19.1. Acquiring Access Token

Authentication check is performed on each API call. Each API call is performed by your program in lieu of a PostERP user having signed in to a specific database. In order to boost server speed, each PostERP user is associated with a distinct access token for server authentication. Therefore, each API call demands access token be sent over for authentication check along with request. Follow this rule to request for access token:



For security consideration, do not save access token in your local storage. Your program should request it from server each time user signs in, and then keep it only in RAM.