API Sessions

• Get API Session

An API session is a temporary unique identifier tied to a company ID, user ID, possibly an entity (via location ID), and an endpoint URL.

An API session is used as an alternative authentication method to avoid effectively logging in with company credentials for each API call.

You use the getAPISession function to get a session ID. You should always isolate getAPISession in a single request—do not mix getAPISession with other functions.

You can initiate a new entity-level session by issuing a call to getAPISession and supplying the location ID of the entity you want. From an entity-level session, you can provide an empty location ID to get a new top-level session (assuming you are not restricted to entity-level access).

Session Lifespan / Timeout

The response for each API call includes the projected session timeout in the authentication element:

The session timeout is calculated based on the session duration specified for the user or company plus the current time. A timeout occurs if the session timeout is reached before any subsequent API calls are made. If a call occurs before the projected timeout, it is reset to the current time plus the session duration.

Get API Session

History

You should not mix getAPISession with other functions in one request.

getAPISession

Gets an API session for a company:

<getAPISession/>

Gets an API session for the given entity:

<getAPISession>
    <locationid>California</locationid>
</getAPISession>

Gets an API session for the top level:

<getAPISession>
    <locationid/>
</getAPISession>

Parameters

Response

The above function returns data structured like this. The location ID is empty when at the top level of a company:

<api>
    <sessionid>nOTaReAlSesSIonId..</sessionid>
    <endpoint>https://na12.intacct.com/ia/xml/xmlgw.phtml</endpoint>
    <locationid></locationid>
</api>

Parameters

api

Provide feedback