...
| Section |
|---|
| Column |
|---|
| Burti API is not included in Standard ERP base package. You will need to acquire a license from us and as soon as the formalities are settled, you will be provided with the API module package (see panel to the right for explanation of the contents of the package which includes an enabler key file). You will need to place these files on your Standard ERP server.  You likely do not need to read this section in detail, since typically we will install these files for you. If this is indeed the case, please, feel free to skip ahead to the next section.
|
| Column |
|---|
|
| File | Description |
|---|
Burti Enabler - Enables Burti package functionality |
|---|
hobcust/EN.hob
| If you are already using any Burti functionality packages, you will likely already have this installed. | halcust/datadefEN.hal | Support file. You must amend your halcust/datadef.hal file to include the line | Code Block |
|---|
Exec_file("halcust/datadefEN.hal"); |
| halcust/enab/... files | These files need to be added to your HAL Rules setting and distributed to client computers. These will add UI elements that will allow you to renew Burti Enabler keys from your SERP client if necessary. | Burti API package |
|---|
hobcust/JSON.hob |
| halcust/datadefJSON.hal | Support file. You must amend your halcust/datadef.hal file to include the line | Code Block |
|---|
Exec_file("halcust/datadefJSON.hal"); |
| halcust/json/... files | These files need to be added to your HAL Rules setting and distributed to client computers. These will add UI elements that will allow you to configure the Burti API functionality. | halcust/serverJSON/custom-interfaces/...
halcust/serverJSON/generated-interfaces/...
| These will most likely be empty folders at first but will be populated by support files generated by the package. These will provide the main functionality of the API. | Enabler key file |
|---|
BurtiEnabler.bkey | This file contains the product key that enables the use of the package. This will need to be updated periodically with a new key. However, this is done automatically in most cases and you will likely not need to bother with this. The contents of this file can also be manipulated via the Burti Enabler package mentioned at the top of this table. |
|
|
Setting up
Configuring Burti API
...
Security
There are several layers of security that can and should be implemented to protect your data and your API transactions from snooping from unwanted parties. As a minimum we recommend configuring and using HTTPS in tandem with an authorisation token. This will ensure that the data you send and receive over the API is virtually impossible to access by unauthorised third parties.
| Section |
|---|
| Column |
|---|
| Burti API can be accessed both via HTTP and HTTPS, but it is strongly encouraged to serve your data over HTTPS only (this means disabling HTTP altogether). This will ensure that your traffic is encrypted and safe from third party snooping. See sample configuration to the right. The Program Mode setting is available in the Technics module (listed as a register). |
| Column |
|---|
|  Image Added
 Please note that this can be set up in multiple ways and very much depends on how your Standard ERP instance is run and where it is hosted. It very well may be that changes made to this setting will be overridden by command-line parameters or by settings in your hosting provider's Cloud control interface. If this is the case, contact your system administrator or hosting provider.
|
|
Firewall white-listing
Normally the parties accessing API's reside at fixed network addresses. This is not always the case, but does apply for scenarios like web stores, connections with logistics companies, reporting tools and many others. If you are providing access to software or tools that does reside at a fixed IP address or addresses, consider only allowing access to your server from these addresses in your firewall if you have one in place, or setting one up if you do not already. This way other parties will not be able to connect to the API at all, unless you explicitly allow them by whitelisting in your firewall software or hardware.
...
Burti API can and should be configured to require a secret token for all transactions. Consider this a password. Usage of the API without a token should be limited to testing environments only.
The setting for this can be found in
Custom security via HAL
Burti API allows you to implement additional layers and logic to control who and how can access the API as a whole or separately for its' endpoints. As us for more details on how to do it, as this is an advanced topic and will require HAL programming.
...
