The following security layers are used to ensure a comprehensive approach to security management:
•The account as a whole cannot be accessed without being specifically enabled.
•A user account that is allowed to use the API must then be specified.
•IP restrictions can be imposed for users accessing the API as a whole.
•Each user account has a specially generated key that must be used in conjunction with the login. This means that even if someone knows a user name and password of someone with API access, they still need to have access to that person's e-mail.
•The PerfectApps API has a final security feature that requires each function call to use a security token that is generated by the previous function call. The initial Login call returns a token that is then used in the next function call. That second function itself returns a new security token to be used by the next one, and so on. Each token may, therefore, only be used once.
Refer to the Login topic for more information.
See also: Setting Up API Account Access, Setting Up API User Access
Return to: PerfectApps API, Integration
