cancel
Showing results for 
Search instead for 
Did you mean: 

Saas Application managing clients accounts

I'm currently working on a SaaS application for service-oriented business(i.e. lawn care, home cleaning, etc) where those businesses, if they choose, can add their Stripe,  Authorize.net, or PayPal account for the management of customers and payments of invoices generated in our application. I know that the API Login ID, Transaction Key should not be shared with anyone, but looking for advice on the best solution to allow our application to manage a business' account via our application. 

egadstar
Member
4 REPLIES 4

Hello @egadstar 

 

Since you are building a SaaS application, you should consider using OAuth instead of storing the API Login and Transaction Key.

 

https://developer.authorize.net/api/reference/features/oauth.html

RichardH
Administrator Administrator
Administrator

Yeah, I was looking at that but was concerned about the flow from our application to handle the expiration of the refresh token. Unless I'm misunderstanding, after a year, our application would need to trigger the business to perform the oauth flow again? 

Hello @egadstar 

Hope you are doing well today. You mentioned in your post you were working on SaaS Integration for Authorize.net. I would like to know if this was your own project or you were helping someone as a consultant. If the later then I am interested in retaining your services to set up a similar workflow.

Seque
Member
It was for my SaaS project, but I had to step away due to my actual gig and having a baby. I haven’t looked through any changes or improvements to the flow that might make that use case easier to handle