Difference between revisions of "Why use an API"

From Charitylog Manual
Jump to: navigation, search
Line 12: Line 12:
 
* Directly accessing the tables would require a detailed knowledge of SQL and the structure of the database.
 
* Directly accessing the tables would require a detailed knowledge of SQL and the structure of the database.
  
Having said that, the entire database can be downloaded by click on the Settings cog > Database Operations > Backup System. Some of our clients build a local database from this backup, and run their own queries, although this is not officially supported. The data is structured using relational tables that any database professional should be comfortable with.
+
Having said that, the entire database can be downloaded by clicking on the Settings cog > Database Operations > Backup System. Some of our clients build a local database from this backup, and run their own queries, although this is not officially supported. The data is structured using relational tables that any database professional should be comfortable with.

Revision as of 11:57, 10 June 2020

Go to API overview

The are 2 main reasons for using an API:

  • Where you need to access your data in another application. This might be for data analysis, or syncing records where there is some overlap, e.g. if some of your clients in Charitylog/Crossdata are also donors in your donor management system.
  • Where you want more freedom in the way your data is presented. Typically this is where you have complex reporting requirements that go beyond what can do done using the many reports in Charitylog/Crossdata.

A question we often get asked is "Can I access the underlying database directly, using something like an OBDC Connector?". We do not allow this, for several reasons:

  • Our top priority is always the security of your data, and we don't want to expose the database servers to anything other than our own software servers.
  • We believe that all access to your data should be controlled using role-based permissions. By using the API, all of the security controls built into the system (with the exception of the 'See my own clients' controls), are applied in the same way they are in the web application. This includes Group, Project, Branch and Field access.
  • Directly accessing the tables would require a detailed knowledge of SQL and the structure of the database.

Having said that, the entire database can be downloaded by clicking on the Settings cog > Database Operations > Backup System. Some of our clients build a local database from this backup, and run their own queries, although this is not officially supported. The data is structured using relational tables that any database professional should be comfortable with.