Sage Intacct SDK for PHP

• Overview
• System Requirements
• Quick Install
• Client model
• Client configuration
• Request configuration
• API functions
• Credentials
  • Hard-coded credentials
  • Environment variables
  • Credentials file and profiles
  • Session credentials
  • Client/entity slide-in credentials
• Error handling
• Logging
• What’s next?

Overview

Get going quickly using Web Services with the Sage Intacct SDK for PHP.

The SDK allows you to work with pre-built PHP objects instead of directly with the underlying XML API.

The Sage Intacct SDK for PHP is licensed under Apache v2.0. Please read and accept this before using the SDK.

This topic provides a high-level overview of the SDK. When you are ready to start coding, try the getting started example and keep the reference documentation handy for delving deeper.

If the SDK does not provide the functionality you need, you can write your own classes that implement functions. See Custom Object Function for an example.

System Requirements

• An active Sage Intacct Web Services Developer license, which includes a Web Services sender ID and password. If you need a developer license, contact your account manager.
• Web Services authorization for that sender ID in the target company
• PHP >= 7.3
• cURL >= 7.19.4 compiled with OpenSSL and zlib
• Latest version of Composer

Quick Install

1. Install Composer

2. In your project, specify the Sage Intacct SDK for PHP as a dependency in your project’s composer.json file:

    {
        "require": {
            "intacct/intacct-sdk-php": "v3.2.0"
        }
    }
   

3. In a terminal window, run composer install from the root folder.

4. Require Composer’s autoloader in your project file(s):

    require __DIR__ . '/vendor/autoload.php';
   

Client model

The SDK uses a client model for sending requests to the gateway. You construct a client, optionally configure it, then use it to execute your requests.

There are two kinds of clients:

• OnlineClient can perform multiple create, update, and delete operations. 99% of all developers will use this client.
• OfflineClient just like the OnlineClient except it uses a predefined Policy ID with Sage Intacct to make Offline Web Services requests.

Both clients provide an execute call that sends a single API function, and an executeBatch function for sending multiple functions. For usage information, see the getting started example.

Client configuration

When you construct a client, you can optionally provide configuration information in a client configuration object. This object can provide Web Services credentials, company credentials (including an optional entity ID), a session ID, logger choices, the gateway endpoint, and so forth.

$config = new ClientConfig();                // Create the config and set a session ID
$config->setSessionId('SomeSessionFromTheInternet..'); 
$client = new OnlineClient($config);         // Construct the client with the config

During client instantiation, the default endpoint (https://api.intacct.com/ia/xml/xmlgw.phtml) is used.

Request configuration

To configure the request that is sent to the gateway by the SDK, create a request configuration instance and pass it in when you call execute or executeBatch.

You can use a request configuration to set a control ID for the request, specify a transport policy ID (for an offline client), set a time-out value, and so forth.

$requestConfig = new RequestConfig();                    // Create the request config and set a control ID
$requestConfig->setControlId("testing123");
$response = $client->execute($query, $requestConfig);    // Execute the request

If you do not supply a request configuration, the following defaults are used.

private $controlId = '';
private $transaction = false;
private $uniqueId = false;
private $policyId = '';
private $encoding = 'UTF-8';
private $maxRetries = 5;
private $maxTimeout = 300;
private $noRetryServerErrorCodes = [
    524, // CDN cut the connection but system still processing request
];

For a high-level understanding of how you can configure requests, see XML Requests.

API functions

The underlying API functions are made available through classes in the Intacct/Functions namespace. The classes that provide object-specific functionality are under feature namespaces, and the classes that provide generic functionality are in a single namespace. For example, object-specific classes such as CustomerCreate, JournalEntryCreate, and ContactUpdate are under their respective categories, and generic classes such those that read or query data are under a single Common namespace.

All these classes implement FunctionInterface and extend AbstractFunction, which gives them access to an XML writer that translates the PHP objects into XML.

The clients can execute any class implementations of the FunctionInterface:

The following example constructs a Customer object:

    $create = new CustomerCreate();
    $create->setCustomerName('Joshua Granley');
    $create->setActive(false);

If the Intacct/Functions classes do not meet your needs, you are welcome to write your own classes that implement this interface. Check out Custom Object Function for more on this.

Credentials

There are several ways you can supply Web Services and company credentials (including an optional entity ID) to the SDK.

• Pass in a client configuration with hard-coded credentials when you construct your client.

• Use environment variables to store your credentials.

• Use a credentials INI file to store various profiles, which are groupings of your credentials.

• Validate and use a session ID received from a Smart Event or trigger.

You can mix and match how credentials are loaded. For example, you might set Web Services credentials in your environment, then load company login credentials from a credentials file. You can also pass company credentials directly to the ClientConfig from a different source.

Hard-coded credentials

The following shows how to provide hard-coded Web Services and company credentials using ClientConfig:

$config = new ClientConfig();
$config->setSenderId('testsenderid');
$config->setSenderPassword('pass123!');
$config->setCompanyId('testcompany');
// $config->setEntityId('testentity');
$config->setUserId('testuser');
$config->setUserPassword('testpass');

Note: You should make every effort to securely store your credentials and not hard code them.

Environment variables

You can use environment variables to specify credentials directly or via named profiles in a credentials file. You can also override the default gateway endpoint using an environment variable.

Credentials file and profiles

If not otherwise supplied, the SDK will look for credentials in the default profile in a credentials file in the default location:

home_dir/.intacct/credentials.ini

The following shows the format for the file. Each profile starts with a name in brackets followed by key/value pairs.

[default]
sender_id = mysenderid
sender_password = mysenderpassword
company_id = mycompanyid
user_id = myuserid
user_password = myuserpassword

[demo987654321]
company_id = demo987654321
user_id = myuserid
user_password = myuserpassword

[demo987654321_entityA]
company_id = demo987654321
user_id = myuserid
user_password = myuserpassword
entity_id = entityA

[dev123]
sender_id = mysenderid
sender_password = mysenderpassword
endpoint_url = https://api.intacct.com/ia/xml/xmlgw.phtml

You can provide values for the following in any profile:

• sender_id
• sender_password
• endpoint_url
• company_id
• entity_id
• user_id
• user_password

Override the location for the credentials file

You can override the default location of the credentials file with the ClientConfig::setProfileFile function:

$config = new ClientConfig();
$config->setProfileFile(__DIR__ . '/.SomeFileNotInSourceControl.ini');
$config->setProfileName('demo987654321');

$client = new OnlineClient($config);

Use a non-default profile name

As shown above, you can specify a non-default profile to use with ClientConfig::setProfileName. You can also use the INTACCT_SENDER_PROFILE, INTACCT_COMPANY_PROFILE, or INTACCT_PROFILE environment variables for this purpose.

Session credentials

Some integrations are triggered by Smart Event HTTP notifications. Such notifications typically include a session ID and endpoint URL.

Warning: Do not blindly trust session IDs that your server receives over the internet. Always validate these parameters before using them.

You can use the static SessionProvider::factory function to validate that a session ID is valid and that the endpoint URL is a *.intacct.com domain.

try {
    $config = new ClientConfig();
    // Web Services credentials are loaded from the environment
    // Assume the following endpoint and session ID came from the $_POST (after using sanitize filters)
    $config->setEndpointUrl('https://api.intacct.com/ia/xml/xmlgw.phtml');
    $config->setSessionId('SomeSessionFromTheInternet..');
    
    // Validate that the session ID is valid and the endpoint URL is a *.intacct.com domain
    $sessionConfig = SessionProvider::factory($config);
    
    // Create a client with the validated session credentials in a new ClientConfig
    $client = new OnlineClient($sessionConfig);
    
    // Execute some other API functions
    
} catch (\Exception $exception) {
    echo 'Uh oh...';
}

Client/entity slide-in credentials

The following table shows another way to provide entity slide-in credentials using the pipe character (|) to separate the IDs.

Error handling

There are several categories of errors that can occur when sending requests to the gateway. Your code should handle these.

The execute and executeBatch functions have some built-in error handling for the results (Result instances) coming back:

• execute allows you to execute one function to the Sage Intacct API. This will also grab the Result and call ensureStatusSuccess to check for any API errors executing the single API function.
• executeBatch allows you to execute multiple functions to the Sage Intacct API in the same request.
  • If the passed RequestConfig parameter’s isTransaction evaluates to true, it will loop through each Result and call ensureStatusNotFailure in an attempt to check for any API errors that are status failed and not aborted.
  • If the passed RequestConfig parameter’s isTransaction evaluates to false (default), you will need to do your own Result looping and error checking.

Logging

The SDK lets you use any logger that implements the PSR-3 Logger Interface. One popular implementation is Monolog, which is used throughout the SDK examples.

A logger can be set using the ClientConfig::setLogger function. If set, the SDK will add entries for all HTTP request and responses with the Sage Intacct API endpoint.

By default, the SDK writes log entries using the debug log level. To change the level, use ClientConfig::setLogLevel. If you change the level, consider changing the format to omit the XML request and response as these can get quite large.

To format the entries differently, construct a new Intacct\Logging\MessageFormatter object and add it to the config with ClientConfig::setLogMessageFormatter. Refer to the PHPDoc comments in the MessageFormatter::__construct for the variables used by the formatter.

The logger will attempt to redact sensitive info, like passwords, from the debug entries. Regardless, access to logs should always be restricted.

What’s next?

• Try the getting started example.

Provide feedback