API Reference

Authentication

This page will help you get started with the Accounton Developer API and describes how you can obtain security credentials.

Credentials

Every request to the Accounton Developer API needs to be authenticated. Authentication happens by embedding two different headers in the request.

  1. X-CLIENT-SECRET - This is the client secret, which evidently should remain secret. In case of compromise, urgently contact [email protected].
  2. X-CLIENT-ID- This is your client identifier, which identifies your credentials.

In order to activate and obtain your credential pair, contact your assigned account manager, or contact [email protected].

Scopes

Scopes define which data a credential pair has access to on the Accounton Developer API. In the current version, the following scopes are available:

  • customers.read: This scope is necessary to read the customers.
  • customers.write: This scope is necessary to create, update or delete customers.
  • privacy.read: This scope is necessary to read privacy sensitive information about customers.
  • pti.read: This scope is necessary to read any information related to personal income tax (checklist, documents, transcripts)
  • pti.write: This scope is necessary to assign PTI checklists to customers
  • users.read: This scope is necessary to read the list of user accounts.
  • users.write: This scope is necessary to write users.
  • settings.read: This scope is necessary to read the backoffice settings.
  • settings.write: This scope is necessary to write the backoffice settings
  • minfin.read: This scope enables listing and downloading of customer's Minfin documents

Conclusion

You need a credential pair (client and secret) and scopes attached to that pair in order to perform authenticated and authorised API calls.