10 Replies Latest reply on Jul 29, 2014 4:08 AM by Liam Dilley

    Is there an app for BC sage line 50 integration

    littletow Level 1

      Is there an app for BC sage line 50 integration so visitors can draw down invoices and elivery notes onto theire web area

        • 1. Re: Is there an app for BC sage line 50 integration
          TheBCMan Adobe Community Professional

          Currently no, to do it you would have to use a 3rd party solution like Onesaas (OneSaas - Cloud Integrations Made Easy) with an API middle man server to pull the data (or Javascript if you don't mind credentials in the code).

           

          OR build your own which is totally possible as well.

          • 2. Re: Is there an app for BC sage line 50 integration
            Liam Dilley Adobe Community Professional & MVP

            You wont likely see any apps of this nature or any time soon in the open platform current form because they only run when you load them in the admin. Linking them outside of the app environment to 3rd party systems has not been opened up yet as well. Possible now, but BC are looking to close any loop holes as it were or say not to do it.

            • 3. Re: Is there an app for BC sage line 50 integration
              TheBCMan Adobe Community Professional

              It's totally possible using the BC backend API hosted on another server (with a nice GUI as a BC app) or in an all Javascript solution (that connects in SOAP to the BC API and Sage's API). They are looking to use it in the admin tool, I don't think they would want to pull down product info on the frontend of the site.

              • 4. Re: Is there an app for BC sage line 50 integration
                Liam Dilley Adobe Community Professional & MVP

                Is that what they told you?

                Because you can, does not mean they want you to. They will offer it in the right way and they are looking to lock down apps further. The risk of passing data out etc is something they do not want willy nilly and ensuring correct authorisation etc.

                Like how you can use the web apps API not in apps right now but BC will close this soon and will tell you not to do it.

                You will, in the way they want, but the several things I want to do or have done I have been told not to do it. So do not risk it as one update and your app would break.

                • 5. Re: Is there an app for BC sage line 50 integration
                  TheBCMan Adobe Community Professional

                  Who are they?

                   

                  Adobe are not going to shut down the SOAP XML API anytime in the next 20 years, it would break so much... Connect your AJAX Javascript to the soap API and pull anything you want into a BC app, I'm doing it, it works, all good, but it means putting credentials in the client side code, but seeing that you need to login to the admin tool anyway it was acceptable for me and I randomized an include file with those credentials in them (in case of direct linking but not sure if this is an issue but better safe then sorry). Your all good.

                   

                  In short, it is very possible using plain old jQuery, HTML and the BC SOAP API. Nothing new about any of them and they wont change (at least for a very very long time).

                  • 6. Re: Is there an app for BC sage line 50 integration
                    Liam Dilley Adobe Community Professional & MVP

                    I think your missunderstanding quite a bit TheBCMan.

                     

                    API wise - Nothing changing, this is open and you can use that to communicate with.

                    BC are looking to redo all that SOAP into REST.

                     

                    In terms of Apps they are ensuring and will continue to ensure sandboxing and security. Both the BC engineering team and their peers are rightly concerned about security and protecting the platform.

                    In terms of apps BC do not currently support having an app linked to your server and pulling and passing data. There are means to do it but they will either be closed off or your advised not to use them until they release official methods to do that.

                     

                    Web app API is APP Only at the moment, although there are two methods to access and use it from 3rd party API methods. Although you can BC do not want you to be doing so, and again will be closing those methods. They will release an official method for web app API outside of apps down the line.

                     

                    Of course if you know how you can access the SOAP API - We have apps on sale doing that. It is not what I am referring to. And in terms of other recent posts - Compatibility, reliability is one of Pretty mandates,for both sites and things like apps. We fix up a lot of use cases for people from 3rd party developers in that regard as well.

                    So we dont just build to work, we build for reliability, usability and compatibility. Yep, we hate old browsers, but if a parent product like BC supports a browser, our apps must do to.

                    • 7. Re: Is there an app for BC sage line 50 integration
                      TheBCMan Adobe Community Professional

                      There is no misunderstanding, you can't sandbox plain HTML or Javascript... There is no security issues! Accessing the BC API with Javascript (WITH NO MIDDLE MAN SERVER!) there is no issue, if they make a REST API that would be even better, but accessing the SOAP API via Javascript is not a security problem, it's 100% on BC's platform, no external resources. I'll keep doing what I am doing and you keep doing what your doing.

                       

                      To answer the original posters question, it is possible to do but no one has created one. If someone wants it made they can hire me to make it for them and I'll make it without a problem or security issue.

                      • 8. Re: Is there an app for BC sage line 50 integration
                        Liam Dilley Adobe Community Professional & MVP

                        Yeah, there clearly is. I think your really missing it quite big.

                        Firstly of course there is 100% security issues accessing API through javascript. You cant just do that and it will work, because you have the authentication token you first need to have to be able to do any of that. So to avoid confusion for anyone reading that - This is needed.

                        Also anyone reading theBCMan's comments - No it does not mean you can access the API on the front end of your websites as well.

                         

                        In terms of what I am referring to TheBCMan is passing data out of an app and back in through 3rd party API servers, I am not sure what else needs to be said, sorry if you do not understand what I am referring to there but never mind.

                         

                        In terms of SOAP, again, I never mentioned about a security issue there, you are getting the wrong end of the stick, and again, we would not have apps that people can purchase and be allowed by BC if that was the case now would it?

                        It is not officially support however - hence no documentation on those being available in the scope of open platform.

                         

                        And in terms of the original posters question - Yes it is, but there are limitations in the scope of the current open platform limitation.

                        You can build Sage app with a BC app, but it wont be automatically passing data to Sage or doing things automatically, no app will be able to offer that. Do you realise that TheBCMan? there has been partner advisory and developer discussions on this for some time. That only comes via the full API and where you specify the API Integration notification data for a site. Similar is not available to apps yet.

                         

                        The fact it is also still open beta, methods currently open, not intended to be by BC can and may well be closed. And I gave an example of the Web app api access outside of apps - You may be able to do it, but one week an update could role out and that door will be closed. Because it works does not mean it is intended or wanted by the BC team, so understanding and listening to them, especially with apps is very important.

                        • 9. Re: Is there an app for BC sage line 50 integration
                          TheBCMan Adobe Community Professional

                          There is confusion, not on my part.


                          You wrote:

                          "In terms of what I am referring to TheBCMan is passing data out of an app and back in through 3rd party API servers"

                           

                          To be clear, sorry for all caps but, NO 3RD PARTY SERVER! All 100% Javascript, all 100% on BC, all good!

                           

                          I'm only talking about the SOAP XML API, not a REST API, not the open beta API, not the BC apps API, the old school SOAP XML API which you can connect to via Javascript if you want to, there is NO authentication token for the SOAP XML API, just a siteID and username and password.

                           

                          Just to be clear I am talking about this API:

                           

                          CatalystCRMWebservice Web Service

                          and

                          CatalystEcommerceWebservice Web Service

                           

                          Here is how to authenticate:

                           

                          <username>string</username>

                          <password>string</password>

                          <siteId>int</siteId>

                           

                          There is no token required, you are confusing a REST API with the SOAP XML API that has been around for 10+ years.

                           

                          Secondly, regarding putting credentials in the HTML, every post I did warned of this.

                           

                          To anyone reading this:

                           

                          - Liam is confusing a REST API with the SOAP XML API.

                          - Even if you needed an authentication token (which you do not) it still would be possible to use Javascript with said token.

                          - YOU CAN with Javascript in a BC app (admin area) access the full SOAP XML API. NOTE: You need to put usernames and passwords in the JavaScript so there is that security consideration.

                          - YOU CAN access the API with plain old HTML and JS from the front end of the site (in this case ONLY a 3rd party middle man server needed because I would never put login credentials client side).

                          - YOU ARE / I AM NOT breaking any rules or guidelines set out by BC or adobe because you are using plain old Javascript and HTML.

                          - Security is my number 1 focus on any project every time, I would not compromise security of any development work I did for easy of use or a cool idea. I would turn away work before compromising yours or my security on a project.

                          • 10. Re: Is there an app for BC sage line 50 integration
                            Liam Dilley Adobe Community Professional & MVP

                            I am really confused, not at this stuff but at what your saying and not reading.

                            I am not sure why your not reading things:

                            You seem to think I am disagreeing with you on some things where I am not. your glossing over the things I am saying and I think you do not realise a number of things about open platform.

                             

                            In terms of SOAP TheBCMan, your actually incorrect on the authentication and just doing an app using username and password creates a big problem in the scope of an app.

                            In terms of email and password - This has to be a user. So what your saying in terms of an app that may be on the app store etc - Someone has to create a user access or configure the app with their details before it will work. This is only viable for a one off app and custom solution for 1 site and either requiring a user slot for an app or needing one created.

                            This option is not really viable if your creating a true open platform app and has those problems and overkill in terms of your code access.

                            Developer reference

                            "To use a site token instead of username/password, send an empty username field and the site token as the password. See example below."

                            This works great, and you can see it is right there in the documentation. So there is a token.

                            What this means for your app, and the reason this is here is that you can create an app through SOAP (and again, we got apps out there doing this! lol) and NOT require a username and password. You do not have to request it in your app, no manual setup, no need to have a user or ensure a user exists in an app, works with any user, changes to users in the admin etc.
                            This means that the app can be sold viable to multiple people as a proper product, its less code and no use requirements.

                             

                            - Liam is confusing a REST API with the SOAP XML API.

                            No, I know what is REST and what is SOAP, I also have been talking BC about open platform testing it etc, and for some time. Also helped with feedback on what is more important to turn into REST. BC plan to do so as I mentioned with those conversations.

                            What you are not reading and understanding is what works in terms of open platform and between and app and 3rd party server data which is what I mentioned.

                             

                            - Even if you needed an authentication token (which you do not) it still would be possible to use Javascript with said token.

                            Yep, as I mentioned, and Yes, in terms of viable apps on sale you need to use the authentication token, not username and password option - Thats a bad idea and not a viable selling app. And it is more straight forward with the authentication token, so your also over complicating things.

                             

                            - YOU CAN with Javascript in a BC app (admin area) access the full SOAP XML API. NOTE: You need to put usernames and passwords in the JavaScript so there is that security consideration.

                            No need for username and password, and as I keep saying which your ignoring, I am 1. not talking about this in most of the bits I have said and 2. WE DO THIS, we were the first having this working in open platform (Which has been available to us through alpha as partner advisory board partners)

                             

                            - YOU CAN access the API with plain old HTML and JS from the front end of the site (in this case ONLY a 3rd party middle man server needed because I would never put login credentials client side).

                            Of course, again Pretty offers things like email validation to more complex things, BUT to be secure this needs to be done properly with good authentication. Like any decent web application and their API access etc. Your handling personal data on BC sites in the CRM etc, not doing this properly would be lazy and stupid as I am sure you agree. But based on your comments you can give people the wrong idea about open platform and apps.

                             

                            - YOU ARE / I AM NOT breaking any rules or guidelines set out by BC or adobe because you are using plain old Javascript and HTML.

                            Not true, I have done lots of things, and provided feedback on what I have done with BC, checked with them and been advised what is valid, what is not. When I was accessing lots of elements of the admin, as I mentioned already here along with other things.. this and other reasons were the reasons why BC introduced apps under a different domain and iframe so they could not access the parent frames dom objects etc.

                             

                            Because it is HTML and javascript it is also NOT true that you do not have to follow any guidelines or rules, yes you do. From HTML apps with other platforms like windows you can use javascript and HTML but there is authentication, methods etc. BC has already introduced this, apps are already sandboxed and the security features as I have already mentioned will be increased. Also, because these are built apps, you can not just go in and rip peoples code. Unlike a web app where the source is available, while you may view an app, if BC or the BC app store file code ripped from other apps, this breaks that apps copyright and you will be liable.

                            It is early days for open platform but from ownership to security and data access they are very much in the scope of app and are/will and continue to be in that scope. Like I said, if your hacking Webapp API now outside of an app - BC do not want you to do it and will close the loop holes.

                             

                            Addition: As another note, You of course, can not just make an app and it will work. You have to register the app with BC, You have to declare your development site, note when the app is live so it can be deployed. Apps as well fall under security access limitations. You can not just deploy an app on a site run by another partner, neither you or the site owner can validate the app, only the other partner. This is to ensure that it is not dodgy.

                            The BCappstore has spent a lot of time and money and have access API's via BC to authenticate and deploy apps properly as well. If nothing of what I was saying was correct, none of this would be in place.

                             

                            - Security is my number 1 focus on any project every time, I would not compromise security of any development work I did for easy of use or a cool idea. I would turn away work before compromising yours or my security on a project.

                            That is great to here, I do not expect or consider any different from someone with the experience you have. You should fully well understand that despite it being Javascript and HTML or because of It as well in other regards, BC are working to introduce increased security to open platform as they already have from the first iterations. I am not sure why your arguing me on this if this is how you feel?

                             

                            I am still not sure what your having ago at me for.