Skip to main content
Question

Resource owner password flow

  • February 24, 2025
  • 7 replies
  • 66 views
S
Freshman I

Hello,

I am using a restful api to get invoice as described by the documentation using Resource owner password flow. after generated a token I made a call to api to get invoice

Url + "Invoice?filter=ReferenceNbr eq 'XXXXXX'&$filter=ReferenceNbr eq 'XXXXXX'"

after 2 successful attempt to get invoice when I try to get invoice for the third time I get error

API Login Limit

I tried to logout after each request, but the logout request getting 204 no matter what I passed in the authorization. so not sure if logout is working with me.

 

using var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Post, configuration["SignoutUrl"]);
request.Headers.Add("Accept", "*/*");
string authInfo = configuration["UserName"] + ":" + configuration["Password"];
authInfo = Convert.ToBase64String(Encoding.Default.GetBytes(authInfo));
request.Headers.Add("Authorization", "Basic " + authInfo);

var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();

how to get unlimited calls for that user trying to login getting the token and make request.

    7 replies

    hdussa
    Jr Varsity I
    Forum|alt.badge.img
    • hdussa
    • Jr Varsity I
    • 99 replies
    • February 25, 2025

    Hello ​@swassouf ,

    It could be a limit set for API connections. Please see below instructions and verify the limit.

     

    Assuming, you are using  offline_access scope, I would try refreshing the token rather logging out after each request.

    Lastly because of the security concerns, it is preferable to use other authorization flows such as Authorization Code Flow if possible.

     

    Hope this helps!

    ~ Harish Dussa
    Chris Hackett
    1 person likes this
    • Chris Hackett
      Chris Hackett
    S
    Freshman I
    • swassouf
    • Author
    • Freshman I
    • 3 replies
    • February 25, 2025

    Hi 

    Thank you Harish for your fast response.

    I am not using a website I am using a worker windows service and I don’t have a Url to be redirected to. so can I use Authorization Code flow to get required token in windows service? 

    Chris Hackett
    hdussa
    2 people like this
    • Chris Hackett
      Chris Hackett
    • hdussa
      hdussa
    hdussa
    Jr Varsity I
    Forum|alt.badge.img
    • hdussa
    • Jr Varsity I
    • 99 replies
    • February 26, 2025

    Hello ​@swassouf ,

    I assumed you were using website. I have zero knowledge Acumatica API integration with worker services, sorry!. It seem to be you have no choice but stick to resource owner password flow.

    I hope the article below will help you.

    https://help.acumatica.com/Help?ScreenId=ShowWiki&pageid=822ddb44-b14f-481a-90c7-f15521e61702

    Happy coding!

    ~ Harish Dussa
    Chris Hackett
    1 person likes this
    • Chris Hackett
      Chris Hackett
    Dmitrii Naumov
    Acumatica Moderator
    Forum|alt.badge.img+7
    • Dmitrii Naumov
    • Acumatica Moderator
    • 654 replies
    • February 26, 2025

    @swassouf do yo have ‘concurrent_access’ scope?

    I’d recommend to remove this scope and try without it. That way you’ll reuse the existing API session and will not face the issue.

    Chris Hackett
    hdussa
    2 people like this
    • Chris Hackett
      Chris Hackett
    • hdussa
      hdussa
    S
    Freshman I
    • swassouf
    • Author
    • Freshman I
    • 3 replies
    • February 26, 2025

    @Dmitrii Naumov  I removed the concurrent_access from scope I am just including api offline_access

    in the third request I got  “API Login Limit” 

    Should I cache the token and use it for multiple request till expire and then call  for another one. 

    if I am using same token it works fine. 

    Dmitrii Naumov
    Acumatica Moderator
    Forum|alt.badge.img+7
    • Dmitrii Naumov
    • Acumatica Moderator
    • 654 replies
    • February 26, 2025

    @swassouf yes, you should use the same token until it expires. When it expires you can use the refresh token to get a new token.

    Chris Hackett
    hdussa
    2 people like this
    • Chris Hackett
      Chris Hackett
    • hdussa
      hdussa
    S
    Freshman I
    • swassouf
    • Author
    • Freshman I
    • 3 replies
    • February 27, 2025

    How to refactor this to new ERP?  CustomFields property not found and replaced with Custom

    and fieldName, viewName are missing too (deprecated) 

    Do you have an example to pass Custom property?

    CustomFields = new AccumaticaApi.CustomField[]
     {
              new AccumaticaApi.CustomStringField
              {
                    fieldName = "InvoiceNbr",
                    viewName = "Document",
                    Value = xxxxx
              },
         new AccumaticaApi.CustomStringField
         {
             fieldName = "PaymentMethodID",
             viewName = "CurrentDocument",
             Value =  xxxxx
         }

    }

    Reply


    Most helpful members this week

    Terms & ConditionsCookie settings

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

     
    Cookie settings
    About Acumatica ERP system
    Acumatica Cloud ERP provides the best business management solution for transforming your company to thrive in the new digital economy. Built on a future-proof platform with open architecture for rapid integrations, scalability, and ease of use, Acumatica delivers unparalleled value to small and midmarket organizations. Connected Business. Delivered.
    © 2008 — 2024  Acumatica, Inc. All rights reserved