Employees and API in SalesRender
In SalesRender, even a token has its own role! For example, you create a script that needs to edit all orders by adding a gift certificate to the cart.
To run the script, you need an API token, and you don't have to worry that your script will accidentally affect other important files. It would be correct to create a role for the token, for example For Cart Editing, and restrict it from any actions except those directly related to the order and editing data in the cart.
Next, when creating the token, you will need to select the role created for it.
Recommendations
- For each integration, create a separate token, and for each token, create a separate role. This is convenient in case you need to stop a script by limiting the token's validity period or add new restrictions to the token. In this case, other integrations will not be affected.
- Do not use identical roles for employees and API tokens. This way, you can edit restrictions for the token without affecting employees, and vice versa.
IP Whitelist and Two-Factor Authentication
Don't forget about security, as access to the API token is access to your company. And since you can specify a whitelist of IP addresses for roles from which access to the company will be allowed, it will work the same way for API tokens.
Also, don't forget about your employees' two-factor authentication to prevent unauthorized access to their accounts.
Our support team will assist you with setting up roles and tokens, explain measures to improve business security, and provide a demonstration of our CRM features!
You can explore even more features on our website salesrender.com.
Follow our channel on Telegram.
Contact our CEO Anna on Telegram.
Thank you for your time