A user is the primary actor in the Webservices.nl framework. Every user belongs to an Account.
Before making any requests for data a user needs to authenticate. Authentication can either be direct or indirect. For direct authentication a username and password must be supplied. An indirect method of authentication is to provide a reactid token, which is a temporary session hash that is returned when direct authentication is used. Indirect authentication is possible when using <SOAP/WSDL Interface> with SOAP headers. The benefit of indirect authentication is that the need to send username and password for every method call is eliminated. For information on authentication using a specific interface see the Interfaces submenu on the left.
It is also possible to further restrict access to users on the basis of IP or host masks, see Host Restrictions.
A session represents a valid authentication of a specific user. Whenever a user logs in using his username and password, a reactid is returned. This 32 character string is the identifier of a new valid session for that user. This reactid can be used instead of the username and password as a valid means of authentication in further service requests. A session is ended when the user logs out, in which case the reactid becomes invalid.
A user is a member of one or more user Groups. These Groups determine what the user is allowed to do. All users are members of the Group::Users group. Other groups include Group::Account users and Group::Account admins.
Users can be created by the account admin using Webview Interface or using the Accounting::userCreateV2 method. In both cases the user has to be activated by agreeing to the conditions listed in the activation email.
Information available when viewing a user. See also Accounting::UserV2