Accelo provides two different APIs – a Forms API that makes it easy for people to get data into their Accelo account without the need for any server-side programming, and a full-scale RESTful API which allows developers to write full applications that interact with Accelo using their own code.
Restful API
The RESTful API is a full API for interacting with many of the objects inside Accelo. Supporting full security (service accounts, user grants via Oauth), this API allows you to interact with dozens of object endpoints (with more being added all the time) through REST HTTPS actions (POST, GET, PUT, DELETE, etc) and with request/response data formats in JSON, XML and YAML.
Forms API
The Forms API is ideal for people who want to get data into Accelo from “Forms” that people submit from websites, intranets and other web-based environments. The Forms API has the advantage of being simpler to use than the full RESTful API – you simply create a <form> in your web page, populate it with tags (eg, <input type=”text” name=”company_name”/>) that the user submits and when you point the form’s POST Action at your Accelo domain, we’ll take your data, provide some light validation, and then save the data to your account in real time.
Authentication
There are 3 types of applications under Accelo’s domain that have to undergo authentication before making any API calls.
- Service Application:
These are not run from the end user’s deployment, and hence do not need to be authorized by the user, so authorization and accessing a token is are combined into one step for these applications.
2. Installed Application:
Installed applications require the end-user to authorize an application before it can make any requests. Hence token acquisition requires two steps:
1) Authorization of the application
2) Token Acquisition
3.Web Application:
Similar to installed application, to gain a token for web applications you must first have the end-user authorize the application, so again the two steps are:
1. Authorize the application
2.Token Acquisition
Keep in mind for these applications that the host is the deployment for the user and not the installed application’s deployment host.
Now, this blog will be talking about the automation of authentication of web applications using Function Apps.
Authorizing the web applications
Initially, before requesting for refresh token and access token, we have to first authorize our web application.
This can be done by making an API call to the authorize end point URI:
This is the basic endpoint URI for requesting an authorization code, but to get the auth code we have to pass some parameters too.
client ID: The application’s client ID as listed on the API control panel.
response type: This must be set to code for this request.
redirect_uri: If included this must match one of the redirect URIs provided when you registered your application.
After including all the parameters while making a call to your authorize endpoint, it will look something like this.
https://{deplyoment}.api.accelo.com/oauth2/v0/token?grant_type=“+grant_type+”&refresh_token=”+refresh_token
payload={}
headers = {
‘Authorization’: ‘Basic NmFlNTM2NDcwN0BhbHRhZmx1eC5hY2NlbG8uY29tOjdqfnd1dkpZLnNVLU1MUG5fVE9nN3h3NGJRQjJybHBM’,
‘Cookie’: ‘al_domain={deployment}.accelo.com’
}
response = requests.request(“POST”, url, headers=headers, data=payload)
result= json.loads(response.text)
access_token=result[‘access_token’]
refresh_token=result[‘refresh_token’]
If you do not have a refresh token with you and you are requesting for an access token for the first time, you have to follow the first procedure with the authorization code and then request for a new refresh and access token.
The access token expires after every 30 days; hence you have to request for a new access token after the expiration time. This process is tedious and time consuming. To make it simpler we can automate the process of fetching a new access and refresh token and storing it in Azure Table. The code for the same is given below.
import requests
import simplejson as json
#fetch access_token & refresh_token from Azure table storage
url = “enter_the_url_where_your_previous_acces_and_refresh_token_are_saved_along_with_the_SAS_token”
payload={}
headers = {
‘Accept’: ‘application/json’
}
response = requests.request(“GET”, url, headers=headers, data=payload)
result= json.loads(response.text)
access_token=result.get(‘value’)[0][‘access_token’]
refresh_token=result.get(‘value’)[0][‘refresh_token’]
#get new access_token & refresh_token from accelo
grant_type=”refresh_token”
url = “ https://{deplyoment}.api.accelo.com/oauth2/v0/token?grant_type=“+grant_type+”&refresh_token=”+refresh_token
payload={}
headers = {
‘Authorization’: ‘Basic NmFlNTM2NDcwN0BhbHRhZmx1eC5hY2NlbG8uY29tOjdqfnd1dkpZLnNVLU1MUG5fVE9nN3h3NGJRQjJybHBM’,
‘Cookie’: ‘al_domain={deplyoment}.accelo.com’
}
response = requests.request(“POST”, url, headers=headers, data=payload)
result= json.loads(response.text)
access_token=result[‘access_token’]
refresh_token=result[‘refresh_token’]
print(‘access_token : ‘+access_token+’\nrefresh_token : ‘+refresh_token)
con=’\”‘
at = con + access_token + con
rt = con + refresh_token + con
#store the latest acess_token & refresh_token in Azure table storage url =
“enter_the_url_where_your_previous_acces_and_refresh_token_are_saved_along_with_the_SAS_token”
payload=”{\r\n \”access_token\” : ” + at + “,\r\n \”refresh_token\” : ” + rt + “\r\n}”
headers = {
‘Content-Type’: ‘application/json’,
‘If-Match’: ‘*’
}
response = requests.request(“PUT”, url, headers=headers, data=payload)
We have to create a function app and set the timer trigger to 30 days, so that the code will run after every 30 days, and there will be a new access and refresh token before the expiration time.
Shubham Kokane
Data Engineer
Addend Analytics
Thanks for reading!