Difference between revisions of "Why use an API"
From Charitylog Manual
Line 3: | Line 3: | ||
The are 2 main reasons for using an API: | The are 2 main reasons for using an API: | ||
− | + | * Where you need to access your data in another application. This might be for data analysis, or syncing records where there is some overlap, e.g. if some of your clients in Charitylog/Crossdata are also donors in your donor management system. | |
− | + | * Where you want more freedom in the way your data is presented. Typically this is where you have complex reporting requirements that go beyond what can do done using the many reports in Charitylog/Crossdata. | |
A question we often get asked is "Can I access the underlying database directly, using something like an OBDC Connector?". We do not allow this, for several reasons: | A question we often get asked is "Can I access the underlying database directly, using something like an OBDC Connector?". We do not allow this, for several reasons: | ||
− | + | * Our top priority is always the security of your data, and we don't want to expose the database servers to anything other than our own software servers. | |
+ | * We believe that all access to your data should be controlled using role-based permissions. By using the API, all of the security controls built into the system (with the exception of the 'See my own clients' controls), are applied in the same way they are in the web application. | ||
+ | * Directly accessing the tables would require a detailed knowledge of SQL and the structure of the database. |
Revision as of 11:04, 10 June 2020
The are 2 main reasons for using an API:
- Where you need to access your data in another application. This might be for data analysis, or syncing records where there is some overlap, e.g. if some of your clients in Charitylog/Crossdata are also donors in your donor management system.
- Where you want more freedom in the way your data is presented. Typically this is where you have complex reporting requirements that go beyond what can do done using the many reports in Charitylog/Crossdata.
A question we often get asked is "Can I access the underlying database directly, using something like an OBDC Connector?". We do not allow this, for several reasons:
- Our top priority is always the security of your data, and we don't want to expose the database servers to anything other than our own software servers.
- We believe that all access to your data should be controlled using role-based permissions. By using the API, all of the security controls built into the system (with the exception of the 'See my own clients' controls), are applied in the same way they are in the web application.
- Directly accessing the tables would require a detailed knowledge of SQL and the structure of the database.