If you've just installed the SalesPad Web API, head over to the Database Update page and perform the database update.
Next, you may update your licenses as needed in the Licenses page.
After this, you are ready to begin using the API! Continue reading below to learn about authentication and more.
SalesPad API requires an Authorization
or a Session-ID
header for each request.
To begin using the SalesPad API, make a request to GET /api/Session/Permanent
with SalesPad credentials in the Authorization
header as specified in the example below. A successful response will contain a Session GUID (Globally Unique Identifier).
For ALL subsequent requests, this Session GUID must be included in a Session-ID
header.
If desired, you may also use GET /api/Session
to create a session. Based on user group, these sessions will either consume a desktop seat or an external API seat, and will expire in 15 minutes of inactivity.
Example Headers:
Authorization: Basic dXNlcjpwYXNz | SalesPad API uses Basic Authentication to obtain a Session ID. The SalesPad username and password should be in the format of username:password (using a colon as the delimiter), prefixed with the keyword Basic and encoded in Base64. This value is then sent to one of the above Session endpoints using the Authorization header. |
Session-ID: EDFBCDBC-8324-42EE-8EAE-23A8FE657CCE | SalesPad API requires a Session ID for every API call (with the exception of GET /api/Session and GET /api/Session/Permanent , which will provide the Session ID). |
By default, CORS (Cross-Origin Resource Sharing) is enabled for all domains ( denoted by * ). If you wish to restrict this, please change the following value in web.config:
<configuration> <system.webserver> <httpprotocol> <customheaders> <add name="Access-Control-Allow-Methods" value="POST, GET, PUT, DELETE, OPTIONS" /> <add name="Access-Control-Allow-Headers" value="Content-Type, Authorization, Session-ID, Context-ID" /> <add name="Access-Control-Allow-Origin" value="*" /> </customheaders> </httpprotocol> </system.webserver> </configuration>
<add name="Access-Control-Allow-Origin" value="localhost:9000" />
Most SalesPad API GET requests are OData enabled, which means you can make use of a select set of Query Options to filter results returned by the API.
SalesPad WebAPI uses System.Web.Http.Odata ODataQueryOptions which currently only supports $filter
, $orderby
, $top
, $skip
, and $inlinecount
.
See OData's Documentation for further information on how to use Query Options.
GET api/Customer?$filter=Customer_Credit_Limit gt 30000 and Payment_Terms eq 'CREDIT CARD' &$orderby=Customer_Name desc
GET api/SalesDocument?$filter=startswith(Customer_Name,'R') &$orderby=Zip &$skip=1 &$top=4
Batch request endpoints are available at api/batch
and api/sequentialBatch
. Like their names suggest, api/sequentialBatch
executes the requests in sequential order, meaning the second request in the batch won't start until the first one is completed. If order of execution is not important, use api/batch
to execute the requests asynchronously.
To send a batch request, the individual requests are bundled into the request content in MIME multipart format. The Content-Type is specified as multipart/mixed
, with a boundary value which marks the beginning of each request and allows the server to unwrap the batch request into separate requests.
Please note that each part of the batch request is run separately; thus, the Session-ID
header is required for each individual request.
The following sample batch request will execute two GET requests in sequential order:
GET /api/currency?$filter=Currency_ID eq 'Z-US$'
- OData request for 'Z-US$' currency informationGET /api/countrycode/US
- A request for 'US' country code informationPOST http://localhost:5501/api/sequentialBatch HTTP/1.1 Session-ID: fb973191-d7f1-466e-84a0-235250f7bc63 Content-Type: multipart/mixed; boundary="99729b72-30c0-402e-be99-4ba6c14a56d7" Host: localhost:5501 Content-Length: 553 Expect: 100-continue Connection: Keep-Alive --99729b72-30c0-402e-be99-4ba6c14a56d7 Content-Type: application/http; msgtype=request GET /api/currency?$filter=Currency_ID%20eq%20'Z-US$' HTTP/1.1 Host: localhost:5501 Session-ID: fb973191-d7f1-466e-84a0-235250f7bc63 --99729b72-30c0-402e-be99-4ba6c14a56d7 Content-Type: application/http; msgtype=request GET /api/countrycode/US HTTP/1.1 Host: localhost:5501 Session-ID: fb973191-d7f1-466e-84a0-235250f7bc63 --99729b72-30c0-402e-be99-4ba6c14a56d7--