Reply
Member
Posts: 2
Registered: ‎07-23-2019

Saas Application managing clients accounts

I'm currently working on a SaaS application for service-oriented business(i.e. lawn care, home cleaning, etc) where those businesses, if they choose, can add their Stripe,  Authorize.net, or PayPal account for the management of customers and payments of invoices generated in our application. I know that the API Login ID, Transaction Key should not be shared with anyone, but looking for advice on the best solution to allow our application to manage a business' account via our application. 

Posts: 2,765
Topics: 57
Kudos: 251
Blog Posts: 67
Registered: ‎12-05-2011

Re: Saas Application managing clients accounts

Hello @egadstar 

 

Since you are building a SaaS application, you should consider using OAuth instead of storing the API Login and Transaction Key.

 

https://developer.authorize.net/api/reference/features/oauth.html

Member
Posts: 2
Registered: ‎07-23-2019

Re: Saas Application managing clients accounts

Yeah, I was looking at that but was concerned about the flow from our application to handle the expiration of the refresh token. Unless I'm misunderstanding, after a year, our application would need to trigger the business to perform the oauth flow again?