Low Level Documentation
 
Library Fieldpine Internals Replication Gds Security Fpos.dll Startup logic PosGreen Network PosGreen Install Process Multicast Protocol Data Structures Settings Logic Trace

Logic

Security Model Product Distribution Gateways Staff Login Stock Levels Shipping Addresses Agency Stores Remote Reports Sales Handlers

PosGreen Engine This engine provides the bulk of the POS processing at checkouts. It can be used directly or via central servers as a remote service.

Contexts & Sessions

Advanced

Spill Database Debugging

Reference Data

refdata Country refdata SystemString

Security Model

This page outlines the conceptual view of security and how it is designed.

Logins are used for interactive access. They are stored in the Staff table. Login names are restricted to your instore retail environment. To authorise a login name permission to login on fieldpine.com, tick the option Enable fieldpine.com OR enter an OnlineLogin name and password, which implicitly grants access to fieldpine.com websites.

ApiKeys are used for programmatic access. These can be assigned as individual values given to external applications or allocated to staff, customers, suppliers etc.

User generated ApiKey values can only include the characters (A..Z) (a..z) (0..9) (!@#$%^&*()-_+=.,) The characters ( | {} [] \ / ) are explicitly not permitted as they are reserved for Fieldpine. When generating API key values do not make them too short, we suggest around 40 characters long as a reasonable balance between security and network bandwidth.

Applications that have stored a login name and password can generate a dynamic API-key as proof that they have a valid login authorisation and avoid sending the password.

URL Format

Each URL has the format:

  • /OpenApi_RmSystem $Rrve $$Access-Token / ...
  • /Anywhere_RmSystem $Rrve $$Access-Token / ...
  • /Gnap_RmSystem $Rrve $$Access-Token / ...

For example

/OpenApi_1,2,3,4$R20201201134216$$Mysecrettoken/Products

After the RmSystem a number of optional additional parameters can be supplied. Each of these is introduced with a $ sign, a unique identifier and the value.

  • $Rnnnnn An RVE, or UTC timestamp. The value nnnnn is the UTC timestamp formatted as YYYYMMDDHHmmSS
  • $$xxxx An Access token of some kind. This parameter must be last if specified and the value is delimted by the slash in the URL path.