Summary
Description
Manage users
To create and manage your API users, you'll use both the Sage Provisioning Portal and Sage 200 itself.
First, you must assign API users to your site on the Sage Provisioning Portal website. You can find out how to do this in the following guide >
Authorised API users
NOTE: for more information about rules relating to user types that are not associated with the API, please refer to the following guide >
A Customer Administrator will add all Authorised API Users to your Sage 200 site. Sage employees will not undertake this on behalf of a customer, partner or developer.
Authorised API Users should be added in accordance with the Sage 200 Terms and Conditions and the rules outlined below:
- An API Authorised User must be set up in the following format:
- Forename = API
- Surname = Name of 3rd party application
- Domain = name of your company
EXAMPLE: [email protected] - API users must only be set up in the portal as a ‘Customer User’ type e.g. not customer administrator or any other user type.
- The licence will not consume a user licence, however, it will consume a user name count in the Sage Provisioning Portal, you can find out more about what this means in the following guide >
- You should restrict the user type to only have access to the functionality and data within product that is required for the API to consume. For example, if the user only needs access to Sales Orders, then that’s the only feature the user should have access to – for more information refer here. You should talk to your 3rd party developer to understand access requirements in more detail.
Important information
In all cases you remain responsible for the access you grant within your organisation and to any third parties, including developers. Sage does not control and is not responsible for the access you grant. Failure to follow the steps outlined above will result in developers being granted more access to data than is required and/or more elements within the Sage Provisioning Portal that the developers may need access to including but not limited to data backups. You should consult your internal teams and policies to ensure thet the correct level of access is granted to developers.
NOTE: Where users are not added in the format defined above and/or are not for API use they will be removed in line with our terms and conditions.
Additional recommendations
Before using the API User, we recommend that the developer of your API solution logs into the Sage 200 application as the API user to ensure its initiated for connection correctly.
If your Sage Developer has a change of personnel for the API user in question, we would recommend changing the password. You will need to consult with your developer on their processes around notifiying you of these changes. You can find out how to reset the password here >