Public vs Private Integrations
Explaining the difference between Public and private integrations
The Bokio API distinguish between two types of integration.
- For integration that are specific to one company it's possible to use Private integration.
- Integrations that are for multiple companies should use Public integrations. This can for example be a CRM system, commerce system or integration platform.
Key differences
Feature | Public Integrations | Private Integrations |
---|---|---|
Availability | Available to all users | Specific to one company |
Limitation on Usage | No restrictions on # of tenants | 1 company |
Security | OAuth 2.0 | Integration Token from Bokio app |
APIs | General API and Company API | Company API |
Private Integrations
Private integrations in Bokio are designed for use by a single company. These integrations can be set up directly by the company. Security for private integrations is managed through an Integration Token, which is generated within the Bokio app. This token allows the integration to access the company's data securely. Companies can set up multiple private integrations and each private integration can be assigned the permissions necessary. This can help avoid giving an integration more permissions than it should.
Private integrations are ideal for company-specific use cases where the integration needs to interact with internal systems or processes. Since these integrations are not available to other users, they can be tailored to meet the unique requirements of the company.
How Private Integrations Work in Bokio
Integration Token
To create a private integration, the company adds a private integration from within the Bokio app. When the private integration has been added the Integration token is available. This token is used to authenticate API requests and ensures that only authorized applications can access the company's data.

Custom Use Cases
Private integrations can be customized to address specific business needs. For example, a company might develop an integration to automate data entry, synchronize financial records with other systems, or generate custom reports. The flexibility of private integrations allows companies to optimize their workflows and improve efficiency.
Example Workflow
- Generate Integration Token: The company generates an Integration Token from within the Bokio app.
- Configure Integration: The company configures the integration to use the Integration Token for authentication.
- Access Data: The integration uses the token to make authenticated API requests to Bokio and access the company's data.
Public Integrations
Functionality in development
The content in this section or page is currently under development and is not yet available. The functionality may also undergo significant changes.
By providing the API as a beta we hope to be able to iterate quickly based on feedback. Please reach out to [email protected] or join the Developer community. We appreciate any feedback you might have.
Public integrations in Bokio are designed to be available to all integrations. The difference to Private Integrations is that Public integrations are available to integrations that can be used by multiple companies. For example, a CRM system or a commerce system or an integration platform. There might also be additional functionality available for public integrations. The public integrations also have access to all APIs, some of the might be restricted or require additional permissions.
Public integrations need to be added through the developer portal. The developer portal will be introduced at a later date. In the meantime, there is limited availability for some partners to get early access.
Security for public integrations is handled through OAuth 2.0, ensuring secure access to data. The different types of APIs use different OAuth 2.0 grants:
- GeneralAPI: OAuth 2.0 Client credentials grant
- CompanyAPI: OAuth 2.0 Authorization code grant
How Public Integrations Work in Bokio
Developer Portal
To create a public integration, developers need to register their application in the Bokio Developer Portal. This portal provides the necessary tools to help developers integrate their applications with Bokio. The registration process involves providing essential details about the application, such as its name, description, and the specific permissions it requires.
Early access
There's a limited availability for some partners to get early access before the Developer portal is introduced.
Please reach out to [email protected] if you are interested.
Security through OAuth
Bokio uses OAuth to handle security for public integrations. OAuth is a standard protocol that allows secure authorization from third-party applications without sharing user credentials. When a user wants to connect their Bokio account with a third-party application, they are redirected to Bokio to log in and authorize the application. This process ensures that the third-party application can access the user's data securely.
The OAuth flow involves several steps:
- Authorization Request: The third-party application redirects the user to Bokio's authorization endpoint.
- User Login and Consent: The user logs in to Bokio and grants permission to the third-party application.
- Authorization Code: Bokio redirects the user back to the third-party application with an authorization code.
- Token Exchange: The third-party application exchanges the authorization code for an access token by making a request to Bokio's token endpoint.
- Access Token Usage: The access token is used to make authenticated API requests to Bokio on behalf of the user.
No Limitation on Usage
Public integrations in Bokio are not limited to a specific company. This means that once an integration is developed and registered, it can be used by any number of companies that wish to connect their Bokio companies with the third-party application. This flexibility allows developers to create scalable solutions that can cater to a wide range of businesses.
Example Workflow
- Register Application: A developer registers their application in the Bokio Developer Portal and obtains the necessary credentials (Client ID and Client Secret).
- OAuth Authorization: The application redirects the user to Bokio's OAuth authorization URL. The user logs in to Bokio and grants permission to the application. Bokio then redirects the user back to the application with an authorization code.
- Token Exchange: The application exchanges the authorization code for an access token by making a request to Bokio's token endpoint. The access token is used to make authenticated API requests to Bokio on behalf of the user.
- Access Data: The application uses the access token to request data from Bokio's API.
By following these steps, developers can create robust public integrations that enhance the functionality of Bokio for their users. For more details, see Getting started with Public Integrations.
Updated 17 days ago