Aqilla API Overview
There are four types of programmatic interaction between an external application and Aqilla:
Create | Data from an external application is created in Aqilla |
Read | An external application reads data from Aqilla |
Update | An external application updates data in Aqilla |
Delete | An external application deletes data in Aqilla |
The Aqilla API enables external applications to interact with Aqilla thus:
API calls (whether C, R, U or D) are initiated by the external application with a request - and concluded with a response from Aqilla.
There are two types of data within Aqilla that can be accessed using the Aqilla API:
Reference Data | e.g. relatively static data such as customer and supplier details |
Documents | e.g. sales and purchase invoices |
Any ledger dimension (e.g. Main, Budget) can be accessed by the Aqilla API.
For each supported document the Aqilla API can access both container and subordinate entities - e.g. Purchase Invoice Header and Purchase Invoice Line. For each supported reference entity the Aqilla API can access the top level entity (e.g. Customer) but not subordinate entities (e.g. Customer Contact).
It is possible to upload, download and detach attachments at document header and line level (and reference entity top level) using the Aqilla API.
It is possible to promote documents (e.g. change state from Released to Approved) and some types of document lines (e.g. Expenses) using the Aqilla API.
Authentication & Access Control
The Aqilla API supports and requires basic HTTP authentication; this is secure because only HTTPS connections are allowed. Since no session data is maintained, the client requests pre-emptive authentication by supplying an authorisation HTTP header with every request. As defined by RFC 2617, the value of the header is User Name followed by a colon (":") followed by Password, the whole value being base-64-encoded. An example header could look like this:
Authorization: BASIC
The username and password must exist within the target Aqilla instance. The Aqilla API will use the permissions granted to the user whose details are passed by the external application and authenticated in Aqilla. The external application could pass the details of a “real” Aqilla user. In practice most developers will use a single “logical” user (e.g. “Interface Name”) and grant that user full access rights within the target Aqilla instance. The Aqilla API can access any ledger dimension (e.g. Main, Budget).
Other than as described above there are no further controls on access to data via the Aqilla API. Aqilla Enquiry Data Filters are not used by the Aqilla API.