Tags REST endpoint?


(Eric Berry) #1

Is there an endpoint to retrieve all tags without having to request via the individual contact endpoint?

I also have noticed that when I access the contact list endpoint, the tag array is empty, but if I access the contact individually via the direct contact endpoint, it populates the tag array. Could this be a bug?


(John Borelli) #2

ContactGroup’s (tags) have not been added to REST yet. The standard api data object can be used to get this information from the ContactGroup table though.

https://developer.infusionsoft.com/docs/xml-rpc/#data-query-a-data-table


(Eric Berry) #3

Cool! Am I able to use the same App and oauth access token for the xml-rpc API or do I need to set up a new application?


(John Borelli) #4

Yes the access token is specific to oauth not the api used.


(Eric Berry) #5

Ok… so when I authenticate using oauth, can I use the token returned to access data from the web-rtc API? Currently the only way I can see using that API is by using the encrypted key.


(John Borelli) #6

ok so I’m not sure we’re not getting tangled in confusing terminology here.

API Key = found inside your IS app and is iSDK api only

Client secret/id = values setup in Mashery to allow you to request the authorization to get access/refresh tokens (but is not the access token used for the api)

Authorization token = a token obtained for the sole purpose of providing a secure authorization request for a specific app from a user to authorize you access (this is when the allow/deny page comes in play)

Access Token = this token represents the authorized connection between you and the app that has been authorized. This is the token used for api access (OAuth)

Refresh Token = used to get a new set of access/refresh tokens to renew the lease which is 24 hours.

iSDK = the legacy, legacy api. uses the IS app key authentication but more recent versions have been adapted to use OAuth as well.

API = newer (now called legacy also) api that is structured differently than the iSDK but will only accept OAuth as authentication.

REST API = included within the API but does not need the API to be used and also requires OAuth to authenticate. Getting a valid access token can be done through the interactive io docs or by a simple app that facilitates this.

REST HOOKS = while you will need to validate your end point that receives information (needing a valid access token), after validation you would only need to handle the information as it is sent from IS.

XML-RPC = underlying method for API communication. This applies to more than one implementation of the available API’s.

All the above that use OAuth for authentication will allow the same access token to work for making api calls. Most manage the refresh process by storing the access and refresh tokens with time to live in a simple database table and requesting a new set using the refresh tokens before it expires in 24 hours by scheduling a refresh service to automatically run.


(Mike Christianson) #7

Hi @Eric_Berry, thanks for looking into using our REST API!

What you discovered isn’t a bug but a choice made for performance reasons.

Also, thanks for using OAuth!