Sunsetting authentication methods

When connecting to the API or creating an app, you will notice some additional options available.

We will be removing support for the methods listed below so you should only use the recommended methods of:

  • Instance app - created in your developer account
  • Private staff - tokens created in Brightpearl

The following will be sunsetted:

  • Private system app
    When creating an authentication token in your Brightpearl account you should always use the type of “Staff”. This ensures that any activity created through the API is recorded by the person who made the request, providing an audit trail of activity.
  • Developer system app
    This uses a legacy authentication method that has been superseded by OAuth (instance apps). It does not capture details of any particular person who has performed an action.
  • Developer staff app
    This uses a legacy authentication method that has been superseded by OAuth (instance apps). The difference between this and the system app is that it does record the details of the person who performed the action in the app.
Have more questions? Submit a request