Using Postman | Sage Developer

This tutorial was made with Postman 5.5.0.

Developer and Client Registration

Sign up for a developer account, subscribe to the API and register your application as described in the Welcome Guide of this documentation. After this, you will have

the APIM subscription key. You can either use the primary or secondary key
the client ID of your registered application
the client secret of your registered application
one or more callback URLs. For Postman, these callbacks will in fact never be called

Setup

Download the Postman collections using these links:

Sage Accounting Postman Collection

Use the Import feature of Postman and select these files to start using them. The URL paths of the request are all set up for UK & Ireland (/uki). To make requests for businesses in other countries, please substitute the path accordingly.

Go to www.sageone.com and register for a new free trial.

Authorize API Access

Select “OAuth 2.0” as authorization type and add the authorization data to the “Request Headers”. Then click “Get New Access Token” and enter the data as seen in the following screenshot. Use your own values for YOUR_CLIENT_CALLBACK_URI, YOUR_CLIENT_ID, YOUR_CLIENT_SECRET. You can use any value for the state parameter YOUR_RANDOM_VALUE.

Get new access token with Postman

After clicking “Request Token”, you will be taken to the login screen of Sage Accounting. Use the credentials of the account you have previously created. You will then be asked to give the Postman API client access to your accounting data. After clicking “Accept”, you will see such a screen:

Authorization response from Postman

Copy-paste the value of resource_owner_id, as it will be the value of the X-Site HTTP request header.

Click on “Use Token” to complete this step.

Making API Requests

Three HTTP request headers must be present to successfully make API requests.

The X-Site header, which is explained in the previous section
Ocp-Apim-Subscription-Key, see the Welcome Guide
Authorization is handled automatically by Postman

Select an endpoint and click “Send” to fire the request.

The examples include all possible query parameters. You may need to delete some or all of them to make successful API calls.

The access token will be valid for 60 minutes. You will then have to require a new access token as described above. In your own application, you should refresh the token after its expiration, so the user needs to grant access only once.

Trouble Shooting: Try to remove the cookies in Postman, when authorization fails. This may especially become necessary when you are switching between different countries on Sage Accounting.