Last week, we launched our Universal CRM API. The new API kicks off our broader product strategy to provide Universal APIs for many important areas of business.
As part of this product launch, we are also launching v1 of our API. Our goal with v1 is to establish a strong foundation for building future products and functionalities.
What’s new in v1
The migration to v1 introduces new capabilities and improvements to existing functionality.
Universal CRM API
Previously, the Universal CRM API was only available in Kloudless Enterprise. With v1, the CRM API is available to any developer that prefers to use our cloud version at kloudless.com. You can start integrating the CRM API for free here.
We are introducing a standards-compliant OAuth 2.0 authentication mechanism to connect user accounts, which enables easy integration with other tools that support OAuth 2.0. Other benefits include:
- Documented support for out-of-band, authorization code grant, and implicit grant OAuth 2.0 flows to support authentication in any environment.
- More granular scopes to better control the services, APIs and types of accounts users can connect to your app.
- Improved security with white-listed Redirect URIs, validated Client IDs/Secrets, and verified Bearer tokens.
Read more about Kloudless authentication here.
As you read through our documentation, you will find small improvements to many endpoints. For example, we’ve updated our old permissions format to support groups and our old pagination format to be more flexible.
What this means for you
First, any new applications you develop should use API v1.
Second, there are backwards incompatible changes in the migration from v0 to v1. API v1 is built thoughtfully, and we try to limit the changes you need to your implementation to only the things we consider most important moving forward. You should update your app’s integration with Kloudless as soon as possible.
Here is a summary of the backwards-incompatible changes.
API-namespacing for endpoints
All endpoints specific to the Storage API have been namespaced under /storage/. Learn more
OAuth 2.0 Authentication
OAuth 2.0 authentication is now required. The previous authentication format is no longer supported. OAuth 2.0 Bearer tokens have replaced Account Keys. Learn more
Deprecated event object attributes have been removed. Learn more
next_page must be used to identify the next page value for pagination. Learn more
Files are uploaded as binary content rather than via multipart form POST requests. Learn more
File/Folder permission updates take in a list of permission objects rather than a mapping of user emails to roles. Learn more
Users of the UI Tools do not need to make changes to use v1, although they would have to make changes to switch to OAuth if using the Authenticator JS library or if using Account Keys from the File Explorer.
None of your users need to re-authenticate when you switch your app to either OAuth 2.0 or the v1 API.
Deprecating v0 and the old auth mechanism
As of today, v0 of the API is deprecated. In order to provide you with the most up-to-date features and support a single, consistent API platform, we’ll be turning off API v0 on February 28, 2018.
Our previous authentication mechanism will be turned off in one year on August 31, 2017.
In our next update, we will provide a more detailed deprecation timeline.
We love building for the thousands of developers using our platform. If you have any questions or feedback, we’d love to hear from you in our developer forum.