fbpx

Authentication

This s a documentation page for our shiny new REST API - you weren't meant to find it. This API isn't ready for public use yet. We're chopping and changing it a LOT as we grow it. So if you build something that uses it then it's very likely to break in a future update. Don't say you weren't warned!

For accessing REST API methods, it is mandatory to specify a valid session token in the Authorization Headers of HTTP Request.

Example HTTP Request Headers


Accept: application/json
Content-Type: application/json
Authorization: KfToken 496F5DBA-DBB2-42A3-9645-DA0253220C9E
Connection: keep-alive
Origin: chrome-extension: //rest-console-id
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22

As mentioned in the example request user need to set Authorization header as
KfToken {SessionToken}
Note : Origin and User-Agent can be ignored in above example

The same token can be used for multiple requests as long as it is not expired. Please follow the link below to get the details of creating a session token
Rest API for Creating Session Token

401 UnAthorized Response with the appropriate error message Number of possible responses that can be returned if user don’t have a valid session token

1) Invalid Session Token

This response will be returned if session token provided is invalid or in wrong format.

Response :


{
    "Error": "InvalidSessionToken",
    "Message": "Session token provided is invalid."
}

2) Session Token Expired

This response will be returned if session token is expired due to inactivity. This can happen if user haven’t used session token for more than 60 minutes (configurable).

Response :


{
    "Error": "InvalidSessionToken",
    "Message": "Session token provided is invalid."
}

3) User Account Locked

If user account is locked due to invalid login attempts, following response will be returned.

Response :


{
    "Error": "AccountLocked",
    "Message": "User account is locked, please contact administrator."
}

4) User Subscription Expired

If user subscription is expired, following response will be returned. In this case user have to renew their subscription in order to consume REST API .

Response :


{
    "Error": "SubscriptionExpired",
    "Message": "User subscription is expired, please contact administrator."
}

See how KashFlow works with your business and your books