Skip to main content
Mitratech Success Center

Client Support Center

Need help? Click a product group below to select your application and get access to knowledge articles, webinars, training content, and release notes or to contact our support team.

Authorized users - log in to create a ticket, view tickets status and check your success plan details.

 

Sync API Changes

  1. Last updated
  2. Save as PDF

Sync API Changes 

This document provides information on changes made to the Sync API for both Web and Mobile (iOS and Android). This document provides information on changes made to the Sync API for both Web and Mobile (iOS and Android).

Sync API Changes on the Web: 

  • Removed validation of the ability to call sync API while requesting to api/sync/companies/get to allow users who don't have access to mobile API to request available companies (This workaround is only for v17).
  • WinApp DEV.
    • Removed company-related endpoint that allows finding a company based on a password.
    • Start application flow is changed: application is authenticated, then requests companies and changed company if required (based on existing logic).
    • Added company to application settings.
  •  WebApp DEV (Sync API)
    • Added ability to authenticate (sync api) without specifying a company.
    • Removed get companies endpoint that requires to specify password and login (replaced by the endpoint for authorized users).
    • Added company id to claims.

 

Before

After

Url: api/sync/companies/get

Payload:

{

  string Login;

  string Password;

  bool UseAesCryptoProvider;

}

Removed

Url: api/sync/authorization/Authorize

Payload (data model):

{

  string Login;

  string Password;

  long CompanyId;

  bool UseAesCryptoProvider;

}

 

Url: api/sync/authorization/Authorize

Payload (data model):

{

  string Login;

  string Password;

  long? CompanyId;

  bool UseAesCryptoProvider;

}

i.e. type of CompanyId has been changed. From long to long?

CompanyId should be specified when mobile application tries to login user to specific company.

CompanyID claim has been added to claims.
  • There are no changes regarding api/sync/OpenIdConnect/GetMobileToken.
  • This endpoint continues to use CompanyId only and ignores everything which has been included in the payload (works as is).

 

Sync API Changes in Android:

To match with the changes made on the web, the following changes are made in Android.

  • Added ability to authenticate (sync API) without specifying a company.
  • Removed get companies endpoint that requires to specify password and login (replaced by the endpoint for authorized users).

 

Before

After

For authorization token

String authUrl = CmoApplication.getInstance().prepareUrl (Constants.URL_SYNC + “Authorize”);

AES Encryption = AES/ECB/PKCS7Padding

String authUrl = CmoApplication.getInstance().prepareUrl (Constants.URL_SYNC + “authorization/authorize”);

AES Encryption = AES/GCM/NoPadding

To get companies

String authUrl = CmoApplication.getInstance().prepareUrl (Constants.URL_SYNC + “Companies/Get”);

String authUrl = CmoApplication.getInstance().prepareUrl (Constants.URL_SYNC + “companies/GetAvailableCompanies”);
  • AES encryption has been changed from ‘AES/ECB/PKCS7Padding’ to ‘AES/GCM/NoPadding’ (This workaround is only for v18).

 

Sync API Changes in iOS:

 

Before

After

For authorization token

URL : Client Server URL + “Authorize”

Params :

login - > username

password -> encrypted Password

companyId -> companyID

UseAesCryptoProvider -> true (AES256 Encryption)

URL :  Client Server URL + "authorization/authorize”

Params :

login - > username

password  -> encrypted Password

companyId -> companyID

UseAesCryptoProvider -> false (AES GCM no padding Encryption)

To get companies

URL : Client Server URL + “Companies/Get”

URL :  Client Server URL + "companies/GetAvailableCompanies”
  • UseAesCryptoProvider parameter has been changed from ‘AES256 encryption’ to ‘AESGCM no padding’ encryption (This workaround is only for v18).