User must sign in with their BILL credentials for access to resources in the organization.
Sign in to your BILL sandbox developer account with
/Login.json. The required fields for signing in are
Retrieve the required fields for signing in as part of your sandbox sign up process. See Sign up process for more information.
|Sign in credentials||Description|
|Username||Your username is the email address used to sign in to your BILL sandbox developer account.|
|Password||Your password is used to sign in to your BILL sandbox developer account.|
|Organization ID||Your BILL sandbox developer account represents your organization in BILL. The organization ID is a unique alphanumeric value that begins with |
|Developer key||Your developer key is used to uniquely identify your developer account in your API requests.|
In response, an API session is created and a
sessionId is generated. Use the
sessionId in all subsequent operations to confirm that you are in a signed in session.
If the API session is inactive or idle for 35 minutes, the session expires and you are automatically logged out.
After signing in for the first time, any subsequent API operation resets the 35 minutes timer. You are required to sign in again and generate a new
sessionIdonly when the session is inactive or idle for 35 minutes. See API login best practices for more information.
You can also sign in to your BILL developer account with a user-generated token. The generated sessionId does not expire, and provides limited access to the BILL API. See Token-based sign in for more information.
The login API includes
|Sign in to your BILL sandbox developer account.|
See Login for more information.
|Retrieve the currently signed in user and organization.|
See Retrieve API session details for more information.
|Sign out of your BILL sandbox developer account.|
See Logout for more information.
A set of protected API operations require Multi-Factor Authentication (MFA) for signing in with a trusted API session.
- Invite a vendor to setup ePayments with
- Add a vendor bank account with
- Pay a vendor using BILL with
- Invite a customer to BILL with
See Multi-factor authentication (MFA)/2-step verification in the BILL Help Center for more information about all the security measures in place for your BILL account operations.
Signing in with an MFA trusted API session is a three-step process.
- Sign in to generate a
- Generate an MFA challenge ID with
/MFAChallenge.json. When you call
/MFAChallenge.json, a token is sent to your mobile device registered with BILL.
- Validate the challenge ID and token with
/MFAAuthenticate. At this point, the
sessionId(from step one) is MFA trusted.
The MFA operations API includes
|Generate an MFA challenge ID and send a token to your mobile device registered with BILL. Using |
See Generate MFA challenge for more information.
|Authenticate the challenge ID (generated with |
See Validate MFA challenge ID for more information.
|Retrieve the status of the current MFA session. If the MFA session expires, you must follow the three-step process again and sign in with an MFA trusted API session.|
See Retrieve MFA status for more information.
Updated 4 months ago