Glossary
A comprehensive reference of key terms and concepts.
Authentication & Security
Access Token
A credential that confirms the caller’s identity when making API requests. Obtained from an Identity Provider and included in the Authorization header.
Bearer Token
Authentication method where the access token is included in HTTP request headers.
Client Credentials Flow
OAuth 2.0 authentication for Machine-to-Machine integrations. Your system authenticates with the IdP using a client ID and secret.
Client ID
Unique identifier for your application or system used for authentication.
Client Secret
Confidential credential paired with client ID for M2M authentication.
Federated Authentication
Users authenticate with a trusted Identity Provider instead of directly with applications, enabling SSO.
Identity Provider (IdP)
Service that verifies user identity and issues access tokens.
Machine-to-Machine (M2M) Authentication
Authentication for automated integrations without human users.
OAuth 2.0
Industry-standard protocol for token-based authentication.
OpenID Connect
Identity layer built on OAuth 2.0 enabling federated authentication.
Tenant Isolation
Security principle ensuring data and access are confined to a single tenant.
Unit4 Identity Services (U4IDS)
Primary Identity Provider for ERPx implementing OpenID Connect.
API Fundamentals
API (Application Programming Interface)
Structured interface enabling software systems to communicate securely via HTTP requests returning JSON data.
Endpoint
Specific URL path representing a resource or action.
HTTP Methods
| Method | Purpose | Example |
|---|---|---|
GET | Retrieve data | GET /v1/employees |
POST | Create resource | POST /v1/employees |
PUT | Replace resource | PUT /v1/employees/{id} |
PATCH | Update fields | PATCH /v1/customers/{id} |
DELETE | Remove resource | DELETE /v1/employees/{id} |
JSON (JavaScript Object Notation)
Lightweight, human-readable data format for API requests and responses.
Pagination
Technique for retrieving large datasets in chunks using limit and offset.
RESTful API
Architectural style using standard HTTP methods for consistent operations.
Versioned Endpoints
URLs including version numbers for stability and backward compatibility.
Requests & Responses
Conflict Error
Concurrency issue where data was modified by another user or duplicate resource exists.
Validation Error
Business logic or validation failure with detailed field errors.
Rate Limit Error
Too many requests within timeframe.
Error Code
Numeric identifier for specific error types.
notificationMessages
Object containing detailed validation errors mapped to field names.
Rate Limiting & Performance
Rate Limit
Maximum API requests allowed per time period.
Quota
Maximum data transfer allowed per time period.
Sliding Window Algorithm
Rate limiting approach distributing capacity evenly, allowing natural bursts.
Exponential Backoff
Retry strategy with increasing delays (1s → 2s → 4s → 8s).
Jitter
Random delay added to backoff timing to prevent simultaneous retries.
Batch Operation
Processing multiple records in a single API call.
Field Selection
Requesting only needed fields to reduce response size.
Targeted Filtering
Using query parameters to reduce data transfer.
Events & Webhooks
Event
Notification when significant action occurs in ERPx (e.g., customer updated, invoice posted).
Webhook
HTTP callback receiving real-time event notifications.
Message Hub
Central event broker publishing ERPx events to subscribed flows.
Event Subscription
Configuration defining which events your Extension Kit flows receive.
Document Event
Event representing business entity changes with ChangeType metadata.
Message Event
System-level or process-oriented event not mapping to single document change.
Event Type
Name identifying event category, typically matching business object.
ChangeType
Nature of change triggering event.
Event Versioning
System tracking event format changes using v{major}.{minor} format.
MessageId
Unique identifier for each published message (GUID without hyphens).
Diagnostic-Id
Trace identifier for diagnostics and correlation using W3C Trace Context standard.
SourceSystem
Originating system of event.
Webhook Trigger
External HTTP request initiating Extension Kit flow.
Integration Platform
Extension Kit (U4EK)
Unit4’s platform for extensions, automations and light integrations.
EK Flow
Predefined workflow processing with business logic by using ERPx and 3rd party APIs.
Tenant
Isolated ERPx environment with dedicated data, users, and configurations.
U4Id
Unique identifier for Unit4 customers linking to authentication systems.
Environment Types
| Type | Purpose |
|---|---|
| Production | Live operations |
| PREV | Preview/staging |
| ACC | Acceptance testing |
Early Access Account
Initial account created during onboarding for first environment logins.
Data & Resources
Business Object
Representation of real-world entity in ERPx.
Resource
API entity supporting CRUD operations (Create, Read, Update, Delete).
Field
Individual data element within resource.
ObjectDocumentKeys
JSON key-value pairs identifying specific documents.
Versioning & Lifecycle
Breaking Change
Modification requiring new API version.
Non-Breaking Change
Modification not requiring new version.
Deprecation
Process of phasing out API version.
Sunset
Point when deprecated version is removed.
X-U4-Warning Header
Response header indicating endpoint deprecation.
Headers & Parameters
Authorization Header
Contains authentication token for requests.
Content-Type Header
Specifies request/response data format.
Retry-After Header
Indicates wait time (seconds) before retrying.
X-U4-QuotaType Header
Indicates exceeded quota type (INBOUND/OUTBOUND).
X-U4-RemainingLimit Header
Shows remaining API calls in current minute.
limit Parameter
Maximum records to return per request.
offset Parameter
Starting position for pagination.
fields Parameter
Selects specific fields to return.
Security Best Practices
HTTPS
Secure HTTP protocol encrypting all API communications (mandatory).
Credential Safeguarding
Protecting authentication credentials from exposure.
Token Refresh Mechanism
System for obtaining new access tokens before expiration.
SUPER Role
High-privilege ERPx user role.
SYSTEM Role
System-level ERPx user role , also used for M2M authentication.
Performance Terms
Connection Reuse
Maintaining HTTP connections across multiple requests for improved performance.
Request Distribution
Spreading API calls evenly throughout day to avoid rate limits.
Queue System
Mechanism for managing non-time-sensitive requests sequentially.
Thundering Herd
Many clients retrying simultaneously, re-overloading server (prevented by jitter).