We currently use microsoft flow to catch and transform webhooks/data from 3rd party services and post back into Acumatica. However, we would prefer to use Zapier. I know it is a bit more complicated than your standard https rest api, but does anyone have any guidance as to what might be possible with Zapier and how to do it?
As a follow up question/thought. I have read up on webhooks and it may be that is a better solution for our use case. But with webhooks, how is security handled? Is there anything stopping anyone from posting to the webhook url if they retrieved that url? I have read some of the documentation but it’s still not that clear. Also, it tells you to register the url on the “External applications” form (SM301000) - but i don’t see zapier as an option in the application pulldown (https://www.dropbox.com/s/ublhlex6nimmjn3/Screen%20Shot%202022-03-12%20at%2011.52.43%20PM.png?dl=0)
just for reference - i’m o
Acumatica 2020 R2 Build 20.208.0031 |
For Web hooks, the information is received based on the URL it post the data to. Acumatica will consume the request and based on the config/dev, you would need to first do authentication and add it business rules.
See below to start with, you would need to pass the username and/or password with your POST:
private IDisposable GetAdminScope(string companyName)
{
var userName = "admin";
if (PXDatabase.Companies.Length > 0)
userName = userName + "@" + companyName;
return new PXLoginScope(userName,PXAccess.GetAdministratorRoles());
}
See link:
https://www.acumatica.com/blog/easily-send-post-requests-to-acumatica-using-webhooks/
Hi
I want to make sure that i understand correctly…I believe you are saying that it’s up to us to decide how and what we want the webhook to require when receiving the post to determine if we will allow the webhook functionality to execute. Is that correct?
Assuming I’m correct, do you have any suggestions for best practice? Of course we can just create a random string/key and post that as part of the header data.
I know there are “External Applications” and “Connected Applications” screens within acumatica. Should either of these be utilized for this use case? and if so, how best?
Hi
The Webhook calls would normally be sent from a secure system already with the correct structures. The connected applications provides the tokenized authentication.
If you do need to make each request secure, either add in logon credentials in your package with each sent, or do a Tokenized Authentication prior submitting the information. It really depends on your approach.
I am glad the above helped.
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.