Self-Bills: Reference to be.ENERGISED
GHG quota trading: table for payment transactions
Self-Bills: Subdivision of line entries by months
Direct Payment Page: Swedish
Deletion of "Audit logs" after 180 days
Change of the UI in the tariff configuration
GraphQL API: Security enhanced
"Company UUID" visible in registered companies list

GraphQL API: Security enhanced

April 07, 2022 07:40
Updated

The security of the GraphQL API has been increased by making the "chargelog" endpoint also check for the user ID.

From now on, the "chargelog" is matched with the "customer session". For each "session" the UserID is checked and subsequently only "chargelogs" can be fetched where the UserID can be matched to the chargelog.

If you try to fetch a "chargelog" which cannot be matched to the UserID, you will get an error message.

Error: CHARGE_LOG_FETCH_FAILED

Version: 2022-04-07 14:06:41 UTC

Comments

0 comments

Article is closed for comments.

Articles in this section

Related articles