Using web services, authentication and message representation format
After enabling web services for your company, you'll be given a unique company identification and authentication token. For every API request you send, you'll need to present the following:
- username for the account that has access to the company data,
- MD5 hash for the password for that account,
- the unique web services token for the company.
API method request can be sent using HTTP POST as shown in the following example:
POST /WebServicesSI/API HTTP/1.1
<?xml version="1.0" encoding="utf-8"?>
<login username="micka" md5pass="ddb43e9f119c6805f4770ecc4f6466ba" token="07D316568AC3441F89981C68A30370A8" />
<parameter name="warehouseCode" value="01" />
<parameter name="stockDate" type="Date" value="2009-01-01" />
<parameter name="productCode" type="String" value="123" />
To generate MD5 password hash you can use the following command on Linux:
# echo -n "MICKAkovac" | md5sum
or you can use online generator:
In the example above MD5 password hash is generated for user with username micka (has to be in uppercase) and password kovac (exact case as it is set).
Actual web services token for the company can be found or generated in the menu
The web services have limit of maximum 4 requests in 4s from one client IP. This means that 4 requests can be sent within 4 seconds, in case 4 were sent in 1 second, it is then necessary to wait 3 seconds, or just send request every second. There is also delay functionality for sending responses, so if you wait for each response before sending another request, there is no need for delay implementation on client side.