In contrast to the self-service API, which authenticates an end-user and offers
functionality to that end user, the backend API performs a simple shared-secret
authentication and offers full, administrator functionality, enabling
-integration with other back-office systems.
+integration with other back-office systems. Only access this API from a secure
+network from other backoffice machines. DON'T use this API to create customer
+portal functionality.
If accessing this API remotely with XML-RPC or JSON-RPC, be careful to block
the port by default, only allow access from back-office servers with the same
my( $class, %opt ) = @_;
my $conf = new FS::Conf;
+ return { 'error' => 'Incorrect shared secret' }
+ unless $opt{secret} eq $conf->config('api_shared_secret');
my $custnum = $opt{'custnum'}
Bills a single customer now, in the same fashion as the "Bill now" link in the
UI.
-Returns a hash reference with a single key, 'error'. If there is an error,
-the value contains the error, otherwise it is empty.
+Returns a hash reference with a single key, 'error'. If there is an error,
+the value contains the error, otherwise it is empty. Takes a list of keys and
+values as parameters with the following keys:
+
+=over 4
+
+=item secret
+
+API Secret (required)
+
+=item custnum
+
+Customer number (required)
+
+=back
=cut