with each other. APIs are usually meant for use by other applications. For example, a lot of Point of Sale systems utilize this WooCommerce API. You might want to look into extending the WooCommerce plugin itself and creating end points to get the information or perform actions you need.
If you are not familiar with secure Authenticated APIs, I would highly suggest you familiarize yourself with them as failure to secure the website can result in huge financial losses to sensitive personal information leakage of the site users since WooCommerce APIs, at the time of this writing, only allows you to set read or write permissions with full access to everything.
With that in mind I will attempt to answer all of your questions one by one and give an idea of how you should use it.
To Answer your questions
What I fail to grasp is that, shouldn't be there an API for
unauthorized / guest users ? I mean, I just want to create a display
page (frontend) of available products, but without the need of
generating CK/CS
I'm guessing your misconception is that you need to use separate keys for each user. API keys are not meant to give access for front-end users. The API keys generated by the WooCommerece plugin gives full read/write access to any user to view/modify any information including that of other customers. Its meant for admins. If you check the official WooCommerce API reference for retrieving a customer you'll notice that you get to provide an id here. And if you check the response it shows everything from addresses to contact information.
The frontend is not supposed to use the keys, because then the e-shop
becomes exposed to the client. So, even by generating these keys in
order to access woocommerce api, how am I supposed to correctly use
them ?
Its quite simple actually. You just need to get between the communication between the front-end users and the WooCommerce API. If the users needs to be provided information from the WooCommerce end point, you need to get it for them using the CK/CS.
This way, you confirm what information is allowed to view/modify by whom, and the user does not need to be authenticated.
WooCommerce Endpoints <---> Your secure backend service/middleware/controller <---> front-end user
One thing to note though, is that you need to be careful about the parameters a front-end user is able to change in the request to your server end-point that is consuming the WooCommerce API key. A customer should not be able to change the id that is requesting their info for example. Id should be retrieved from the backend from the secure authentication information coming from the front-end.

How does it work to implement an API for Payments in separate ends of a project?

Alright, A friend and I are developing an App where I'm developing the back-end and he is developing the front-end. The project is separated into two repositories the front-end and the back-end, and we need to implement a payment API.
Now, since we're using the REST API Concept, we communicate both ends through JSON data.
My question is, when we're making the connection to the payment API, who needs to execute that request? The front-end or the back-end?
I know it's a silly question, but first timer here.
The backend will obviously process the payment, I'm not sure which payment API you're going to use. But depending on the API you go with, the implementation will vary. But the actual processing of the payment will be processed in the backend for sure.
It completely depends on the API.
In some cases, a payment can be accomplished via a secure web service call, which would be issued by your friend's REST service. The front end will still need to collect data (e.g. payment amount and card number) and may also need to collect additional information to satisfy the API (e.g. IP address or browser signature, for risk management purposes).
In other cases, the payment is sent directly to the service from the browser. The role of your application would be to render an iFrame housing a page that is reached via SSO. The back end may need to call a service to retrieve an SSO token, or may have to compute an SSO token using a shared key.
You should probably refer to the payment API's documentation. They often have very specific guidance which you must follow carefully in order to achieve payment card (PCI-DSS) compliance. There is nothing special about "payments" that says that allows StackOverflow users to guess anything about its API.

Create opportunities in Marketo

I want to integrate Marketo api with my .net project.
My client has given a username & password to Marketo. I want to retrieve "opportunities" from Marketo. I have written code for that. Currently there are not any opportunities so I'm not able to test my code. Has anyone an idea how to create opportunities in Marketo so I can whetehr check my code is retrieving that records or not?
Opportunities are not visible as standalone entities in Marketo as they are in SFDC or other CRMs. Rather, as #joev said, you have to find a lead that has an opportunity and view the opportunity details within the context of that lead's detail view, on the Opportunity tab.
If you want to use the GUI to create an opportunity, the right place to do that would be in the CRM — not in Marketo.
You need to have create/update right via API, ask your client for create/update rights then you will be able to create some data through API itself.
Like other people have mentioned there isn't a direct GUI inside Marketo for creating opportunities. These are typically created via the CRM (aka Salesforce, NetSuite, Microsoft Dynamics, etc...) and then sync'd to Marketo.
If you want to test it and have no CRM available -- technically you can just use the REST API to sync your own opportunity to a lead. Once done you could login to Marketo to visually validate it. Then now that you have an opportunity created you could then use the API to GET the opportunities and further validate your integration.
Here is a link to Marketo's documentation on how to sync an opportunity to Marketo. Also on that page is the documentation on the other REST API options.

Linkedin new developer program Companies API impact

In my application , I use the following APIs of the companies API,
https://api.linkedin.com/v1/companies/id={id}
and
https://api.linkedin.com/v1/companies/{id}/updates?event-type=status-update
With the new API program, do I need to change my existing application ? I find the description on the linkedin developer website regarding the same as not comprehensive enough. If I need to continue with the app, do I really need to get into a partnership program with linkedin or can I continue like I do currently.
We recently contacted the LinkedIn Support regarding the changes.
So first endpoint will be available to you without getting into PartnerShip program. The following endpoints are the only ones that will remain available for use:
Profile API — /v1/people/~
Share API — /v1/people/~/shares
Companies API — /v1/companies/{id}
The second Endpoint will require Partner Ship program with LinkedIn you can apply here
But it will not involve code changes because they will give privileged access to your App. At the time of applying for partnership program they will ask for LINKEDIN_APP_KEY and LINKEDIN_APP_SECRET. They will provide access to these KEY and SECRET.

Outbound E-mail Profile API: Get list of e-mailaddresses

I'm working on a Java console application that needs to go through all the e-mailaddresses in the frontend database in Tridion Outbound E-mail 2011 and change a certain extended field of that contact.
I've gone through the Subscription API documentation for clues on how to get a listing of all the e-mailaddresses, but I'm getting stuck there. Is there any clean way to do this through the API, without resorting to database queries?
It is not possible to get a list of Contacts using the Subscription API. It is meant primarily for working with single Contacts, who update their profile on your website.
For bulk management of Contacts, you should use Tridion.AudienceManagement.API on your Content Management server instead. The changes will then be synchronized to all of your websites.
You should not change anything directly in the database, as you will get issues with synchronization.

Resources