The QuickFile API is a fully featured XML/JSON web service, enabling 3rd party application developers to extend and enhance the QuickFile Platform. The API contains all the common methods for building invoices, managing clients, inventory items, journals purchases, suppliers, banking and credit information.
Here you will find all the supporting documentation to help you formulate your requests for the QuickFile API. You can tryout many of these requests within the Sandbox area, this guide shows you how to access the sandbox from your account so that the headers are pre-filled. If you require any support with the API please post your question in the Extensibility Group on our forum and we will respond ASAP.
To access the API you must have a QuickFile account with an API key (found in your account settings area).
Communication with the server is made via XML over HTTP(S). All XML posts should be directed to the following endpoint.https://quickfile.co.uk/WebServices/API/invoices.ashx
If you would like to communicate using JSON then we have a separate set of endpoints for this. Our JSON API is currently in private beta so you will need to contact us to get that setup on your account.
If you would like some assistance with code samples you can find a few examples here. Feel free to post your own code samples to the Community area.
Before you can start making submissions with the API you will need to register your application within your main QuickFile developer account and obtain an ApplicationID. Each Application can be used to make calls to the API on the behalf of any other QuickFile account (providing you have the API Key for that account). All new applications will have a daily transaction limit of 1000 calls.
How to register your application
In the account settings area within your main QuickFile account you will see a link under 3rd Party Integrations to "Create a QuickFile App". Click this link.
You will now see a green button to create a new application.
You can now give your application a name and provide a brief description of what it will do. You will also see a full list of API methods which you will need to individually select in order to be able to call in your live environment.
Once you have registered your application you can start making test calls either from your code or within the sandbox area.
The API uses a simple authentication mechanism to validate each request. The authentication credentials are delivered via an MD5 Encrypted Key that is passed in the header section of the request.
The following details are used to validate the request.
The QuickFile account number.
Unique API Key
A static key generated for your account to authenticate your access to the API. This can be found in your account settings area.
An alphanumeric string issued by the presenter that uniquely identifies every submission. The same submission number cannot be used more than once on the API.
Each application must have an ApplicationID. You can obtain this by registering your application.
MD5 Encrypted Authentication Key
This is an MD5 encryption of the Account Number, API key and submission number. The three values are concatenated and then hashed using the MD5 algorithm. The submission number is used to salt the encryption so it cannot be intercepted and reused.
Account Number: 123456789
API Key: AAA3321-12BH-A22
Submission Number: 00001
This would be concatenated to: 123456789AAA3321-12BH-A2200001
The resulting MD5 Hash would look like this:
Please note that the MD5 hash must be presented in lower-case hexadecimal The following online tool can be used to MD5 encrypt your string:http://www.allhype.co.uk/tools/md5/
In order to make life a little easier we have provided a sandbox area where you can test your XML submissions and obtain the response in plain text. The sandbox area contains example XML for each of the methods and functions within the API and links directly to each of the XSD Schemas for you to correctly structure your request messages.Click here to access the API Sandbox
You can also access the sandbox directly from your account and all the authentication headers will be pre-populated. We have a guide on how you can do this here:Testing the QuickFile API - Beginners Guide
Each submission on the API adheres to a basic format which includes a header and body section. The header will encapsulate any information relating to the type of message, the authentication data and unique submission number. The body contains content specific to the type of request being made. The API response follows a similar format with a header and body section.
Please note: each call to the API must be made with a unique submission number.
Please also be aware of the following when formulating your requests:
Each account has an initial request limit of 3000 API calls, permissible within a rolling 24 hour period. We are happy to lift this limit should you require additional capacity. For any queries regarding your API call limit, please contact us.
All the methods available within the QuickFile API are fully documented and can be accessed from the main categories listed below. The documentation for the QuickFile API was generated using XMLSpy.
Webhooks is an extension of the QuickFile API that allow you to obtain almost real-time notification of key events in QuickFile. You can find out more about Webhooks here.