BitcartCC update: API Keys management, less configuration, more features!

0 59
Avatar for BitcartCC
4 years ago

New BitcartCC update is out!

Main change in this update is authorization system, which:

  • Fixes many existing and future bugs hard to investigate and fix

  • Decreases maintenance spent on the system itself, which allows adding new features faster

  • Improves integrations and gives more possibilities for creating your own apps around your instances' BitcartCC Merchants API

We switched from JWT tokens to usual tokens with OAuth scopes, more below.

Now tokens aren't refreshed, but now you can control tokens of your account!

In profile page(user icon in the top right side of the any page->Profile) you'll be able to delete, view and create API Tokens(API Keys)

Profile page now working

Each token can be restricted to access only certain parts of your account, via permissions system!

When creating a token, you'll be able to select which permissions to grant to that token, or even provide only partial access(like access only to store A and B, but not C)

A lot of permissions to choose from!
Giving access only to certain stores

Also, those permissions can be granted by a third-party app or site instead, visit

/authorize page on your instance to see it

Authorize your or other people's apps and have fun!

Authorization request is a powerful way of granting third-party apps and sites access to your instance, allowing many new usecases, like custom design admin panels, invoice automation and tracking tools, automatic discount creation tools and many more-no limitations!

Example of authorization request URL

Other changes:

Added new /crud/stats endpoint to fetch all stats at once, which means you'll get stats in your admin panel faster and with less bandwidth!

New endpoint

One more important change is, all endpoints used by store POS are now fully or partially public, which means there is no need to type in store email, password and id in our installer wizards!

/stores/{storeid} endpoint will return only partial data of the store, like store name and display email. Store email server settings aren't retrieved and only store owner can access full data.

First case - unauthorized user, second case - authorized user not owning this store, third case - store owner

Also a new policy is added, you can edit store id for the POS(i.e. https://store.bitcartcc.com) right from admin panel!

New store policy

Also, interactive API docs(swagger) are now moved from /docs to / (redoc docs are still at /redoc)

Interactive docs at API root

So no more confusion not found pages!

See https://demo.bitcartcc.com!

Also fixed a memory leak in admin panel, upgrade is recommended to everyone!

All demos updated as usual!

Full changelog from telegram: https://t.me/bitcartcc/1679

Have a good day and #STAY HOME

3
$ 0.10
$ 0.10 from @tula_s
Avatar for BitcartCC
4 years ago

Comments