Personal Access Token (a.k.a. PAT) allows users to manage tokens that are issued for a specific user of Maximizer CRM. The PAT is a great alternative for authentication, rather than providing raw credentials (user + password). This increases security as, in case of a possible leak, PATs can be easily revoked (and the credentials will still be secured).

See below some considerations for Personal Access Tokens:

Any active Maximizer CRM user can create PAT for their User IDs\
There is no limit on the number of PAT one can create\
The ExpirationDate must be set to a future date (can't be in the past). We suggest to use a reasonable expiration date (for example, 3 to 6 months) and to avoid creating PAT with long expiration dates\
PAT can be revoked at any time\
For all possible PAT status available, check "FieldOptions" section, there is a request to retrieve this information

HowTo's

Create - PAT for a User

// POST https://api.maximizer.com/octopus/Create
// Authorization: Bearer <token>
{
    "PersonalAccessToken": {
        "Data": {
            "Key": null,
            "Name": "{{$randomFullName}}",
            // User the UID Key for which you want to create PAT 
            "UserKey": "VXNlcglEQ0VST04="
        }
    }
}

Read - Get all my PAT

Use the SchemaRead method to query the structure or metadata of entities in the database.

// POST https://api.maximizer.com/octopus/Read
// Authorization: Bearer <token>
{
    "PersonalAccessToken": {
        "Scope": {
            "Fields": {
                "Key": 1,
                "Status":1,
                "Name": 1,
                "ExpirationDate": 1,
                "RevokeDate": 1
            }
        },
        "Criteria": {
            // By default, even if no search criteria is provided, only the PAT related to the user executing the request will be retrieved
            "SearchQuery": {}
        }
    }
}

Update - Revoke PAT

Use the AbEntryRead method to search for Address Book entries in the database.

// POST https://api.maximizer.com/octopus/Update
// Authorization: Bearer <token>
{
    "PersonalAccessToken": {
        "Data": {
            "Key": "personal_access_token_key",
            // Status 0=Active, 1=Expired ,2=Revoked
            "Status": 2 
        }
    }
}

Update - Change Expiration of PAT

Use the AbEntryRead method to search for Address Book entries in the database.

// POST https://api.maximizer.com/octopus/Update
// Authorization: Bearer <token>
{
    "PersonalAccessToken": {
        "Data": {
            "Key": "personal_access_token",
            "ExpirationDate": "{{updatedExpirationDate}}" // set to 10 days from now
        }
    }
}

Metadata

Read PAT metadata (simple)

Use the SchemaRead method to query the structure or metadata of entities in the database.

// POST https://api.maximizer.com/octopus/Read
// Authorization: Bearer <token>
{
    "Schema": {
        "Scope": {
            "Fields": 1
        },
        "Criteria": {
            "SearchQuery": {
                "Key": {
                    "$TREE": "/PersonalAccessToken"
                }
            }
        }
    },
    "Compatibility": {
        "SchemaObject": "1.0"
    }
}

Read PAT metadata (more)

Use the SchemaRead method to query the structure or metadata of entities in the database.

// POST https://api.maximizer.com/octopus/Read
// Authorization: Bearer <token>
{
    "Schema": {
        "Scope": {
            "Fields": {
                "Key": 1,
                "Alias": 1,
                "Type": 1,
                "Name": 1,
                "AppliesTo": 1,
                "Sortable": 1,
                "Queryable": 1,
                "Mandatory": 1,
                "Attributes": 1,
                "DisplayValue": 1
            }
        },
        "Criteria": {
            "SearchQuery": {
                "Key": {
                    "$TREE": "/PersonalAccessToken"
                }
            }
        }
    },
    "Compatibility": {
        "SchemaObject": "1.0"
    }
}

FieldOptions

Read PAT FieldOptions - Status

// POST https://api.maximizer.com/octopus/Read
// Authorization: Bearer <token>
{
    // Should return all fieldOptions for Status - Active, Expired & Revoked
    "PersonalAccessToken": {
        "FieldOptions": {
            "Status": [
                {
                    "Key": 1,
                    "DisplayValue": 1
                }
            ]
        }
    },
    "Compatibility": {
        "SchemaObject": "1.0"
    }
}

PAT CRUD

Create - PAT

Use the AbEntryCreate method to create a new Address Book entry in the database.

// POST https://api.maximizer.com/octopus/Create
// Authorization: Bearer <token>
{
    "PersonalAccessToken": {
        "Data": {
            "Key": null,
            "Name": "PAT From Postman",
            "ExpirationDate": "{{expirationDate}}" // set to 7 days from now
        }
    }
}

Read - PAT

Use the AbEntryRead method to search for Address Book entries in the database.

// POST https://api.maximizer.com/octopus/Read
// Authorization: Bearer <token>
{
    "PersonalAccessToken": {
        "Scope": {
            "Fields": {
                "Key": 1,
                "UserKey": 1,
                "Name": 1,
                "Status": 1,
                "ExpirationDate": 1,
                "RevokeDate": 1,
                "DisplayValue": 1
            }
        },
        "Criteria": {
            "SearchQuery": {},
            "Top": 3
        }
    }
}

Update - PAT

Use the AbEntryCreate method to create a new Address Book entry in the database.

// POST https://api.maximizer.com/octopus/Update
// Authorization: Bearer <token>
{
    "PersonalAccessToken": {
        "Data": {
            "Key": "personal_access_token_key", // Mandatory
            "Name": "Updated PAT From Postman"
        }
    }
}

Delete - PAT

Use the AbEntryCreate method to create a new Address Book entry in the database.

// POST https://api.maximizer.com/octopus/Delete
// Authorization: Bearer <token>
{
    "PersonalAccessToken": {
        "Data": {
            "Key": "personal_access_token_key" // Mandatory
        }
    }
}